Try SpotterCreate an OpenAFS volume
Authors: Michael Meffie
preview | supported by community
Install with ansible-galaxy collection install openafs_contrib.openafs:==1.9.0
collections:
- name: openafs_contrib.openafs
version: 1.9.0Create or remove a volume.
Optionally, create read-only volumes, and release the volume.
Optionally, mount the volume and set the ACL rigths in the filespace.
Volume mounting requires a client running on the remote node.
Localauth authentication may be used on server nodes, running as root. When running in this mode, volumes maybe created, but not mounted.
Keytab based authentication may be used on client nodes to mount volumes and set root directory ACLs. This requires a keytab for a user in the system:adminstrators group and a member of the UserList on all of the servers.
- name: Create afs root volume
openafs_contrib.openafs.openafs_volume:
state: present
name: root.afs
mount: /afs
acl: "system:anyuser read"
replicas: 3
- name: Create cell root volume
openafs_contrib.openafs.openafs_volume:
state: present
name: root.cell
mount: /afs/example.com
acl: "system:anyuser read"
replicas: 3
- name: Create a volume
openafs_contrib.openafs.openafs_volume:
state: present
name: test
mount: /afs/example.com/test
acl:
- "bob all"
- "system:anyuser read"
- "system:authuser write"
- name: Alternate acl format
openafs_contrib.openafs.openafs_volume:
state: present
name: test
mount: /afs/example.com/test
acl:
bob: all
"system:anyuser": read
"system:authuser": write
acl:
aliases:
- acls
- rights
description:
- The access control list to be set in the volumes root directory.
- The C(acl) option my be specified as a list of strings. Each string contains a pair
of strings separated by a space. The substring names a user or group, the second
indicates the access rights.
- See C(fs setacl) for details.
- This option may only be used if a client is installed on the remote node.
required: false
type: str
mount:
description:
- The initial mount point path.
- Should be the fully-qualified path to the mount point to be created.
- The read/write path variant will be used if it is available.
- A read/write mount point will also be created for the C(root.cell) volume.
- The C(i) and C(a) ACL rights will be temporarily assigned to the mount point parent
directory in order to create the mount point if those rights are missing.
- The volume containing the parent volume will be released if a mount point was created.
- The volume will be created but not mounted if the C(mount) option is not given.
- This option is ignored when the state is C(absent).
- This option may only be used if a client is installed on the remote node.
required: false
type: str
quota:
default: 0
description: The initial volume quota.
required: false
type: int
state:
default: <present>
description:
- C(present) ensure the volume is present, C(absent) ensure the volume is removed
required: false
type: str
server:
default: first fileserver entry found in VLDB
description:
- The initial volume fileserver location.
- If provided, should be the hostname or fileserver address.
- If not provided, the first fileserver address from C(vos listaddrs) will be used.
- The volume will not be moved if it already exists on a different server.
- This option is ignored when the state is C(absent).
type: str
volume:
description:
- Name of the read-write volume.
required: true
type: str
replicas:
default: 0
description:
- The number of read-only volumes to be created, including the read-only clone on
the same fileserver and partition as the read/write volume.
- The C(replicas) option indicates the minumum number of read-only volumes desired.
required: false
type: int
auth_user:
default: admin
description:
- The afs user name to be used when C(localauth) is False.
- The user must be a member of the C(system:administrators) group and must be a server
superuser, that is, set in the C(UserList) file on each server in the cell.
- Old kerberos 4 '.' separators are automatically converted to modern '/' separators.
- This option may only be used if a client is installed on the remote node.
type: str
localauth:
default: false
description:
- Indicates if the C(-localauth) option is to be used for authentication.
- This option should only be used when running on a server.
- The C(mount) and C(acl) options may not be used with C(localauth).
type: bool
partition:
default: the first partition found on the fileserver
description:
- The initial volume partition id.
- If provided, should be the partition id; C('a') .. C('iu').
- If not provided, the first partition found from C(vos listpart) will be used.
- The volume will not be moved if it already exists on a different partition.
- This option is ignored when the state is C(absent).
type: str
auth_keytab:
default: admin.keytab
description:
- The path on the remote host to the keytab file to be used to authenticate.
- The keytab file must already be present on the remote host.
- This option may only be used if a client is installed on the remote node.
type: str
acl: description: List of acl strings set in the volume root directory returned: success type: list mount: description: Mount point path returned: success type: str volume: description: Volume information returned: success type: dict