KASM-1922 Create playbook for patching the OS on kasm systems.

2024-11-12 23:07:16 +00:00 · 2021-09-21 18:19:15 +00:00 · 2021-09-21 18:19:15 +00:00 · 12f8e86c8e
commit 12f8e86c8e
parent ec547f830e
8 changed files with 66 additions and 18 deletions
--- a/README.md
+++ b/README.md
@ -126,3 +126,23 @@ This playbook can be used to backup the Kasm Workspaces database to a location o
    Or, if you have ssh keys copied over to your servers and have NOPASSWD in sudoers you can just run.

    `ansible-playbook -u [username] -i inventory backup_db.yml`
+
+## OS Patching Playbook
+
+This playbook is used for patching the underlying OSes on the Kasm Workspace servers. It will patch and reboot the servers if needed.
+
+### Ansible Configuration
+
+1. Open `roles/patch_os/vars/main.yml` and update variables if desired.
+
+2. Open `inventory` file and fill in the hostnames / ips for the servers that will be fulfilling the agent, webapp and db roles. 
+
+3. Run the playbook.
+
+    `ansible-playbook -Kk -u [username] -i inventory patch_os.yml`
+
+    Ansible will prompt you for the ssh password and sudo password (will almost always be the same password).
+
+    Or, if you have ssh keys copied over to your servers and have NOPASSWD in sudoers you can just run.
+
+    `ansible-playbook -u [username] -i inventory patch_os.yml`
--- a/patch_os.yml
+++ b/patch_os.yml
@ -0,0 +1,12 @@
+- import_playbook: stop_kasm.yml
+
+- hosts:
+    - db
+    - web
+    - agent
+  roles:
+    - patch_os
+
+- import_playbook: stop_kasm.yml
+
+- import_playbook: start_kasm.yml
--- a/restart_kasm.yml
+++ b/restart_kasm.yml
@ -1,16 +1,3 @@
- hosts:
-    - db
-    - web
-    - agent
-  tasks:
-    - name: Stop Kasm Services
-      shell: /opt/kasm/bin/stop
-      register: stop_output
-      changed_when: '"done" in stop_output.stderr'
-      become: true
-    
-    - name: Start Kasm Services 
-      shell: /opt/kasm/bin/start
-      register: start_output
-      changed_when: '"done" in start_output.stderr'
-      become: true
+- import_playbook: stop_kasm.yml
+
+- import_playbook: start_kasm.yml
--- a/roles/patch_os/handlers/main.yml
+++ b/roles/patch_os/handlers/main.yml
@ -0,0 +1,5 @@
+
+- name: Reboot server
+  reboot:
+    reboot_timeout: "{{ reboot_timeout_seconds }}"
+  become: true
--- a/roles/patch_os/tasks/main.yml
+++ b/roles/patch_os/tasks/main.yml
@ -0,0 +1,17 @@
+
+- name: Update systems with yum package manager
+  yum:
+    name: "*"
+    state: latest
+  notify: Reboot server
+  when:  ansible_pkg_mgr in ("yum", "dnf")
+  become: true
+
+- name: Update system with apt package manager
+  apt:
+    update_cache: yes
+    upgrade: dist
+    autoremove: yes
+  notify: Reboot server
+  when: ansible_pkg_mgr == "apt"
+  become: true
--- a/roles/patch_os/vars/main.yml
+++ b/roles/patch_os/vars/main.yml
@ -0,0 +1,3 @@
+# Number of seconds to wait for system to come up after reboot
+# Change this if you have a system that normally takes a long time to boot
+reboot_timeout_seconds: 600
--- a/start_kasm.yml
+++ b/start_kasm.yml
@ -2,6 +2,8 @@
    - db
    - web
    - agent
+  serial: 1
+  gather_facts: no
  tasks:
    - name: Start Kasm Services
      shell: /opt/kasm/bin/start
--- a/stop_kasm.yml
+++ b/stop_kasm.yml
@ -1,7 +1,9 @@
 - hosts:
-    - db
-    - web
    - agent
+    - web
+    - db
+  serial: 1
+  gather_facts: no
  tasks:
    - name: Stop Kasm Services
      shell: /opt/kasm/bin/stop