pp1l
/
os-upgrade-automation
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
os-upgrade-automation/playbook/roles/rhel_upgrade/tasks/main.yml

82 lines
2.5 KiB
YAML
Raw Permalink Blame History

---
- name: Prüfe, ob dnf verfügbar ist (RHEL 8+)
stat:
path: /usr/bin/dnf
register: dnf_exists
- name: Pre-Upgrade-Check (yum/dnf)
shell: |
if [ -x /usr/bin/dnf ]; then
dnf check-update || true
else
yum check-update || true
fi
register: rhel_check
changed_when: false
- name: Kernel-Version vor Upgrade sichern
shell: uname -r
register: kernel_before
changed_when: false
- name: Upgrade durchführen (dnf/yum, security-only optional)
package:
name: "*"
state: latest
register: upgrade_result
when: not upgrade_dry_run and not upgrade_security_only
ignore_errors: true
- name: Upgrade durchführen (dnf/yum, nur Security-Updates)
dnf:
name: "*"
state: latest
security: yes
register: upgrade_result
when: not upgrade_dry_run and upgrade_security_only and dnf_exists.stat.exists
ignore_errors: true
- name: Upgrade durchführen (yum-plugin-security Fallback)
command: yum -y --security update
register: upgrade_result
when: not upgrade_dry_run and upgrade_security_only and not dnf_exists.stat.exists
ignore_errors: true
- name: Logge Fehler beim Upgrade (RHEL)
copy:
content: "Upgrade-Fehler: {{ upgrade_result.stderr | default(upgrade_result.msg | default('Unbekannter Fehler')) }}"
dest: "{{ log_dir }}/rhel_upgrade_error_{{ inventory_hostname }}.log"
when: upgrade_result is failed
- name: Setze Rollback-Flag, falls Upgrade fehlschlägt
set_fact:
rollback: true
when: upgrade_result is failed
- name: Breche Playbook ab, wenn Upgrade fehlschlägt
fail:
msg: "Upgrade fehlgeschlagen, Rollback wird empfohlen! Siehe Log: {{ log_dir }}/rhel_upgrade_error_{{ inventory_hostname }}.log"
when: upgrade_result is failed
- name: Logge Upgrade-Output (RHEL)
copy:
content: "{{ rhel_check.stdout }}"
dest: "{{ log_dir }}/rhel_upgrade_check.log"
when: upgrade_result is not failed
- name: Kernel-Version nach Upgrade sichern
shell: uname -r
register: kernel_after
changed_when: false
when: upgrade_result is not failed
- name: Prüfe, ob Kernel-Upgrade erfolgt ist und setze Reboot nötig
set_fact:
reboot_after_upgrade: true
when: upgrade_result is not failed and (kernel_before.stdout != kernel_after.stdout)
- name: Hinweis auf EUS/Leapp (nur RHEL 7/8)
debug:
msg: "Für Major Upgrades (z.B. 7->8) empfiehlt Red Hat das Tool 'leapp' oder EUS-Strategien. Siehe https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/upgrading_from_rhel_7_to_rhel_8/index.html"
when: ansible_facts['distribution_major_version']|int >= 7
Reference in New Issue View Git Blame Copy Permalink