dell / ansible-powerscale Goto Github PK
View Code? Open in Web Editor NEWPowerScale (Isilon) Ansible modules
License: GNU General Public License v3.0
PowerScale (Isilon) Ansible modules
License: GNU General Public License v3.0
If I run
I get only the smb openfiles for that node which I specify in "onefs_host" and not from the whole cluster.
Hi,
it would be really nice if we could manage the certificates of the webserver and the certification authorities with the module. With certificate lifetime changes on the horizon, this would help all users that have to change the webserver cert every 90 days.
without the creation steps for the certificates.
Thank you.
While it looks available on the SDK, it seems not possible to create/modify "run_as_root" permissions via Ansible SMB module:
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (dellemc.powerscale.smb) module: **run_as_root** Supported parameters include: access_based_enumeration, access_based_enumeration_root_only, access_zone, allow_variable_expansion, api_password, api_user, auto_create_directory, browsable, ca_timeout, ca_write_integrity, change_notify, continuously_available, create_path, description, directory_create_mask, directory_create_mode, file_create_mask, file_create_mode, file_filter_extension, file_filtering_enabled, host_acls, impersonate_guest, impersonate_user, new_share_name, ntfs_acl_support, onefs_host, oplocks, path, permissions, port_no, share_name, smb3_encryption_enabled, state, strict_ca_lockout, verify_ssl"}
I couldn't find any workaround.
Thanks.
Describe the bug
PowerScale Ansible Module v1.6 dellemc.powerscale.smb returns ******** for character "a"? shows status "changed" instead of the expected "ok", and the output also contains some "a" characters replaced with eight asterisk* characters in its place. This only occurs if the password for authentication to run the module parameters is also "a". It could be this is an as-designed feature to protect the password if the hash matches, but, it should not result in status: changed in any way, this is designed to protect a password if it is inadvertently typed into the ansible parameters
To Reproduce
Steps to reproduce the behavior:
name: Get SMB share permissions from the cluster
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
access_zone: "{{item.zone}}"
share_name: "{{item.share}}"
state: present
register: getpermissions_result
with_items: "{{share_list}}"
Unexpected behavior
changed: [fbkppexfer] => (item={'share': 'PKITA_24891470_ADT', 'zone': 'PPEXFER-Ring0'}) => { "ansible_loop_var": "item", "changed": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",.... ", "create_permissions": "def********ult ********cl",
Expected behavior
Expected behavior example...
ok: [DBISILONSIMULATOR] => (item={'share': 'CreatedFromAnsible', 'zone': 'testzone'}) => { "ansible_loop_var": "item", "changed": false, "invocation": { "module_args": { "access_based_enumeration": null, "access_based_enumeration_root_only": null, "access_zone": "testzone", "api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",...... "create_permissions": "default acl",
Screenshots
NA
Logs
NA
System Information (please complete the following information):
Additional context
https://www.dell.com/community/Automation/PowerScale-Ansible-Module-v1-6-dellemc-powerscale-smb-returns/m-p/8269586/thread-id/364#M366
Changing the password from "a" to something less common that is not included in the clear-text output received back from the parameters sent proves to be a workaround to the issue. Still - this shouldn't ever happen. Thanks.
Describe the bug
When I try to create a synciq policy and doen't specify a encryption id or name I receive an error that I need to specify these settings. Playbook is running against a powerscale 9.1.0.7 cluster
Expected behavior
Allow creation of synciq policies without encryption enabled.
From README.md
:
Ansible collection for PowerScale is released and licensed under the GPL-3.0 license. See LICENSE for the full terms. Ansible modules and modules utilities that are part of the Ansible collection for PowerScale are released and licensed under the Apache 2.0 license. See MODULE-LICENSE for the full terms.
Actually the Python scripts under plugins/modules
are labelled with AL2, but the rest of the repository mostly consists of documents and YAMLs, and to me there seems to be no obvious reasons to publish those under GPLv3. So the one viable possibility would be that the whole content of the project is intended ot be dual-licensed. How do I have to understand the licensing model?
Using the UI I can create an NFS4 export that supports NFS4 sys, krb5, krb5i or krb5p. Using the module I have no way of setting the desired security settiings of the export.
I would like to have a security_settings attribute for the nfs module where I can specify which security types I want for the export. I would suggest to make the attribute a list.
e.g.
- name: Create NFS Export
dellemc.powerscale.nfs:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
path: "<path>"
access_zone: "{{access_zone}}"
read_only_clients:
- "{{client1}}"
- "{{client2}}"
read_only: True
clients: ["{{client3}}"]
client_state: 'present-in-export'
state: 'present'
security_settings:
- sys
- krb5
- krb5i
- krb5p
Valid attributes can either be the unix nfs mount options (sys, krb5, krb5i, krb5p) or variants of the texts in the gui. I did not yet look for the REST API attributes to set the security settings for an export.
Thanks
Describe the solution you'd like
Add a option to set continuously_available to true/false for SMB Module
Describe the bug
- name: "Create Source Filesystem For DEV"
dellemc.powerscale.filesystem:
onefs_host: "{{ ip_address }}"
port_no: "8080"
verify_ssl: false
api_user: "{{ api_user }}"
api_password: "{{ api_password }}"
path: "/ifs/{{ cluster_name }}/{{ region }}/DEV/{{ division }}{{ region }}{{ env }}{{ '{:>05}'.format(app_id) }}{{ '%02d' | format(item) }}"
owner:
name: '{{ api_user }}'
provider_type: 'ads'
state: "present"
register: quota_output_dev_source
when: not (quota_output_dev_source.changed | d(false))
loop: '{{ list_of_sequence }}'
Hi Team,
i was able to successfully create a FileSystem using module which is not exist only
(eg: if nothing there it will create 1 , )
(eg: if 1 and 2 there it will create 3 , )
(eg: if 1, 2, 3 there it will create 4 , )
#creating /ifs/cluster_name/MA/DEV/FOUMAD0031301
#creating /ifs/cluster_name/MA/DEV/FOUMAD0031302
#creating /ifs/cluster_name/MA/DEV/FOUMAD0031303
But i am not able to find the path which was created even with register option , it is "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"
That's because the dellemc.powerscale.filesystem module declares path
as no_log=True
in its argument specification:
https://github.com/dell/ansible-powerscale/blob/1.9.0/plugins/modules/filesystem.py#L1565
This tells ansible-core that the value of path
is a secret that
should not be logged or accidentally returned.
Expected behavior
I am expecting to log the path which was created. like :-
"path": "/ifs/cnpldcisit-hc01/MA/DEV/FOUMAD00313XX"
Logs
changed: [xxx.xxx.xx.org] => (item=3) => {
"add_quota": "",
"ansible_loop_var": "item",
"changed": true,
"create_filesystem": true,
"delete_filesystem": "",
"delete_quota": "",
"filesystem_details": {
"attrs": [
{
"name": "is_hidden",
"namespace": null,
"value": "False"
},
{
"name": "size",
"namespace": null,
"value": "0"
},
{
"name": "block_size",
"namespace": null,
"value": "8192"
},
{
"name": "blocks",
"namespace": null,
"value": "64"
},
{
"name": "last_modified",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "change_time",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "access_time",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "create_time",
"namespace": null,
"value": "Fri, 21 Apr 2023 12:55:40 GMT"
},
{
"name": "mtime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "ctime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "atime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "btime_val",
"namespace": null,
"value": "1682081740"
},
{
"name": "owner",
"namespace": null,
"value": "CS\\user"
},
{
"name": "group",
"namespace": null,
"value": "Unknown Group"
},
{
"name": "uid",
"namespace": null,
"value": "1718493"
},
{
"name": "gid",
"namespace": null,
"value": "230"
},
{
"name": "id",
"namespace": null,
"value": "10248563658"
},
{
"name": "nlink",
"namespace": null,
"value": "2"
},
{
"name": "type",
"namespace": null,
"value": "container"
},
{
"name": "stub",
"namespace": null,
"value": "False"
},
{
"name": "mode",
"namespace": null,
"value": "0700"
}
],
"namespace_acl": {
"acl": [
{
"accessrights": [
"dir_gen_read",
"dir_gen_write",
"dir_gen_execute",
"std_write_dac",
"delete_child"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "SID:S-1-5-21-1229272821-706699826-839522115-11328533",
"name": "CS\\user",
"type": "user"
}
},
{
"accessrights": [
"std_read_dac",
"std_synchronize",
"dir_read_attr"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "GID:230",
"name": null,
"type": null
}
}
],
"action": "replace",
"authoritative": "mode",
"group": {
"id": "GID:230",
"name": null,
"type": null
},
"mode": "0700",
"owner": {
"id": "SID:S-1-5-21-1229272821-706699826-839522115-11328533",
"name": "CS\\user",
"type": "user"
}
}
},
"filesystem_snapshots": "",
"invocation": {
"module_args": {
"access_control": null,
"access_control_rights": null,
"access_control_rights_state": null,
"access_zone": "System",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "cs\\user",
"group": null,
"list_snapshots": false,
"onefs_host": "xxx.xx.xxx.xxx",
"owner": {
"name": "cs\\user",
"provider_type": "ads"
},
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"quota": null,
"recursive": true,
"recursive_force_delete": false,
"state": "present",
"verify_ssl": false
}
},
"item": 3,
"modify_filesystem": "",
"modify_group": "",
"modify_owner": "",
"modify_quota": "",
"quota_details": {
"quotas": [],
"resume": null
}
}
System Information (please complete the following information):
My Community Conversations Can Be Seen Here As Well
I am working on Quota creation part and noticed it is working on SERVER_A , but the same code is failing on SERVER_B.
post those failing I checked manually and it is working file with same account.
Please find the error message below.
=========ansible.cfg File Running From AAP===============
ansible-playbook [core 2.13.8]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /runner/requirements_collections:/home/runner/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.9.16 (main, May 31 2023, 12:21:58) [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)]
jinja version = 3.0.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
SSH password:
BECOME password[defaults to SSH password]:
host_list declined parsing /runner/inventory/hosts as it did not pass its verify_file() method
Parsed /runner/inventory/hosts inventory source with script plugin
Skipping callback 'awx_display', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
two thing to watch out is,
- file creation was successful , in both cases without any issue , but failing while quota creation.
- SERVER_A is at onefs 9.2.1.15 ----- successful
SERVER_B is at onefs 9.4.0.14 ----- failed
=========MY COMMON CODE FOR BOTH SERVER===============
- name: "Create A Quota On quota_full_path_dev_target -> {{ quota_full_path_dev_target }}"
dellemc.powerscale.smartquota:
onefs_host: "{{ isilon_ip_address_t }}"
verify_ssl: false
api_user: "{{ isilon_api_user }}"
api_password: "{{ isilon_api_password }}"
path: "{{ quota_full_path_dev_target }}"
quota_type: "directory"
access_zone: "System"
quota:
advisory_limit_size: "{{ advisory_limit_size | int }}"
hard_limit_size: "{{ hard_limit_size }}"
soft_limit_size: "{{ soft_limit_size | int }}"
cap_unit: "{{ cap_unit }}"
soft_grace_period: "{{ soft_grace_period }}"
period_unit: "{{ period_unit }}"
container: "yes"
include_snapshots: false
include_overheads: true
state: "present"
=========SUCCESS _LOG _START FOR SERVER_A===============
changed: [xyz.domain.org] => {
"changed": true,
"invocation": {
"module_args": {
"access_zone": "System",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "isilon_user",
"group_name": null,
"onefs_host": "172.0.0.1<SERVER_A>",
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"provider_type": "local",
"quota": {
"advisory_limit_size": 10.0,
"cap_unit": "GB",
"container": true,
"hard_limit_size": 13.0,
"include_overheads": true,
"include_snapshots": false,
"period_unit": "weeks",
"soft_grace_period": 1,
"soft_limit_size": 11.0,
"thresholds_on": null
},
"quota_type": "directory",
"state": "present",
"user_name": null,
"verify_ssl": false
}
},
"quota_details": {
"container": true,
"efficiency_ratio": 0.02587890625,
"enforced": true,
"id": "CJhaEwIAAAAAAAAAAAAAQPgAAAAAAAAA",
"include_snapshots": false,
"linked": false,
"notifications": "default",
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"persona": null,
"ready": true,
"reduction_ratio": null,
"thresholds": {
"advisory": 10737418240,
"advisory(GB)": "10.0",
"advisory_exceeded": false,
"advisory_last_exceeded": null,
"hard": 13958643712,
"hard(GB)": "13.0",
"hard_exceeded": false,
"hard_last_exceeded": null,
"percent_advisory": null,
"percent_soft": null,
"soft": 11811160064,
"soft(GB)": "11.0",
"soft_exceeded": false,
"soft_grace": 604800,
"soft_last_exceeded": null
},
"thresholds_on": "fslogicalsize",
"type": "directory",
"usage": {
"applogical": 0,
"applogical_ready": true,
"fslogical": 53,
"fslogical_ready": true,
"fsphysical": 2048,
"fsphysical_ready": true,
"inodes": 1,
"inodes_ready": true,
"physical": 2048,
"physical_data": 0,
"physical_data_ready": true,
"physical_protection": 0,
"physical_protection_ready": true,
"physical_ready": true,
"shadow_refs": 0,
"shadow_refs_ready": true
}
}
}
> The full traceback is:
File "/tmp/ansible_dellemc.powerscale.smartquota_payload_01r59iil/ansible_dellemc.powerscale.smartquota_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/smartquota.py", line 599, in get_quota_details
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api/quota_api.py", line 1865, in list_quota_quotas
(data) = self.list_quota_quotas_with_http_info(**kwargs) # noqa: E501
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api/quota_api.py", line 1985, in list_quota_quotas_with_http_info
collection_formats=collection_formats)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 346, in call_api
_preload_content, _request_timeout)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 185, in __call_api
return_data = self.deserialize(response_data, response_type)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 257, in deserialize
return self.__deserialize(data, response_type)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 296, in __deserialize
return self.__deserialize_model(data, klass)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 671, in __deserialize_model
kwargs[attr] = self.__deserialize(value, attr_type)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 274, in __deserialize
for sub_data in data]
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 274, in <listcomp>
for sub_data in data]
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 296, in __deserialize
return self.__deserialize_model(data, klass)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/api_client.py", line 673, in __deserialize_model
instance = klass(**kwargs)
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/models/quota_quota_extended.py", line 100, in __init__
self.description = description
File "/usr/local/lib/python3.6/site-packages/isilon_sdk/v9_4_0/models/quota_quota_extended.py", line 169, in description
raise ValueError("Invalid value for `description`, must not be `None`") # noqa: E501
fatal: [[xyz.domain.org]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"access_zone": "System",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "isilon_user",
"group_name": null,
"onefs_host": "172.0.0.2<SERVER_B>",
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"provider_type": "local",
"quota": {
"advisory_limit_size": 10.0,
"cap_unit": "GB",
"container": true,
"hard_limit_size": 13.0,
"include_overheads": true,
"include_snapshots": false,
"period_unit": "weeks",
"soft_grace_period": 1,
"soft_limit_size": 11.0,
"thresholds_on": null
},
"quota_type": "directory",
"state": "present",
"user_name": null,
"verify_ssl": false
}
},
"msg": "Get Quota Details for ******** failed with Invalid value for `description`, must not be `None`"
}
Describe the bug
When you have local users in System zone with the same UID as users in the custom zone, and you add custom zone's users to ACL permissions to a directory in the custom zone, then get this directory details with FS module - FS module returns System zone usernames.
To Reproduce
Steps to reproduce the behavior:
--------------------------------------------------------------------------------
Name: zoneinsidezoneinsidezone
Path: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone
Groupnet: groupnet0
Map Untrusted:
Auth Providers: lsa-file-provider:System, lsa-local-provider:zoneinsidezoneinsidezone
NetBIOS Name:
User Mapping Rules: -
Home Directory Umask: 0077
Skeleton Directory: /usr/share/skel
Cache Entry Expiry: 4H
Negative Cache Entry Expiry: 1m
Zone ID: 4
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Name: ansible_user
DN: CN=ansible_user,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:System
Sam Account Name: ansible_user
UID: 2000
SID: S-1-5-21-1442644921-1582277087-1925991597-1001
Enabled: Yes
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:2000
Name: ansible
Home Directory: /ifs/home/ansible_user
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:20:30
Password Last Set: 2021-10-05T17:22:20
Password Expires: No
Shell: /bin/zsh
UPN: ansible_user@DBISILONSIMULATOR
User Can Change Password: Yes
--------------------------------------------------------------------------------
Name: winscp_user
DN: CN=winscp_user,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:System
Sam Account Name: winscp_user
UID: 2001
SID: S-1-5-21-1442644921-1582277087-1925991597-1002
Enabled: Yes
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:1800
Name: Isilon Users
Home Directory: /ifs/home/winscp_user
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:20:30
Password Last Set: 2021-10-28T14:00:34
Password Expires: No
Shell: /bin/zsh
UPN: winscp_user@DBISILONSIMULATOR
User Can Change Password: Yes
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Name: lvl3user
DN: CN=lvl3user,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:zoneinsidezoneinsidezone
Sam Account Name: lvl3user
UID: 2000
SID: S-1-5-21-1932411878-2135597842-4260751763-1000
Enabled: Yes
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:1800
Name: Isilon Users
Home Directory: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/home/lvl3user
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:22:48
Password Last Set: 2021-10-07T12:11:55
Password Expires: No
Shell: /bin/zsh
UPN: lvl3user@DBISILONSIMULATOR
User Can Change Password: Yes
--------------------------------------------------------------------------------
Name: anotheruser3
DN: CN=anotheruser3,CN=Users,DC=DBISILONSIMULATOR
DNS Domain: -
Domain: DBISILONSIMULATOR
Provider: lsa-local-provider:zoneinsidezoneinsidezone
Sam Account Name: anotheruser3
UID: 2001
SID: S-1-5-21-1932411878-2135597842-4260751763-1001
Enabled: No
Expired: No
Expiry: -
Locked: No
Email: -
GECOS: -
Generated GID: No
Generated UID: No
Generated UPN: Yes
Primary Group
ID: GID:1800
Name: Isilon Users
Home Directory: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/home/anotheruser3
Max Password Age: 4W
Password Expired: No
Password Expiry: 2022-09-22T12:22:48
Password Last Set: 2022-08-03T16:33:34
Password Expires: No
Shell: /bin/zsh
UPN: anotheruser3@DBISILONSIMULATOR
User Can Change Password: Yes
DBISILONSIMULATOR-1# ls -led /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/sharelvl3
drwxrw---- + 2 root wheel 0 Sep 22 12:00 /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/sharelvl3
OWNER: user:root
GROUP: group:wheel
0: user:anotheruser3 allow dir_gen_write,std_delete
1: user:Guest allow dir_gen_read,dir_gen_write,std_delete
2: user:lvl3user allow dir_gen_write,std_delete
3: user:root allow dir_gen_read,dir_gen_write,dir_gen_execute,std_write_dac,delete_child
4: group:wheel allow std_read_dac,std_synchronize,dir_read_attr
- name: Get filesystem details
dellemc.powerscale.filesystem:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
access_zone: "zoneinsidezoneinsidezone"
path: "/sharelvl3"
state: present
register: ACL_permissions
ok: [DBISILONSIMULATOR] => {
"add_quota": "",
"changed": false,
"create_filesystem": "",
"delete_filesystem": "",
"delete_quota": "",
"filesystem_details": {
"attrs": [
...
"namespace_acl": {
"acl": [
{
"accessrights": [
"dir_gen_write",
"std_delete"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
**"id": "UID:2001",
"name": "winscp_user",**
"type": "user"
}
},
{
"accessrights": [
"dir_gen_read",
"dir_gen_write",
"std_delete"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "UID:1501",
"name": "Guest",
"type": "user"
}
},
{
"accessrights": [
"dir_gen_write",
"std_delete"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
**"id": "UID:2000",
"name": "ansible_user",**
"type": "user"
}
},
{
"accessrights": [
"dir_gen_read",
"dir_gen_write",
"dir_gen_execute",
"std_write_dac",
"delete_child"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "UID:0",
"name": "root",
"type": "user"
}
},
{
"accessrights": [
"std_read_dac",
"std_synchronize",
"dir_read_attr"
],
"accesstype": "allow",
"inherit_flags": [],
"op": null,
"trustee": {
"id": "GID:0",
"name": "wheel",
"type": "group"
}
}
],
Expected behavior
FS module should return the custom zone usernames instead of System zone's ones.
System Information (please complete the following information):
Describe the solution you'd like
We would like to have a module that find & close smb openfiles. There is a cli command for that "isi_for_array -s isi smb openfiles list" and also a restapi endpoint "/platform/1/protocols/smb/openfiles". So this should be possible...
Describe the bug
When creating a user or group where both the user_name and user_id for a new user, or group_name and group_id for a new group, an error is thrown:
"parameters are mutually exclusive: user_name|user_id"
Specifying a uidnumber or gidnumber when creating users and groups using the Isilon CLI is supported and works.
isi auth groups add group1000 --gid 1000 --zone myzone --provider local
To Reproduce
Steps to reproduce the behavior:
- name: Create/Modify Local Groups
dellemc.powerscale.group:
onefs_host: "{{ onefs_hostname }}"
port_no: "{{ onefs_port }}"
verify_ssl: "{{ onefs_verify_ssl }}"
api_user: "{{ api_user }}"
api_password: "{{ api_password }}"
group_name: "group{{ item.gidnumber }}"
group_id: "{{ item.gidnumber }}"
access_zone: "{{ item.access_zone }}"
provider_type: "local"
state: "{{ย item.state |ย default('present') }}"
loop: "{{ย isilon_groups }}"
Expected behavior
We need to create local users for legacy systems with specific uidnumbers/gidnumbers. We have automated almost all the Isilon/Powerscale setup using Ansible. Not being able to create users and groups is a setback for a fully automated Isilon/Powerscale setup.
Screenshots
If applicable, add screenshots to help explain your problem.
Logs
If applicable, submit logs or stack traces from the affected services
System Information (please complete the following information):
Basic use of the SyncIQ Policy Module fails when there is a resync_prep job running on the cluster. The failure occurs even when the policy being targeted is not the policy the resync_prep job is running for.
Replicate as follows:
- name: Get SyncIQ policy details
dellemc_powerscale_synciqpolicy:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
policy_name: "Policy1"
state: "present"
TASK [Get SyncIQ policy details] *********************************************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for `action` (resync_prep), must be one of ['copy', 'sync']"}
The error message reflects the current step of the resync_prep job, as seen in the log file:
2021-10-13 00:44:58,593 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for
action(resync_prep), must be one of ['copy', 'sync'] 2021-10-13 00:45:02,759 dellemc_powerscale_synciqpolicy.py INFO : Got python SDK instance for provisioning on PowerScale 2021-10-13 00:45:03,053 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for
action(resync_prep), must be one of ['copy', 'sync'] 2021-10-13 00:45:05,706 dellemc_powerscale_synciqpolicy.py INFO : Got python SDK instance for provisioning on PowerScale 2021-10-13 00:45:06,000 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for
action(resync_prep_domain_mark), must be one of ['copy', 'sync'] 2021-10-13 00:45:09,089 dellemc_powerscale_synciqpolicy.py INFO : Got python SDK instance for provisioning on PowerScale 2021-10-13 00:45:09,376 dellemc_powerscale_synciqpolicy.py ERROR : Get jobs on SyncIQ policy Policy1 failed with error: Invalid value for
action(resync_prep_restore), must be one of ['copy', 'sync']
The project dosen't support a S3 bucket configuration.
Looking for a task to be added to start a preexisting SyncIQ schedule/job
Work around using a built in command or passing as shell CLI level command right now.
I'm using the ansible module dellemc.powerscale.info to retrieve information about cluster nodes. When the OneFS version is 9.5.0.0 the module does not return info on all nodes, only the node that is the target of the api call. I've tracked it down to the isi_sdk_9_1_0 pip module requirement.
In that module the get_cluster_nodes api call is using /platform/10/cluster/nodes api path. This call when executed against a 9.5.0.0 OneFS cluster will only return a single node. Executed against OneFS 9.3.0.0 does retrun all node info as expected.
If I use postman and access any other platform version [3,5,7,12,14,15,16] against 9.5.0.0. I get the full list of node info as expected.
I don't know who is maintaining the pip module isi_sdk_9_1_0, but if there were modules that supported later versions it would be helpful. ( i.e. isi_sdk_9_3_0, isi_sdk_9_4_0...) OR support the isilon_sdk pip module which contains all sdk version.
Is this repo now stale in favor of the Dell Storage unified repo?
Describe the solution you'd like
Currently, there is no support to create File pool policies in the collections. We need this feature to be added in an upcoming release
Describe alternatives you've considered
Via Rest API.
Additional context
Since we have so many parameters to be passed for creating File Pool policies, its better to have this module implemented and make it idempotent.
Describe the solution you'd like
Using dellemc.powerscale.user changing a user password for users is not possible.
The password parameter is ignore for all operations but "create".
Therefore it is not possible to bootstrap a PowerScale Cluster using ansible, the root/admin user account passwords can not be set.
Describe alternatives you've considered
If a password is supplied - set it.
Consider it a change.
Additional context
The API exists already
https://github.com/Isilon/isilon_sdk_python/blob/a76bec4087528b16679c54f4c9e1200a590b47bd/isi_sdk_9_1_0/isi_sdk_9_1_0/api/auth_users_api.py#L401-402
I'm trying to understand what I could have done, but seemingly out of nowhere, I'm receiving the follower error when running a playbook. Have tried multiple modules (accesszone, filesystem, etc) and receiving:
Unable to import PowerScale python library. Please install isilon-sdk. Please install the required package(s)
I have reinstalled isi-sdk-9-1-0 and isi-sdk-8-1-0 and isilon-sdk to no avail. I'm 99% sure I am correctly setting the ANSIBLE_COLLECTIONS_PATHS path too and verifying correct python3 is being used.
Anyone else seeing this? Thanks!!!
Describe the solution you'd like
I would like to be able to manage User Mapping using Ansible
Describe alternatives you've considered
None
Additional context
We use many access zones, and we use Ansible Automation Platform to manage our Isilon/PowerScale clusters. It would be very beneficial to manage the User Mapping rules in Ansible Code as well.
Details: I tried the module. It seems that it queries not the whole cluster for open smb files, but only the node given via parameter "onefs_host". Correct?
Line: 808-810 are setting the limit_size using ints. Can we use floats instead so that we can easily implement a hard limit of 1.5 TB, for example?
advisory_limit_size=dict(type='int'),
soft_limit_size=dict(type='int'),
hard_limit_size=dict(type='int'),
Describe the solution you'd like
machine_account should be parameter for ADS Module
Describe alternatives you've considered
Use the REST API
Additional context
I would hope that you would match the GUI when writing the Ansible modules. This way any parameter that the user would use in the GUI could be replicated in the Ansible Module
thanks.
glenn.
@rajendravarma077 @meshuga @anupamaloke @walker2 @dattaarindam
From Documentation, below is the code to create a network pool. But getting below error stating unsupported parameters name
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (dellemc.powerscale.dellemc_powerscale_subnet) module: access_zone, pool Supported parameters include: api_password, api_user, description, gateway_priority, groupnet_name, netmask, new_subnet_name, onefs_host, port_no, state, subnet_name, subnet_params, verify_ssl"}
Do we need to use dellemc_powerscale_subnet or dellemc_powerscale_networkpool.
Describe the bug
When creating a share with ("directory"-type) smartquota in an access_zone, the path
value needs to start with /
in the smartquota module. Without it, it fails.
To Reproduce
Steps to reproduce the behavior:
dellemc.powerscale.smb
with path: "example"
dellemc.powerscale.smartquota
with quota_type: "directory"
and path: "example"
.This results in an error code: AEC_NOT_FOUND, message: Path not found ...
Replacing path: "example"
with path: "/example"
in step 2 creates no error.
Expected behavior
path
should behave consistently.
Screenshots
If applicable, add screenshots to help explain your problem.
Logs
If applicable, submit logs or stack traces from the affected services
System Information (please complete the following information):
Currently, there is no support in Ansible to create/delete the access zone. Will this be supported in upcoming releases .? If we want to implement this change, Do we need to update the SDK or Shall I get more information on this.
Describe the solution you'd like
It should be possible to create a File System / directory with a custom user instead of root. Using root account in automation software is a high security risk.
Known issue number 2: https://github.com/dell/ansible-powerscale/blob/master/docs/Release%20Notes.md#known-issues
We are running one of ansible-galaxy library(dellemc.powerscale) , which got upgraded to new version recently (probably 20 days ago)post that we can not able to use this module like :- dellemc.powerscale.filesystem , dellemc.powerscale.smb etc.
and got error
Describe the solution you'd like
Currently, we have support for all other authentication providers except Kerberos. Please add the support to configure Kerberos related settings.
Describe alternatives you've considered
Still Evaluating.
Additional context
Describe the solution you'd like
Quotas have the option "container". Add this to the quota/filesystem module.
We noticed that the the info
module when invoked with option network_interfaces
, returns a only a small portion of the information on network interfaces consisting of name, lnn and id. Other information returned by the OneFS API, like status, type, owners, etc. is disregarded. Shall we consider modifying this behavior and have the module return the API json response, e.g. from /16/network/interfaces
as is and let the users decide which data they want to use? It would be a list with dicts like (on OneFS 9.5 at least)
{
"flags": [],
"id": "19:mgmt-4",
"ip_addrs": [],
"ipv4_gateway": null,
"ipv6_gateway": null,
"lnn": 19,
"mtu": 1500,
"name": "mgmt-4",
"nic_name": "bge1",
"owners": [],
"speed": 1,
"status": "no_carrier",
"type": "mgmt",
"vlans": []
}
Looking forward to hearing your thoughts on this! Thanks!
The dellemc_powerscale_filesystem module is not able to delete file systems unless they are empty.
Would like to do something like the following with the 'recursive' parameter from the playbook being honored for deletes:
- name: Delete target file systems
dellemc_powerscale_filesystem:
onefs_host: "{{synciq_target}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
access_zone: "{{access_zone}}"
path: "{{item.path}}"
state: "absent"
recursive: True
loop: "{{smb_shares}}"
The module has a 'recursive' parameter, and it looks like the SDK also includes a recursive option on 'delete_directory'.
Thank you!
Describe the bug
All I am trying to do is get the Details of a SyncIQ policy. I followed the Example in the Repo.
I get an error saying:
"msg": "Get details of SyncIQ policy AutomationRecovery failed with error : Invalid value for snapshot_sync_pattern
, length must be greater than or equal to 1
"
To Reproduce
Steps to reproduce the behavior:
- name: Get SyncIQ policy details
dellemc.powerscale.dellemc_powerscale_synciqpolicy:
onefs_host: "{{ dr_onefs_host }}"
api_user: "{{ dr_api_user }}"
api_password: "{{ dr_api_password }}"
verify_ssl: "{{ verify_ssl }}"
policy_name: "AutomationRecovery"
snapshot_sync_pattern: "*file*"
state: "present"
register: result
Expected behavior
I expect the Playbook not to fail and the details to be available in the register variable.
System Information (please complete the following information):
Additional Info
I tried this without the snapshot_sync_pattern as well since this is only doing a GET Details there should be no other information needed other than the Policy Name.
Also, NONE of the other modules work in the Examples shown in the Repo.
Lastly, the REST API Calls all work.
It would be great if the Ansible modules could use the REST API calls instead of the Python Modules. In this case you would not need to install the Python modules.
Thanks for your help!
glenn.
Describe the bug
When attempting to install this collection into an execution environment via the ansible-builder command, the build fails with an error that the requirements.txt file is not found. This appears to be caused by the use of a relative path in the meta/execution-environment.yml file.
To Reproduce
Steps to reproduce the behavior:
ansible-galaxy collection install dellemc.powerscale
ansible-builder introspect --sanitize ~/.ansible/collections/
../requirements.txt
---
version: 1
dependencies:
galaxy: requirements.yml
python: requirements.txt
Expected behavior
ansible-builder introspect command should list correct dependencies
---
python:
- 'certifi # from collection dellemc.powerscale'
- 'isi-sdk-9-1-0 # from collection dellemc.powerscale'
- 'isi-sdk-8-1-1 # from collection dellemc.powerscale'
- 'setuptools # from collection dellemc.powerscale'
- 'six # from collection dellemc.powerscale'
System Information (please complete the following information):
ansible --version
ansible [core 2.12.1]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.8/site-packages/ansible
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
jinja version = 2.10.3
libyaml = True
Describe the solution you'd like
Since network pool configuration is a sensible matter to the effect that even small mistakes or typos could affect basic connectivity to the cluster, it would be very helpful to be able to run tasks for networkpool configuration in ansible check mode with a diff report before real deployment to minimize any risks
Describe alternatives you've considered
An alternative would be to read active cluster configuration into a dict and compare values with the ones the ansible tasks WOULD submit, but this is a complex untertaking and hard to implement with ansible code; would be much more straightforward to do in Python at module level.
It is also considered best practice for modules to support check_mode and diff whenever possible
Thanks!
Additional context
None
Details: ?
I am looking for powerscale/Isilon CLI command functionality to perform snapshot restore.
=> cp -a "{{ src_path }}" "{{ dest_path }}" within powerscale cluster.
src_path : /ifs/.snapshot/cluster_name_HOURLY_3D_04-18-2023_05:00/cluster_name/test/ISO
dest_path : /ifs/cluster_name/test/NAS_Isilon_Restore
I heard that API snaprevert_params was available to specify the snapshot to revert.
But , Currently it is not supported through ansible.
Description
We are trying to manage SyncIQ-Policies using this collection but we're running into the following issue: Unless we leave out required parameters like state or provide wrong credentials on purpose (in which case we get a "normal" Ansible error, such as "incorrect username or password"), we always get the following Python error message:
Logs
Traceback (most recent call last):
File \"/root/.ansible/tmp/ansible-tmp-1669116874.2854335-64-40565527781314/AnsiballZ_synciqpolicy.py\", line 107, in <module>
_ansiballz_main()
File \"/root/.ansible/tmp/ansible-tmp-1669116874.2854335-64-40565527781314/AnsiballZ_synciqpolicy.py\", line 99, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File \"/root/.ansible/tmp/ansible-tmp-1669116874.2854335-64-40565527781314/AnsiballZ_synciqpolicy.py\", line 47, in invoke_module
runpy.run_module(mod_name='ansible_collections.dellemc.powerscale.plugins.modules.synciqpolicy', init_globals=dict(_module_fqn='ansible_collections.dellemc.powerscale.plugins.modules.synciqpolicy', _modlib_path=modlib_path),
File \"/usr/lib64/python3.9/runpy.py\", line 225, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code
_run_code(code, mod_globals, init_globals,
File \"/usr/lib64/python3.9/runpy.py\", line 87, in _run_code
exec(code, run_globals)
File \"/tmp/ansible_dellemc.powerscale.synciqpolicy_payload_vwnkij0j/ansible_dellemc.powerscale.synciqpolicy_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/synciqpolicy.py\", line 1076, in <module>
File \"/tmp/ansible_dellemc.powerscale.synciqpolicy_payload_vwnkij0j/ansible_dellemc.powerscale.synciqpolicy_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/synciqpolicy.py\", line 1072, in main
File \"/tmp/ansible_dellemc.powerscale.synciqpolicy_payload_vwnkij0j/ansible_dellemc.powerscale.synciqpolicy_payload.zip/ansible_collections/dellemc/powerscale/plugins/modules/synciqpolicy.py\", line 854, in perform_module_operation
TypeError: cannot unpack non-iterable NoneType object
To reproduce
- name: bug
hosts: localhost
tasks:
- name: demo filesync policy bug
dellemc.powerscale.synciqpolicy:
onefs_host: "isilon.ecample.com"
verify_ssl: false
api_user: "****"
api_password: "****"
policy_name: "debug"
state: "absent"
System Information:
Expected behavior
The "debug" policy is either deleted if it exists or nothing is done if it doesn't. In either case, the task should succeed.
Other modules from this collection such as smb
and smartquota
work w/o issue on the same setup.
Are there any implicitely required parameters we are missing here?
Best
Samples in documentation are incorrect for the module.
All samples use the following:
dellemc.powerscale.filesystem:
onefs_host: "{{powerscalehost}}"
port: "{{powerscaleport}}"
verify_ssl: "{{verify_ssl}}"
username: "{{user}}"
password: "{{password}}"
When using the samples as they are, errors are thrown, indicating that the inputs for the module are incorrect for "user, password and port".
However, according to the module parameters in the docs, the fields for User, Port and Password should be as follows:
dellemc.powerscale.filesystem:
onefs_host: "{{ powerscalehost }}"
port_no: "{{ powerscaleport }}"
verify_ssl: "{{ verify_ssl }}"
api_user: "{{ user }}"
api_password: "{{ password }}"
Describe the bug
The redirect
entries in meta/runtime.yml
do not contain FQCNs, but short names: https://github.com/dell/ansible-powerscale/blob/1.6.0/meta/runtime.yml#L6-L121
This will result in an error with ansible-core 2.14, see ansible/ansible#78755.
Describe the solution you'd like
I want this error message : "Invalid path ['********'], Path must start with '/'", to clearly and concisely show me the path. I cannot self correct if I can't see what information the tool got.
Describe alternatives you've considered
no_log: false
I don't understand why it would be treated as a password
Additional context
ansible stanza
- name: Add host to NFS share
delegate_to: localhost
no_log: false
dellemc.powerscale.nfs:
onefs_host: "{{onefs_host}}"
port_no: "{{onefs_host_port}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
path: "{{item}}"
root_clients:
- "{{ inventory_hostname }}"
client_state: 'present-in-export'
state: 'present'
loop:
- "{{ nfs_shares }}"
variable declaration
nfs_shares:
- /ifs/test
Full error report
{
"msg": "Invalid path ['********'], Path must start with '/'",
"invocation": {
"module_args": {
"onefs_host": "isilon.dn",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "ansible",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"verify_ssl": false,
"path": "['********']",
"root_clients": [
"server.dn"
],
"client_state": "present-in-export",
"state": "present",
"access_zone": "System",
"clients": null,
"read_only_clients": null,
"read_write_clients": null,
"description": null,
"read_only": null,
"ignore_unresolvable_hosts": null,
"sub_directories_mountable": null,
"security_flavors": null,
"map_root": null,
"map_non_root": null
}
},
"_ansible_no_log": false,
"changed": false,
"item": [
"/ifs/test"
],
"ansible_loop_var": "item",
"_ansible_item_label": [
"/ifs/test"
],
"_ansible_delegated_vars": {
"ansible_host": "localhost",
"ansible_port": null,
"ansible_user": "rexuser",
"ansible_connection": "local"
}
}
Allow for setting SMB3 Encryption at the share level
CLI Example:
isi smb shares modify seven --zone=seven --smb3-encryption-enabled=true
Describe the bug
When trying to modify ACL rights for a trustee from any zone except System the task fails with message:
Setting ACL rights of Filesystem ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/shareFSmoduletest5 failed with error: { errors : [ { code : AEC_BAD_REQUEST , message : Invalid trustee } ] }
But it works fine when I specify a user from System zone.
To Reproduce
Steps to reproduce the behavior:
ISILONSIMULATOR-1# isi zone list -v
Name: zoneinsidezoneinsidezone
Path: /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone
Groupnet: groupnet0
Map Untrusted:
Auth Providers: lsa-file-provider:System, lsa-local-provider:zoneinsidezoneinsidezone
NetBIOS Name:
User Mapping Rules: -
Home Directory Umask: 0077
Skeleton Directory: /usr/share/skel
Cache Entry Expiry: 4H
Negative Cache Entry Expiry: 1m
Zone ID: 4
ISILONSIMULATOR-1# isi auth users list --zone zoneinsidezoneinsidezone
Name
lvl3user
anotheruser
- name: create a directory and assign target permissions in the corresponding zone
dellemc.powerscale.filesystem:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
path: "/shareFSmoduletest6"
access_zone: "zoneinsidezoneinsidezone"
owner:
name: 'lvl3user'
provider_type: 'LOCAL:zoneinsidezoneinsidezone'
access_control_rights:
access_type: "allow"
access_rights:
- dir_gen_all
inherit_flags:
- container_inherit
trustee: 'anotheruser3'
access_control_rights_state: "add"
state: "present"
Expected behavior
ACL rights from the task should be assigned to the second user (anotheruser3).
Logs
The full output:
fatal: [ISILONSIMULATOR]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"access_control": null,
"access_control_rights": {
"access_rights": [
"dir_gen_all"
],
"access_type": "allow",
"inherit_flags": [
"container_inherit"
],
"trustee": "anotheruser3"
},
"access_control_rights_state": "add",
"access_zone": "zoneinsidezoneinsidezone",
"api_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"api_user": "root",
"group": null,
"list_snapshots": false,
"onefs_host": "DBISILONSIMULATOR",
"owner": {
"name": "lvl3user",
"provider_type": "LOCAL:zoneinsidezoneinsidezone"
},
"path": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port_no": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"quota": null,
"recursive": true,
"recursive_force_delete": false,
"state": "present",
"verify_ssl": false
}
},
"msg": "Setting ACL rights of Filesystem ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone******** failed with error: { errors : [ { code : AEC_BAD_REQUEST , message : Invalid trustee } ] } "
But the directory still gets created. Without the second user ACL rights though:
ISILONSIMULATOR-1# ls -led /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/shareFSmoduletest6
drwx------ 2 lvl3user wheel 0 Aug 3 17:57 /ifs/testzone/zoneinsidezone/zoneinsidezoneinsidezone/shareFSmoduletest6
OWNER: user:lvl3user
GROUP: group:wheel
SYNTHETIC ACL
0: user:lvl3user allow dir_gen_read,dir_gen_write,dir_gen_execute,std_write_dac,delete_child
1: group:wheel allow std_read_dac,std_synchronize,dir_read_attr
System Information (please complete the following information):
Describe the solution you'd like
Need Ansible collection support to enable/disable HDFS for Access zones and define the required block size and other HDFS settings
Describe alternatives you've considered
Via Rest API
Additional context
It will be better to have a dedicated HDFS module which can support all HDFS related settings.
Describe the solution you'd like
I'd like to be able to delete old permissions using the ansible module dellemc.powerscale.smb
. At the moment I can only chose between allow
or deny
as vaues for the premission_type
parameter in entries in the permissions
dictionary
Describe alternatives you've considered
An alternative is to use the ansible.builtin.uri
module to talk to OneFS, but that comes at a higher cost (i.e. the login needs to be perfomed explicitely within the playbook, tasks which otherwise would be taken care of by the dellemc.powerscale
module.
Describe the solution you'd like
dellemc_powerscale_filesystem module does not support the --container parameter when setting quotas
neither does the dellemc_powerscale_smartquota module
Describe alternatives you've considered
Additional context
Describe the bug
Task fails when using dict to define vars with the following error:
"Error '>' not supported between instances of 'str' and 'int' while determining if Quotas are modified "
To Reproduce
Create simple playbook
- name: Create Filesystem with Quota in given access zone
dellemc_powerscale_filesystem:
onefs_host: "{{ onefs_host }}"
port_no: "{{ port_no }}"
verify_ssl: false
api_user: "{{ api_user }}"
api_password: "{{ api_password }}"
path: "{{ item.path }}"
access_zone: "{{ item.access_zone }}"
quota:
hard_limit_size: "{{ item.hard_limit_size }}"
cap_unit: GB
quota_state: present
recursive: true
state: present
loop: "{{ filesystem }}"
delegate_to: localhost
and host_vars like
filesystem:
- path: test_path
access_zone: zn-1
hard_limit_size: 3
state: present
System Information (please complete the following information):
Adding an option of showing available space as Size of smallest hard or soft threshold in dellemc.powerscale.filesystem module.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.