cloudera.exe.tls_generate_csr role – Generates a CSR on each host and copies it back to the Ansible controller

Note

This role is part of the cloudera.exe collection (version 3.0.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install cloudera.exe..

To use it in a playbook, specify: cloudera.exe.tls_generate_csr.

Entry point main – Generates a CSR on each host and copies it back to the Ansible controller

New in cloudera.exe 3.0.0

Synopsis

• Generates a TLS Certificate Signing Request (CSR).

• Once created the CSR file is copied back to the Ansibles controller.

Parameters

Parameter	Comments
base_dir_security string	Base directory for Cloudera CDP security related files Default: "/opt/cloudera/security"
base_dir_security_pki string	Base directory for Cloudera CDP PKI security related files Default: "{{ base_dir_security }}/pki"
ca_server_attrs_general dictionary	Attributes to use in the certificate signing request Default: {"C": "US", "O": "Cloudera, Inc.", "OU": "PS", "ST": "CA"}
local_csrs_dir string	Location on the Ansible Controller where the CSR will be copied. Default: "{{ base_dir_security_pki }}/{{ inventory_hostname }}.key"
tls_csr_path string	Location of the OpenSSL Certificate Signing Request file that will be created by the role Default: "{{ base_dir_security_pki }}/{{ inventory_hostname }}.csr"
tls_key_password string	Password for the TLS Key. Default: "changeme"
tls_key_path string	Location of the TLS key. Default: "{{ base_dir_security_pki }}/{{ inventory_hostname }}.key"

Authors

• Jim Enright

Collection Links

• Issue Tracker
• Repository (Sources)
• Submit a Bug Report
• Request a Feature