na_ontap_export_policy_rule – NetApp ONTAP manage export policy rules¶
New in version 2.6.
Synopsis¶
Create or delete or modify export rules in ONTAP
Requirements¶
The below requirements are needed on the host that executes this module.
A physical or virtual clustered Data ONTAP system. The modules support Data ONTAP 9.1 and onward
Ansible 2.6
Python2 netapp-lib (2017.10.30) or later. Install using ‘pip install netapp-lib’
Python3 netapp-lib (2018.11.13) or later. Install using ‘pip install netapp-lib’
To enable http on the cluster you must run the following commands ‘set -privilege advanced;’ ‘system services web modify -http-enabled true;’
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
allow_suid
boolean
|
|
If 'true', NFS server will honor SetUID bits in SETATTR operation. Default value on creation is 'true'
|
|
client_match
-
|
List of Client Match host names, IP Addresses, Netgroups, or Domains
If rule_index is not provided, client_match is used as a key to fetch current rule to determine create,delete,modify actions. If a rule with provided client_match exists, a new rule will not be created, but the existing rule will be modified or deleted. If a rule with provided client_match doesn't exist, a new rule will be created if state is present.
|
|
|
hostname
string
/ required
|
The hostname or IP address of the ONTAP instance.
|
|
|
http_port
integer
|
Override the default port (80 or 443) with this port
|
|
|
https
boolean
|
|
Enable and disable https
|
|
name
-
/ required
|
The name of the export rule to manage.
aliases: policy_name |
|
|
ontapi
integer
|
The ontap api version to use
|
|
|
password
string
/ required
|
Password for the specified user.
aliases: pass |
|
|
protocol
-
|
|
List of Client access protocols.
Default value is set to 'any' during create.
|
|
ro_rule
-
|
|
List of Read only access specifications for the rule
|
|
rule_index
-
|
rule index of the export policy
|
|
|
rw_rule
-
|
|
List of Read Write access specifications for the rule
|
|
state
-
|
|
Whether the specified export policy rule should exist or not.
|
|
super_user_security
-
|
|
List of Read Write access specifications for the rule
|
|
username
string
/ required
|
This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/.
aliases: user |
|
|
validate_certs
boolean
|
|
If set to
no, the SSL certificates will not be validated.This should only set to
False used on personally controlled sites using self-signed certificates. |
|
vserver
-
/ required
|
Name of the vserver to use.
|
Notes¶
Note
The modules prefixed with na\_ontap are built to support the ONTAP storage platform.
Examples¶
- name: Create ExportPolicyRule
na_ontap_export_policy_rule:
state: present
name: default123
vserver: ci_dev
client_match: 0.0.0.0/0,1.1.1.0/24
ro_rule: krb5,krb5i
rw_rule: any
protocol: nfs,nfs3
super_user_security: any
allow_suid: true
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
- name: Modify ExportPolicyRule
na_ontap_export_policy_rule:
state: present
name: default123
rule_index: 100
client_match: 0.0.0.0/0
ro_rule: ntlm
rw_rule: any
protocol: any
allow_suid: false
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
- name: Delete ExportPolicyRule
na_ontap_export_policy_rule:
state: absent
name: default123
rule_index: 100
vserver: ci_dev
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by an Ansible Partner. [certified]