Ansible Automation Upgrade and Reboot Debian and Red Hat
Ansible has long been a reference in the world of infrastructure automation, this powerful and flexible tool enables Linux system builders, Network administrators, DevOps and Architects to manage configurations, deployments and automate upgrades, reboots of multiple instances even with different distributions.
In our consulting experience we have often written playbooks to automate manual tasks, from Virtual Machine configuration, LAMP web server setup, to more complex architectures with Continuos Integration and Continuos Deployment (CI/CD) based on Ansible.
In this short guide, we will see how to use Red Hat's Ansible to upgrade Debian- and Red Hat-based instances, including a wide range of derivative distributions such as Ubuntu, Mint, CentOS, Fedora, and if required, perform reboot.
Defining Variables
We start our Ansible playbook with setting variables.
This allows us to customize the reboot connection timeout, the delay after reboot, and the maximum timeout time.
vars:
reboot_connect_timeout: 5
reboot_post_reboot_delay: 15
reboot_timeout: 600Package Cache Update
Next, we perform a package cache update, for Debian-based instances (and derived distributions such as Ubuntu, Mint, etc.). This is an important step to ensure that Ansible has access to the latest package versions.
- name: Update apt cache
ansible.builtin.apt:
update_cache: true
when: ansible_os_family == "Debian"Complete Package Upgrade
The next step is the complete upgrade of all packages in the instance, regardless of the operating system family, whether it is Debian, Red Hat, or any derived distribution. The ansible.builtin.package action is used for this purpose with the status set to latest and the name to *. This means that all installed packages will be searched and will be upgraded to the latest available version.
- name: Perform full patching and upgrade
ansible.builtin.package:
state: latest
name: '*'This playbook is great for a specific task. But true infrastructure automation is a strategy, not a collection of scripts. Managing complex deployments and CI/CD pipelines requires a robust, secure, and scalable architecture.
Check Reboot
The playbook then checks if a reboot is needed. Ansible uses the ansible.builtin.stat module to check for the existence of the /var/run/reboot-required file. This file is present when an updated package requires a reboot to complete the installation or upgrade.
- name: Check if reboot required
ansible.builtin.stat:
path: /var/run/reboot-required
register: reboot_required_fileIf the file exists, Ansible performs a reboot of the instance using the ansible.builtin.reboot form. Previously configured timeout variables are used in this step.
- name: Reboot if required
ansible.builtin.reboot:
connect_timeout:"{{ reboot_connect_timeout }}"
post_reboot_delay: "{{ reboot_post_reboot_delay }}"
reboot_timeout: "{{ reboot_timeout }}"
when: reboot_required_file.stat.existsConclusion
This playbook demonstrates the power and flexibility of Ansible in handling complex tasks such as system upgrades and reboot management. Remember, that this is a generic example, and you may need to customize it to suit the specific needs of your environment.
Remember: automation is a great tool, but it must always be coupled with good preventive testing and monitoring practices. So before deploying this playbook in production, make sure you have tested it in a staging or development environment.
Ansible can greatly simplify the management of your Debian, Red Hat and related derived distributions instances, allowing you to focus on other important aspects of your infrastructure.
Scaling Ansible is complex. From writing idempotent playbooks to managing dynamic inventories and Tower/AWX, our experts have seen it all. Don't waste time reinventing the wheel.
An expert Ansible consultant can analyze your infrastructure and show you how real automation will save you time and money.