Automate Linux Patching using Ansible

Ansible comes with a module named YUM with the help of which the activities of package installation, upgrade, and removal can be automated.

Below are few practical examples of YUM module:

  1. Install latest version of particular package e.g httpd:
– name: install the latest version of Apache
   yum:
      name: httpd
      state: latest
  1. Remove a package with all its dependencies:
– name: remove the Apache package
   yum:
     name: httpd
     state: absent
  1. Install package using .rpm file present locally:
– name: install nginx rpm from a local file
   yum:
     name: /usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm
     state: present
  1. Update all installed packages
– name: upgrade all packages:
   yum:
        name: ‘*’
        state: latest
  1. Update all packages excluding java and httpd related packages:
– name: upgrade all packages
  yum:
       name: ‘*’
       exclude: java*,httpd*
       state: latest

Below is complete playbook which can be used to apply patches on all your servers. We assume that you can put all your server IPs/hostnames in inventory file.

---
 - name:Playbook to Patch Linux Server
   hosts: all
   gather_facts: no
   tasks:
     - name: Upgrade all packages exluding JAVA & HTTPD
       yum:
         name: '*'
         exclude: java*,httpd*
         state: latest

Related Posts

Latest Posts

  • How to Create Index Partitions To Ranged Partitioned Table
  • How to Move Partition Online in Oracle 12c
  • How to add or modify Printer settings in CentOS/RHEL using GUI
  • What is machine-id in Linux