ibm.storage_virtualize.ibm_sv_manage_system_certificate module – This module manages system certificates and truststore for replication, high availability and FlashSystem grid on IBM Storage Virtualize family systems
Note
This module is part of the ibm.storage_virtualize collection (version 3.1.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install ibm.storage_virtualize.
To use it in a playbook, specify: ibm.storage_virtualize.ibm_sv_manage_system_certificate.
New in ibm.storage_virtualize 3.1.0
Synopsis
Ansible interface to manage mktruststore, rmtruststore, chsystemcertstore and chsystemcert commands.
This module can be used to set up mutual TLS (mTLS) for inter-system communication which involves Policy-based Replication, Policy-based High Availability, and Flashsystem grid.
This module transfers the certificate between both local and remote system using SCP command.
This module works on SSH and uses paramiko to establish an SSH connection.
This module will only export root CA certificate for creating truststore.
Parameters
Parameter |
Comments |
|---|---|
The hostname or management IP of the Storage Virtualize system. |
|
Domain for the Storage Virtualize storage system. Valid when hostname is used for the parameter clustername. |
|
Path of debug log file. |
|
Password for the Storage Virtualize system. |
|
Specifies the name of the truststore on the primary system. |
|
Specifies the name of the partner remote cluster with which mTLS needs to be setup. |
|
Domain for the Storage Virtualize storage system. Valid when hostname is used for the parameter remote_clustername. |
|
Password for remote cluster. |
|
Specifies the name of the truststore on the remote system. |
|
Username for remote cluster. |
|
Creates ( Choices:
|
|
Username for the Storage Virtualize system. |
Examples
- name: Create truststore on both systems
ibm.storage_virtualize.ibm_sv_manage_system_certificate:
clustername: "{{ primary_clustername }}"
username: "{{ primary_username }}"
password: "{{ primary_password }}"
remote_clustername: "{{ secondary_clustername }}"
remote_username: "{{ secondary_username }}"
remote_password: "{{ secondary_password }}"
primary_truststore_name: "{{ primary_truststore_name }}"
remote_truststore_name: "{{ secondary_truststore_name }}"
state: present
log_path: "{{ log_path | default('/tmp/playbook.debug') }}"
- name: Remove truststore on both systems
ibm.storage_virtualize.ibm_sv_manage_system_certificate:
clustername: "{{ primary_clustername }}"
username: "{{ primary_username }}"
password: "{{ primary_password }}"
remote_clustername: "{{ secondary_clustername }}"
remote_username: "{{ secondary_username }}"
remote_password: "{{ secondary_password }}"
primary_truststore_name: "{{ primary_truststore_name }}"
remote_truststore_name: "{{ secondary_truststore_name }}"
state: absent
log_path: "{{ log_path | default('/tmp/playbook.debug') }}"
- name: Remove truststore on single system
ibm.storage_virtualize.ibm_sv_manage_system_certificate:
clustername: "{{ clustername }}"
username: "{{ username }}"
password: "{{ password }}"
primary_truststore_name: "{{ truststore_name }}"
state: absent
log_path: "{{ log_path | default('/tmp/playbook.debug') }}"