3

I have an Ansible playbook that I use to configure new Linux VMs. I was recently building a new VM with Ubuntu 22.04. The playbook will write some configuration files related to networking and whatnot, and then the final step of the process is to use Ansibles ansible.builtin.package to install all package updates.

- name: "Install updates"
  become: true
  ansible.builtin.package:
    upgrade: "dist"
  register: res_pkg_updates
  notify: "reboot system"
  tags: [ never, updates ]

My VM was created from a template I made a few months ago, so the Ubuntu OS had a few packages out of date, which isn't unexpected. The problem is that one of the packages must support or provide the networking functionality. So when the package modules starts the VM on the path of installing updates, the networking daemon is restarted, and the VM gets the new IP that was configured earlier in my playbook. This causes the Ansible task to hang, waiting for a reconnection to a machine that is now at a different IP.

I want to know how to configure my ansible.builtin.package task to install package updates but not restart any services, especially networking.

Peter Walker
  • 33

2 Answers2

3

A maybe different approach I would use a static ip for the VM, instead of dynamically let it get assigned. Not restarting the network daemon might cause other problems when running the playbook

Or you can do this

- name: Update package cache and install updates
  ansible.builtin.package:
    name: "*"
    state: latest
    update_cache: yes
    force: no
  become: yes

force: no prevents the package manager from forcing updates or restarting services

Turdie
  • 2,945
3

Separate the IP address change from the package transaction and the rest of the play.

First update packages and do whatever other things.

As the last things in this play, update the IP address for this host, but do not bring the interface up on the new IP yet. Maybe by changing a config file. Schedule a reboot of this host a little in the future, such as with ansible.posix.at module. And finally, update DNS so Ansible inventory is aware of the IP change. End of play. Later the host reboots itself, completing the software update and IP change.

A future play can start with a ansible.builtin.wait_for_connection as a convenient way to retry if not up and reachable yet.

ansible.builtin.reboot module in theory can do the reboot, wait for the host to come back, and continue. But it has no good way of rebooting one IP address and come back as another.

John Mahowald
  • 36,071