Update All Your Computers With Ansible - It's Easy!

Подписаться 33 тыс.

Просмотров 8 тыс.

50% 1

In this video, the third of the Ansible mini-series, I show how to update remote machines, with privilege escalation, using a playbook.
GitHub Commands:
github.com/JamesTurland/JimsG...
Ansible Documentation:
docs.ansible.com/ansible/late...
Recommended Hardware: github.com/JamesTurland/JimsG...
Support this channel to get access to perks:
/ @jims-garage
Discord: / discord
Twitter: / jimsgarage_
Reddit: / jims-garage
GitHub: github.com/JamesTurland/JimsG...
00:00 - Introduction to Playbooks
00:40 - Playbook Walkthrough
05:35 - Modifying Hosts File
07:34 - Ansible Command
08:20 - Ansible Execution
12:08 - Outro

Наука

Опубликовано:

30 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 35

@MarcMcMillin 3 месяца назад

Hi Jim! Thanks for keeping your series' going. I know that algo isn't always friendly, but I appreciate the deeper dives into scripts and best practices! 🙂

@Jims-Garage 3 месяца назад

You're welcome, thanks for the continued support!

@camilla7118 3 месяца назад

Never used ansible before but i understood everything you explained. You're amazing at teaching 👍

@Jims-Garage 3 месяца назад

Hey, thanks. Appreciate your feedback

@RobFisherUK 2 месяца назад

I want to do this on one machine, check if it comes back after the reboot, then do the others. But this is a useful starting point!

@MarcMcMillin 3 месяца назад

FYI - For newer versions of ansible the get_md5 is deprecated and it's substitute is get_checksum=false. I just tested it with the playbook and it works great!

@Jims-Garage 3 месяца назад

Thanks, I'll have to update

@BenThatOneGuy 3 месяца назад

Of all the other ansible series out there, this one feels like its making things make sense. For the first time im actually getting productive with Ansible. Through some inspiration here, some reading the docs, and tooling around, i was able to make an ansible playbook that deploys new VM's in Hetzner Cloud. Next step is variables, and references for secrets (Like API tokens), and some user-definable options in a separate file so that less experienced users have a "one file to change behavior" experience. Plan to share it soon, and hope those that want to use it can use it in conjunction with projects like this one :) Having a good time learning with Jim and the audience :)

@Jims-Garage 3 месяца назад

Thanks for the awesome feedback and great work with your own playbooks for VM deployment! That's a big milestone.

@ff34jmr 3 месяца назад

I have been using a similar playbook for years. I just added a line to remove unneeded packages and dependencies. Specially handy to remove old kernel versions for exemple.

@Jims-Garage 3 месяца назад

Thanks, I've added that to the GitHub.

@davidgulbransen6801 3 месяца назад

Agreed - our company patching automation always has an autoremove step, plus purging all but the new and previous kernels (leaving you one to fall back to in case the update goes badly)

@cyberjohn44 3 месяца назад

Great Video. Need to do a video on Ansible-Semaphore.

@Jims-Garage 3 месяца назад

Yes, it's on the list. I prefer to peel back the covers and understand what's going on under the hood before simplifying with a gui

@BenThatOneGuy 3 месяца назад

@@Jims-Garage For Semaphore, its best to think of it as a CI plugin for Ansible, or "Cron" for ansible in a GUI. Semaphore didnt help me as much as i had hoped. the project has some rough edges, no in-browser editing, and no filesystem browser for the playbooks directory. It assumes a lot of previous experience and ansible knowledge. Its useful if you know your playbooks, and how they are layed out, but semaphore is definitely not a tool that will help in learning Ansible, its (from my experience) only a way to automate running books as "jobs" after you have your base playbook infrastructure set up. And also a nice GUI to read the logs of what happened when they ran.

@shootinputin6332 19 дней назад

Hi Jim, this worked great. I'll look into it, but it would be cool if you could specify a task to stop all docker containers before reboot and only commence reboot once all are stopped

@Jims-Garage 19 дней назад

I believe the containers are stopped gracefully when you reboot as standard.

@OutOfMySystem 3 месяца назад

Locked in for this series.

@Jims-Garage 3 месяца назад

Thanks, lots more to come!

@chillgates_ 3 месяца назад

Jim I bought 4x 3090s with the confidence of watching your videos, appreciate it greatly! keep up the great work :D

@Jims-Garage 3 месяца назад

Wow, that's awesome! What are you using them for?

@bluesquadron593 3 месяца назад

@@Jims-Garageuncensored rendering of ai manga, thanks Jim indeed

@jdratlif 2 месяца назад

I'm curious how you record the VS code window. Are you using some kind of zoom during capture, or is it something you do during editing? It's very readable. I'm a fan.

@Jims-Garage 2 месяца назад

I use OBS to record, and simply press ctrl and + in vscode to zoom in.

@jdratlif 2 месяца назад

Pretty sure the force_apt_get=yes isn't needed anymore as it's the default now. I think that option is largely legacy, but feel free to correct if I'm wrong.

@Jims-Garage 2 месяца назад

Yes, I believe it is legacy but just in case there's an edge case. I often find Ansible documentation could use some updates.

@Jimmy_Jones 3 месяца назад

It will be interesting to see where your network bottleneck will be. LTT just did a video on Internet speed bottlenecks.

@Jims-Garage 3 месяца назад

Great, I'll check that out. With 2.5Gb NICs and switch I should be fine. My firewall can handle 10Gb so I don't foresee any issues. I think LTT has 10Gb internet last time I checked which is a whole other level.

@rodrimora 3 месяца назад

Hi! one question. What if I have a mix of debian based systems like rasperry pi's and ubuntu servers and RedHat-based systems? Can a single playbook work for both? or do I need one for each set of boxes?

@Jims-Garage 3 месяца назад

You'll typically want a task to check the OS. Then depending on the response it will run a different playbook or task. It's all possible from running a single command though. I'll come on to more advanced features. Essentially, you could use a when clause, "when os=RPI do something"

@tokar86a 3 месяца назад

Nice and good video. Is it a way that Ansible can tell you what package get updated on the machine?

@oliverolsen620 3 месяца назад

This is what I use. The part you're asking for starts at "register" below. - hosts: all become: true become_user: root tasks: - name: Update apt repo and cache on all Debian/Ubuntu servers apt: update_cache=yes force_apt_get=yes cache_valid_time=3600 - name: Upgrade all packages on servers apt: upgrade=dist force_apt_get=yes autoclean=yes register: result - name: List installed and updated packages shell: grep -E "^$(date +%Y-%m-%d).+ (install|upgrade) " /var/log/dpkg.log |cut -d " " -f 3-5 register: result - name: Show Output debug: msg="{{ result.stdout_lines }}"

@helioradial 2 месяца назад

hi Jim, am trying to update some CentOS machines with no success. Any ideas?

@Jims-Garage 2 месяца назад

This won't work on cent os as it uses yum. You'll need to write a similar playbook using yum. It is supported by Ansible.

@helioradial 2 месяца назад

@@Jims-Garage i've just had a stupid error but have managed to find a solution. was not able to patch the system successfully. working perfectly now. thank you for the quick answer! :)