Update linux_reboot: use kernel version comparison instead of reboot-required flag
This commit is contained in:
Semaphore
@@ -10,43 +10,76 @@
|
||||
hosts: linux_hosts
|
||||
gather_facts: true
|
||||
vars:
|
||||
force_reboot: false # set to true in Semaphore extra vars to reboot regardless
|
||||
force_reboot: false # override with -e force_reboot=true to reboot all hosts
|
||||
tasks:
|
||||
- name: Check if reboot is required (Debian/Ubuntu)
|
||||
ansible.builtin.stat:
|
||||
path: /var/run/reboot-required
|
||||
register: reboot_required_file
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Set reboot_needed fact (Debian/Ubuntu)
|
||||
ansible.builtin.set_fact:
|
||||
reboot_needed: "{{ reboot_required_file.stat.exists | default(false) }}"
|
||||
when: ansible_os_family == "Debian"
|
||||
- name: Get running kernel version
|
||||
ansible.builtin.command: uname -r
|
||||
register: running_kernel
|
||||
changed_when: false
|
||||
|
||||
- name: Check if reboot is required (Alpine)
|
||||
- name: Get installed kernel version (Debian/Ubuntu)
|
||||
ansible.builtin.shell: |
|
||||
apk version -l = 2>/dev/null | grep -q kernel && echo "yes" || echo "no"
|
||||
register: alpine_reboot_check
|
||||
dpkg -l 'linux-image-*' 2>/dev/null \
|
||||
| awk '/^ii/ {print $3}' \
|
||||
| sort -V | tail -1
|
||||
register: installed_kernel_deb
|
||||
changed_when: false
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Normalize installed kernel version (Debian/Ubuntu)
|
||||
ansible.builtin.set_fact:
|
||||
installed_kernel_version: "{{ installed_kernel_deb.stdout | trim }}"
|
||||
when: ansible_os_family == "Debian"
|
||||
|
||||
- name: Get installed kernel version (Alpine)
|
||||
ansible.builtin.shell: |
|
||||
apk info --installed 2>/dev/null \
|
||||
| grep '^linux-' | sort -V | tail -1 | awk '{print $1}'
|
||||
register: installed_kernel_alpine
|
||||
changed_when: false
|
||||
when: ansible_os_family == "Alpine"
|
||||
|
||||
- name: Set reboot_needed fact (Alpine)
|
||||
- name: Normalize installed kernel version (Alpine)
|
||||
ansible.builtin.set_fact:
|
||||
reboot_needed: "{{ alpine_reboot_check.stdout | trim == 'yes' }}"
|
||||
installed_kernel_version: "{{ installed_kernel_alpine.stdout | trim }}"
|
||||
when: ansible_os_family == "Alpine"
|
||||
|
||||
- name: Set reboot_needed fallback (RHEL or unknown)
|
||||
- name: Get installed kernel version (RHEL/CentOS)
|
||||
ansible.builtin.shell: |
|
||||
rpm -q --last kernel 2>/dev/null \
|
||||
| head -1 | awk '{print $1}' | sed 's/kernel-//'
|
||||
register: installed_kernel_rhel
|
||||
changed_when: false
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Normalize installed kernel version (RHEL/CentOS)
|
||||
ansible.builtin.set_fact:
|
||||
reboot_needed: false
|
||||
when: reboot_needed is not defined
|
||||
installed_kernel_version: "{{ installed_kernel_rhel.stdout | trim }}"
|
||||
when: ansible_os_family == "RedHat"
|
||||
|
||||
- name: Set installed_kernel_version fallback
|
||||
ansible.builtin.set_fact:
|
||||
installed_kernel_version: "unknown"
|
||||
when: installed_kernel_version is not defined
|
||||
|
||||
- name: Determine if reboot is needed (kernel mismatch)
|
||||
ansible.builtin.set_fact:
|
||||
reboot_needed: >-
|
||||
{{
|
||||
installed_kernel_version != 'unknown' and
|
||||
running_kernel.stdout | trim not in installed_kernel_version
|
||||
}}
|
||||
|
||||
- name: Report reboot status
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
{{ inventory_hostname }}:
|
||||
running={{ running_kernel.stdout | trim }},
|
||||
installed={{ installed_kernel_version }},
|
||||
reboot_needed={{ reboot_needed }},
|
||||
force_reboot={{ force_reboot }}
|
||||
— {{ 'WILL reboot' if (reboot_needed or force_reboot) else 'Skipping reboot' }}
|
||||
— {{ 'WILL reboot' if (reboot_needed | bool or force_reboot | bool) else 'Skipping reboot' }}
|
||||
|
||||
- name: Reboot host
|
||||
ansible.builtin.reboot:
|
||||
@@ -56,8 +89,14 @@
|
||||
msg: "Scheduled reboot — initiated by Ansible"
|
||||
when: reboot_needed | bool or force_reboot | bool
|
||||
|
||||
- name: Reboot complete
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ inventory_hostname }} is back online and responding"
|
||||
- name: Verify kernel version after reboot
|
||||
ansible.builtin.command: uname -r
|
||||
register: post_reboot_kernel
|
||||
changed_when: false
|
||||
when: reboot_needed | bool or force_reboot | bool
|
||||
|
||||
- name: Report post-reboot kernel
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ inventory_hostname }} rebooted — now running kernel {{ post_reboot_kernel.stdout | trim }}"
|
||||
when: reboot_needed | bool or force_reboot | bool
|
||||
|
||||
|
||||
Reference in New Issue
Block a user