Security updates

Latest response

Hi All,

Need some suggestion on "How to keep the RHEL 7 machine patch updates up to date" I have only 16 production machines of RHEL 7 and suggesting the client to go for a Satellite might be bit expensive... any alternative way to keep those 16 machines patch update to date?

Thanks and Regards,

Badrinath V

Responses

Hi Badrinath,

You can use Ansible to achieve what you want ... simply create an Ansible playbook and then run the upgrade task for all systems. :)

Firstly, install Ansible Engine :

sudo subscription-manager repos --enable rhel-7-server-ansible-2-rpms (if the main host/system is running RHEL 7)
sudo subscription-manager repos --enable ansible-2-for-rhel-8-x86_64-rpms (if the main system is running RHEL 8)

sudo yum update
sudo yum install ansible

Add the systems to the hosts file - execute :

sudo vi /etc/ansible/hosts

Create the group and add the IP addresses :

[rhel]

IP server 1
IP server 2
IP server ...  

Create the Ansible playbook :

vi rhel-tasks.yml

Insert the following content :

---

- name: system upgrade
  hosts: rhel
  become: yes
  tasks:
  - name: run yum update
    yum:
      name: '*'
      state: latest  

Run the playbook to update the systems :

ansible-playbook --ask-become-pass rhel-tasks.yml

Regards,
Christian