/ home / ibm / ibm.storage_virtualize / 2.3.1 / module / ibm_sv_manage_truststore_for_replication

ibm.storage_virtualize.ibm_sv_manage_truststore_for_replication (2.3.1) — module

This module manages certificate trust stores for replication on IBM Storage Virtualize family systems

| "added in version" 1.10.0 of ibm.storage_virtualize"

Authors: Sanjaikumaar M(@sanjaikumaar)

Install collection

Install with ansible-galaxy collection install ibm.storage_virtualize:==2.3.1

Add to requirements.yml

  collections:
    - name: ibm.storage_virtualize
      version: 2.3.1

Description

Ansible interface to manage mktruststore and rmtruststore commands.

This module transfers the certificate from a remote system to the local system.

This module works on SSH and uses paramiko to establish an SSH connection.

Once transfer is done successfully, it also adds the certificate to the trust store of the local system.

This module can be used to set up mutual TLS (mTLS) for policy-based replication inter-system communication using cluster endpoint certificates (usually system-signed which are exported by the M(ibm.storage_virtualize.ibm_sv_manage_ssl_certificate) module).

Usage examples

Scanned by Steampunk Spotter

- name: Create truststore
  ibm.storage_virtualize.ibm_sv_manage_truststore_for_replication:
    clustername: "{{clustername}}"
    username: "{{username}}"
    password: "{{password}}"
    name: "{{name}}"
    remote_clustername: "{{remote_clustername}}"
    remote_username: "{{remote_username}}"
    remote_password: "{{remote_password}}"
    log_path: "{{log_path}}"
    state: "present"

Scanned by Steampunk Spotter

- name: Delete truststore
  ibm.storage_virtualize.ibm_sv_manage_truststore_for_replication:
    clustername: "{{clustername}}"
    username: "{{username}}"
    password: "{{password}}"
    name: "{{name}}"
    remote_clustername: "{{remote_clustername}}"
    log_path: "{{log_path}}"
    state: "absent"

Inputs

    
name:
    description:
    - Specifies the name of the trust store.
    - If not specified, the module generates a name automatically with format store_I(remote_clustername).
    type: str

state:
    choices:
    - present
    - absent
    description:
    - Creates (C(present)) or deletes (C(absent)) a trust store.
    required: true
    type: str

log_path:
    description:
    - Path of debug log file.
    type: str

password:
    description:
    - Password for the Storage Virtualize system.
    - Mandatory, when I(usesshkey=no).
    type: str

username:
    description:
    - Username for the Storage Virtualize system.
    required: true
    type: str

usesshkey:
    choices:
    - 'yes'
    - 'no'
    default: 'no'
    description:
    - For key-pair based SSH connection, set this field as "yes". Provide full path of
      key in key_filename field. If not provided, default path of SSH key is used.
    type: str

clustername:
    description:
    - The hostname or management IP of the Storage Virtualize system.
    required: true
    type: str

key_filename:
    description:
    - SSH client private key filename. By default, ~/.ssh/id_rsa is used.
    type: str

remote_password:
    description:
    - Password for remote cluster.
    - Applies when I(state=present) to create a trust store.
    type: str

remote_username:
    description:
    - Username for remote cluster.
    - Applies when I(state=present) to create a trust store.
    type: str

remote_clustername:
    description:
    - Specifies the name of the partner remote cluster with which mTLS partnership needs
      to be setup.
    required: true
    type: str