diff options
Diffstat (limited to 'fdio.infra.ansible/roles/kernel')
4 files changed, 11 insertions, 85 deletions
diff --git a/fdio.infra.ansible/roles/kernel/defaults/main.yaml b/fdio.infra.ansible/roles/kernel/defaults/main.yaml index 60fa91e970..ef628c93f5 100644 --- a/fdio.infra.ansible/roles/kernel/defaults/main.yaml +++ b/fdio.infra.ansible/roles/kernel/defaults/main.yaml @@ -6,21 +6,13 @@ kernel_version: "{{ kernel_version_by_distro[ansible_distribution|lower][ansible kernel_version_by_distro: ubuntu: - focal: - - "5.4.0-65" jammy: - - "4.15.0-72" + - "5.15.0-46" kernel_packages: "{{ kernel_packages_by_distro[ansible_distribution|lower][ansible_distribution_release] | flatten(levels=1) }}" kernel_packages_by_distro: ubuntu: - focal: - - "linux-image" - - "linux-headers" - - "linux-modules" - - "linux-modules-extra" - - "linux-tools" jammy: - "linux-image" - "linux-headers" @@ -33,10 +25,6 @@ absent_packages: "{{ absent_packages_by_distro[ansible_distribution|lower][ansib absent_packages_by_distro: ubuntu: - focal: - - "amd64-microcode" - - "intel-microcode" - - "iucode-tool" jammy: - "amd64-microcode" - "intel-microcode" diff --git a/fdio.infra.ansible/roles/kernel/handlers/main.yaml b/fdio.infra.ansible/roles/kernel/handlers/main.yaml index 8e1239ab31..d0be276a5b 100644 --- a/fdio.infra.ansible/roles/kernel/handlers/main.yaml +++ b/fdio.infra.ansible/roles/kernel/handlers/main.yaml @@ -2,7 +2,7 @@ # file roles/kernel/handlers/main.yaml - name: Reboot Server - reboot: + ansible.builtin.reboot: reboot_timeout: 3600 tags: - reboot-server diff --git a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml deleted file mode 100644 index 3e2686d565..0000000000 --- a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_focal.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -# file: roles/kernel/tasks/ubuntu_focal.yaml - -- name: Get Available Kernel Versions - command: "apt-cache showpkg linux-headers-*" - changed_when: false - register: apt_kernel_list - tags: - - kernel-inst - -- name: Get installed packages with APT - command: "dpkg -l" - changed_when: false - register: apt_packages_list - tags: - - kernel-inst - -- name: Set target APT kernel version - set_fact: - _kernel: "{{ apt_kernel_list | deb_kernel( - kernel_version, ansible_kernel) }}" - tags: - - kernel-inst - -- name: Disable APT auto upgrade - lineinfile: - path: "/etc/apt/apt.conf.d/20auto-upgrades" - state: "present" - regexp: "APT::Periodic::Unattended-Upgrade \"[0-9]\";" - line: "APT::Periodic::Unattended-Upgrade \"0\";" - create: true - mode: 0644 - tags: - - kernel-inst - -- name: Ensure Packages Versions - apt: - name: "{{ apt_kernel_list | deb_kernel_pkg( - kernel_version, ansible_kernel, ansible_distribution, - ansible_architecture, item) }}" - loop: "{{ kernel_packages }}" - tags: - - kernel-inst - -- name: Ensure Any Other Kernel Packages Are Removed - apt: - name: "{{ apt_packages_list | deb_installed_kernel( - apt_kernel_list, kernel_version, ansible_kernel) }}" - state: absent - purge: true - notify: - - "Reboot Server" - tags: - - kernel-inst - -- name: Ensure Any Microcode Is Absent - apt: - name: "{{ absent_packages }}" - state: absent - purge: true - tags: - - kernel-inst diff --git a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_jammy.yaml b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_jammy.yaml index 15ce221e66..af987d4e5a 100644 --- a/fdio.infra.ansible/roles/kernel/tasks/ubuntu_jammy.yaml +++ b/fdio.infra.ansible/roles/kernel/tasks/ubuntu_jammy.yaml @@ -2,28 +2,28 @@ # file: roles/kernel/tasks/ubuntu_jammy.yaml - name: Get Available Kernel Versions - command: "apt-cache showpkg linux-headers-*" + ansible.builtin.command: "apt-cache showpkg linux-headers-*" changed_when: false register: apt_kernel_list tags: - kernel-inst - name: Get installed packages with APT - command: "dpkg -l" + ansible.builtin.command: "dpkg -l" changed_when: false register: apt_packages_list tags: - kernel-inst - name: Set target APT kernel version - set_fact: + ansible.builtin.set_fact: _kernel: "{{ apt_kernel_list | deb_kernel( kernel_version, ansible_kernel) }}" tags: - kernel-inst - name: Disable APT auto upgrade - lineinfile: + ansible.builtin.lineinfile: path: "/etc/apt/apt.conf.d/20auto-upgrades" state: "present" regexp: "APT::Periodic::Unattended-Upgrade \"[0-9]\";" @@ -34,7 +34,7 @@ - kernel-inst - name: Ensure Packages Versions - apt: + ansible.builtin.apt: name: "{{ apt_kernel_list | deb_kernel_pkg( kernel_version, ansible_kernel, ansible_distribution, ansible_architecture, item) }}" @@ -43,10 +43,10 @@ - kernel-inst - name: Ensure Any Other Kernel Packages Are Removed - apt: + ansible.builtin.apt: name: "{{ apt_packages_list | deb_installed_kernel( apt_kernel_list, kernel_version, ansible_kernel) }}" - state: absent + state: "absent" purge: true notify: - "Reboot Server" @@ -54,9 +54,9 @@ - kernel-inst - name: Ensure Any Microcode Is Absent - apt: + ansible.builtin.apt: name: "{{ absent_packages }}" - state: absent + state: "absent" purge: true tags: - kernel-inst |