SlideShare a Scribd company logo

System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel

A
ansiblebrno

The document describes using Ansible to safely and easily update system packages across servers. It provides an example setup using CentOS Linux servers with yum, Slack for notifications, and an internal yum repository. The playbook checks for available updates, installs them using yum with notifications for reboots, and handles confirmation for critical servers.

Technology
1 of 14
Download to read offline
System Updates
 With Ansible Ansible Brno #1
Goal Updating system packages should be
 safe and easy
Requirements • Announce updates via team chat. • When reboot is needed, wait for system to come back. • Manual confirmation for critical servers. • Rolling updates, with defined order.
Example set-up • CentOS Linux (yum) • Slack for team chat • Our own yum repository • We don’t mind reboots • We assume auto-detect load balancer
Inventory ---
 [updates:children] dbservers appservers [critical:children] dbservers [dbservers] db1 db2 [appservers] app1 app2 app3
Playbook ---
 - name: Update system packages hosts: updates sudo: True gather_facts: yes serial: 1 max_fail_percentage: 0 tasks: - name: Check if packages updates are available shell: /bin/yum check-updates register: updates_available failed_when: ( updates_available.rc != 0 ) and 
 ( updates_available.rc != 100 ) changed_when: updates_available.rc == 100
gather_facts: yes serial: 1 max_fail_percentage: 0 tasks: - name: Check if packages updates are available shell: /bin/yum check-updates register: updates_available failed_when: ( updates_available.rc != 0 ) and 
 ( updates_available.rc != 100 ) changed_when: updates_available.rc == 100 notify: - announce system update - meta: flush_handlers - name: Update packages yum: name=* state=latest when: updates_available.changed notify: - reboot host - wait for reboot
- name: Prompt user for manual verification pause: prompt="WARNING! Ensure that system is fully operational before continuing! Hit Ctrl+c to abort, Enter to continue." when: "updates_available.changed and 'critical' 
 in group_names" handlers: - name: announce system update local_action: module: slack username="{{ slack_username }}" 
 token="{{ slack_token }}" 
 msg="*ALERT:* {{ ansible_hostname }} 
 is going offline for system updates." sudo: false - name: reboot host shell: /usr/bin/sleep 3 && /usr/sbin/shutdown 
 -r +1 "Reboot triggered by packages 
 updates through Ansible" async: 1 poll: 0
register: updates_available failed_when: ( updates_available.rc != 0 ) and 
 ( updates_available.rc != 100 ) changed_when: updates_available.rc == 100 notify: - announce system update - meta: flush_handlers - name: Update packages yum: name=* state=latest when: updates_available.changed notify: - reboot host - wait for reboot - meta: flush_handlers - name: announce system update completed local_action: module: slack username="{{ slack_username }}” token="{{ slack_token }}" msg="*OK:* 

msg="*ALERT:* {{ ansible_hostname }} 
 is going offline for system updates." sudo: false - name: reboot host shell: /usr/bin/sleep 3 && /usr/sbin/shutdown 
 -r +1 "Reboot triggered by packages 
 updates through Ansible" async: 1 poll: 0 ignore_errors: true - name: wait for reboot local_action: wait_for 
 host={{ ansible_ssh_host }}
 port=22 delay=90 timeout=300 
 connect_timeout=15 sudo: false
- meta: flush_handlers - name: announce system update completed local_action: module: slack username="{{ slack_username }}” token="{{ slack_token }}" msg="*OK:* 
 {{ ansible_hostname }} is back 
 online after system updates." sudo: false when: updates_available.changed - name: Prompt user for manual verification pause: prompt="WARNING! Ensure that system is fully operational before continuing! Hit Ctrl+c to abort, Enter to continue." when: "updates_available.changed and 'critical' 
 in group_names" handlers: - name: announce system update local_action:
Pro Tips • Nicely stop services first • Use your own yum repository • Enforce the same repository configuration everywhere • Store confidential variables in vault
Thanks! Vincent van Scherpenseel
 vincent.io
 vanscherpenseel www.becontentking.com

Recommended

Fabric Fast & Furious edition
Fabric Fast & Furious editionFabric Fast & Furious edition
Fabric Fast & Furious edition
Alejandro E Brito Monedero
 
Ansible, Simplicity, and the Zen of Python
Ansible, Simplicity, and the Zen of PythonAnsible, Simplicity, and the Zen of Python
Ansible, Simplicity, and the Zen of Python
toddmowen
 
Project 2 how to install and compile os161
Project 2 how to install and compile os161Project 2 how to install and compile os161
Project 2 how to install and compile os161
Xiao Qin
 
How to add system calls to OS/161
How to add system calls to OS/161How to add system calls to OS/161
How to add system calls to OS/161
Xiao Qin
 
Project 2 How to modify os161: A Manual
Project 2 How to modify os161: A ManualProject 2 How to modify os161: A Manual
Project 2 How to modify os161: A Manual
Xiao Qin
 
Ansible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife OrchestrationAnsible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife Orchestration
bcoca
 
Hadoop on ec2
Hadoop on ec2Hadoop on ec2
Hadoop on ec2
Mark Kerzner
 
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon
 

Recommended

Fabric Fast & Furious edition
Fabric Fast & Furious editionFabric Fast & Furious edition
Fabric Fast & Furious edition
Alejandro E Brito Monedero
 
Ansible, Simplicity, and the Zen of Python
Ansible, Simplicity, and the Zen of PythonAnsible, Simplicity, and the Zen of Python
Ansible, Simplicity, and the Zen of Python
toddmowen
 
Project 2 how to install and compile os161
Project 2 how to install and compile os161Project 2 how to install and compile os161
Project 2 how to install and compile os161
Xiao Qin
 
How to add system calls to OS/161
How to add system calls to OS/161How to add system calls to OS/161
How to add system calls to OS/161
Xiao Qin
 
Project 2 How to modify os161: A Manual
Project 2 How to modify os161: A ManualProject 2 How to modify os161: A Manual
Project 2 How to modify os161: A Manual
Xiao Qin
 
Ansible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife OrchestrationAnsible - Swiss Army Knife Orchestration
Ansible - Swiss Army Knife Orchestration
bcoca
 
Hadoop on ec2
Hadoop on ec2Hadoop on ec2
Hadoop on ec2
Mark Kerzner
 
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon
 
Software Exploitation Techniques by Amit Malik
Software Exploitation Techniques by Amit MalikSoftware Exploitation Techniques by Amit Malik
Software Exploitation Techniques by Amit Malik
n|u - The Open Security Community
 
Ansible for beginners ...?
Ansible for beginners ...?Ansible for beginners ...?
Ansible for beginners ...?
shirou wakayama
 
Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2
Brian Schott
 
Fun with containers: Use Ansible to build Docker images
Fun with containers: Use Ansible to build Docker imagesFun with containers: Use Ansible to build Docker images
Fun with containers: Use Ansible to build Docker images
abadger1999
 
psCloudstack Internals
psCloudstack InternalspsCloudstack Internals
psCloudstack Internals
Hans van Veen
 
Project 2 how to modify OS/161
Project 2 how to modify OS/161Project 2 how to modify OS/161
Project 2 how to modify OS/161
Xiao Qin
 
Multinode kubernetes-cluster
Multinode kubernetes-clusterMultinode kubernetes-cluster
Multinode kubernetes-cluster
Ram Nath
 
Basics of Ansible - Sahil Davawala
Basics of Ansible - Sahil DavawalaBasics of Ansible - Sahil Davawala
Basics of Ansible - Sahil Davawala
Sahil Davawala
 
Advance discussion on Ansible - Rahul Inti
Advance discussion on Ansible - Rahul IntiAdvance discussion on Ansible - Rahul Inti
Advance discussion on Ansible - Rahul Inti
Sahil Davawala
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
Cédric Delgehier
 
Ansible 2.2
Ansible 2.2Ansible 2.2
Ansible 2.2
Scott van Kalken
 
Como instalar aeroo en open erp 6
Como instalar aeroo en open erp 6Como instalar aeroo en open erp 6
Como instalar aeroo en open erp 6
Pablo Martínez Ascaso
 
Ansible container
Ansible containerAnsible container
Ansible container
Scott van Kalken
 
Quay 3.3 installation
Quay 3.3 installationQuay 3.3 installation
Quay 3.3 installation
Jooho Lee
 
Build your own private openstack cloud
Build your own private openstack cloudBuild your own private openstack cloud
Build your own private openstack cloud
NUTC, imac
 
使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台
NUTC, imac
 
Apache FTP Server Integration
Apache FTP Server IntegrationApache FTP Server Integration
Apache FTP Server Integration
WO Community
 
Releasing Elixir/Phoenix Applications
Releasing Elixir/Phoenix ApplicationsReleasing Elixir/Phoenix Applications
Releasing Elixir/Phoenix Applications
Wise Engineering
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作
NUTC, imac
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Idan Tohami
 
DevOps Hackathon: Session 3 - Test Driven Infrastructure
DevOps Hackathon: Session 3 - Test Driven InfrastructureDevOps Hackathon: Session 3 - Test Driven Infrastructure
DevOps Hackathon: Session 3 - Test Driven Infrastructure
Antons Kranga
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetup
Greg DeKoenigsberg
 

More Related Content

What's hot

Software Exploitation Techniques by Amit Malik
Software Exploitation Techniques by Amit MalikSoftware Exploitation Techniques by Amit Malik
Software Exploitation Techniques by Amit Malik
n|u - The Open Security Community
 
Ansible for beginners ...?
Ansible for beginners ...?Ansible for beginners ...?
Ansible for beginners ...?
shirou wakayama
 
Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2
Brian Schott
 
Fun with containers: Use Ansible to build Docker images
Fun with containers: Use Ansible to build Docker imagesFun with containers: Use Ansible to build Docker images
Fun with containers: Use Ansible to build Docker images
abadger1999
 
psCloudstack Internals
psCloudstack InternalspsCloudstack Internals
psCloudstack Internals
Hans van Veen
 
Project 2 how to modify OS/161
Project 2 how to modify OS/161Project 2 how to modify OS/161
Project 2 how to modify OS/161
Xiao Qin
 
Multinode kubernetes-cluster
Multinode kubernetes-clusterMultinode kubernetes-cluster
Multinode kubernetes-cluster
Ram Nath
 
Basics of Ansible - Sahil Davawala
Basics of Ansible - Sahil DavawalaBasics of Ansible - Sahil Davawala
Basics of Ansible - Sahil Davawala
Sahil Davawala
 
Advance discussion on Ansible - Rahul Inti
Advance discussion on Ansible - Rahul IntiAdvance discussion on Ansible - Rahul Inti
Advance discussion on Ansible - Rahul Inti
Sahil Davawala
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
Cédric Delgehier
 
Ansible 2.2
Ansible 2.2Ansible 2.2
Ansible 2.2
Scott van Kalken
 
Como instalar aeroo en open erp 6
Como instalar aeroo en open erp 6Como instalar aeroo en open erp 6
Como instalar aeroo en open erp 6
Pablo Martínez Ascaso
 
Ansible container
Ansible containerAnsible container
Ansible container
Scott van Kalken
 
Quay 3.3 installation
Quay 3.3 installationQuay 3.3 installation
Quay 3.3 installation
Jooho Lee
 
Build your own private openstack cloud
Build your own private openstack cloudBuild your own private openstack cloud
Build your own private openstack cloud
NUTC, imac
 
使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台
NUTC, imac
 
Apache FTP Server Integration
Apache FTP Server IntegrationApache FTP Server Integration
Apache FTP Server Integration
WO Community
 
Releasing Elixir/Phoenix Applications
Releasing Elixir/Phoenix ApplicationsReleasing Elixir/Phoenix Applications
Releasing Elixir/Phoenix Applications
Wise Engineering
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作
NUTC, imac
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Idan Tohami
 

What's hot (20)

Software Exploitation Techniques by Amit Malik
Software Exploitation Techniques by Amit MalikSoftware Exploitation Techniques by Amit Malik
Software Exploitation Techniques by Amit Malik
 
Ansible for beginners ...?
Ansible for beginners ...?Ansible for beginners ...?
Ansible for beginners ...?
 
Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2Using Ansible Dynamic Inventory with Amazon EC2
Using Ansible Dynamic Inventory with Amazon EC2
 
Fun with containers: Use Ansible to build Docker images
Fun with containers: Use Ansible to build Docker imagesFun with containers: Use Ansible to build Docker images
Fun with containers: Use Ansible to build Docker images
 
psCloudstack Internals
psCloudstack InternalspsCloudstack Internals
psCloudstack Internals
 
Project 2 how to modify OS/161
Project 2 how to modify OS/161Project 2 how to modify OS/161
Project 2 how to modify OS/161
 
Multinode kubernetes-cluster
Multinode kubernetes-clusterMultinode kubernetes-cluster
Multinode kubernetes-cluster
 
Basics of Ansible - Sahil Davawala
Basics of Ansible - Sahil DavawalaBasics of Ansible - Sahil Davawala
Basics of Ansible - Sahil Davawala
 
Advance discussion on Ansible - Rahul Inti
Advance discussion on Ansible - Rahul IntiAdvance discussion on Ansible - Rahul Inti
Advance discussion on Ansible - Rahul Inti
 
#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible#OktoCampus - Workshop : An introduction to Ansible
#OktoCampus - Workshop : An introduction to Ansible
 
Ansible 2.2
Ansible 2.2Ansible 2.2
Ansible 2.2
 
Como instalar aeroo en open erp 6
Como instalar aeroo en open erp 6Como instalar aeroo en open erp 6
Como instalar aeroo en open erp 6
 
Ansible container
Ansible containerAnsible container
Ansible container
 
Quay 3.3 installation
Quay 3.3 installationQuay 3.3 installation
Quay 3.3 installation
 
Build your own private openstack cloud
Build your own private openstack cloudBuild your own private openstack cloud
Build your own private openstack cloud
 
使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台
 
Apache FTP Server Integration
Apache FTP Server IntegrationApache FTP Server Integration
Apache FTP Server Integration
 
Releasing Elixir/Phoenix Applications
Releasing Elixir/Phoenix ApplicationsReleasing Elixir/Phoenix Applications
Releasing Elixir/Phoenix Applications
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
 

Similar to System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel

DevOps Hackathon: Session 3 - Test Driven Infrastructure
DevOps Hackathon: Session 3 - Test Driven InfrastructureDevOps Hackathon: Session 3 - Test Driven Infrastructure
DevOps Hackathon: Session 3 - Test Driven Infrastructure
Antons Kranga
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetup
Greg DeKoenigsberg
 
Ansible not only for Dummies
Ansible not only for DummiesAnsible not only for Dummies
Ansible not only for Dummies
Łukasz Proszek
 
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
Amazon Web Services
 
Automating with Ansible
Automating with AnsibleAutomating with Ansible
Automating with Ansible
Ricardo Schmidt
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
Khizer Naeem
 
OpenShift4 Installation by UPI on kvm
OpenShift4 Installation by UPI on kvmOpenShift4 Installation by UPI on kvm
OpenShift4 Installation by UPI on kvm
Jooho Lee
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
John Lynch
 
2009 cluster user training
2009 cluster user training2009 cluster user training
2009 cluster user training
Chris Dwan
 
Vagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptopVagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptop
Lorin Hochstein
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
grim_radical
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
DevOps Ltd.
 
Moo at System::Image::Update
Moo at System::Image::UpdateMoo at System::Image::Update
Moo at System::Image::Update
Jens Rehsack
 
k8s practice 2023.pptx
k8s practice 2023.pptxk8s practice 2023.pptx
k8s practice 2023.pptx
wonyong hwang
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
Altinity Ltd
 
#WeSpeakLinux Session
#WeSpeakLinux Session#WeSpeakLinux Session
#WeSpeakLinux Session
Kellyn Pot'Vin-Gorman
 
Puppi. Puppet strings to the shell
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shell
Alessandro Franceschi
 
Ansible leveraging 2.0
Ansible leveraging 2.0Ansible leveraging 2.0
Ansible leveraging 2.0
bcoca
 
Puppet
PuppetPuppet
Puppet
Łukasz Jagiełło
 
Linux Troubleshooting
Linux TroubleshootingLinux Troubleshooting
Linux Troubleshooting
Keith Wright
 

Similar to System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel (20)

DevOps Hackathon: Session 3 - Test Driven Infrastructure
DevOps Hackathon: Session 3 - Test Driven InfrastructureDevOps Hackathon: Session 3 - Test Driven Infrastructure
DevOps Hackathon: Session 3 - Test Driven Infrastructure
 
Ansible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetupAnsible loves Python, Python Philadelphia meetup
Ansible loves Python, Python Philadelphia meetup
 
Ansible not only for Dummies
Ansible not only for DummiesAnsible not only for Dummies
Ansible not only for Dummies
 
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
(WEB307) Scalable Site Management Using AWS OpsWorks | AWS re:Invent 2014
 
Automating with Ansible
Automating with AnsibleAutomating with Ansible
Automating with Ansible
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
 
OpenShift4 Installation by UPI on kvm
OpenShift4 Installation by UPI on kvmOpenShift4 Installation by UPI on kvm
OpenShift4 Installation by UPI on kvm
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
2009 cluster user training
2009 cluster user training2009 cluster user training
2009 cluster user training
 
Vagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptopVagrant, Ansible, and OpenStack on your laptop
Vagrant, Ansible, and OpenStack on your laptop
 
Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013Puppet: Eclipsecon ALM 2013
Puppet: Eclipsecon ALM 2013
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
 
Moo at System::Image::Update
Moo at System::Image::UpdateMoo at System::Image::Update
Moo at System::Image::Update
 
k8s practice 2023.pptx
k8s practice 2023.pptxk8s practice 2023.pptx
k8s practice 2023.pptx
 
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTOClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
ClickHouse on Kubernetes, by Alexander Zaitsev, Altinity CTO
 
#WeSpeakLinux Session
#WeSpeakLinux Session#WeSpeakLinux Session
#WeSpeakLinux Session
 
Puppi. Puppet strings to the shell
Puppi. Puppet strings to the shellPuppi. Puppet strings to the shell
Puppi. Puppet strings to the shell
 
Ansible leveraging 2.0
Ansible leveraging 2.0Ansible leveraging 2.0
Ansible leveraging 2.0
 
Puppet
PuppetPuppet
Puppet
 
Linux Troubleshooting
Linux TroubleshootingLinux Troubleshooting
Linux Troubleshooting
 

Recently uploaded

dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
Hiike
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 

Recently uploaded (20)

dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - HiikeSystem Design Case Study: Building a Scalable E-Commerce Platform - Hiike
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 

System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel

  • 2. Goal Updating system packages should be
 safe and easy
  • 3. Requirements • Announce updates via team chat. • When reboot is needed, wait for system to come back. • Manual confirmation for critical servers. • Rolling updates, with defined order.
  • 4. Example set-up • CentOS Linux (yum) • Slack for team chat • Our own yum repository • We don’t mind reboots • We assume auto-detect load balancer
  • 5.
  • 7. Playbook ---
 - name: Update system packages hosts: updates sudo: True gather_facts: yes serial: 1 max_fail_percentage: 0 tasks: - name: Check if packages updates are available shell: /bin/yum check-updates register: updates_available failed_when: ( updates_available.rc != 0 ) and 
 ( updates_available.rc != 100 ) changed_when: updates_available.rc == 100
  • 8. gather_facts: yes serial: 1 max_fail_percentage: 0 tasks: - name: Check if packages updates are available shell: /bin/yum check-updates register: updates_available failed_when: ( updates_available.rc != 0 ) and 
 ( updates_available.rc != 100 ) changed_when: updates_available.rc == 100 notify: - announce system update - meta: flush_handlers - name: Update packages yum: name=* state=latest when: updates_available.changed notify: - reboot host - wait for reboot
  • 9. - name: Prompt user for manual verification pause: prompt="WARNING! Ensure that system is fully operational before continuing! Hit Ctrl+c to abort, Enter to continue." when: "updates_available.changed and 'critical' 
 in group_names" handlers: - name: announce system update local_action: module: slack username="{{ slack_username }}" 
 token="{{ slack_token }}" 
 msg="*ALERT:* {{ ansible_hostname }} 
 is going offline for system updates." sudo: false - name: reboot host shell: /usr/bin/sleep 3 && /usr/sbin/shutdown 
 -r +1 "Reboot triggered by packages 
 updates through Ansible" async: 1 poll: 0
  • 10. register: updates_available failed_when: ( updates_available.rc != 0 ) and 
 ( updates_available.rc != 100 ) changed_when: updates_available.rc == 100 notify: - announce system update - meta: flush_handlers - name: Update packages yum: name=* state=latest when: updates_available.changed notify: - reboot host - wait for reboot - meta: flush_handlers - name: announce system update completed local_action: module: slack username="{{ slack_username }}” token="{{ slack_token }}" msg="*OK:* 

  • 11. msg="*ALERT:* {{ ansible_hostname }} 
 is going offline for system updates." sudo: false - name: reboot host shell: /usr/bin/sleep 3 && /usr/sbin/shutdown 
 -r +1 "Reboot triggered by packages 
 updates through Ansible" async: 1 poll: 0 ignore_errors: true - name: wait for reboot local_action: wait_for 
 host={{ ansible_ssh_host }}
 port=22 delay=90 timeout=300 
 connect_timeout=15 sudo: false
  • 12. - meta: flush_handlers - name: announce system update completed local_action: module: slack username="{{ slack_username }}” token="{{ slack_token }}" msg="*OK:* 
 {{ ansible_hostname }} is back 
 online after system updates." sudo: false when: updates_available.changed - name: Prompt user for manual verification pause: prompt="WARNING! Ensure that system is fully operational before continuing! Hit Ctrl+c to abort, Enter to continue." when: "updates_available.changed and 'critical' 
 in group_names" handlers: - name: announce system update local_action:
  • 13. Pro Tips • Nicely stop services first • Use your own yum repository • Enforce the same repository configuration everywhere • Store confidential variables in vault