I am updating my CentOS role to patch systems after Frozen repos have been configured and non-Frozen repos are removed. I am finding that, if use the logic below, it restores the CentOS repos after ansible already removed them:
- name: Patch the System
yum:
name: '*'
update_cache: yes
state: latest
If I remove the task above, the CentOS repos don't regenerate. What am I missing? Is there additional logic or a more efficient way to patch systems?
Resolved issue by breaking out "find and removing non-frozen repo files" into separate task file that is called unconditional before patching and conditional after patching (when task reports a change)
What this does is that it checks if there are updates available (it is comparable with apt-get update) and then install/updates all(*) packages to the latest version
Related
I have requirement to upgrade existing tools/software installed on servers (used for DevOps Agentpool) using Ansible. Can anyone share sample YAML code and steps involved to upgrade.
Tools to upgrade like Java 11 to 18, Git, Maven etc.
Basically the up mentioned code:
- name: update java 8
package:
name:
- java-1.8.0-openjdk-headless
- java-1.8.0-openjdk
- java-1.8.0-openjdk-devel
state: latest
What really does is install the latest version of the package for those in the list which implies the upgrade of it or replacement of the old with the new one.
Disclaimer: this is code is provided as it is. Not necessarily will resolve your problem.
If you want a better answer, probably need to provide more information or give a better example of what you want to do or your intention.
This kind of question probably should include the OS of the target. Assuming you're running rpm/yum based linux, something like this would work:
- name: update java 8
yum:
name:
- java-1.8.0-openjdk-headless
- java-1.8.0-openjdk
- java-1.8.0-openjdk-devel
state: latest
Does anybody know what would happen if a package gets installed, while the old package remains installed? The thing is that the command rpm -e <rpm_package> will uninstall and delete the old package. In my case, I want to keep the old package as a backup and I don't want it to get erased.
Is it possible to keep the old package available in the file system(without deleting it) while having installed the new one?
Thanks in advance!
Yes, this is possible. It is not documented, but when you install an RPM with both the
--nodeps and --force options
It turns out yum really does disable ALL dependency logic
This is the other way to get into the state of having duplicates besides:
you terminate rpm during the transaction.
If you don't believe me give it a try on a CentOS 7 server. It's possible this behavior has changed in dnf - after all it was meant to be an upgrade to yum. That would not shock me.
No, it is not possible.
It can happen that you have two package of the same name. But that is only possible when:
you terminate rpm during the transaction. You can then remove the correct one using full NEVRA. I.e., rpm -e bash-5.1.8-2.fc35.x86_64
when packages are multilib. I.e., one is i386 and the other x86_64
If you want to keep backups then I recommend either using 'local' plugin https://dnf-plugins-core.readthedocs.io/en/latest/local.html Just be aware that it can consume a lot of storage.
Or even Red Hat Satellite, which allows you easy rollbacks. But that is likely big beast for your needs.
Is that means ansible modules are in same version with ansible
Ansible modules - these modules ship with ansible
If not then how to check which version of ansible modules I have?
Q: Are ansible modules the same version with ansible?
A: Looking at the ansible repository -> tag stable-v2.0.
https://github.com/ansible/ansible/tree/stable-2.0/lib/ansible/modules
Since ansible/modules/core is a submodule-reference to the ansible-modules repository found here. This means that when an ansible developer do a git clone --recursive to checkout the entire set of code, git will checkout codes from ansible and ansible-modules repositories to make up the "entire set of code".
So when a developer goes on to build the binary from the full ansible source code, I would assume that only one distinct version number is given to it.
Therefore, short answer is; yes. They share the same version number.
There's 99% probability that you have it the same version as Ansible "kernel", unless you installed Ansible from sources and updated modules subtrees manually.
ansible-modules-core and ansible-modules-extras were split from main ansible repo for some time, but later merged again. You can read about it here.
But Ansible packages has been always released as self-contained, so if your modules' versions are the same as Ansible version in ansible --version command.
I have found this DNSimple ansible module:
http://docs.ansible.com/ansible/dnsimple_module.html
but can not find anywhere on that page to download and install it? How do I go about downloading and installing ansible modules like this. Thanks.
The accepted answer solved the questioner's problem but didn't address the broader scope of the question.
How to install an Ansible module? The documentation is currently vague as to how to achieve this simple requirement!
An excellent general guide to writing modules (I've no connection to the author) can be found here.
The quickest way is to simply have a folder called library/ in the same folder as your playbook. Inside this folder, place the python script for the Ansible Module. You should now have a corresponding task available to your playbook.
If you want to share your module across multiple projects, then you can add an entry to /etc/ansible/ansible.cfg pointing to a shared library location, eg:
library = /usr/share/ansible/library
The module itself is part of ansible since version 1.6 (as stated here). To use it, you need to have dnsimple on your host machine (also stated in the above description). Install it with sudo pip install dnsimple
It is important to know that base ansible modules are not installed by default on devel version, which is the default installed version when you build from source.
Only few modules are present for developpment purpose.
So when you'll run your playbook it'll complain about not found module with following error message
couldn't resolve module/action 'xxx'
If you have no choice but building for source, don't forget to checkout the stable branch to install all basic ansible modules!
When I try to use the Ansible's Composer module and paste the following task into my playbook.yml file I get an error.
playbook.yml
- name: Composer Install Site Dependencies
composer: command=install working_dir=/var/www/html
Error:
ERROR: composer is not a legal parameter in an Ansible task or handler
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
After some investigation I ran "anisble-doc --list" on the command line to see the available modules and "composer" is not listed. I am running Ansible version 1.5.4, do I have to add it separately?
As #user272735 indicated in the comments, this is an unreleased module- it's slated for the 1.6 release, which is under "active development". (admittedly it was originally slated for 1.4) You have a couple of options:
install ansible from the bleeding edge. See "running from source". (obviously, this is scary)
ninja-patch the file into your locally installed tree. (obviously, this is scary)
add the file into your local Ansible repo.
As "developing modules" says, a fourth option is to specify your library path via ANSIBLE_LIBRARY or --module-path. HOWEVER, this overrides your global library/module path. That isn't what you want to do unless you are providing every module.
adding into your repo
I'm assuming your repo is named "ansible" and is set up properly, like this:
ansible/
ansible/roles/
ansible/group_vars/
In that case, simply add a library directory at the top (the 'best practices' discusses this but not in the expected section):
ansible/
ansible/roles/
ansible/group_vars/
ansible/library/
Inside there, add the composer file in there. That makes its path/file the following:
ansible/library/composer
Note it is not composer.py or anything else. Also, it doesn't seem to need the +x bit, so no fussy worries there.
Once you do that, you can run Ansible commands as you'd expect. The composer module will simply be there.