From 850d8135f6a97be1b9cc031d3426599914e249ed Mon Sep 17 00:00:00 2001 From: Adrien Reslinger Date: Sat, 9 Oct 2021 18:59:40 +0200 Subject: [PATCH] Add kpatch --- files/etc/dnf/plugins/kpatch.conf | 2 ++ tasks/main.yml | 34 +++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 files/etc/dnf/plugins/kpatch.conf diff --git a/files/etc/dnf/plugins/kpatch.conf b/files/etc/dnf/plugins/kpatch.conf new file mode 100644 index 0000000..307fdaf --- /dev/null +++ b/files/etc/dnf/plugins/kpatch.conf @@ -0,0 +1,2 @@ +[main] +autoupdate = True diff --git a/tasks/main.yml b/tasks/main.yml index 8fbeef8..e181b32 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -109,6 +109,40 @@ - ansible_os_family == "RedHat" - ansible_distribution_major_version == '8' +# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/managing_monitoring_and_updating_the_kernel/index#applying-patches-with-kernel-live-patching_managing-monitoring-and-updating-the-kernel + - name: Install kpatch packages on RedHat Enterprise Linux 8 + package: + name: + - kpatch + - kpatch-dnf + - kpatch-patch + - "kpatch-patch = {{ ansible_kernel }}" + update_cache: yes + state: present + when: + - ansible_distribution == "RedHat" + - ansible_distribution_major_version == '8' + + - name: "Configure kernel auto update for RedHat Enterprise Linux 8" + copy: + src: etc/dnf/plugins/kpatch.conf + dest: /etc/dnf/plugins/kpatch.conf + owner: root + group: root + mode: 0644 + when: + - ansible_distribution == "RedHat" + - ansible_distribution_major_version == '8' + + - name: enable kernel auto update for RHEL 8 linux family + systemd: + name: kpatch.service + state: started + enabled: yes + when: + - ansible_distribution == "RedHat" + - ansible_distribution_major_version == '8' + # - name: upgrade all packages # package: # name: "*"