blob: 5807d7e2a407d6385f79cd0d5214144446417f18 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
---
# file: roles/calibration/tasks/main.yaml
- name: Inst - Update Package Cache (APT)
ansible.builtin.apt:
update_cache: true
cache_valid_time: 3600
when:
- ansible_distribution|lower == 'ubuntu'
tags:
- calibration-inst-prerequisites
- name: Inst - Prerequisites
ansible.builtin.package:
name: "{{ packages | flatten(levels=1) }}"
state: latest
tags:
- calibration-inst-prerequisites
- name: Check CPU Power States
ansible.builtin.shell: "lscpu"
register: current_lscpu
changed_when: false
tags:
- check-cpu-frequency
- name: Check CPU Power States
ansible.builtin.assert:
that:
- "'CPU min MHz' not in current_lscpu.stdout or 'Intel(R) Xeon(R)' not in ansible_processor"
fail_msg: "CPU configuration!"
success_msg: "CPU configuration match."
tags:
- check-cpu-frequency
- name: Check Kernel Parameters
ansible.builtin.assert:
that:
- item in ansible_cmdline
fail_msg: "Kernel parameters!"
success_msg: "Kernel parameters match."
loop: "{{ grub.keys()|sort }}"
when:
- grub is defined
tags:
- check-kernel-params
- name: Check Kernel Version
ansible.builtin.assert:
that:
- ansible_kernel not in kernel_version_by_distro_by_arch
fail_msg: "Kernel version!"
success_msg: "Kernel version match."
tags:
- check-kernel-version
- name: Spectre Meltdown Checker Status
ansible.builtin.stat:
path: "/opt/spectre-meltdown-checker.sh"
register: spectre_meltdown_status
tags:
- check-spectre-meltdown
- name: Get Spectre Meltdown Checker
ansible.builtin.get_url:
url: "https://meltdown.ovh"
dest: "/opt/spectre-meltdown-checker.sh"
mode: "744"
when:
- not spectre_meltdown_status.stat.exists
tags:
- check-spectre-meltdown
- name: Run Spectre Meltdown Checker
ansible.builtin.shell: "/opt/spectre-meltdown-checker.sh --no-color --sysfs-only || true"
ignore_errors: true
register: spectre_meltdown_sync
tags:
- check-spectre-meltdown
- debug: var=spectre_meltdown_sync.stdout_lines
tags:
- check-spectre-meltdown
- name: "{{ ansible_machine }} Specific"
include_tasks: "{{ ansible_machine }}.yaml"
tags:
- check-machine-specific
- check-jitter-tool
|
