openstack/ansible-role-atos-hsm
Code Issues Proposed changes
ansible-role-atos-hsm/tasks/main.yaml
Douglas Mendizábal 1269408d68 Add HA (load balancing) support 
This patch add support for configuring proteccio to use
more than one HSM.  When more than one HSM is provided
the proteccio client is configured for High Availability (HA).

This patch changes the format of the variables and should
be released as a new major version. (e.g. 1.0.0).

Change-Id: Ib9989ee72a67f71275e31b966bff7673072fb3f8
(cherry picked from commit 5069751256fb218d56ce1f30552de678bd56b48a)
2020-03-18 20:06:43 +00:00

71 lines
2.0 KiB
YAML
Raw Blame History

---
- name: Create working directory
file:
path: "{{ atos_client_working_dir }}"
state: directory
mode: 0755
- name: Download ATOS client ISO
get_url:
url: "{{ atos_client_iso_location }}"
dest: "{{ atos_client_working_dir }}/{{ atos_client_iso_name }}"
force: no
- name: Mount the iso for ATOS
mount:
path: /mnt/atos_iso
src: "{{ atos_client_working_dir }}/{{ atos_client_iso_name }}"
fstype: iso9660
state: mounted
- name: check for client software installation
stat: path=/etc/proteccio/proteccio.rc.example
register: atos_client
- name: install client software
expect:
chdir: /mnt/atos_iso/Linux
command: ./install.sh
responses:
"Select Language: enter f \\(french\\) or e \\(english\\) \\[f\\]": "e"
"Do you want to install the TrustWay Proteccio Administration Application \\(y/n\\)\\? \\[n\\]": "n"
"Press the <Enter> key to exit the installation program": "\n"
when: not atos_client.stat.exists
- name: allow using legacy variables for backwards compatibility
set_fact:
args:
atos_hsms:
- name: Legacy variables HSM
server_cert_location: "{{ atos_server_cert_location }}"
ip: "{{ atos_hsm_ip_address }}"
when: atos_hsms is not defined and atos_hsm_ip_address is defined
notify: legacy vars warning
- name: create proteccio.rc
template:
src: proteccio.rc.j2
dest: /etc/proteccio/proteccio.rc
- name: Get the client cert
get_url:
url: "{{ atos_client_cert_location }}"
dest: /etc/proteccio/proteccio_client.crt
force: no
- name: Get the client key
get_url:
url: "{{ atos_client_key_location }}"
dest: /etc/proteccio/proteccio_client.key
force: no
- name: Get the server cert
get_url:
url: "{{ item.server_cert_location }}"
dest: "/etc/proteccio/{{ item.ip | replace('.', '_') }}.CRT"
force: no
loop: "{{ atos_hsms }}"
- name: run nethsmstatus to confirm connection # noqa 301
command: nethsmstatus
View Git Blame Copy Permalink