--- # This playbook is used to manage CephX Keys # You will find examples below on how the module can be used on daily operations # # It currently runs on localhost - hosts: localhost gather_facts: false vars: cluster: ceph docker_exec_cmd: "docker exec ceph-nano" keys_to_info: - client.admin - mds.0 keys_to_delete: - client.leseb - client.leseb1 - client.pythonnnn keys_to_create: - { name: client.pythonnnn, caps: { mon: "allow rwx", mds: "allow *" } , mode: "0600" } - { name: client.existpassss, caps: { mon: "allow r", osd: "allow *" } , mode: "0600" } - { name: client.path, caps: { mon: "allow r", osd: "allow *" } , mode: "0600" } tasks: - name: create ceph key(s) module ceph_key: name: "{{ item.name }}" state: present caps: "{{ item.caps }}" cluster: "{{ cluster }}" secret: "{{ item.key | default('') }}" containerized: "{{ docker_exec_cmd | default(False) }}" with_items: "{{ keys_to_create }}" - name: update ceph key(s) ceph_key: name: "{{ item.name }}" state: update caps: "{{ item.caps }}" cluster: "{{ cluster }}" containerized: "{{ docker_exec_cmd | default(False) }}" with_items: "{{ keys_to_create }}" - name: delete ceph key(s) ceph_key: name: "{{ item }}" state: absent cluster: "{{ cluster }}" containerized: "{{ docker_exec_cmd | default(False) }}" with_items: "{{ keys_to_delete }}" - name: info ceph key(s) ceph_key: name: "{{ item }}" state: info cluster: "{{ cluster }}" containerized: "{{ docker_exec_cmd }}" register: key_info ignore_errors: true with_items: "{{ keys_to_info }}" - name: list ceph key(s) ceph_key: state: list cluster: "{{ cluster }}" containerized: "{{ docker_exec_cmd | default(False) }}" register: list_keys ignore_errors: true - name: fetch_initial_keys ceph_key: state: fetch_initial_keys cluster: "{{ cluster }}" ignore_errors: true