-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathuclalib_rhelreboot.yml
77 lines (68 loc) · 2.41 KB
/
uclalib_rhelreboot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
---
###############################################################################
# Playbook for RHEL OS Systems Patching
# -------------------------------------
#
# The ansible play is meant to be run against RHEL
# systems that do not require manual intervention
#
# The inventory.ini file contains a stanza titled
# [unattended_yum_update] containing servers that
# are OK to run an unattended yum update.
#
# The value of the serial parameter controls the "batch size" of servers to
# execute these tasks on at any given time during a run of the playbook.
#
# Sample command-line execution of this play is (assuming you are in the
# /etc/ansible directory):
#
# ansible-playbook -i inventory.ini plays/uclalib_rhelreboot.yml -e rhel_inventory_host_group=unattended_yum_update -v
#
# CAVEAT: This playbook will never reboot a system if needs-restarting is
# missing (unless force_reboot=true is passed).
#
###############################################################################
- name: uclalib_rhelreboot.yml
become: yes
become_method: sudo
hosts: "{{ rhel_inventory_host_group | default('unattended_yum_update') }}"
serial: "{{ rhelreboot_serial | default(15) }}"
any_errors_fatal: False
vars:
- no_reboot: /etc/no-reboot
tasks:
- name: Query needs-restarting status
command: needs-restarting -r
failed_when: False
register: needs_restarting
changed_when: False
- name: Skip this reboot?
slurp:
src: '{{ no_reboot }}'
failed_when: False
register: skip
changed_when: skip.content is defined
notify: Why was host skipped?
- name: Prohibit this reboot?
command:
cmd: pgrep --exact '{{ item }}'
changed_when: False
register: prohibit
failed_when: prohibit.rc == 0
loop:
'{{ reboot_prohibiting_processes }}'
- name: Reboot if required
reboot:
reboot_timeout: 300
when: >
needs_restarting.rc == 1
and (needs_restarting.stdout | default("")) is search ("Reboot is required")
and (skip.content is not defined)
or ( force_reboot | default (False) )
# needs-restarting returns 1 if a reboot is required, which Ansible
# considers to be failed.
# Equivalent shell: sudo needs-restarting -r || sudo reboot
handlers:
- name: Why was host skipped?
debug:
msg: "{{ (skip.content | b64decode | trim).split('\n') }}"