In my daily workflow, I work with a lot of remote Linux systems most of which are Debian based. Sometimes it gets very tiresome to SSH into all the machines, do an apt-get update and then check if there are any updates and install them. Even with Password-Less SSH logins, it still takes an immense amount of time. The question arises on how a user can automate this process. The answer is Ansible.
For this tutorial, I will show you how to utilize a powerful automation tool to update all your remote systems using apt. Staying up to date and applying all the patches to your system will help keep your system secure.
What is Ansible?
Ansible is a powerful automation tool that allows you to remotely and automatically configure and manage systems. It provides incredibly powerful features such as installing software remotely, rollbacks in case of errors, backups, remote downloads, and many more.
Ansible is also very easy to use. It utilizes YAML files which are easy to write, highly readable and has a high level of security as it uses SSH to login and manage systems.
The ability to manage more than one system from a single tool is more than triumphant and any system administrator should be familiar if not already using Ansible.
Installing Ansible
With Ansible praises out of the way, let us look at how to install Ansible on our local machine so as to manage the remote servers.
For this tutorial, I will be using Ubuntu 20.10 as my local machine. To learn how to install Ansible on other systems, check out the documentation.
On Ubuntu, use the commands:
sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository –yes –update ppa:ansible/ansible
sudo apt install ansible
Ansible Add Hosts
If you are not familiar with Ansible, the first step is to build an inventory of the remote machines you want to automate. This is done by editing the /etc/ansible/hosts.
To add the Debian servers, enter the entries as:
You can pass the IP address of the remote host or use the hostname of the machine.
Once we have the list of hosts to manage in the config file, we can proceed to automate the updates.
Update Using apt Module
To update and manage packages remotely on Debian-based machines, we make use of the apt module provided by ansible. The apt module allows us to manage apt packages with other configurations.
Update Repository Cache
To update the repository cache using Ansible, we can use a playbook as provided below:
—
– hosts: debian
become: yes
become_method: sudo
tasks:
– name: “Update Repository cache”
apt:
update_cache: true
cache_valid_time: 3600
force_apt_get: true
Save the file and run using the command as:
ansible-playbook –user=debian apt.yaml
This will run the playbook and execute the tasks specified. The output is as shown below:
<img alt="" data-lazy- data-lazy-src="https://kirelos.com/wp-content/uploads/2021/06/echo/1-15.png" data-lazy- height="314" src="data:image/svg xml,” width=”1273″>
In the Ansible playbook, we start by specifying the hosts. In this case, we only want the debain hosts.
Next, we set become, to true allowing the us to elevate privileges using sudo as specified in the becom_method.
Finally, we set the tasks to update repository cache. We also set a cache_valid_time as 3600 which refreshes the cache if it is older than said time.
NOTE: Use force_apt-get instead of aptitude.
Upgrade All Packages
We also can update all the packages in the system which corresponds to the command:
sudo apt-get dist-upgrade
To do this using Ansible playbook, we add the yaml file as:
—
– hosts: all
become: yes
become_method: sudo
tasks:
– name: “Update cache & Full system update”
apt:
update_cache: true
upgrade: dist
cache_valid_time: 3600
force_apt_get: true
Similarly, run the ansible playbook above as the shown in the first command.
Conclusion
In this tutorial, we quickly went over what Ansible is, what it offers and how we can use its modules to perform system update on Debian-based system.
Thank you & Happy Automation
About the author
<img alt="" data-del="avatar" data-lazy-src="https://kirelos.com/wp-content/uploads/2021/06/echo/john-150×150.png60d8c8cbac231.jpg" height="112" src="data:image/svg xml,” width=”112″>
John Otieno
My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list