Ansible - Update Debian Based Systems
One of the main reasons to deploy an Ansible server is to update all of your servers whenever there is a critical security update such as the heartbleed bug. Today we will show you how to do precisely that for servers that use apt, such as debian and ubuntu.
Hosts File
The first thing we need to do is define a grouping of all the servers we wish to update through ansible, by updating our ansible hosts file. For this tutorial, I am going to refer to them simply as apt_servers
because all these servers use the apt system to perform updates.
-
instead of _
but ansible complained about invalid characters, so be sure to use camelCase
or snake_case
when setting the group names.
Create the Playbook
Next we need to create a playbook to tell Ansible what we want to do. Playbooks are in the YAML format so we suffix them with .yml but you dont have to. For this tutorial, I am going to call it update-apt-servers.yml
. Fill it with the following contents if you just want to perform updates.
upgrade=dist
with upgrade=full
, please refer here if you want to know the difference.sudo: true
instead of become: true
.
If you wish to take this a step further and perform a reboot if required for the updates to be applied, then you can use this script:
Execute!
Now we have the hosts and playbook defined, we can execute the update.
- This will try to log in as the same user you are currently logged in as on the ansible host. If you want to log in as a different user, append:
--user=[username]
- Executing playbooks requires the Ansible server to have SSH key access to the other hosts.
- Remove
--ask-sudo-pass
if you have configured your slaves to not require sudo password.
References
First published: 16th August 2018