Last active
June 20, 2020 11:03
-
-
Save sky-joker/a6565fc24f460512f3b20d1b199f5077 to your computer and use it in GitHub Desktop.
Example playbook of apply ESXi patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [defaults] | |
| host_key_checking=false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: "Gather ESXi host facts" | |
| vmware_host_facts: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| register: gather_esxi_host_facts | |
| - name: "Set before_build_number variable" | |
| set_fact: | |
| before_build_number: "{{ gather_esxi_host_facts.ansible_facts.ansible_distribution_build }}" | |
| - name: "Enter maintenance mode" | |
| vmware_maintenancemode: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| timeout: 3600 | |
| state: present | |
| - name: "Enable SSH service of ESXi" | |
| vmware_host_service_manager: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| service_name: TSM-SSH | |
| state: present | |
| - name: "Add host for SSH connection" | |
| add_host: | |
| hostname: "{{ item }}" | |
| ansible_user: "{{ esxi_username }}" | |
| ansible_password: "{{ esxi_password }}" | |
| - name: "Check that the ESXi patch exists" | |
| stat: | |
| path: "/vmfs/volumes/{{ datastore }}{{ directory_path }}/{{ patch_file_name }}" | |
| register: check_esxi_patch_result | |
| delegate_to: "{{ item }}" | |
| - name: "Make sure of the ESXi patch exists" | |
| assert: | |
| that: | |
| - check_esxi_patch_result.stat.exists is sameas true | |
| - name: "Apply ESXi patch" | |
| command: "esxcli software profile update -d /vmfs/volumes/{{ datastore }}{{ directory_path }}/{{ patch_file_name }} -p {{ profile_name }}" | |
| register: apply_esxi_patch | |
| delegate_to: "{{ item }}" | |
| - name: "ESXi reboot" | |
| vmware_host_powerstate: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| state: reboot-host | |
| - name: "Check of change the build number" | |
| vmware_host_facts: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| retries: 60 | |
| delay: 30 | |
| until: | |
| - "'ansible_facts' in check_build_number_result" | |
| - check_build_number_result.ansible_facts.ansible_distribution_build != before_build_number | |
| register: check_build_number_result | |
| - name: "Disable SSH service of ESXi" | |
| vmware_host_service_manager: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| service_name: TSM-SSH | |
| state: absent | |
| - name: "Exit maintenance mode" | |
| vmware_maintenancemode: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| esxi_hostname: "{{ item }}" | |
| timeout: 3600 | |
| state: absent | |
| - debug: | |
| msg: | |
| - "hostname{% raw %}:{% endraw %} {{ item }}" | |
| - "before{% raw %}:{% endraw %} {{ before_build_number }}" | |
| - "after{% raw %}:{% endraw %} {{ check_build_number_result.ansible_facts.ansible_distribution_build }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Example playbook of applying ESXi patch | |
| hosts: localhost | |
| gather_facts: no | |
| vars: | |
| vcenter_hostname: vcenter hostname or IP addr | |
| vcenter_username: administrator@vsphere.local | |
| vcenter_password: vcenter user password | |
| datacenter: datacenter name | |
| datastore: datastore name | |
| directory_path: directory path # e.g. /patch | |
| patch_file_name: ESXi zip patch file | |
| profile_name: ESXi patch profile name | |
| esxi_list: | |
| - esxi-patch01.local | |
| - esxi-patch02.local | |
| esxi_username: root | |
| esxi_password: esxi user password | |
| tasks: | |
| - name: "Copy an ESXi patch to datastore" | |
| vsphere_copy: | |
| hostname: "{{ vcenter_hostname }}" | |
| username: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| datacenter: "{{ datacenter }}" | |
| datastore: "{{ datastore }}" | |
| path: "{{ directory_path }}/{{ patch_file_name }}" | |
| src: "{{ patch_file_name }}" | |
| - name: "Include esxi_patch_tasks" | |
| include_tasks: esxi_patch_tasks.yml | |
| loop: "{{ esxi_list }}" | |
| - name: "Delete an ESXi patch from datastore" | |
| uri: | |
| url: "https://{{ vcenter_hostname }}/folder{{ directory_path }}/{{ patch_file_name }}?dcPath={{ datacenter }}&dsName={{ datastore }}" | |
| user: "{{ vcenter_username }}" | |
| password: "{{ vcenter_password }}" | |
| validate_certs: no | |
| method: "delete" | |
| status_code: 204 | |
| register: result | |
| changed_when: | |
| - result.status == 204 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment