Skip to content

Instantly share code, notes, and snippets.

@deekayen
Last active November 28, 2019 03:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save deekayen/7eb5905f3a094970691a988e252e850a to your computer and use it in GitHub Desktop.
Save deekayen/7eb5905f3a094970691a988e252e850a to your computer and use it in GitHub Desktop.
Use Ansible to apply operating system routine maintenance and updates for CentOS and Red Hat servers. This example takes advantage of magic groups that are imported using AWS inventories in Ansible Tower for host filtering. Send extra-vars to limit the runtime by availability zone.
*.keytab
*.retry
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
- repo: https://github.com/ansible/ansible-lint.git
sha: v4.1.1a0
hooks:
- id: ansible-lint
files: \.(yaml|yml)$
args: [--exclude=/Users/deekayen/.ansible]
- repo: https://github.com/willthames/ansible-review.git
sha: v0.13.9
hooks:
- id: ansible-review
---
- name: Apply system updates.
hosts: "{{ availability_zone }}:!platform_windows:!tag_function_ansibletower"
gather_facts: yes
tasks:
- name: Force fact gathering to collect kernel information.
setup:
- name: Check kernel before reboot.
set_fact:
kernelbefore: "{{ ansible_kernel }}"
- debug:
var: kernelbefore
verbosity: 1
- name: Install or update yum-utils package for kernel clean up.
yum:
name: yum-utils
- name: "Remove all unused kernels." # noqa 301
command: /usr/bin/package-cleanup --oldkernels --count=1 -y
- name: "Apply yum updates." # noqa 403
yum:
name: '*'
state: latest
skip_broken: true
- name: Reboot.
reboot:
msg: "Reboot initiated by Ansible for patching."
post_reboot_delay: 20
- name: Check for new kernel versions.
setup:
- name: Kernel versions before and after patching.
debug:
msg: "BEFORE => {{ kernelbefore }} AFTER => {{ ansible_facts.ansible_kernel }}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment