I wanted to ask about how should i approach with patching of linux servers in an air gapped environment through the ansible-core or Redhat Ansible Automation Platform, before writing any playbooks for this i want some help/ideas on how can i download all the required updates for the patching on the ansible node itself which includes all variety of linux distros (i.e. RHEL, SUSE, Ubuntu) and then push these updates to the servers via ansible playbook. Something like how SCCM works for windows patch management.
Hi.
I believe you need/want an on-site repo system, like Red Hat Satellite. You can then use Ansible to orchestrate the repositories and install updates.
2 Likes
You can also use pulp and make your life miserable until you find a different job NOT working with pulp.
Sidenote to using Satellite, it supports multiple ‘layers’ of proxy-ing. You can deploy a so-called Capsule, which serves as a proxy to your Satellite management server.
But the Satellite server in turn can use an HTTP proxy to access Red Hat’s servers.
Or, if that’s not an option, you can use a secondary Satellite instance to download and cache the content which can be exported and imported to your air-gapped Satellite server.