dell / ansible-powerscale Goto Github PK
View Code? Open in Web Editor NEWPowerScale (Isilon) Ansible modules
License: GNU General Public License v3.0
ansible-powerscale's People
Contributors
Stargazers
Watchers
Forkers
rashmi-bs-dell amanoko jennifer-john anupamaloke lanel4 murkyl y-syed tharun-vr judealfred trisha-dell ranjithkumarnani carrollzhu syamkuma6 nikolisg7 bhavneet-sharma felixs88 viehoang68 tenortimansible-powerscale's Issues
[FEATURE]: Manage Server Certificates and CAs
Hi,
it would be really nice if we could manage the certificates of the webserver and the certification authorities with the module. With certificate lifetime changes on the horizon, this would help all users that have to change the webserver cert every 90 days.
without the creation steps for the certificates.
Thank you.
[BUG]: ansible-builder introspect fails with file not found
Describe the bug
When attempting to install this collection into an execution environment via the ansible-builder command, the build fails with an error that the requirements.txt file is not found. This appears to be caused by the use of a relative path in the meta/execution-environment.yml file.
To Reproduce
Steps to reproduce the behavior:
- Step 1 install the collection with
ansible-galaxy collection install dellemc.powerscale - Step 2 test collection with
ansible-builder introspect --sanitize ~/.ansible/collections/ - Step 3 see error
Expected requirements file not present at: /home/user/.ansible/collections/ansible_collections/dellemc/requirements.txt
FileNotFoundError: [Errno 2] No such file or directory: '/home/user/.ansible/collections/ansible_collections/dellemc/powerscale/../requirements.txt'
Note the parent folder reference../requirements.txt - Step 4 edit meta/execution-environment.yml and remove the relative path
---
version: 1
dependencies:
galaxy: requirements.yml
python: requirements.txt- Step 5 test collection again and see proper output
Expected behavior
ansible-builder introspect command should list correct dependencies
---
python:
- 'certifi # from collection dellemc.powerscale'
- 'isi-sdk-9-1-0 # from collection dellemc.powerscale'
- 'isi-sdk-8-1-1 # from collection dellemc.powerscale'
- 'setuptools # from collection dellemc.powerscale'
- 'six # from collection dellemc.powerscale'System Information (please complete the following information):
ansible --version
ansible [core 2.12.1]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.8/site-packages/ansible
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
jinja version = 2.10.3
libyaml = True
[BUG]: user and group module does not support specifying user_id/group_id at creation
Describe the bug
When creating a user or group where both the user_name and user_id for a new user, or group_name and group_id for a new group, an error is thrown:
"parameters are mutually exclusive: user_name|user_id"
Specifying a uidnumber or gidnumber when creating users and groups using the Isilon CLI is supported and works.
isi auth groups add group1000 --gid 1000 --zone myzone --provider local
To Reproduce
Steps to reproduce the behavior:
- Write a task using dellemc.powerscale.user or dellemc.powerscale.group
- Enter a group_name/user_name in the task
- Enther a group_id/user_id in the same task.
...
n. Step n See error
- name: Create/Modify Local Groups
dellemc.powerscale.group:
onefs_host: "{{ onefs_hostname }}"
port_no: "{{ onefs_port }}"
verify_ssl: "{{ onefs_verify_ssl }}"
api_user: "{{ api_user }}"
api_password: "{{ api_password }}"
group_name: "group{{ item.gidnumber }}"
group_id: "{{ item.gidnumber }}"
access_zone: "{{ item.access_zone }}"
provider_type: "local"
state: "{{ item.state | default('present') }}"
loop: "{{ isilon_groups }}"
Expected behavior
We need to create local users for legacy systems with specific uidnumbers/gidnumbers. We have automated almost all the Isilon/Powerscale setup using Ansible. Not being able to create users and groups is a setback for a fully automated Isilon/Powerscale setup.
Screenshots
If applicable, add screenshots to help explain your problem.
Logs
If applicable, submit logs or stack traces from the affected services
System Information (please complete the following information):
- OS/Version: RHEL8
- Ansible Version core 2.13.6
- Python Version 3.10
[FEATURE]: Need Ansible module support to create File Pool Policies and Create Tier
Describe the solution you'd like
Currently, there is no support to create File pool policies in the collections. We need this feature to be added in an upcoming release
Describe alternatives you've considered
Via Rest API.
Additional context
Since we have so many parameters to be passed for creating File Pool policies, its better to have this module implemented and make it idempotent.
[BUG]:MANIFEST.json missing in ansible-powerscale-1.8.0.tar.gz
[QUESTION]: Why does info module return cropped information about network interfaces
info module just returns a small portion of the information on network interfaces available from the OneFS API
We noticed that the the info module when invoked with option network_interfaces, returns a only a small portion of the information on network interfaces consisting of name, lnn and id. Other information returned by the OneFS API, like status, type, owners, etc. is disregarded. Shall we consider modifying this behavior and have the module return the API json response, e.g. from /16/network/interfaces as is and let the users decide which data they want to use? It would be a list with dicts like (on OneFS 9.5 at least)
{
"flags": [],
"id": "19:mgmt-4",
"ip_addrs": [],
"ipv4_gateway": null,
"ipv6_gateway": null,
"lnn": 19,
"mtu": 1500,
"name": "mgmt-4",
"nic_name": "bge1",
"owners": [],
"speed": 1,
"status": "no_carrier",
"type": "mgmt",
"vlans": []
}Looking forward to hearing your thoughts on this! Thanks!
[BUG]: Make synciq encryption optional when isi_sdk_9_0_0 is used
Describe the bug
When I try to create a synciq policy and doen't specify a encryption id or name I receive an error that I need to specify these settings. Playbook is running against a powerscale 9.1.0.7 cluster
Expected behavior
Allow creation of synciq policies without encryption enabled.
[BUG]: Get Details of SyncIQ Policy fails with: Invalid value for `snapshot_sync_pattern`, length must be greater than or equal to `1`"
Describe the bug
All I am trying to do is get the Details of a SyncIQ policy. I followed the Example in the Repo.
I get an error saying:
"msg": "Get details of SyncIQ policy AutomationRecovery failed with error : Invalid value for snapshot_sync_pattern, length must be greater than or equal to 1"
To Reproduce
Steps to reproduce the behavior:
- Step 1 - create the playbook with the values
- name: Get SyncIQ policy details
dellemc.powerscale.dellemc_powerscale_synciqpolicy:
onefs_host: "{{ dr_onefs_host }}"
api_user: "{{ dr_api_user }}"
api_password: "{{ dr_api_password }}"
verify_ssl: "{{ verify_ssl }}"
policy_name: "AutomationRecovery"
snapshot_sync_pattern: "*file*"
state: "present"
register: result
- Step 2 - Run the playbook
- Step 3 - See error
Expected behavior
I expect the Playbook not to fail and the details to be available in the register variable.
System Information (please complete the following information):
- OS/Version: RHEL 8.3
- Ansible Version: 2.9.6
- Python Version 3.6.8
Additional Info
I tried this without the snapshot_sync_pattern as well since this is only doing a GET Details there should be no other information needed other than the Policy Name.
Also, NONE of the other modules work in the Examples shown in the Repo.
Lastly, the REST API Calls all work.
It would be great if the Ansible modules could use the REST API calls instead of the Python Modules. In this case you would not need to install the Python modules.
Thanks for your help!
glenn.
[FEATURE]: Find & close smb openfiles
Describe the solution you'd like
We would like to have a module that find & close smb openfiles. There is a cli command for that "isi_for_array -s isi smb openfiles list" and also a restapi endpoint "/platform/1/protocols/smb/openfiles". So this should be possible...
[FEATURE]: Unhide path when putting up error messages
Describe the solution you'd like
I want this error message : "Invalid path ['********'], Path must start with '/'", to clearly and concisely show me the path. I cannot self correct if I can't see what information the tool got.
Describe alternatives you've considered
no_log: false
I don't understand why it would be treated as a password
Additional context
ansible stanza
- name: Add host to NFS share
delegate_to: localhost
no_log: false
dellemc.powerscale.nfs:
onefs_host: "{{onefs_host}}"
port_no: "{{onefs_host_port}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
path: "{{item}}"
root_clients:
- "{{ inventory_hostname }}"
client_state: 'present-in-export'
state: 'present'
loop:
- "{{ nfs_shares }}"
variable declaration
nfs_shares:
- /ifs/test
Full error report
{
"msg": "Invalid path ['********'], Path must start with '/'",
"invocation": {
"module_args": {
"onefs_host": "isilon.dn",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "ansible",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"verify_ssl": false,
"path": "['********']",
"root_clients": [
"server.dn"
],
"client_state": "present-in-export",
"state": "present",
"access_zone": "System",
"clients": null,
"read_only_clients": null,
"read_write_clients": null,
"description": null,
"read_only": null,
"ignore_unresolvable_hosts": null,
"sub_directories_mountable": null,
"security_flavors": null,
"map_root": null,
"map_non_root": null
}
},
"_ansible_no_log": false,
"changed": false,
"item": [
"/ifs/test"
],
"ansible_loop_var": "item",
"_ansible_item_label": [
"/ifs/test"
],
"_ansible_delegated_vars": {
"ansible_host": "localhost",
"ansible_port": null,
"ansible_user": "rexuser",
"ansible_connection": "local"
}
}SyncIQ Policy Module fails when a resync_prep job is running on the cluster
Basic use of the SyncIQ Policy Module fails when there is a resync_prep job running on the cluster. The failure occurs even when the policy being targeted is not the policy the resync_prep job is running for.
Replicate as follows:
- Create two SyncIQ policies and sync them to the target cluster (Policy1, Policy2)
- Set Policy2 on the target cluster to allow writes
- Run a resync-prep for Policy2 on the source cluster
- Immediately run a Ansible playbook that attempts to get details for Policy1 (must run while the Policy2 resync-prep is still running
- name: Get SyncIQ policy details
dellemc_powerscale_synciqpolicy:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
policy_name: "Policy1"
state: "present"
TASK [Get SyncIQ policy details] *********************************************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for `action` (resync_prep), must be one of ['copy', 'sync']"}
The error message reflects the current step of the resync_prep job, as seen in the log file:
2021-10-13 00:44:58,593 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for action(resync_prep), must be one of ['copy', 'sync'] 2021-10-13 00:45:02,759 dellemc_powerscale_synciqpolicy.py INFO : Got python SDK instance for provisioning on PowerScale 2021-10-13 00:45:03,053 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value foraction(resync_prep), must be one of ['copy', 'sync'] 2021-10-13 00:45:05,706 dellemc_powerscale_synciqpolicy.py INFO : Got python SDK instance for provisioning on PowerScale 2021-10-13 00:45:06,000 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value foraction(resync_prep_domain_mark), must be one of ['copy', 'sync'] 2021-10-13 00:45:09,089 dellemc_powerscale_synciqpolicy.py INFO : Got python SDK instance for provisioning on PowerScale 2021-10-13 00:45:09,376 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value foraction(resync_prep_restore), must be one of ['copy', 'sync']
Stale repo?
Is this repo now stale in favor of the Dell Storage unified repo?
[FEATURE]: Add support for manually running a preexisting SyncIQ schedule/job
Looking for a task to be added to start a preexisting SyncIQ schedule/job
Work around using a built in command or passing as shell CLI level command right now.
[BUG]:SMB Module allow for setting SMB3 Encryption at the share level
Allow for setting SMB3 Encryption at the share level
CLI Example:
isi smb shares modify seven --zone=seven --smb3-encryption-enabled=true
[FEATURE]: Need machine_account parameter in the ADS module
Describe the solution you'd like
machine_account should be parameter for ADS Module
Describe alternatives you've considered
Use the REST API
Additional context
I would hope that you would match the GUI when writing the Ansible modules. This way any parameter that the user would use in the GUI could be replicated in the Ansible Module
thanks.
glenn.
[BUG]: "Error '>' not supported between instances of 'str' and 'int' while determining if Quotas are modified "
Describe the bug
Task fails when using dict to define vars with the following error:
"Error '>' not supported between instances of 'str' and 'int' while determining if Quotas are modified "
To Reproduce
Create simple playbook
- name: Create Filesystem with Quota in given access zone
dellemc_powerscale_filesystem:
onefs_host: "{{ onefs_host }}"
port_no: "{{ port_no }}"
verify_ssl: false
api_user: "{{ api_user }}"
api_password: "{{ api_password }}"
path: "{{ item.path }}"
access_zone: "{{ item.access_zone }}"
quota:
hard_limit_size: "{{ item.hard_limit_size }}"
cap_unit: GB
quota_state: present
recursive: true
state: present
loop: "{{ filesystem }}"
delegate_to: localhost
and host_vars like
filesystem:
- path: test_path
access_zone: zn-1
hard_limit_size: 3
state: present
System Information (please complete the following information):
- OS/Version: Centos 7.6
- Ansible Version 2.9.27
- Python Version 3.6.8
- dellemc.powerscale 1.4.0
[QUESTION]: Need clarification on dual-licensing
From README.md:
Ansible collection for PowerScale is released and licensed under the GPL-3.0 license. See LICENSE for the full terms. Ansible modules and modules utilities that are part of the Ansible collection for PowerScale are released and licensed under the Apache 2.0 license. See MODULE-LICENSE for the full terms.
Actually the Python scripts under plugins/modules are labelled with AL2, but the rest of the repository mostly consists of documents and YAMLs, and to me there seems to be no obvious reasons to publish those under GPLv3. So the one viable possibility would be that the whole content of the project is intended ot be dual-licensed. How do I have to understand the licensing model?
Ansible support to Create/Delete Access Zones
Currently, there is no support in Ansible to create/delete the access zone. Will this be supported in upcoming releases .? If we want to implement this change, Do we need to update the SDK or Shall I get more information on this.
[dellemc.powerscale.smartquota: - "msg": "Get Quota Details for ******** failed with Invalid value for `description`, must not be `None`"]:
Hi All,
My Community Conversations Can Be Seen Here As Well
I am working on Quota creation part and noticed it is working on SERVER_A , but the same code is failing on SERVER_B.
post those failing I checked manually and it is working file with same account.
Please find the error message below.
=========ansible.cfg File Running From AAP===============
ansible-playbook [core 2.13.8]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /runner/requirements_collections:/home/runner/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.9.16 (main, May 31 2023, 12:21:58) [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)]
jinja version = 3.0.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
SSH password:
BECOME password[defaults to SSH password]:
host_list declined parsing /runner/inventory/hosts as it did not pass its verify_file() method
Parsed /runner/inventory/hosts inventory source with script plugin
Skipping callback 'awx_display', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
two thing to watch out is,
- file creation was successful , in both cases without any issue , but failing while quota creation.
- SERVER_A is at onefs 9.2.1.15 ----- successful
SERVER_B is at onefs 9.4.0.14 ----- failed
=========MY COMMON CODE FOR BOTH SERVER===============
- name: "Create A Quota On quota_full_path_dev_target -> {{ quota_full_path_dev_target }}"
dellemc.powerscale.smartquota:
onefs_host: "{{ isilon_ip_address_t }}"
verify_ssl: false
api_user: "{{ isilon_api_user }}"
api_password: "{{ isilon_api_password }}"
path: "{{ quota_full_path_dev_target }}"
quota_type: "directory"
access_zone: "System"
quota:
advisory_limit_size: "{{ advisory_limit_size | int }}"
hard_limit_size: "{{ hard_limit_size }}"
soft_limit_size: "{{ soft_limit_size | int }}"
cap_unit: "{{ cap_unit }}"
soft_grace_period: "{{ soft_grace_period }}"
period_unit: "{{ period_unit }}"
container: "yes"
include_snapshots: false
include_overheads: true
state: "present"
=========SUCCESS _LOG _START FOR SERVER_A===============
changed: [xyz.domain.org] => {
"changed": true,
"invocation": {
"module_args": {
"access_zone": "System",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "isilon_user",
"group_name": null,
"onefs_host": "172.0.0.1<SERVER_A>",
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"provider_type": "local",
"quota": {
"advisory_limit_size": 10.0,
"cap_unit": "GB",
"container": true,
"hard_limit_size": 13.0,
"include_overheads": true,
"include_snapshots": false,
"period_unit": "weeks",
"soft_grace_period": 1,
"soft_limit_size": 11.0,
"thresholds_on": null
},
"quota_type": "directory",
"state": "present",
"user_name": null,
"verify_ssl": false
}
},
"quota_details": {
"container": true,
"efficiency_ratio": 0.02587890625,
"enforced": true,
"id": "CJhaEwIAAAAAAAAAAAAAQPgAAAAAAAAA",
"include_snapshots": false,
"linked": false,
"notifications": "default",
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"persona": null,
"ready": true,
"reduction_ratio": null,
"thresholds": {
"advisory": 10737418240,
"advisory(GB)": "10.0",
"advisory_exceeded": false,
"advisory_last_exceeded": null,
"hard": 13958643712,
"hard(GB)": "13.0",
"hard_exceeded": false,
"hard_last_exceeded": null,
"percent_advisory": null,
"percent_soft": null,
"soft": 11811160064,
"soft(GB)": "11.0",
"soft_exceeded": false,
"soft_grace": 604800,
"soft_last_exceeded": null
},
"thresholds_on": "fslogicalsize",
"type": "directory",
"usage": {
"applogical": 0,
"applogical_ready": true,
"fslogical": 53,
"fslogical_ready": true,
"fsphysical": 2048,
"fsphysical_ready": true,
"inodes": 1,
"inodes_ready": true,
"physical": 2048,
"physical_data": 0,
"physical_data_ready": true,
"physical_protection": 0,
"physical_protection_ready": true,
"physical_ready": true,
"shadow_refs": 0,
"shadow_refs_ready": true
}
}
}
****=========ERROR _LOG _START FOR SERVER_B===============****
> The full traceback is:
File "/tmp/ansible_dellemc.powerscale.smartquota_payload_01r59iil/ansible_dellemc.powerscale.smartquota_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/smartquota.py", line 599, in get_quota_details
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api/quota_api.py", line 1865, in list_quota_quotas
(data) = self.list_quota_quotas_with_http_info(**kwargs) # noqa: E501
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api/quota_api.py", line 1985, in list_quota_quotas_with_http_info
collection_formats=collection_formats)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 346, in call_api
_preload_content, _request_timeout)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 185, in __call_api
return_data = self.deserialize(response_data, response_type)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 257, in deserialize
return self.__deserialize(data, response_type)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 296, in __deserialize
return self.__deserialize_model(data, klass)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 671, in __deserialize_model
kwargs[attr] = self.__deserialize(value, attr_type)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 274, in __deserialize
for sub_data in data]
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 274, in <listcomp>
for sub_data in data]
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 296, in __deserialize
return self.__deserialize_model(data, klass)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 673, in __deserialize_model
instance = klass(**kwargs)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/models/quota_quota_extended.py", line 100, in __init__
self.description = description
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/models/quota_quota_extended.py", line 169, in description
raise ValueError("Invalid value for `description`, must not be `None`") # noqa: E501
fatal: [[xyz.domain.org]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"access_zone": "System",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "isilon_user",
"group_name": null,
"onefs_host": "172.0.0.2<SERVER_B>",
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"provider_type": "local",
"quota": {
"advisory_limit_size": 10.0,
"cap_unit": "GB",
"container": true,
"hard_limit_size": 13.0,
"include_overheads": true,
"include_snapshots": false,
"period_unit": "weeks",
"soft_grace_period": 1,
"soft_limit_size": 11.0,
"thresholds_on": null
},
"quota_type": "directory",
"state": "present",
"user_name": null,
"verify_ssl": false
}
},
"msg": "Get Quota Details for ******** failed with Invalid value for `description`, must not be `None`"
}
[FEATURE]: Quota Show available space as
Adding an option of showing available space as Size of smallest hard or soft threshold in dellemc.powerscale.filesystem module.
[FEATURE]: FS creation with a custom user
Describe the solution you'd like
It should be possible to create a File System / directory with a custom user instead of root. Using root account in automation software is a high security risk.
Known issue number 2: https://github.com/dell/ansible-powerscale/blob/master/docs/Release%20Notes.md#known-issues
[FEATURE]: Need Ansible collection support to manage User Mapping settings
Describe the solution you'd like
I would like to be able to manage User Mapping using Ansible
Describe alternatives you've considered
None
Additional context
We use many access zones, and we use Ansible Automation Platform to manage our Isilon/PowerScale clusters. It would be very beneficial to manage the User Mapping rules in Ansible Code as well.
[BUG]: "dellemc.powerscale.synciqpolicy fails with error TypeError: cannot unpack non-iterable NoneType object"
Description
We are trying to manage SyncIQ-Policies using this collection but we're running into the following issue: Unless we leave out required parameters like state or provide wrong credentials on purpose (in which case we get a "normal" Ansible error, such as "incorrect username or password"), we always get the following Python error message:
Logs
Traceback (most recent call last):
File \"/root/.ansible/tmp/ansible-tmp-1669116874.2854335-64-40565527781314/AnsiballZ_synciqpolicy.py\", line 107, in <module>
_ansiballz_main()
File \"/root/.ansible/tmp/ansible-tmp-1669116874.2854335-64-40565527781314/AnsiballZ_synciqpolicy.py\", line 99, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File \"/root/.ansible/tmp/ansible-tmp-1669116874.2854335-64-40565527781314/AnsiballZ_synciqpolicy.py\", line 47, in invoke_module
runpy.run_module(mod_name='ansible_collections.dellemc.powerscale.plugins.modules.synciqpolicy', init_globals=dict(_module_fqn='ansible_collections.dellemc.powerscale.plugins.modules.synciqpolicy', _modlib_path=modlib_path),
File \"/usr/lib64/python3.9/runpy.py\", line 225, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code
_run_code(code, mod_globals, init_globals,
File \"/usr/lib64/python3.9/runpy.py\", line 87, in _run_code
exec(code, run_globals)
File \"/tmp/ansible_dellemc.powerscale.synciqpolicy_payload_vwnkij0j/ansible_dellemc.powerscale.synciqpolicy_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/synciqpolicy.py\", line 1076, in <module>
File \"/tmp/ansible_dellemc.powerscale.synciqpolicy_payload_vwnkij0j/ansible_dellemc.powerscale.synciqpolicy_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/synciqpolicy.py\", line 1072, in main
File \"/tmp/ansible_dellemc.powerscale.synciqpolicy_payload_vwnkij0j/ansible_dellemc.powerscale.synciqpolicy_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/synciqpolicy.py\", line 854, in perform_module_operation
TypeError: cannot unpack non-iterable NoneType object
To reproduce
- write a minimal playbook:
- name: bug
hosts: localhost
tasks:
- name: demo filesync policy bug
dellemc.powerscale.synciqpolicy:
onefs_host: "isilon.ecample.com"
verify_ssl: false
api_user: "****"
api_password: "****"
policy_name: "debug"
state: "absent"
- run the playbook
System Information:
- OS/Version: Red Hat 8.5.0-13
- Ansible Version v2.13.4
- Python Version v3.9.13
Expected behavior
The "debug" policy is either deleted if it exists or nothing is done if it doesn't. In either case, the task should succeed.
Other modules from this collection such as smb and smartquota work w/o issue on the same setup.
Are there any implicitely required parameters we are missing here?
Best
[BUG]: File System module fails to modify ACL rights for a trustee from any zone except System
Describe the bug
When trying to modify ACL rights for a trustee from any zone except System the task fails with message:
Setting ACL rights of Filesystem ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/shareFSmoduletest5 failed with error: { errors : [ { code : AEC_BAD_REQUEST , message : Invalid trustee } ] }
But it works fine when I specify a user from System zone.
To Reproduce
Steps to reproduce the behavior:
- Step 1 create additional zone / in my case:
ISILONSIMULATOR-1# isi zone list -v
Name: zoneinsidezoneinsidezone
Path: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone
Groupnet: groupnet0
Map Untrusted:
Auth Providers: lsa-file-provider:System, lsa-local-provider:zoneinsidezoneinsidezone
NetBIOS Name:
User Mapping Rules: -
Home Directory Umask: 0077
Skeleton Directory: /usr/share/skel
Cache Entry Expiry: 4H
Negative Cache Entry Expiry: 1m
Zone ID: 4
- Step 2 create a user in that zone / in my case:
ISILONSIMULATOR-1# isi auth users list --zone zoneinsidezoneinsidezone
Name
lvl3user
anotheruser
- Step 3 run File System module to create a directory for the zone and the first user from above and to assign ACL rights for the second user from above (it also fails with the same error if I separate the directory creation and the ACL rights assignment to different tasks):
- name: create a directory and assign target permissions in the corresponding zone
dellemc.powerscale.filesystem:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
path: "/shareFSmoduletest6"
access_zone: "zoneinsidezoneinsidezone"
owner:
name: 'lvl3user'
provider_type: 'LOCAL:zoneinsidezoneinsidezone'
access_control_rights:
access_type: "allow"
access_rights:
- dir_gen_all
inherit_flags:
- container_inherit
trustee: 'anotheruser3'
access_control_rights_state: "add"
state: "present"
Expected behavior
ACL rights from the task should be assigned to the second user (anotheruser3).
Logs
The full output:
fatal: [ISILONSIMULATOR]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"access_control": null,
"access_control_rights": {
"access_rights": [
"dir_gen_all"
],
"access_type": "allow",
"inherit_flags": [
"container_inherit"
],
"trustee": "anotheruser3"
},
"access_control_rights_state": "add",
"access_zone": "zoneinsidezoneinsidezone",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "root",
"group": null,
"list_snapshots": false,
"onefs_host": "DBISILONSIMULATOR",
"owner": {
"name": "lvl3user",
"provider_type": "LOCAL:zoneinsidezoneinsidezone"
},
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"quota": null,
"recursive": true,
"recursive_force_delete": false,
"state": "present",
"verify_ssl": false
}
},
"msg": "Setting ACL rights of Filesystem ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone******** failed with error: { errors : [ { code : AEC_BAD_REQUEST , message : Invalid trustee } ] } "
But the directory still gets created. Without the second user ACL rights though:
ISILONSIMULATOR-1# ls -led /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/shareFSmoduletest6
drwx------ 2 lvl3user wheel 0 Aug 3 17:57 /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/shareFSmoduletest6
OWNER: user:lvl3user
GROUP: group:wheel
SYNTHETIC ACL
0: user:lvl3user allow dir_gen_read,dir_gen_write,dir_gen_execute,std_write_dac,delete_child
1: group:wheel allow std_read_dac,std_synchronize,dir_read_attr
System Information (please complete the following information):
- OS/Version: Ubuntu 20.04.4 LTS
- Ansible Version: 2.13.2
- Python Version: 3.9.13
- OneFS version: 9.2.1.10
[FEATURE]: Add support for "run_as_root" for SMB module
While it looks available on the SDK, it seems not possible to create/modify "run_as_root" permissions via Ansible SMB module:
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (dellemc.powerscale.smb) module: **run_as_root** Supported parameters include: access_based_enumeration, access_based_enumeration_root_only, access_zone, allow_variable_expansion, api_password, api_user, auto_create_directory, browsable, ca_timeout, ca_write_integrity, change_notify, continuously_available, create_path, description, directory_create_mask, directory_create_mode, file_create_mask, file_create_mode, file_filter_extension, file_filtering_enabled, host_acls, impersonate_guest, impersonate_user, new_share_name, ntfs_acl_support, onefs_host, oplocks, path, permissions, port_no, share_name, smb3_encryption_enabled, state, strict_ca_lockout, verify_ssl"}
I couldn't find any workaround.
Thanks.
[DOCUMENTATION]: Incorrect documentation
Samples in documentation are incorrect for the module.
All samples use the following:
dellemc.powerscale.filesystem:
onefs_host: "{{powerscalehost}}"
port: "{{powerscaleport}}"
verify_ssl: "{{verify_ssl}}"
username: "{{user}}"
password: "{{password}}"
When using the samples as they are, errors are thrown, indicating that the inputs for the module are incorrect for "user, password and port".
However, according to the module parameters in the docs, the fields for User, Port and Password should be as follows:
dellemc.powerscale.filesystem:
onefs_host: "{{ powerscalehost }}"
port_no: "{{ powerscaleport }}"
verify_ssl: "{{ verify_ssl }}"
api_user: "{{ user }}"
api_password: "{{ password }}"
dellemc_powerscale_filesystem does not honor the recursive paramater during deletes
The dellemc_powerscale_filesystem module is not able to delete file systems unless they are empty.
Would like to do something like the following with the 'recursive' parameter from the playbook being honored for deletes:
- name: Delete target file systems
dellemc_powerscale_filesystem:
onefs_host: "{{synciq_target}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
access_zone: "{{access_zone}}"
path: "{{item.path}}"
state: "absent"
recursive: True
loop: "{{smb_shares}}"
The module has a 'recursive' parameter, and it looks like the SDK also includes a recursive option on 'delete_directory'.
Thank you!
[BUG]: smartquota and smb modules use the `path` keyword inconsitently
Describe the bug
When creating a share with ("directory"-type) smartquota in an access_zone, the path value needs to start with / in the smartquota module. Without it, it fails.
To Reproduce
Steps to reproduce the behavior:
- create a smb share using
dellemc.powerscale.smbwithpath: "example" - create a smartquota on that share using
dellemc.powerscale.smartquotawithquota_type: "directory"andpath: "example".
This results in an error code: AEC_NOT_FOUND, message: Path not found ...
Replacing path: "example" with path: "/example" in step 2 creates no error.
Expected behavior
path should behave consistently.
Screenshots
If applicable, add screenshots to help explain your problem.
Logs
If applicable, submit logs or stack traces from the affected services
System Information (please complete the following information):
- dellemc.powerscale 1.7.0
- Ansible 2.13.4
- Python 3.9.13
[QUESTION]: Please install isilon-sdk
How can the Team help you today?
I'm trying to understand what I could have done, but seemingly out of nowhere, I'm receiving the follower error when running a playbook. Have tried multiple modules (accesszone, filesystem, etc) and receiving:
Unable to import PowerScale python library. Please install isilon-sdk. Please install the required package(s)
I have reinstalled isi-sdk-9-1-0 and isi-sdk-8-1-0 and isilon-sdk to no avail. I'm 99% sure I am correctly setting the ANSIBLE_COLLECTIONS_PATHS path too and verifying correct python3 is being used.
Anyone else seeing this? Thanks!!!
[FEATURE]: Add quota option "container"
Describe the solution you'd like
Quotas have the option "container". Add this to the quota/filesystem module.
[BUG] Using dellemc.powerscale.info does not return info on all nodes when cluster is version 9.5.0.0
I'm using the ansible module dellemc.powerscale.info to retrieve information about cluster nodes. When the OneFS version is 9.5.0.0 the module does not return info on all nodes, only the node that is the target of the api call. I've tracked it down to the isi_sdk_9_1_0 pip module requirement.
In that module the get_cluster_nodes api call is using /platform/10/cluster/nodes api path. This call when executed against a 9.5.0.0 OneFS cluster will only return a single node. Executed against OneFS 9.3.0.0 does retrun all node info as expected.
If I use postman and access any other platform version [3,5,7,12,14,15,16] against 9.5.0.0. I get the full list of node info as expected.
I don't know who is maintaining the pip module isi_sdk_9_1_0, but if there were modules that supported later versions it would be helpful. ( i.e. isi_sdk_9_3_0, isi_sdk_9_4_0...) OR support the isilon_sdk pip module which contains all sdk version.
[FEATURE]: Support the container paramenter in filesystem quotas
Describe the solution you'd like
dellemc_powerscale_filesystem module does not support the --container parameter when setting quotas
neither does the dellemc_powerscale_smartquota module
Describe alternatives you've considered
Additional context
Create Network pool documentation is wrong
@rajendravarma077 @meshuga @anupamaloke @walker2 @dattaarindam
From Documentation, below is the code to create a network pool. But getting below error stating unsupported parameters name
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (dellemc.powerscale.dellemc_powerscale_subnet) module: access_zone, pool Supported parameters include: api_password, api_user, description, gateway_priority, groupnet_name, netmask, new_subnet_name, onefs_host, port_no, state, subnet_name, subnet_params, verify_ssl"}
Do we need to use dellemc_powerscale_subnet or dellemc_powerscale_networkpool.
- name: Create Network Pool
dellemc_powerscale_subnet:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
groupnet: "groupnet0"
subnet: "subnet0"
pool: "Test_Pool_2"
access_zone: "system"
state: "present"
[FEATURE]: Add Option continuously_available to SMB Module
Describe the solution you'd like
Add a option to set continuously_available to true/false for SMB Module
Quotas use int type instead of float
Line: 808-810 are setting the limit_size using ints. Can we use floats instead so that we can easily implement a hard limit of 1.5 TB, for example?
advisory_limit_size=dict(type='int'),
soft_limit_size=dict(type='int'),
hard_limit_size=dict(type='int'),
[BUG]: PowerScale Ansible v1.6 - if default root/a credentials used any output containing "a" will become "*********"
Describe the bug
PowerScale Ansible Module v1.6 dellemc.powerscale.smb returns ******** for character "a"? shows status "changed" instead of the expected "ok", and the output also contains some "a" characters replaced with eight asterisk* characters in its place. This only occurs if the password for authentication to run the module parameters is also "a". It could be this is an as-designed feature to protect the password if the hash matches, but, it should not result in status: changed in any way, this is designed to protect a password if it is inadvertently typed into the ansible parameters
To Reproduce
Steps to reproduce the behavior:
- PowerScale Ansible Module 1.6, Isilon OneFS version 9.2 and higher
- Run the following ansible queries / parameters (as an example - not limited to this set of parameters only)
name: Get SMB share permissions from the cluster
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
access_zone: "{{item.zone}}"
share_name: "{{item.share}}"
state: present
register: getpermissions_result
with_items: "{{share_list}}"
- Observe the error behavior in the output, which is seen regardless of the no_log being set set to false or true.
Unexpected behavior
changed: [fbkppexfer] => (item={'share': 'PKITA_24891470_ADT', 'zone': 'PPEXFER-Ring0'}) => { "ansible_loop_var": "item", "changed": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",.... ", "create_permissions": "def********ult ********cl",
Expected behavior
Expected behavior example...
ok: [DBISILONSIMULATOR] => (item={'share': 'CreatedFromAnsible', 'zone': 'testzone'}) => { "ansible_loop_var": "item", "changed": false, "invocation": { "module_args": { "access_based_enumeration": null, "access_based_enumeration_root_only": null, "access_zone": "testzone", "api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",...... "create_permissions": "default acl",
Screenshots
NA
Logs
NA
System Information (please complete the following information):
- OS/Version: REL 8.4
- Ansible Version PowerScale Module v1.6.0
- Python Version 3.9
- Additional Information Isilon OneFS 9.2.1.12
Additional context
https://www.dell.com/community/Automation/PowerScale-Ansible-Module-v1-6-dellemc-powerscale-smb-returns/m-p/8269586/thread-id/364#M366
Changing the password from "a" to something less common that is not included in the clear-text output received back from the parameters sent proves to be a workaround to the issue. Still - this shouldn't ever happen. Thanks.
[FEATURE]: Need Ansible collection support to manage HDFS Settings
Describe the solution you'd like
Need Ansible collection support to enable/disable HDFS for Access zones and define the required block size and other HDFS settings
Describe alternatives you've considered
Via Rest API
Additional context
It will be better to have a dedicated HDFS module which can support all HDFS related settings.
[FEATURE]: S3 Bucket support
The project dosen't support a S3 bucket configuration.
[BUG]: meta/runtime.yml contains redirects that will stop working with ansible-core 2.14
Describe the bug
The redirect entries in meta/runtime.yml do not contain FQCNs, but short names: https://github.com/dell/ansible-powerscale/blob/1.6.0/meta/runtime.yml#L6-L121
This will result in an error with ansible-core 2.14, see ansible/ansible#78755.
[BUG]: FS module returns wrong username if UID is equal to other UID in System zone
Describe the bug
When you have local users in System zone with the same UID as users in the custom zone, and you add custom zone's users to ACL permissions to a directory in the custom zone, then get this directory details with FS module - FS module returns System zone usernames.
To Reproduce
Steps to reproduce the behavior:
- Step 1 create a zone:
--------------------------------------------------------------------------------
Name: zoneinsidezoneinsidezone
Path: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone
Groupnet: groupnet0
Map Untrusted:
Auth Providers: lsa-file-provider:System, lsa-local-provider:zoneinsidezoneinsidezone
NetBIOS Name:
User Mapping Rules: -
Home Directory Umask: 0077
Skeleton Directory: /usr/share/skel
Cache Entry Expiry: 4H
Negative Cache Entry Expiry: 1m
Zone ID: 4
--------------------------------------------------------------------------------
- Step 2 Create a user (in my case two of them) in System zone:
--------------------------------------------------------------------------------
Name: ansible_user
DN: CN=ansible_user,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:System
Sam Account Name: ansible_user
UID: 2000
SID: S-1-5-21-1442644921-1582277087-1925991597-1001
Enabled: Yes
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:2000
Name: ansible
Home Directory: /ifs/home/ansible_user
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:20:30
Password Last Set: 2021-10-05T17:22:20
Password Expires: No
Shell: /bin/zsh
UPN: ansible_user@DBISILONSIMULATOR
User Can Change Password: Yes
--------------------------------------------------------------------------------
Name: winscp_user
DN: CN=winscp_user,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:System
Sam Account Name: winscp_user
UID: 2001
SID: S-1-5-21-1442644921-1582277087-1925991597-1002
Enabled: Yes
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:1800
Name: Isilon Users
Home Directory: /ifs/home/winscp_user
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:20:30
Password Last Set: 2021-10-28T14:00:34
Password Expires: No
Shell: /bin/zsh
UPN: winscp_user@DBISILONSIMULATOR
User Can Change Password: Yes
--------------------------------------------------------------------------------
- Step 3 Create a user with the same UID (again I have two) in the custom zone:
--------------------------------------------------------------------------------
Name: lvl3user
DN: CN=lvl3user,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:zoneinsidezoneinsidezone
Sam Account Name: lvl3user
UID: 2000
SID: S-1-5-21-1932411878-2135597842-4260751763-1000
Enabled: Yes
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:1800
Name: Isilon Users
Home Directory: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/home/lvl3user
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:22:48
Password Last Set: 2021-10-07T12:11:55
Password Expires: No
Shell: /bin/zsh
UPN: lvl3user@DBISILONSIMULATOR
User Can Change Password: Yes
--------------------------------------------------------------------------------
Name: anotheruser3
DN: CN=anotheruser3,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:zoneinsidezoneinsidezone
Sam Account Name: anotheruser3
UID: 2001
SID: S-1-5-21-1932411878-2135597842-4260751763-1001
Enabled: No
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:1800
Name: Isilon Users
Home Directory: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/home/anotheruser3
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:22:48
Password Last Set: 2022-08-03T16:33:34
Password Expires: No
Shell: /bin/zsh
UPN: anotheruser3@DBISILONSIMULATOR
User Can Change Password: Yes
- Step 4 Add the custom zone's users to ACL permissions of a folder in the custom zone:
DBISILONSIMULATOR-1# ls -led /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/sharelvl3
drwxrw---- + 2 root wheel 0 Sep 22 12:00 /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/sharelvl3
OWNER: user:root
GROUP: group:wheel
0: user:anotheruser3 allow dir_gen_write,std_delete
1: user:Guest allow dir_gen_read,dir_gen_write,std_delete
2: user:lvl3user allow dir_gen_write,std_delete
3: user:root allow dir_gen_read,dir_gen_write,dir_gen_execute,std_write_dac,delete_child
4: group:wheel allow std_read_dac,std_synchronize,dir_read_attr
- Step 5 Get FS details from that directory using FS module:
- name: Get filesystem details
dellemc.powerscale.filesystem:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
access_zone: "zoneinsidezoneinsidezone"
path: "/sharelvl3"
state: present
register: ACL_permissions
- Step 6 The output has System zone users instead of the custom zone's ones:
ok: [DBISILONSIMULATOR] => {
"add_quota": "",
"changed": false,
"create_filesystem": "",
"delete_filesystem": "",
"delete_quota": "",
"filesystem_details": {
"attrs": [
...
"namespace_acl": {
"acl": [
{
"accessrights": [
"dir_gen_write",
"std_delete"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
**"id": "UID:2001",
"name": "winscp_user",**
"type": "user"
}
},
{
"accessrights": [
"dir_gen_read",
"dir_gen_write",
"std_delete"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "UID:1501",
"name": "Guest",
"type": "user"
}
},
{
"accessrights": [
"dir_gen_write",
"std_delete"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
**"id": "UID:2000",
"name": "ansible_user",**
"type": "user"
}
},
{
"accessrights": [
"dir_gen_read",
"dir_gen_write",
"dir_gen_execute",
"std_write_dac",
"delete_child"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "UID:0",
"name": "root",
"type": "user"
}
},
{
"accessrights": [
"std_read_dac",
"std_synchronize",
"dir_read_attr"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "GID:0",
"name": "wheel",
"type": "group"
}
}
],
Expected behavior
FS module should return the custom zone usernames instead of System zone's ones.
System Information (please complete the following information):
- OS/Version: Ubuntu 20.04.4 LTS
- Ansible Version 2.13.2
- Python Version 3.9.13
- OneFS version: 9.2.1.10
Unable to import dellemc.powerscale.filesystem due to invalid syntax
Unable to import dellemc.powerscale.filesystem due to invalid syntax
We are running one of ansible-galaxy library(dellemc.powerscale) , which got upgraded to new version recently (probably 20 days ago)post that we can not able to use this module like :- dellemc.powerscale.filesystem , dellemc.powerscale.smb etc.
and got error
[FEATURE]: Changing a user password
Describe the solution you'd like
Using dellemc.powerscale.user changing a user password for users is not possible.
The password parameter is ignore for all operations but "create".
Therefore it is not possible to bootstrap a PowerScale Cluster using ansible, the root/admin user account passwords can not be set.
Describe alternatives you've considered
If a password is supplied - set it.
Consider it a change.
Additional context
The API exists already
https://github.com/Isilon/isilon_sdk_python/blob/a76bec4087528b16679c54f4c9e1200a590b47bd/isi_sdk_9_1_0/isi_sdk_9_1_0/api/auth_users_api.py#L401-402
[FEATURE]: Allow removal of share permissions (in addition to allowing/denying)
Describe the solution you'd like
I'd like to be able to delete old permissions using the ansible module dellemc.powerscale.smb. At the moment I can only chose between allow or deny as vaues for the premission_type parameter in entries in the permissions dictionary
Describe alternatives you've considered
An alternative is to use the ansible.builtin.uri module to talk to OneFS, but that comes at a higher cost (i.e. the login needs to be perfomed explicitely within the playbook, tasks which otherwise would be taken care of by the dellemc.powerscale module.
[QUESTION]: Looking For API snaprevert_params to specify the snapshot to revert.
How can the Team help you today?
Details: ?
I am looking for powerscale/Isilon CLI command functionality to perform snapshot restore.
=> cp -a "{{ src_path }}" "{{ dest_path }}" within powerscale cluster.
src_path : /ifs/.snapshot/cluster_name_HOURLY_3D_04-18-2023_05:00/cluster_name/test/ISO
dest_path : /ifs/cluster_name/test/NAS_Isilon_Restore
I heard that API snaprevert_params was available to specify the snapshot to revert.
But , Currently it is not supported through ansible.
[FEATURE]: Need Ansible collection support to manage Kerberos settings
Describe the solution you'd like
Currently, we have support for all other authentication providers except Kerberos. Please add the support to configure Kerberos related settings.
Describe alternatives you've considered
Still Evaluating.
Additional context
[FEATURE]: Make NFS Module support export security settings
Using the UI I can create an NFS4 export that supports NFS4 sys, krb5, krb5i or krb5p. Using the module I have no way of setting the desired security settiings of the export.
I would like to have a security_settings attribute for the nfs module where I can specify which security types I want for the export. I would suggest to make the attribute a list.
e.g.
- name: Create NFS Export
dellemc.powerscale.nfs:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
path: "<path>"
access_zone: "{{access_zone}}"
read_only_clients:
- "{{client1}}"
- "{{client2}}"
read_only: True
clients: ["{{client3}}"]
client_state: 'present-in-export'
state: 'present'
security_settings:
- sys
- krb5
- krb5i
- krb5p
Valid attributes can either be the unix nfs mount options (sys, krb5, krb5i, krb5p) or variants of the texts in the gui. I did not yet look for the REST API attributes to set the security settings for an export.
Thanks
[BUG]: Filesystem module - change no_log to False for the `path` argument
Describe the bug
- name: "Create Source Filesystem For DEV"
dellemc.powerscale.filesystem:
onefs_host: "{{ ip_address }}"
port_no: "8080"
verify_ssl: false
api_user: "{{ api_user }}"
api_password: "{{ api_password }}"
path: "/ifs/{{ cluster_name }}/{{ region }}/DEV/{{ division }}{{ region }}{{ env }}{{ '{:>05}'.format(app_id) }}{{ '%02d' | format(item) }}"
owner:
name: '{{ api_user }}'
provider_type: 'ads'
state: "present"
register: quota_output_dev_source
when: not (quota_output_dev_source.changed | d(false))
loop: '{{ list_of_sequence }}'
Hi Team,
i was able to successfully create a FileSystem using module which is not exist only
(eg: if nothing there it will create 1 , )
(eg: if 1 and 2 there it will create 3 , )
(eg: if 1, 2, 3 there it will create 4 , )
#creating /ifs/cluster_name/MA/DEV/FOUMAD0031301
#creating /ifs/cluster_name/MA/DEV/FOUMAD0031302
#creating /ifs/cluster_name/MA/DEV/FOUMAD0031303
But i am not able to find the path which was created even with register option , it is "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"
That's because the dellemc.powerscale.filesystem module declares path
as no_log=True in its argument specification:
https://github.com/dell/ansible-powerscale/blob/1.9.0/plugins/modules/filesystem.py#L1565
This tells ansible-core that the value of path is a secret that
should not be logged or accidentally returned.
Expected behavior
I am expecting to log the path which was created. like :-
"path": "/ifs/cnpldcisit-hc01/MA/DEV/FOUMAD00313XX"
Logs
changed: [xxx.xxx.xx.org] => (item=3) => {
"add_quota": "",
"ansible_loop_var": "item",
"changed": true,
"create_filesystem": true,
"delete_filesystem": "",
"delete_quota": "",
"filesystem_details": {
"attrs": [
{
"name": "is_hidden",
"namespace": null,
"value": "False"
},
{
"name": "size",
"namespace": null,
"value": "0"
},
{
"name": "block_size",
"namespace": null,
"value": "8192"
},
{
"name": "blocks",
"namespace": null,
"value": "64"
},
{
"name": "last_modified",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "change_time",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "access_time",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "create_time",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "mtime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "ctime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "atime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "btime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "owner",
"namespace": null,
"value": "CS\\user"
},
{
"name": "group",
"namespace": null,
"value": "Unknown Group"
},
{
"name": "uid",
"namespace": null,
"value": "1718493"
},
{
"name": "gid",
"namespace": null,
"value": "230"
},
{
"name": "id",
"namespace": null,
"value": "10248563658"
},
{
"name": "nlink",
"namespace": null,
"value": "2"
},
{
"name": "type",
"namespace": null,
"value": "container"
},
{
"name": "stub",
"namespace": null,
"value": "False"
},
{
"name": "mode",
"namespace": null,
"value": "0700"
}
],
"namespace_acl": {
"acl": [
{
"accessrights": [
"dir_gen_read",
"dir_gen_write",
"dir_gen_execute",
"std_write_dac",
"delete_child"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "SID:S-1-5-21-1229272821-706699826-839522115-11328533",
"name": "CS\\user",
"type": "user"
}
},
{
"accessrights": [
"std_read_dac",
"std_synchronize",
"dir_read_attr"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "GID:230",
"name": null,
"type": null
}
}
],
"action": "replace",
"authoritative": "mode",
"group": {
"id": "GID:230",
"name": null,
"type": null
},
"mode": "0700",
"owner": {
"id": "SID:S-1-5-21-1229272821-706699826-839522115-11328533",
"name": "CS\\user",
"type": "user"
}
}
},
"filesystem_snapshots": "",
"invocation": {
"module_args": {
"access_control": null,
"access_control_rights": null,
"access_control_rights_state": null,
"access_zone": "System",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "cs\\user",
"group": null,
"list_snapshots": false,
"onefs_host": "xxx.xx.xxx.xxx",
"owner": {
"name": "cs\\user",
"provider_type": "ads"
},
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"quota": null,
"recursive": true,
"recursive_force_delete": false,
"state": "present",
"verify_ssl": false
}
},
"item": 3,
"modify_filesystem": "",
"modify_group": "",
"modify_owner": "",
"modify_quota": "",
"quota_details": {
"quotas": [],
"resume": null
}
}
System Information (please complete the following information):
- OS/Version: [Fedora Linux 37 (Workstation Edition)]
- Ansible Version [2.14]
- Python Version [3.11]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.