KeyboardInterrupt/apt-get-dist-upgrade.yml

## apt-get-dist-upgrade.yml
# TODO:
- name: TODO At this point we should create a VM Snapshot
  debug:
    msg: "create a Snapshot via VMWare or whatever your Virtualisation Solution is"

# do an "apt-get update", to ensure latest package lists
- name: apt-get update
  apt:
    update-cache: yes
  changed_when: 0

# get a list of packages that have updates
- name: get list of pending upgrades
  command: apt-get --simulate dist-upgrade
  args:
    warn: false # don't warn us about apt having its own plugin
  register: apt_simulate
  changed_when: 0

- name: parse apt-get output to get list of changed packages
  set_fact:
    updates: '{{ apt_simulate.stdout_lines | select("match", "^Inst ") | list | sort }}'
  changed_when: 0

# tell user about packages being updated
- name: show pending updates
  debug:
    var: updates
  when: updates.0 is defined

- name: prevent service restart by apt
  copy:
    mode: 0555
    content: |
      #!/bin/sh
      exit 101
    dest: /usr/sbin/policy-rc.d
  when: updates.0 is defined

# if a new kernel is incoming, remove old ones to avoid full /boot
- name: apt-get autoremove
  apt:
    autoremove: yes
  when: '"Inst linux-image-" in apt_simulate.stdout'
  async: 1000
  poll: 0
  register: apt_get_autoremove_sleeper

- name: check apt-get autoremove status
  async_status:
    jid: "{{ apt_get_autoremove_sleeper.ansible_job_id }}"
  when: '"Inst linux-image-" in apt_simulate.stdout'
  register: job_result
  until: job_result.finished
  retries: 300
  delay: 10

# do the actual apt-get dist-upgrade
- name: apt-get dist-upgrade
  apt:
    upgrade: dist # upgrade all packages to latest version
  when: updates.0 is defined
  async: 1000
  poll: 0
  register: apt_dist_upgrade_sleeper

- name: check apt-get dist-upgrade status
  async_status:
    jid: "{{ apt_dist_upgrade_sleeper.ansible_job_id }}"
  when: updates.0 is defined
  register: job_result
  until: job_result.finished
  retries: 300
  delay: 10
- name: remove /usr/sbin/policy-rc.d
  file:
    state: absent
    path: /usr/sbin/policy-rc.d
  when: updates.0 is defined

# check if we need a reboot
- name: check if reboot needed
  stat:
    path: /var/run/reboot-required
  register: file_reboot_required

- meta: end_play
  when: not file_reboot_required.stat.exists

# TODO:
- name: TODO At this point we need to set a downtime in the Monitoring
  debug:
    msg: "set downtime in Monitoring posibly with this: https://docs.ansible.com/ansible/latest/modules/nagios_module.html"

# TODO:
- name: TODO At this point we need to disable the Web Backend in the Loadbalancer
  debug:
    msg: "set Web node to down in Loadbalancer"

- name: reboot node
  shell: sleep 2 && shutdown -r now "Reboot triggered by ansible"
  async: 1
  poll: 0
  ignore_errors: true

# poll ssh port until we get a tcp connect
- name: wait for node to finish booting
  wait_for:
    host: "{{ ansible_host }}"
    port: 22
    state: started
    delay: 5
    timeout: 600
  delegate_to: localhost

# give sshd time to start fully
- name: wait for ssh to start fully
  pause:
    seconds: 15
	# TODO:
	- name: TODO At this point we should create a VM Snapshot
	debug:
	msg: "create a Snapshot via VMWare or whatever your Virtualisation Solution is"

	# do an "apt-get update", to ensure latest package lists
	- name: apt-get update
	apt:
	update-cache: yes
	changed_when: 0

	# get a list of packages that have updates
	- name: get list of pending upgrades
	command: apt-get --simulate dist-upgrade
	args:
	warn: false # don't warn us about apt having its own plugin
	register: apt_simulate
	changed_when: 0

	- name: parse apt-get output to get list of changed packages
	set_fact:
	updates: '{{ apt_simulate.stdout_lines \| select("match", "^Inst ") \| list \| sort }}'
	changed_when: 0

	# tell user about packages being updated
	- name: show pending updates
	debug:
	var: updates
	when: updates.0 is defined

	- name: prevent service restart by apt
	copy:
	mode: 0555
	content: \|
	#!/bin/sh
	exit 101
	dest: /usr/sbin/policy-rc.d
	when: updates.0 is defined

	# if a new kernel is incoming, remove old ones to avoid full /boot
	- name: apt-get autoremove
	apt:
	autoremove: yes
	when: '"Inst linux-image-" in apt_simulate.stdout'
	async: 1000
	poll: 0
	register: apt_get_autoremove_sleeper

	- name: check apt-get autoremove status
	async_status:
	jid: "{{ apt_get_autoremove_sleeper.ansible_job_id }}"
	when: '"Inst linux-image-" in apt_simulate.stdout'
	register: job_result
	until: job_result.finished
	retries: 300
	delay: 10

	# do the actual apt-get dist-upgrade
	- name: apt-get dist-upgrade
	apt:
	upgrade: dist # upgrade all packages to latest version
	when: updates.0 is defined
	async: 1000
	poll: 0
	register: apt_dist_upgrade_sleeper

	- name: check apt-get dist-upgrade status
	async_status:
	jid: "{{ apt_dist_upgrade_sleeper.ansible_job_id }}"
	when: updates.0 is defined
	register: job_result
	until: job_result.finished
	retries: 300
	delay: 10
	- name: remove /usr/sbin/policy-rc.d
	file:
	state: absent
	path: /usr/sbin/policy-rc.d
	when: updates.0 is defined

	# check if we need a reboot
	- name: check if reboot needed
	stat:
	path: /var/run/reboot-required
	register: file_reboot_required

	- meta: end_play
	when: not file_reboot_required.stat.exists

	# TODO:
	- name: TODO At this point we need to set a downtime in the Monitoring
	debug:
	msg: "set downtime in Monitoring posibly with this: https://docs.ansible.com/ansible/latest/modules/nagios_module.html"

	# TODO:
	- name: TODO At this point we need to disable the Web Backend in the Loadbalancer
	debug:
	msg: "set Web node to down in Loadbalancer"

	- name: reboot node
	shell: sleep 2 && shutdown -r now "Reboot triggered by ansible"
	async: 1
	poll: 0
	ignore_errors: true

	# poll ssh port until we get a tcp connect
	- name: wait for node to finish booting
	wait_for:
	host: "{{ ansible_host }}"
	port: 22
	state: started
	delay: 5
	timeout: 600
	delegate_to: localhost

	# give sshd time to start fully
	- name: wait for ssh to start fully
	pause:
	seconds: 15