--- # This playbook is used to manage CephX Keys # You will find examples below on how the module can be used on daily operations # # It currently runs on localhost - name: CephX key management examples hosts: localhost gather_facts: false vars: cluster: ceph container_exec_cmd: "docker exec ceph-nano" keys_to_info: - client.admin - mds.0 keys_to_delete: - client.leseb - client.leseb1 - client.pythonnnn keys_to_create: - { name: client.pythonnnn, caps: { mon: "allow rwx", mds: "allow *" }, mode: "0600" } - { name: client.existpassss, caps: { mon: "allow r", osd: "allow *" }, mode: "0600" } - { name: client.path, caps: { mon: "allow r", osd: "allow *" }, mode: "0600" } tasks: - name: Create ceph key(s) module ceph_key: name: "{{ item.name }}" caps: "{{ item.caps }}" cluster: "{{ cluster }}" secret: "{{ item.key | default('') }}" containerized: "{{ container_exec_cmd | default(False) }}" with_items: "{{ keys_to_create }}" - name: Update ceph key(s) ceph_key: name: "{{ item.name }}" state: update caps: "{{ item.caps }}" cluster: "{{ cluster }}" containerized: "{{ container_exec_cmd | default(False) }}" with_items: "{{ keys_to_create }}" - name: Delete ceph key(s) ceph_key: name: "{{ item }}" state: absent cluster: "{{ cluster }}" containerized: "{{ container_exec_cmd | default(False) }}" with_items: "{{ keys_to_delete }}" - name: Info ceph key(s) ceph_key: name: "{{ item }}" state: info cluster: "{{ cluster }}" containerized: "{{ container_exec_cmd }}" register: key_info ignore_errors: true with_items: "{{ keys_to_info }}" - name: List ceph key(s) ceph_key: state: list cluster: "{{ cluster }}" containerized: "{{ container_exec_cmd | default(False) }}" register: list_keys ignore_errors: true - name: Fetch_initial_keys # noqa: ignore-errors ceph_key: state: fetch_initial_keys cluster: "{{ cluster }}" ignore_errors: true