stackhpc / stackhpc.cephadm / 1.15.1 / module / cephadm_key Manage Cephx key(s) | "added in version" 1.4.0 of stackhpc.cephadm" Authors: Sebastien Han <seb@redhat.com> Michal Nasiadka <michal@stackhpc.com>stackhpc.cephadm.cephadm_key (1.15.1) — module
Install with ansible-galaxy collection install stackhpc.cephadm:==1.15.1
collections: - name: stackhpc.cephadm version: 1.15.1
Manage CephX creation, deletion and updates. It can also list and get information about keyring(s).
- name: create cephx key ceph_key: name: "{{ item.name }}" state: present caps: "{{ item.caps }}" with_items: "{{ keys_to_create }}"
- name: create cephx key but don't import it in Ceph ceph_key: name: "{{ item.name }}" state: present caps: "{{ item.caps }}" import_key: false with_items: "{{ keys_to_create }}"
- name: delete cephx key ceph_key: name: "my_key" state: absent
- name: info cephx key ceph_key: name: "my_key" state: info
- name: info cephx admin key (plain) ceph_key: name: client.admin output_format: plain state: info register: client_admin_key
- name: list cephx keys ceph_key: state: list
caps: default: {} description: - CephX key capabilities required: false type: dict dest: default: /etc/ceph/ description: - destination directory to save key required: false type: str mode: description: - File permission mode required: false type: raw name: description: - name of the CephX key required: false type: str group: description: - Group name for file ownership required: false type: str owner: description: - File owner required: false type: str state: choices: - present - update - absent - list - info - fetch_initial_keys - generate_secret default: present description: - If 'present' is used, the module creates a keyring with the associated capabilities. If 'present' is used and a secret is provided the module will always add the key. Which means it will update the keyring if the secret changes, the same goes for the capabilities. If 'absent' is used, the module will simply delete the keyring. If 'list' is used, the module will list all the keys and will return a json output. If 'info' is used, the module will return in a json format the description of a given keyring. If 'generate_secret' is used, the module will simply output a cephx keyring. required: false type: str secret: default: '' description: - keyring's secret value required: false type: str serole: description: - SELinux role required: false type: str setype: description: - SELinux type required: false type: str seuser: description: - SELinux user required: false type: str selevel: description: - SELinux level required: false type: str attributes: aliases: - attr description: - File attributes required: false type: str import_key: default: true description: - Whether or not to import the created keyring into Ceph. This can be useful for someone that only wants to generate keyrings but not add them into Ceph. required: false type: bool output_format: choices: - json - plain - xml - yaml default: json description: - The key output format when retrieving the information of an entity. required: false type: str unsafe_writes: default: false description: - Enable unsafe writes required: false type: bool