-
Notifications
You must be signed in to change notification settings - Fork 0
/
patching.yml
36 lines (30 loc) · 1.36 KB
/
patching.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
---
- name: This is main play running
hosts: "{{ serv }}"
remote_user: "{{ Remote_user }}"
become: true
become_method: sudo
become_user: root
tasks:
- name: verify if nginx is running
shell: if ps -eaf|egrep nginx|grep -v grep > /dev/null ;then echo 'process_running' ;else echo 'process_not_running';fi
ignore_errors: true
register: app_check
- name: decison point to start patching
fail: msg="{{ inventory_hostname }} have running application,plese stop the application first then attempt patching."
when: app_check.stdout == "process_running"
- name: upgrade packages on the server
yum: name=kernel state=latest
when: app_check.stdout == "process_not_running" and ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
register: yum_update
- name: check if reboot is require after kernel update
shell: KERNEL_NEW=$(rpm -qa –-last kernel |head -1|awk '{print $1}'|sed 's/kernel-//'); KERNEL_NOW=$(uname -r); if [[ $KERNEL_NEW != $KERNEL_NOW ]] ;then echo “reboot_needed”; else echo “reboot_not_needed”; fi
ignore_errors: true
register: reboot_required
- name: restart system
command: shutdown -r +1 "Rebooting System After Patching"
async: 0
poll: 0
when: reboot_required.stdout == "reboot_needed"
register: reboot_started
ignore_errors: true