Skip to content

Commit

Permalink
add playbooks
Browse files Browse the repository at this point in the history
  • Loading branch information
@anthonyyu6
anthonyyu6 authored May 13, 2022
0 parents commit 20dfe96
Show file tree
Hide file tree
Showing 9 changed files with 2,633 additions and 0 deletions.
105 changes: 105 additions & 0 deletions playbooks/certificate.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
#=============================================
#CERTIFICATE SETUP PLAYBOOK - DM SERIES (ONTAP systems)
#-----
#DESCRIPTION:
# - Helps user to install a signed certificate or self-signed certificate to SVM(s)
#USE:
# - ansible-playbook certificate.yml (Follow prompts for user input when prompted)
#NOTE:
# - Installtion of community.crypto collection is required for this playbook
#---------------------------------------------
# Copyright © 2022 Lenovo. All rights reserved.
# License: Subject to terms of COE-30002-02 Lenovo License Agreement 05.2022 (see License.md located in the root directory)
# Author: Lenovo
#=============================================
---
- hosts: localhost
vars_prompt:
- name: "cluster_ip"
prompt: "Enter Cluster management IP address"
private: no
- name: "username"
prompt: "Enter Cluster admin username"
private: no
- name: "password"
prompt: "Enter Cluster admin password"
private: yes
- name: "vserver"
prompt: "Please enter name for Storage VM (SVM) to create"
private: no
- name: "selfsigned"
prompt: "Is self-signed certificate (yes|no)"
private: no
- name: "privatekey_file"
prompt: "Where is the private key file path"
private: no
- name: "certificate_file"
prompt: "Where is the certificate file path"
private: no
- name: "common_name"
prompt: "Common Name"
private: no
vars:
login: &login
hostname: "{{ cluster_ip }}"
username: "{{ username }}"
password: "{{ password }}"
https: true
validate_certs: false
ansible_python_interpreter: /usr/bin/python3
#vars_files:
#- vars.yml
collections:
- community.crypto
- netapp.ontap
tasks:
#Create private key
- name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
when: (selfsigned|lower) == "yes"
openssl_privatekey:
path: "{{ privatekey_file }}"
#Create CSR
- name: Generate an OpenSSL Certificate Signing Request
when: (selfsigned|lower) == "yes"
openssl_csr:
path: "{{ common_name }}.csr"
privatekey_path: "{{ privatekey_file }}"
common_name: "{{ common_name }}"
#Create certificate
- name: Generate a Self Signed OpenSSL certificate
when: (selfsigned|lower) == "yes"
openssl_certificate:
path: "{{ certificate_file }}"
privatekey_path: "{{ privatekey_file }}"
csr_path: "{{ common_name }}.csr"
provider: selfsigned
#Read private key PEM
- name: "Read privatekey PEM data"
slurp:
src: "{{ privatekey_file }}"
register: privatekey
- name: "Print the private key PEM content to a console"
debug:
msg: "{{ privatekey.content | b64decode}}"
- set_fact:
privatekey: "{{ privatekey.content | b64decode }}"
#Read certificate PEM
- name: "Read certificate PEM data"
slurp:
src: "{{ certificate_file }}"
register: certificate
- name: "Print the certificate PEM content to a console"
debug:
msg: "{{ certificate.content | b64decode}}"
- set_fact:
certificate: "{{ certificate.content | b64decode }}"
#Install certificate
- name: install certificate
na_ontap_security_certificates:
common_name: "{{ common_name }}"
private_key: "{{ privatekey }}"
public_certificate: "{{ certificate }}"
type: server
svm: "{{ vserver }}"
use_rest: always
<<: *login
148 changes: 148 additions & 0 deletions playbooks/fcp.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,148 @@
#=============================================
#FCP SETUP PLAYBOOK - DM SERIES (ONTAP systems)
#-----
#DESCRIPTION:
# - Helps user to create an SVM for Fibre Channel and provision a LUN
# for specified initiators to use
#USE:
# - ansible-playbook fcp.yml (Follow prompts for user input when prompted)
#---------------------------------------------
# Copyright © 2022 Lenovo. All rights reserved.
# License: Subject to terms of COE-30002-02 Lenovo License Agreement 05.2022 (see License.md located in the root directory)
# Author: Lenovo
#=============================================
---
- hosts: localhost
vars_prompt:
- name: "cluster_ip"
prompt: "Enter Cluster management IP address"
private: no
- name: "username"
prompt: "Enter Cluster admin username"
private: no
- name: "password"
prompt: "Enter Cluster admin password"
private: yes
- name: "vserver"
prompt: "Please enter name for Storage VM (SVM) to create"
private: no
- name: "lun_count"
prompt: "Please enter a number of volume to create"
private: no
- name: "volume_name"
prompt: "Please enter a name for volume to create"
private: no
- name: "volume_size"
prompt: "Please enter the size for the volume (number)"
private: no
- name: "volume_size_units"
prompt: "Please enter the unit for the volume size (kb|mb|gb|tb|pb)"
private: no
- name: "storage_service"
prompt: "Please enter the storage service policy to use for the volume (value|performance|extreme)"
private: no
- name: "home_port"
prompt: "Please enter physical port for FCP"
- name: "host_wwpns"
prompt: "Please enter host WWPN(use , for multiple hosts)"
private: no
- name: "os_type"
prompt: "Please enter type of OS used by initiator"
private: no
vars:
login: &login
hostname: "{{ cluster_ip }}"
username: "{{ username }}"
password: "{{ password }}"
https: true
validate_certs: false
ansible_python_interpreter: /usr/bin/python3
#vars_files:
#- vars.yml
collections:
- netapp.ontap
tasks:
#Collect node info
- name: Gather Node facts
na_ontap_info:
gather_subset: cluster_node_info
summary: true
continue_on_error:
- missing_vserver_api_error
- rpc_error
<<: *login
register: info

- set_fact:
node: "{{ info.ontap_info.cluster_node_info }}"
node1: "{{ info.ontap_info.cluster_node_info[0] }}"
node2: "{{ info.ontap_info.cluster_node_info[1] }}"
- name: Enable SVM {{ vserver }} with FCP
na_ontap_svm:
state: present
name: "{{ vserver }}"
allowed_protocols: fcp
<<: *login
#Network interface creation
- name: Create FCP interface 1 for {{ vserver }}
na_ontap_interface:
state: present
interface_name: "{{ vserver }}_data_1"
home_port: "{{ home_port }}"
home_node: "{{ node1 }}"
role: data #<undef|cluster|data|node-mgmt|intercluster|cluster-mgmt>
protocols: fcp
admin_status: up
vserver: "{{ vserver }}"
<<: *login
- name: Create FCP interface 2 for {{ vserver }}
na_ontap_interface:
state: present
interface_name: "{{ vserver }}_data_2"
home_port: "{{ home_port }}"
home_node: "{{ node2 }}"
role: data #<undef|cluster|data|node-mgmt|intercluster|cluster-mgmt>
protocols: fcp
admin_status: up
vserver: "{{ vserver }}"
<<: *login
#FCP services enable
- name: Enable FCP service
na_ontap_fcp:
state: present
status: up
vserver: "{{ vserver }}"
<<: *login
- name: Create new Igroup
na_ontap_igroup:
state: present
name: "igroup_{{ volume_name }}"
ostype: "{{ os_type }}"
initiator_names: "{{ host_wwpns }}"
initiator_group_type: "fcp"
vserver: "{{ vserver }}"
<<: *login
- name: Create LUNs using SAN application
na_ontap_lun:
state: present
name: "lun_{{ volume_name }}"
os_type: "{{ os_type }}"
#qos_policy_group: "{{ default(omit) }}"
#qos_adaptive_policy_group: "{{ default(omit) }}"
vserver: "{{ vserver }}"
san_application_template:
name: "app_{{ vserver }}_{{ volume_name }}"
igroup_name: "igroup_{{ volume_name }}"
lun_count: "{{ lun_count }}"
total_size: "{{ volume_size }}"
total_size_unit: "{{ volume_size_units | lower }}"
protection_type:
local_policy: "default"
storage_service: "{{ storage_service }}"
#tiering:
# control: "{{ default(omit) }}"
# policy: "{{ default(omit) }}"
# object_stores: "{{ default(omit) }}"
scope: "application"
use_san_application: true
<<: *login
Loading

0 comments on commit 20dfe96

Please sign in to comment.