Apply OS patches on Enterprise Linux (RHEL) and other Red Hat derivatives (e.g. CentOS, Rocky, Alma, Fedora). You can decide which patching method you want to use. There are 3 methods:
all
- Apply all patches on target a hostsecurity
- Apply only security patches on target a hostbugfix
- Apply only bugfix patches on target a hostI recommend visiting the blog post for detailed information, usage example, and my recommendation.
Only dnf must be available on the target machine.
host_vars
or group_vars
if required.Variable Name | Default Value | Description |
---|---|---|
el_patching_required_packages |
"yum-utils" |
It is required to install yum-utils as this role verifies reboot with needs-restarting . |
el_patching_auto_reboot |
false |
By default do not reboot the target host. Only verify if a reboot is required. |
el_patching_reboot_timeout |
600 |
By default auto reboot is disabled but the default timeout value is set to 5 minutes. Value is in seconds . |
el_patching_method |
"security" |
By default apply only security patches on the target host. Possible values "security"/"bugfix"/"all"
|
Variable Name | Example Usage | Required | Description |
---|---|---|---|
el_patching_exclude_packages |
el_patching_exclude_packages: - tar - zip | No | Exclude packages during patching. |
el_patching_update_cache |
true |
No | Force dnf to check if cache is out of date and re-download if needed. |
No Dependencies
Create the following playbook.
- name: Apply OS Patches
hosts: your_patching_inventory_group_or_host
become: true
roles:
- voidquark.el_patching
ansible-playbook -i inventory/hosts playbook.yml
ansible-playbook -i inventory/hosts playbook.yml --check
MIT
Created by VoidQuark