I want to upgrade certain linux packages on my machines using ansible apt module and provided debian files, but not able to do so. To describe, I've used perl-base package as example below.
I am trying to install a specific version of perl-base(perl-base_5.26.1-6ubuntu0.5_amd64) on a linux system with already installed perl-base_5.26.1-6ubuntu0.3_amd64.
When I do it manually using apt it suggests removal of some conflicting packages, but proceeds without error, which is also the desired outcome.
root#logger:/home/ubuntu# apt install /home/deb_pkgs/perl-base_5.26.1-6ubuntu0.5_amd64.deb
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting 'perl-base' instead of '/home/deb_pkgs/perl-base_5.26.1-6ubuntu0.5_amd64.deb'
Suggested packages:
perl
The following packages will be REMOVED:
lm-sensors perl
The following packages will be upgraded:
perl-base
1 upgraded, 0 newly installed, 2 to remove and 0 not upgraded.
Need to get 0 B/1,391 kB of archives.
After this operation, 962 kB disk space will be freed.
Do you want to continue? [Y/n]
But when I try to do the same using ansible, it fails citing the break in dependency of the perl packages.
TASK [deb-pkg-install : Install deb files] **********************************************************************************************************************************************************
failed: [ubuntu] (item=perl-base) => changed=false
ansible_loop_var: item
item: perl-base
msg: Breaks existing package 'perl' dependency perl-base (= 5.26.1-6ubuntu0.3)
My task currently looks like this,
- name: Install deb files
apt:
deb: "/home/deb_pkgs/{{ deb_files[item].file_name }}"
install_recommends: no
when: not ansible_check_mode
register: install_output
loop: "{{ required_debs }}"
I have solved it by adding another task which removes the packages suggested by apt, but I think there might be more elegant solution than this. I have gone through documentation of builtin.module.apt but couldn't find any suitable parameter to add.
Any input appreaciated! Thanks!
Related
I got an error of ansible and I'm very new to ansible.
I'm trying to install homebrew packages by ansible. I made directories and files following an article of setting up MacOS with ansible.
I made homebrew/tasks/main.yml
- name: Add homebrew tap repository
homebrew_tap: tap={{ item.name }} state=present
with_items:
- "{{ homebrew_taps }}"
- name: Update homebrew
homebrew: update_homebrew=yes
- name: Install brew packages
homebrew:
name={{ item.name }}
state={{ item.state | default('latest') }}
install_options={{
item.install_options | default('latest') | join(',')
if item.install_options is not string
else item.install_options
}}
with_items:
"{{ homebrew_packages }}"
- name: Install cask packages
homebrew_cask:
name={{ item.name }}
state={{ item.state | default('installed') }}
with_items:
- "{{ homebrew_cask_packages }}"
and homebrew/vars/main.yml
homebrew_taps:
- { name: homebrew/cask }
- { name: homebrew/cask-versions }
- { name: homebrew/cask-fonts }
- { name: homebrew/core }
homebrew_packages:
- { name: fish, state: present }
#- { name: tree }
#- { name: asdf }
#- { name: gh }
#- { name: lazygit }
Then I run HOMEBREW_CASK_OPTS="--appdir=~/Applications" ansible-playbook -i hosts -K exec.yml. But it does not work.
It throws an error and shows this message:
TASK [homebrew : Install brew packages] *****************************************
failed: [localhost] (item={'name': 'fish', 'state': 'present'}) => {"ansible_loop_var": "item", "changed": false, "item": {"name": "fish", "state": "present"}, "msg": "Usage: brew install [options] formula|cask [...]\n\nInstall a formula or cask. Additional options specific to a formula may be\nappended to the command.\n\nUnless HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK is set, brew upgrade or brew\nreinstall will be run for outdated dependents and dependents with broken\nlinkage, respectively.\n\nUnless HOMEBREW_NO_INSTALL_CLEANUP is set, brew cleanup will then be run for\nthe installed formulae or, every 30 days, for all formulae.\n\nUnless HOMEBREW_NO_INSTALL_UPGRADE is set, brew install formula will\nupgrade formula if it is already installed but outdated.\n\n -d, --debug If brewing fails, open an interactive\n debugging session with access to IRB or a\n shell inside the temporary build directory.\n -f, --force Install formulae without checking for\n previously installed keg-only or non-migrated\n versions. When installing casks, overwrite\n existing files (binaries and symlinks are\n excluded, unless originally from the same\n cask).\n -v, --verbose Print the verification and postinstall steps.\n -n, --dry-run Show what would be installed, but do not\n actually install anything.\n --formula, --formulae Treat all named arguments as formulae.\n --ignore-dependencies An unsupported Homebrew development flag to\n skip installing any dependencies of any kind.\n If the dependencies are not already present,\n the formula will have issues. If you're not\n developing Homebrew, consider adjusting your\n PATH rather than using this flag.\n --only-dependencies Install the dependencies with specified\n options but do not install the formula\n itself.\n --cc Attempt to compile using the specified\n compiler, which should be the name of the\n compiler's executable, e.g. gcc-7 for GCC\n 7. In order to use LLVM's clang, specify\n llvm_clang. To use the Apple-provided\n clang, specify clang. This option will only\n accept compilers that are provided by\n Homebrew or bundled with macOS. Please do not\n file issues if you encounter errors while\n using this option.\n -s, --build-from-source Compile formula from source even if a\n bottle is provided. Dependencies will still\n be installed from bottles if they are\n available.\n --force-bottle Install from a bottle if it exists for the\n current or newest version of macOS, even if\n it would not normally be used for\n installation.\n --include-test Install testing dependencies required to run\n brew test formula.\n --HEAD If formula defines it, install the HEAD\n version, aka. main, trunk, unstable, master.\n --fetch-HEAD Fetch the upstream repository to detect if\n the HEAD installation of the formula is\n outdated. Otherwise, the repository's HEAD\n will only be checked for updates when a new\n stable or development version has been\n released.\n --keep-tmp Retain the temporary files created during\n installation.\n --debug-symbols Generate debug symbols on build. Source will\n be retained in a cache directory. \n --build-bottle Prepare the formula for eventual bottling\n during installation, skipping any\n post-install steps.\n --bottle-arch Optimise bottles for the specified\n architecture rather than the oldest\n architecture supported by the version of\n macOS the bottles are built on.\n --display-times Print install times for each package at the\n end of the run.\n -i, --interactive Download and patch formula, then open a\n shell. This allows the user to run\n ./configure --help and otherwise determine\n how to turn the software package into a\n Homebrew package.\n -g, --git Create a Git repository, useful for creating\n patches to the software.\n --overwrite Delete files that already exist in the prefix\n while linking.\n --cask, --casks Treat all named arguments as casks.\n --[no-]binaries Disable/enable linking of helper executables\n (default: enabled).\n --require-sha Require all casks to have a checksum.\n --[no-]quarantine Disable/enable quarantining of downloads\n (default: enabled).\n --skip-cask-deps Skip installing cask dependencies.\n --zap For use with brew reinstall --cask. Remove\n all files associated with a cask. May remove\n files which are shared between applications.\n --appdir Target location for Applications (default:\n /Applications).\n --colorpickerdir Target location for Color Pickers (default:\n ~/Library/ColorPickers).\n --prefpanedir Target location for Preference Panes\n (default: ~/Library/PreferencePanes).\n --qlplugindir Target location for QuickLook Plugins\n (default: ~/Library/QuickLook).\n --mdimporterdir Target location for Spotlight Plugins\n (default: ~/Library/Spotlight).\n --dictionarydir Target location for Dictionaries (default:\n ~/Library/Dictionaries).\n --fontdir Target location for Fonts (default:\n ~/Library/Fonts).\n --servicedir Target location for Services (default:\n ~/Library/Services).\n --input-methoddir Target location for Input Methods (default:\n ~/Library/Input Methods).\n --internet-plugindir Target location for Internet Plugins\n (default: ~/Library/Internet Plug-Ins).\n --audio-unit-plugindir Target location for Audio Unit Plugins\n (default:\n ~/Library/Audio/Plug-Ins/Components).\n --vst-plugindir Target location for VST Plugins (default:\n ~/Library/Audio/Plug-Ins/VST).\n --vst3-plugindir Target location for VST3 Plugins (default:\n ~/Library/Audio/Plug-Ins/VST3).\n --screen-saverdir Target location for Screen Savers (default:\n ~/Library/Screen Savers).\n --language Comma-separated list of language codes to\n prefer for cask installation. The first\n matching language is used, otherwise it\n reverts to the cask's default language. The\n default value is the language of your system.\n -q, --quiet Make some output more quiet.\n -h, --help Show this message.\nError: invalid option: --t"}
Do you have ideas of this issue? Thank you for reading my question.
It looks like like command apt install https://github.com/jgraph/drawio-desktop/releases/download/v12.9.3/draw.io-amd64-12.9.3.deb could take long time each time when is invoked even if the package is installed already. It is literally downloads the package each time.
And yes, with ansible is idempotent, with status changed: no.
- name: Install a drawio-desktop .deb package
apt:
deb: https://github.com/jgraph/drawio-desktop/releases/download/v12.9.3/draw.io-amd64-12.9.3.deb
when: ansible_facts['lsb']['id'] == "Ubuntu"
tags:
- debug
- not-macos
Is there any short way to skip download if package installed ?
Ideally will be to say in name that I want to install draw.io if not installed from deb: url else consider things installed.
- name: Install a drawio-desktop .deb package
apt:
name: draw.io
deb: https://github.com/jgraph/drawio-desktop/releases/download/v12.9.3/draw.io-amd64-12.9.3.deb
but is not working like that
TASK [desktop : Install a drawio-desktop .deb package] *********
fatal: [tuxedo]: FAILED! => {"changed": false, "msg": "parameters are mutually exclusive: deb|package|upgrade"}
Any suggestion on a lighter solution to speed up the task?
The behavior seems to be intended according the parameter deb
Ansible will attempt to download deb before installing.
and the current source of apt.py.
So you may have a look into the module package_facts
- name: Gather Package Facts
package_facts:
manager: apt # default ["auto"]
as well a Conditional Example of
when: "ansible_facts['lsb']['id'] == 'Ubuntu' and 'draw.io' not in ansible_facts.packages"
Credits to
How to get the installed apt packages with Ansible?
Further Q&A
Ansible: Do task if apt package is missing
An other approach might be to have the latest package always internally (cached) available and provide a .list file for the native package manager, pointing to the internal repository URL (file share).
By doing this, you could then just use
- name: Install a drawio-desktop .deb package
apt:
name: draw.io
state: latest
without further checks. This will address required updates too.
I'm trying to run Ansible on my existing nodes and I'm getting errors on all of the nodes except one on which it works fine:
The error message:
No package matching 'git2u' found available, installed, or updated.
All of the nodes are CentOS 7.
What am I doing wrong?
Same when I'm using yum from the terminal:
yum info git2u
Failed to set locale, defaulting to C
Loaded plugins: fastestmirror, langpacks, ps
Loading mirror speeds from cached hostfile
* epel: d2lzkl7pfhq30w.cloudfront.net
Error: No matching Packages to list
My playbook:
- name: install epel7 and ius-release to install latest git
package:
name:
- epel-release
- 'https://repo.ius.io/ius-release-el7.rpm'
state: present
when: ansible_distribution == 'CentOS'
- name: install git2u
package:
name: git2u
state: present
when: ansible_distribution == 'CentOS'
The git2u pacakge was renamed to git216, which was later retired. If you use IUS I highly recommend watching the announce repository to be notified when packages are retired.
https://ius.io/faq#how-do-i-know-when-an-ius-package-is-being-retired
im trying to write a playbook and i want to check if a deb package is installed and if not installed then install
so iv'e tried so far using the package_facts module and i can't figure this out
- name: Gather package facts
package_facts:
manager: auto
- name: Debug if package is present
debug:
msg: 'yes, mypackage is present'
when: '"besagent" in ansible_facts.packages'
register: besagent
- name: Debug if package is absent
debug:
msg: 'no, mypackage is absent'
when: '"besagent" not in ansible_facts.packages'
and this is the command to install the deb
- name: Install_BigFix_DEB
apt: deb="/usr/BigFix/BESAgent-9.5.11.191-debian6.amd64.deb"
sudo: true
So i see if the package is installed or not and i have a command to install the package but how do i make it happen automatically.
If BigFix agent is not installed Then install the agent?
Thanks for the help!!
Ansible operations are idempotent in nature. If you are using Ansible modules then you don't need to check if deb package is installed or not. Ansible will take care of it. If the package is not installed it will install. Else it will skip.
You can directly use
- name: Install_BigFix_DEB
apt: deb="/usr/BigFix/BESAgent-9.5.11.191-debian6.amd64.deb"
sudo: true
As per Ansible document:
An operation is idempotent if the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions.
You don't need to check if the package is already installed or not.
The apt module take care of that.
If the package is already installed, apt will do nothing and return a status: ok,
if not, it will install it and return a status: changed.
How can I make Ansible execute a shell script if a (rpm) package is not installed? Is it somehow possible to leverage the yum module?
I don't think the yum module would help in this case. It currently has 3 states: absent, present, and latest. Since it sounds like you don't want to actually install or remove the package (at least at this point) then you would need to do this in two manual steps. The first task would check to see if the package exists, then the second task would invoke a command based on the output of the first command.
If you use "rpm -q" to check if a package exists then the output would look like this for a package that exists:
# rpm -q httpd
httpd-2.2.15-15.el6.centos.1.x86_64
and like this if the package doesn't exist:
# rpm -q httpdfoo
package httpdfoo is not installed
So your ansible tasks would look something like this:
- name: Check if foo.rpm is installed
command: rpm -q foo.rpm
register: rpm_check
- name: Execute script if foo.rpm is not installed
command: somescript
when: rpm_check.stdout.find('is not installed') != -1
The rpm command will also exit with a 0 if the package exists, or a 1 if the package isn't found, so another possibility is to use:
when: rpm_check.rc == 1
Based on the Bruce P answer above, a similar approach for apt/deb files is
- name: Check if foo is installed
command: dpkg-query -l foo
register: deb_check
- name: Execute script if foo is not installed
command: somescript
when: deb_check.stdout.find('no packages found') != -1
If the package is installable through the system package manager (yum, apt, etc) itself, then you can make use of the check mode flag of ansible to register installation status without actually installing the package.
- name: check if package is installed
package:
name: mypackage
state: present
check_mode: true
register: mypackage_check
- name: run script if package installed
shell: myscript.sh
when: not mypackage_check.changed
Related to this.
Putting everything together, complete playbook for Debian (Ubuntu) which Updates package only if it's already installed:
---
- name: Update package only if already installed (Debian)
hosts: all
sudo: yes
tasks:
- name: Check if Package is installed
shell: dpkg-query -W -f='${Status}' {{ package }} | grep 'install ok installed'
register: is_installed
failed_when: no
changed_when: no
- name: Update Package only if installed
apt:
name: {{ package }}
state: latest
update_cache: yes
when: is_installed.rc == 0
Sadly Ansible still hasn't built-in support for making simple package updating, see ex: https://github.com/ansible/ansible/issues/10856
Since Ansible 2.5, you can use the package_facts module:
- name: Gather package facts
package_facts:
manager: auto
- name: Debug if package is present
debug:
msg: 'yes, mypackage is present'
when: '"mypackage" in ansible_facts.packages'
- name: Debug if package is absent
debug:
msg: 'no, mypackage is absent'
when: '"mypackage" not in ansible_facts.packages'
Note: you need the python bindings for apt/rpm installed on the target, e.g. python-apt for Debian.
You shouldn't be using dpkg -l package because it has no idea if your package has been removed or is still installed.
Instead it's probably better to use dpkg -s package.
To check if the package is installed :
- shell: dpkg -s package | grep 'install ok installed'
or if you don't mind the package on hold or other states :
- shell: dpkg -s package | grep 'installed'
This return 0 when installed and 1 if not.
(It's important to use the shell as we are using a pipe |)
I find using shell or command module is not "ansiblic".
I prefer to use yum module and json_query filter to check if a package is already installed. E.g. httpd package :
- yum:
list: httpd
register: apache_service
- assert:
that:
- "'installed' in apache_service|json_query('results[*].yumstate')"
msg: 'httpd is not installed'