I’m trying to automate our monthly patch process for CentOS servers. We receive a list of servers from our Linux team each month that says which servers need to be patched and/or rebooted. I’m wanting to have needs_patch and needs_reboot variables attached to each host. So, each month we would have a playbook reset all of those to false, and then using the list from the Linux team, another playbook would set the necessary ones to true. Then the actual patch/reboot playbook would do the work based on the true variables and set the variables back to false upon success. I’m having trouble determining if this is possible, and if so, what the correct way is of doing this in the YAML. If anyone has suggestions or perhaps a better way of achieving the same result, that would be greatly appreciated.
Thanks!
Chad
You can provide custom variables to the inventory file:
[server]
host1 needs_patch=yes needs_reboot=yes
host2 needs_patch=yes needs_reboot=no
…
and then use this variables in the task to do each task or skip it on every server.
https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html
Update - here’s what I’ve tried so far. It runs successfully, but the facts don’t persist after the playbook is done. I want them to persist so that we can re-run the patch job as needed until all of them are successful without manually going and selecting hosts.
- hosts: “{{ env|default(‘all’) }}”
gather_facts: no
become: no
tasks:
- set_fact:
needs_patch: False
needs_reboot: False
cacheable: yes
I think it has to do with variable precedence.
Use a diferent variable name. set value as default value.
Overwrite it with specific value for each host and use that one to decide if the task is going to be done or skipped.