Re: Anisble support for simple cluster and SIC

RMM · ‎2023-12-05

I am using check_point.mgmt.cp_mgmt_simple_cluster module to create a cluster with two members.

When I create the resource the first time Ansible creates the cluster, the members and establishes the SIC using the one_time_password. If i make any changes to the existing resource using Ansible the resource is changes as desired, but the module also breaks the trust relationship (SIC).

So, the module can only be used once to create a cluster with trusted members, but cannot be used to maintain the config of these members.

It can be reproduces to use the simple cluster task and create the resource and members (with one_time_password per member specified). Then make a change e.g. the cluster color and re-run the playbook. After applying the change the SIC is broken.

PhoneBoy · ‎2023-12-05

What version/JHF of gateways and management?
What version of the Ansible collection?

RMM · ‎2023-12-06

Hi @PhoneBoy ,

The versions used are:

management: R81.10

gateways: R81.10

Anisble collection: 5.1.1

PhoneBoy · ‎2023-12-06

What JHF?
In any care, this will most likely require TAC assistance: https://help.checkpoint.com

RMM · ‎2023-12-06

R81.10 jumbo hotfix Take 95

Erik_Lagzdins · ‎2023-12-18

I believe there's an issue with the module and I will report it internally.

I was able to replicate the problem with an R81.20 JHF14 MDS and the latest Mgmt modules (5.1.3). I can confirm I was not able to replicate the problem with the cp_mgmt_simple_gateway module, only the cp_mgmt_simple_cluster module.

RMM · ‎2023-12-18

Thanks a lot Erik.

A bit offtopic, but it seems a similar problem exists in the Terraform provider as well for simple cluster.

Are you a member of CheckMates?

Anisble support for simple cluster and SIC