Apply package updates before we reboot in launch-node

When launching a new server we should make sure that all available
package updates are installed before we reboot the server. This way we
get available security updates applied to things like our kernel.

This change adds a new playbook that runs the unattended-upgrade command
on debuntu servers. Will need to add support for other platforms in a
followup change.

Change-Id: Idc88dc33afdd209c388452493e6a7f5731fa0974
changes/54/639454/1
Clark Boylan 4 years ago
parent fb34c32c1f
commit 52a4bae170
  1. 1
      launch/launch-node.py
  2. 8
      playbooks/apply-package-updates.yaml

@ -182,6 +182,7 @@ def bootstrap_server(server, key, name, volume_device, keep,
for playbook in [
'set-hostnames.yaml',
'base.yaml',
'apply-package-updates.yaml',
]:
run(ansible_cmd + [
os.path.join(SCRIPT_DIR, '..', 'playbooks', playbook)],

@ -0,0 +1,8 @@
- hosts: "{{ target }}"
user: root
tasks:
- name: Run unattended-upgrade on debuntu
shell: |
unattended-upgrade -d
when: ansible_facts['os_family'] == "Debian"
# TODO add equivalent for other platforms
Loading…
Cancel
Save