ceph
/
ceph-ansible
mirror of https://github.com/ceph/ceph-ansible.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ceph-ansible/infrastructure-playbooks/ceph-keys.yml

75 lines
2.2 KiB
YAML
Raw Permalink Blame History

---
# This playbook is used to manage CephX Keys
# You will find examples below on how the module can be used on daily operations
#
# It currently runs on localhost
- name: CephX key management examples
hosts: localhost
gather_facts: false
vars:
cluster: ceph
container_exec_cmd: "docker exec ceph-nano"
keys_to_info:
- client.admin
- mds.0
keys_to_delete:
- client.leseb
- client.leseb1
- client.pythonnnn
keys_to_create:
- { name: client.pythonnnn, caps: { mon: "allow rwx", mds: "allow *" }, mode: "0600" }
- { name: client.existpassss, caps: { mon: "allow r", osd: "allow *" }, mode: "0600" }
- { name: client.path, caps: { mon: "allow r", osd: "allow *" }, mode: "0600" }
tasks:
- name: Create ceph key(s) module
ceph_key:
name: "{{ item.name }}"
caps: "{{ item.caps }}"
cluster: "{{ cluster }}"
secret: "{{ item.key | default('') }}"
containerized: "{{ container_exec_cmd | default(False) }}"
with_items: "{{ keys_to_create }}"
- name: Update ceph key(s)
ceph_key:
name: "{{ item.name }}"
state: update
caps: "{{ item.caps }}"
cluster: "{{ cluster }}"
containerized: "{{ container_exec_cmd | default(False) }}"
with_items: "{{ keys_to_create }}"
- name: Delete ceph key(s)
ceph_key:
name: "{{ item }}"
state: absent
cluster: "{{ cluster }}"
containerized: "{{ container_exec_cmd | default(False) }}"
with_items: "{{ keys_to_delete }}"
- name: Info ceph key(s)
ceph_key:
name: "{{ item }}"
state: info
cluster: "{{ cluster }}"
containerized: "{{ container_exec_cmd }}"
register: key_info
ignore_errors: true
with_items: "{{ keys_to_info }}"
- name: List ceph key(s)
ceph_key:
state: list
cluster: "{{ cluster }}"
containerized: "{{ container_exec_cmd | default(False) }}"
register: list_keys
ignore_errors: true
- name: Fetch_initial_keys # noqa: ignore-errors
ceph_key:
state: fetch_initial_keys
cluster: "{{ cluster }}"
ignore_errors: true
Reference in New Issue View Git Blame Copy Permalink