Created
October 12, 2021 06:54
-
-
Save alias454/a7af29bd7fd89e7ec6b6ef29194b89de to your computer and use it in GitHub Desktop.
Orchestrate OS patching and reboots using saltstack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Orchestrate OS patching and reboots using saltstack | |
| Once the files are created you can run it from the salt-master using | |
| `salt-run state.orch orch.orch-patch-and-reboot` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| # vim: ft=sls | |
| # Patch and reboot macro | |
| {% macro patch_and_reboot(node, service='salt-minion.service') %} | |
| # Update minion seperately and restart the service | |
| orch-function-update-minion-{{ node }}: | |
| salt.function: | |
| - name: cmd.run | |
| - tgt: {{ node }} | |
| - arg: | |
| - salt-call --local pkg.upgrade name=salt-minion && systemctl restart salt-minion | |
| - timeout: 30 | |
| - kwarg: | |
| bg: True | |
| # Wait for up to 5 minutes before timing out | |
| orch-wait-for-minion-restart-{{ node }}: | |
| salt.wait_for_event: | |
| - name: salt/minion/{{ node }}/start | |
| - id_list: | |
| - {{ node }} | |
| - timeout: 300 | |
| - onchanges: | |
| - salt: orch-function-update-minion-{{ node }} | |
| # Update os using uptodate state from update.sls | |
| orch-state-update-os-{{ node }}: | |
| salt.state: | |
| - tgt: {{ node }} | |
| - sls: | |
| - {{ sls_path |replace('_', '.') }}.update | |
| - timeout: 600 | |
| - require: | |
| - salt: orch-wait-for-minion-restart-{{ node }} | |
| # Reboot the host if os update was succesful | |
| orch-function-reboot-after-update-{{ node }}: | |
| salt.function: | |
| - name: system.reboot | |
| - arg: [1] # waits 1 minute | |
| - tgt: {{ node }} | |
| - onchanges: | |
| - salt: orch-state-update-os-{{ node }} | |
| # Wait for up to 10 minutes before timing out | |
| orch-wait-for-reboot-{{ node }}: | |
| salt.wait_for_event: | |
| - name: salt/minion/{{ node }}/start | |
| - id_list: | |
| - {{ node }} | |
| - timeout: 600 | |
| - onchanges: | |
| - salt: orch-function-reboot-after-update-{{ node }} | |
| # Check if a service is up | |
| orch-function-check-service-started-{{ node }}: | |
| salt.function: | |
| - name: service.start | |
| - tgt: {{ node }} | |
| - arg: | |
| - {{ service }} | |
| - require: | |
| - salt: orch-wait-for-reboot-{{ node }} | |
| {% endmacro %} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| # vim: ft=sls | |
| # Include patch and reboot macro | |
| {% from sls_path + "/macro-patch-and-reboot.sls" import patch_and_reboot with context %} | |
| # Set search target value | |
| {% set target = 'pattern-to-search*' %} | |
| {% set hosts = salt.saltutil.runner('cache.grains', tgt=target, tgt_type='compound') %} | |
| {% for host in hosts.keys() %} | |
| {{ patch_and_reboot(host, 'salt-minion.service') }} | |
| {% endfor %} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| # vim: ft=sls | |
| # Update all packages | |
| update-os: | |
| pkg.uptodate: | |
| - refresh: True |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment