netapp_eseries.santricity.na_santricity_server_certificate module – NetApp E-Series manage the storage system’s server SSL certificates.
Note
This module is part of the netapp_eseries.santricity collection (version 1.3.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install netapp_eseries.santricity
.
To use it in a playbook, specify: netapp_eseries.santricity.na_santricity_server_certificate
.
Parameters
Parameter |
Comments |
---|---|
The password to authenticate with the SANtricity Web Services Proxy or Embedded Web Services API. |
|
The url to the SANtricity Web Services Proxy or Embedded Web Services API. |
|
The username to authenticate with the SANtricity Web Services Proxy or Embedded Web Services API. |
|
Unordered list of all server certificate files which include PEM and DER encoded certificates as well as private keys. When certificates is not defined then a self-signed certificate will be expected. |
|
The controller that owns the port you want to configure. Controller names are represented alphabetically, with the first controller as A, the second as B, and so on. Current hardware models have either 1 or 2 available controllers, but that is not a guaranteed hard limitation and could change in the future. controller must be specified unless managing SANtricity Web Services Proxy (ie ssid=”proxy”) Choices:
|
|
Passphrase for PEM encoded private key encryption. If passphrase is not supplied then Ansible will prompt for private key certificate. |
|
The ID of the array to manage. This value must be unique for each array. Default: 1 |
|
Should https certificates be validated? Choices:
|
Notes
Note
Set ssid==’0’ or ssid==’proxy’ to specifically reference SANtricity Web Services Proxy.
Certificates can be the following filetypes - PEM (.pem, .crt, .cer, or .key) or DER (.der or .cer)
When certificates is not defined then a self-signed certificate will be expected.
The E-Series Ansible modules require either an instance of the Web Services Proxy (WSP), to be available to manage the storage-system, or an E-Series storage-system that supports the Embedded Web Services API.
Embedded Web Services is currently available on the E2800, E5700, EF570, and newer hardware models.
M(netapp_e_storage_system) may be utilized for configuring the systems managed by a WSP instance.
Examples
- name: Ensure signed certificate is installed.
na_santricity_server_certificate:
ssid: 1
api_url: https://192.168.1.100:8443/devmgr/v2
api_username: admin
api_password: adminpass
controller: A
certificates:
- 'root_auth_cert.pem'
- 'intermediate_auth1_cert.pem'
- 'intermediate_auth2_cert.pem'
- 'public_cert.pem'
- 'private_key.pem'
passphrase: keypass
- name: Ensure signed certificate bundle is installed.
na_santricity_server_certificate:
ssid: 1
api_url: https://192.168.1.100:8443/devmgr/v2
api_username: admin
api_password: adminpass
controller: B
certificates:
- 'cert_bundle.pem'
passphrase: keypass
- name: Ensure storage system generated self-signed certificate is installed.
na_santricity_server_certificate:
ssid: 1
api_url: https://192.168.1.100:8443/devmgr/v2
api_username: admin
api_password: adminpass
controller: A
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Any SSL certificates that were added. Returned: always Sample: [“added_certificiate.crt”] |
|
Whether changes have been made. Returned: always Sample: true |
|
Any SSL certificates that were removed. Returned: always Sample: [“removed_certificiate.crt”] |
|
Whether the public server certificate is signed. Returned: always Sample: true |
Authors
Nathan Swartz (@ndswartz)