Yum and Dnf update and reboot with Ansible

In this video I cover some play books I have written to patch my RedHat based CentOS VM’s. The playbooks will enable EPEL, verify some packages/applications I use are installed, run a Yum or DNF update and reboot if a reboot is required.

The playbooks can be downloaded from below

nathan@thenathan:~/ansible$ cat enable_epel.yml
---
- hosts: all
  gather_facts: True
  become: true
  strategy: free
  tasks:
  - name: Enable EPEL Repository on CentOS 8
    dnf:
      name: epel-release
      state: latest
    when: ansible_facts['os_family'] == 'RedHat' and ansible_facts ['distribution_major_version'] >= '8'

  - name: Enable EPEL Repository on CentOS 7
    yum:
      name: epel-release
      state: latest
    when: ansible_facts['os_family'] == 'RedHat' and ansible_facts ['distribution_major_version'] == '7'
nathan@thenathan:~/ansible$ cat std_packages.yml
---
- import_playbook: enable_epel.yml
- hosts: all
  gather_facts: false
  become: true
  strategy: free
  tasks:

  #RHEL based OS version 7 stuff
  - name: Packages major_version 7
    when: ansible_facts['distribution_major_version'] == "7"
    package:
      name: ['nmap-ncat', 'curl', 'rsync', 'sysstat', 'bind-utils', 'wget', 'bash-completion', 'mlocate', 'lsof', 'htop', 'sharutils', 'python2-psutil', 'yum-utils', 'ps_mem' ]
      state: present

  #RHEL based OS version 6 stuff
  - name: Packages major_version 6
    when: ansible_facts['distribution_major_version'] == "6"
    package:
      name: ['nc', 'curl', 'rsync', 'sysstat', 'bind-utils', 'wget', 'bash-completion', 'libselinux-python', 'lsof' ]
      state: present
nathan@thenathan:~/ansible$ cat yum_update_reboot.yml
---
- import_playbook: std_packages.yml
- hosts: all
  gather_facts: false
  become: true
  serial: 1
  any_errors_fatal: yes
  vars_prompt:
    name: "confirmation"
    prompt: "Are you sure you want to Update with reboots? Answer with 'YES'"
    default: "NO"
    private: no
  tasks:

  - name: Check Confirmation
    fail: msg="Playbook run confirmation failed"
    when: confirmation != "YES"

  - name: DNF update the system
    dnf:
      name:  "*"
      state: latest
    when: ansible_facts['os_family'] == 'RedHat' and ansible_facts  ['distribution_major_version'] >= '8'

  - name: Yum update the system
    yum:
      name: "*"
      state: latest
    when: ansible_facts['os_family'] == 'RedHat' and ansible_facts ['distribution_major_version'] <= '7'

  - name: Reboot required
    command: "/usr/bin/needs-restarting -r"
    register: reboot_required
    ignore_errors: True
    changed_when: False
    failed_when: reboot_required.rc == 2
    when: ansible_facts['distribution_major_version'] == "7"

  - name: Rebooting
    reboot:
      post_reboot_delay: 60
    throttle: 1
    when: reboot_required.rc == 1 and ansible_facts ['virtualization_role'] != 'host'

  - debug:
      var: reboot_required.rc
      verbosity: 2

  - name: Check the uptime post reboot
    shell: uptime
    register: UPTIME_POST_REBOOT
    when: reboot_required.rc == 1

  - debug: msg={{UPTIME_POST_REBOOT.stdout}}
    when: reboot_required.rc == 1

  - name: Wait for port  443 to become open on the host, don't start checking for 60 seconds
    wait_for:
      port: 443
      host: 0.0.0.0
      delay: 60
    when: "'web' in inventory_hostname"

Docker Compose and TIG stack

In this video I use Docker-Compos to set up a Tig stack (Telegraf, InfluxDB, and Grafana)

(See download docker-compose.txt for docker-compose.yml because spacing is off on the below.)

$ cat docker-compose.yml
version: “2”
services:

influxdb:
container_name: influxdb
image: influxdb:latest
ports:
– “8086:8086”
user: “1000”
volumes:
– /home/nathan/tig_fun/tig-stack/volumes/influxdb:/var/lib/influxdb
restart: always

grafana:
container_name: grafana
image: grafana/grafana:latest
ports:
– “3000:3000”
environment:
GF_SECURITY_ADMIN_PASSWORD: “secure”
GF_PATHS_DATA: “/var/lib/grafana”
GF_PATHS_LOGS: “/var/log/grafana”
user: “1000”
volumes:
– /home/nathan/tig_fun/tig-stack/volumes/grafana:/var/lib/grafana
– /home/nathan/tig_fun/tig-stack/volumes/grafana/plugins:/var/lib/grafana/plugins
– /home/nathan/tig_fun/tig-stack/logs/grafana:/var/log/grafana
– /home/nathan/tig_fun/tig-stack/conf/grafana_custom.ini,target=/etc/grafana/grafana.ini
links:
– influxdb
restart: always

telegraf:
container_name: telegraf
image: telegraf:latest
network_mode: “host”
user: “1000”
volumes:
– /home/nathan/tig_fun/tig-stack/conf/telegraf.conf:/etc/telegraf/telegraf.conf
– /var/run/docker.sock:/var/run/docker.sock
restart: always

conf/telegraf.conf can be found at https://raw.githubusercontent.com/influxdata/telegraf/master/etc/telegraf.conf

conf/grafana_custom.ini can be fond at https://raw.githubusercontent.com/grafana/grafana/master/conf/defaults.ini