Solaris Linux Hp-ux AIX: 2020

Tuesday, September 8, 2020

OS update ansible playbook

[cinil@patchmanager ansible_playbooks]$ cat osupdate-preparation.yml

---

- name: Osupdate

hosts: all

become: yes

become_user: root

tasks:

- name: taking backup of important files.

shell: mkdir /var/tmp/security_patching_bkp;cd /var/tmp/security_patching_bkp;df -h>df.txt;ifconfig -a>ifconfig.txt;uname -a>uname.txt;ps -eaf>ps.txt

- name: Clean yum

shell: yum clean all

- name: yum list security

shell: yum list-security > /var/tmp/security_patching_bkp/yum_list-security.txt

- name: Yum security update

shell: yum update --security -y

- name: Yum security update skip-broken

shell: yum update --security -y --skip-broken

- name: Count the boot files before reboot

shell: cd /boot/;ls |grep `rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,"");print $1}'`|wc -l

- fail:

msg: "Kernel update failed"

when: countbootfiles.stdout != "5"

[cinil@patchmanager ansible_playbooks]$

[cinil@patchmanager ansible_playbooks]$ cat Osupdate-Reboot.yml

---

- name: Os-Security update Server reboot

hosts: all

become: yes

become_user: root

tasks:

- name: Count the boot files before reboot

shell: cd /boot/;ls |grep `rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,"");print $1}'`|wc -l

- name: Checking reboot required or not

shell: LAST_KERNEL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,""); print $1}'); CURRENT_KERNEL=$(uname -r); if [ $LAST_KERNEL != $CURRENT_KERNEL ]; then echo 'reboot'; else echo 'no'; fi

ignore_errors: true

- name: Rebooting if required...

shell: ahutdown -r now "Reboot required for updated kernel"

async: 0

poll: 0

when: reboot_hint.stdout.find("reboot") != -1 and countbootfiles.stdout.find("5") != -1

- name: Waiting for thing to reboot

pause: seconds=180

when: rebooting|changed

- fail:

msg: "Server not rebooted due to Kernel update fail or wrong reboot"

when: reboot_hint.stdout.find("reboot") == -1 or countbootfiles.stdout.find("5") == -1

[cinil@patchmanager ansible_playbooks]$

Thursday, August 13, 2020

Move root disk in LVM

https://access.redhat.com/solutions/1609793

fdisk /dev/sdc ---- Create partition similar to root disk also mark boot disk label.

mkfs.xfs /dev/sdc1 --- make boot disk.

mount /dev/sdc1 /mnt

cp -a /boot/* /mnt/

grub2-install --boot-directory=/mnt /dev/sdc

Update /etc/fstab

blkid /dev/sdc1

Reboot the system.

grub2-mkconfig -o /boot/grub2/grub.cfg

Extend VG

vgextend systemvg /dev/sdc2

move LV one by one

pvmove -b -n rootlv /dev/sda2 /dev/sdc2

Monitor the progress

lvs -a -o+devices

Friday, August 7, 2020

extend linux file system

pvcreate /dev/sda5

pvs
vgs
vgextend vg_algosec /dev/sda5
vgs
lvextend -L +100G /dev/mapper/vg_algosec-vg_system
lvs
resize2fs /dev/mapper/vg_algosec-vg_system

lvextend -L +300G /dev/mapper/vg_algosec-vg_data
lvs
resize2fs /dev/mapper/vg_algosec-vg_data

Friday, July 10, 2020

Ansible playbook list security patch

$ cat /opt/ansible/rpm_list.yml
---
- name: rpm_list_prep
hosts: all
become: yes
become_user: root
tasks:
- name: create a local dir
local_action:
module: file
path: /var/tmp/rpm_list_all/{{ansible_date_time.date}}
state: directory
- name: yum clean all
shell: yum clean all
register: yumclean
- name: yum Update info
shell: yum updateinfo list sec | grep '^RHSA'
register: yumupdateinfo
- local_action: copy content={{ yumupdateinfo.stdout_lines | to_nice_yaml }} dest=/var/tmp/rpm_list_all/{{ansible_date_time.date}}/{{ inventory_hostname }}
- local_action: shell cd /var/tmp/rpm_list_all/{{ansible_date_time.date}}/;for i in `ls|grep -v all`;do sed -e "s/$/ $i/g" "$i"|sed -e 's/-//g'|sed 's/^ //g';done>all_server_rpm.csv
$

ansible playbook os update security

$ cat /opt/ansible/osupdate.yml
---
- name: Osupdate
hosts: all
become: yes
become_user: root
tasks:
- name: taking backup of important files.
shell: mkdir /var/tmp/security_patching_bkp;cd /var/tmp/security_patching_bkp;df -h>df.txt;ifconfig -a>ifconfig.txt;uname -a>uname.txt;ps -eaf>ps.txt
register: result
- name: Clean yum
shell: yum clean all
register: yumclean
- debug:
var: yumclean
- name: yum list security
shell: yum list-security > /var/tmp/security_patching_bkp/yum_list-security.txt
register: yumlist_security
- name: Yum security update
shell: yum update --security -y
register: yumsecurityupdate
- debug:
var: yumsecurityupdate
- name: Yum security update skip-broken
shell: yum update --security -y --skip-broken
register: yumsecurityupdateskipb
- debug:
var: yumsecurityupdateskipb
- name: Checking reboot required or not
shell: LAST_KERNEL=$(rpm -q --last kernel | awk 'NR==1{sub(/kernel-/,""); print $1}'); CURRENT_KERNEL=$(uname -r); if [ $LAST_KERNEL != $CURRENT_KERNEL ]; then echo 'reboot'; else echo 'no'; fi
ignore_errors: true
register: reboot_hint
- name: Rebooting if required...
shell: shutdown -r now "Reboot required for updated kernel"
async: 0
poll: 0
when: reboot_hint.stdout.find("reboot") != -1
register: rebooting
- name: Waiting for thing to reboot
pause: seconds=45
when: rebooting|changed
]$

Monday, July 6, 2020

extend root filesystem size on VM

1. Increase the space as required in vcenter.
2. fdisk -l /dev/sda (Check the new space reflected)
3. create new partition with fdisk /dev/sda
4. Need a restart to reflect the new partition (if required)
5. add new partition -
a) pvcreate /dev/sda4
b) vgextend vg_system /dev/sda4
c) lvextended -L +50G /dev/mapper/vg_system
d) resize2fs /dev/mapper/vg_system

df -h