For this tutorial, I will show you how to utilize a powerful automation tool to update all your remote systems using apt. Staying up to date and applying all the patches to your system will help keep your system secure.
What is Ansible?
Ansible is a powerful automation tool that allows you to remotely and automatically configure and manage systems. It provides incredibly powerful features such as installing software remotely, rollbacks in case of errors, backups, remote downloads, and many more.
Ansible is also very easy to use. It utilizes YAML files which are easy to write, highly readable and has a high level of security as it uses SSH to login and manage systems.
The ability to manage more than one system from a single tool is more than triumphant and any system administrator should be familiar if not already using Ansible.
Installing Ansible
With Ansible praises out of the way, let us look at how to install Ansible on our local machine so as to manage the remote servers.
For this tutorial, I will be using Ubuntu 20.10 as my local machine. To learn how to install Ansible on other systems, check out the documentation.
On Ubuntu, use the commands:
sudo apt install software-properties-common
sudo add-apt-repository --yes --update ppa:ansible/ansible
sudo apt install ansible
Ansible Add Hosts
If you are not familiar with Ansible, the first step is to build an inventory of the remote machines you want to automate. This is done by editing the /etc/ansible/hosts.
To add the Debian servers, enter the entries as:
192.168.0.13
You can pass the IP address of the remote host or use the hostname of the machine.
Once we have the list of hosts to manage in the config file, we can proceed to automate the updates.
Update Using apt Module
To update and manage packages remotely on Debian-based machines, we make use of the apt module provided by ansible. The apt module allows us to manage apt packages with other configurations.
Update Repository Cache
To update the repository cache using Ansible, we can use a playbook as provided below:
- hosts: debian
become: yes
become_method: sudo
tasks:
- name: "Update Repository cache"
apt:
update_cache: true
cache_valid_time: 3600
force_apt_get: true
Save the file and run using the command as:
This will run the playbook and execute the tasks specified. The output is as shown below:
In the Ansible playbook, we start by specifying the hosts. In this case, we only want the debain hosts.
Next, we set become, to true allowing the us to elevate privileges using sudo as specified in the becom_method.
Finally, we set the tasks to update repository cache. We also set a cache_valid_time as 3600 which refreshes the cache if it is older than said time.
NOTE: Use force_apt-get instead of aptitude.
Upgrade All Packages
We also can update all the packages in the system which corresponds to the command:
To do this using Ansible playbook, we add the yaml file as:
- hosts: all
become: yes
become_method: sudo
tasks:
- name: "Update cache & Full system update"
apt:
update_cache: true
upgrade: dist
cache_valid_time: 3600
force_apt_get: true
Similarly, run the ansible playbook above as the shown in the first command.
Conclusion
In this tutorial, we quickly went over what Ansible is, what it offers and how we can use its modules to perform system update on Debian-based system.
Thank you & Happy Automation
from Linux Hint https://ift.tt/35Zs92J
0 Comments