Skip to content

voidquark/el_patching

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Ansible role - EL Patching

License

Apply OS patches on Enterprise Linux (RHEL) and other Red Hat derivatives (e.g. CentOS, Rocky, Alma, Fedora). You can decide which patching method you want to use. There are 3 methods:

  • all - Apply all patches on target a host
  • security - Apply only security patches on target a host
  • bugfix - Apply only bugfix patches on target a host

I recommend visiting the blog post for detailed information, usage example, and my recommendation.

Requirements

Only dnf must be available on the target machine.

Role Variables

  • Default Variables. Usually, there is no need to change this but rather overwrite the value in host_vars or group_vars if required.
Variable Name Default Value Description
el_patching_required_packages "yum-utils" It is required to install yum-utils as this role verifies reboot with needs-restarting.
el_patching_auto_reboot false By default do not reboot the target host. Only verify if a reboot is required.
el_patching_reboot_timeout 600 By default auto reboot is disabled but the default timeout value is set to 5 minutes. Value is in seconds.
el_patching_method "security" By default apply only security patches on the target host. Possible values "security"/"bugfix"/"all"
  • group_vars or host_vars variables.
Variable Name Example Usage Required Description
el_patching_exclude_packages
el_patching_exclude_packages:
 - tar
 - zip
No Exclude packages during patching.
el_patching_update_cache true No Force dnf to check if cache is out of date and re-download if needed.

Dependencies

No Dependencies

Example Playbook

Create the following playbook.

- name: Apply OS Patches
  hosts: your_patching_inventory_group_or_host
  become: true
  roles:
    - voidquark.el_patching

Example execution

  • Normal Execution
ansible-playbook -i inventory/hosts playbook.yml
  • If you want to run playbook in check mode
ansible-playbook -i inventory/hosts playbook.yml --check

License

MIT

Author Information

Created by VoidQuark