VOICE1/ansible-msp-automations
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update linux_reboot: use kernel version comparison instead of reboot-required flag

Browse Source
This commit is contained in:
Semaphore
2026-03-12 22:21:54 -07:00
parent 5b42dbd51e
commit 3f915a99a5
1 changed files with 61 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
playbooks/linux_reboot.yml
View File

@@ -10,43 +10,76 @@
hosts: linux_hosts hosts: linux_hosts
gather_facts: true gather_facts: true
vars: vars:
force_reboot: false # set to true in Semaphore extra vars to reboot regardless force_reboot: false # override with -e force_reboot=true to reboot all hosts
tasks: tasks:
- name: Check if reboot is required (Debian/Ubuntu)
ansible.builtin.stat:
path: /var/run/reboot-required
register: reboot_required_file
when: ansible_os_family == "Debian"
- name: Set reboot_needed fact (Debian/Ubuntu) - name: Get running kernel version
ansible.builtin.set_fact: ansible.builtin.command: uname -r
reboot_needed: "{{ reboot_required_file.stat.exists | default(false) }}" register: running_kernel
when: ansible_os_family == "Debian" changed_when: false
- name: Check if reboot is required (Alpine) - name: Get installed kernel version (Debian/Ubuntu)
ansible.builtin.shell: | ansible.builtin.shell: |
apk version -l = 2>/dev/null | grep -q kernel && echo "yes" || echo "no" dpkg -l 'linux-image-*' 2>/dev/null \
register: alpine_reboot_check | awk '/^ii/ {print $3}' \
| sort -V | tail -1
register: installed_kernel_deb
changed_when: false
when: ansible_os_family == "Debian"
- name: Normalize installed kernel version (Debian/Ubuntu)
ansible.builtin.set_fact:
installed_kernel_version: "{{ installed_kernel_deb.stdout | trim }}"
when: ansible_os_family == "Debian"
- name: Get installed kernel version (Alpine)
ansible.builtin.shell: |
apk info --installed 2>/dev/null \
| grep '^linux-' | sort -V | tail -1 | awk '{print $1}'
register: installed_kernel_alpine
changed_when: false changed_when: false
when: ansible_os_family == "Alpine" when: ansible_os_family == "Alpine"
- name: Set reboot_needed fact (Alpine) - name: Normalize installed kernel version (Alpine)
ansible.builtin.set_fact: ansible.builtin.set_fact:
reboot_needed: "{{ alpine_reboot_check.stdout | trim == 'yes' }}" installed_kernel_version: "{{ installed_kernel_alpine.stdout | trim }}"
when: ansible_os_family == "Alpine" when: ansible_os_family == "Alpine"
- name: Set reboot_needed fallback (RHEL or unknown) - name: Get installed kernel version (RHEL/CentOS)
ansible.builtin.shell: |
rpm -q --last kernel 2>/dev/null \
| head -1 | awk '{print $1}' | sed 's/kernel-//'
register: installed_kernel_rhel
changed_when: false
when: ansible_os_family == "RedHat"
- name: Normalize installed kernel version (RHEL/CentOS)
ansible.builtin.set_fact: ansible.builtin.set_fact:
reboot_needed: false installed_kernel_version: "{{ installed_kernel_rhel.stdout | trim }}"
when: reboot_needed is not defined when: ansible_os_family == "RedHat"
- name: Set installed_kernel_version fallback
ansible.builtin.set_fact:
installed_kernel_version: "unknown"
when: installed_kernel_version is not defined
- name: Determine if reboot is needed (kernel mismatch)
ansible.builtin.set_fact:
reboot_needed: >-
{{
installed_kernel_version != 'unknown' and
running_kernel.stdout | trim not in installed_kernel_version
}}
- name: Report reboot status - name: Report reboot status
ansible.builtin.debug: ansible.builtin.debug:
msg: >- msg: >-
{{ inventory_hostname }}: {{ inventory_hostname }}:
running={{ running_kernel.stdout | trim }},
installed={{ installed_kernel_version }},
reboot_needed={{ reboot_needed }}, reboot_needed={{ reboot_needed }},
force_reboot={{ force_reboot }} force_reboot={{ force_reboot }}
— {{ 'WILL reboot' if (reboot_needed or force_reboot) else 'Skipping reboot' }} — {{ 'WILL reboot' if (reboot_needed | bool or force_reboot | bool) else 'Skipping reboot' }}
- name: Reboot host - name: Reboot host
ansible.builtin.reboot: ansible.builtin.reboot:
@@ -56,8 +89,14 @@
msg: "Scheduled reboot — initiated by Ansible" msg: "Scheduled reboot — initiated by Ansible"
when: reboot_needed | bool or force_reboot | bool when: reboot_needed | bool or force_reboot | bool
- name: Reboot complete - name: Verify kernel version after reboot
ansible.builtin.debug: ansible.builtin.command: uname -r
msg: "{{ inventory_hostname }} is back online and responding" register: post_reboot_kernel
changed_when: false
when: reboot_needed | bool or force_reboot | bool
- name: Report post-reboot kernel
ansible.builtin.debug:
msg: "{{ inventory_hostname }} rebooted — now running kernel {{ post_reboot_kernel.stdout | trim }}"
when: reboot_needed | bool or force_reboot | bool when: reboot_needed | bool or force_reboot | bool