Created
January 11, 2018 16:37
-
-
Save fia5000/73dbf8c278d86c198b67a9c26ec2e2f8 to your computer and use it in GitHub Desktop.
SDS Keystash File Update
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ╔═════════════════════════════════════════════════════╗ | |
| # ║ Create Updated Stash File On Secondary SDS Server ║ | |
| # ╚═════════════════════════════════════════════════════╝ | |
| # - name: Check To See if Secondary Stash File Has Already Been Created | |
| # stat: | |
| # path: "{{ SDS_INSTANCE_DIR}}/etc/stash.lock" | |
| # register: STASHLOCK | |
| # | |
| # - name: Regenerate Keystash File For Secondary SDS Instance | |
| # block: | |
| # - name: Read {{ SDS_INSTANCE_USER }} Root Password From Vault | |
| # hashivault_read: | |
| # url: "{{ HVAULT_URL }}" | |
| # verify: "{{ HVAULT_VERIFY_CERT }}" | |
| # authtype: "{{ HVAULT_LOGIN_METHOD }}" | |
| # username: "{{ HVAULT_USER }}" | |
| # password: "{{ HVAULT_PASS }}" | |
| # secret: '{{ CUSTOMER_SHORTNAME|upper }}/{{ PRODUCT|upper }}/{{ ENV_TIER|upper }}' | |
| # key: '{{ item }}' | |
| # with_items: | |
| # - 'SDS_PRIMARY_SALT' | |
| # - 'SDS_ENCRYPTION_SEED' | |
| # register: SDS_VAULT_SECRETS | |
| # delegate_to: localhost | |
| # become: false | |
| # no_log: true | |
| # ignore_errors: true | |
| # | |
| # - name: Stop SDS Administration Instance | |
| # command: ./idsdiradm -k | |
| # args: | |
| # chdir: "{{ SDS_SBIN }}" | |
| # register: STOP_SDS_ADMIN | |
| # changed_when: "'GLPADM034I' in STOP_SDS_ADMIN.stderr" | |
| # | |
| # - name: Keystash Keygen on Secondary SDS | |
| # command: ./idsgendirksf -s {{ SDS_VAULT_SECRETS.results[0].value| quote }} -e {{ SDS_VAULT_SECRETS.results[1].value }} -l {{ SDS_INSTANCE_DIR}}/etc -n | |
| # register: SECONDARY_KEYSTASH | |
| # become: yes | |
| # become_user: "{{ SDS_INSTANCE_USER }}" | |
| # args: | |
| # chdir: "{{ SDS_SBIN }}" | |
| # | |
| # - name: Start SDS Instance | |
| # command: ./idsslapd -I {{ SDS_INSTANCE_NAME }} | |
| # args: | |
| # chdir: "{{ SDS_SBIN }}" | |
| # register: START_SDS | |
| # changed_when: "'GLPCOM003I' in START_SDS.stderr" | |
| # failed_when: | |
| # - "'GLPCTL088E' not in START_SDS.stderr" | |
| # | |
| # - name: Create Stashfile Lock | |
| # file: | |
| # path: "{{ SDS_INSTANCE_DIR}}/etc/stash.lock" | |
| # state: touch | |
| # become: yes | |
| # become_user: "{{ SDS_INSTANCE_USER }}" | |
| # when: SECONDARY_KEYSTASH|changed | |
| # | |
| # when: | |
| # - "'TDS_NODE_2' in inventory_hostname" | |
| # - STASHLOCK.stat.exists == false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment