Ansible Script 추가
This commit is contained in:
ByeonJungHun
169
ansible/01_old/roles/datadog.datadog/tasks/pkg-redhat.yml
Normal file
169
ansible/01_old/roles/datadog.datadog/tasks/pkg-redhat.yml
Normal file
@@ -0,0 +1,169 @@
|
||||
---
|
||||
- name: Fail early if Python 3 is used on CentOS / RHEL < 8 with old Ansible
|
||||
fail:
|
||||
msg: "The installation of the Agent on RedHat family systems using yum is not compatible with Python 3 with older Ansible versions.
|
||||
To run this role, use a Python 2 interpreter on hosts running CentOS / RHEL < 8 or upgrade Ansible to version 2.11+"
|
||||
# We can't compare ansible_version.full with 2.11 in the condition below, because ansible's
|
||||
# `semver` and `strict` version_type don't recognize it as a valid version and the `loose`
|
||||
# version_type considers it to be a post-release. It seems that the best course of action
|
||||
# is to explicitly use just major.minor for comparison with 2.11.
|
||||
# See https://github.com/ansible/ansible/issues/78288
|
||||
when: (not datadog_ignore_old_centos_python3_error)
|
||||
and ("{}.{}".format(ansible_version.major, ansible_version.minor) is version("2.11", operator="lt", strict=True))
|
||||
and (ansible_pkg_mgr == "yum")
|
||||
and (ansible_facts.python.version.major | int >= 3)
|
||||
|
||||
- name: Find out whether to set repo_gpgcheck or not
|
||||
# We turn off repo_gpgcheck on custom repos and on RHEL/CentOS 8.1 because
|
||||
# of https://bugzilla.redhat.com/show_bug.cgi?id=1792506
|
||||
set_fact:
|
||||
do_yum_repo_gpgcheck: >-
|
||||
{{ datadog_yum_repo_gpgcheck if datadog_yum_repo_gpgcheck != '' else (
|
||||
'no' if (
|
||||
ansible_facts.distribution_version.startswith('8.1.') or ansible_facts.distribution_version == '8.1' or
|
||||
datadog_yum_repo != ''
|
||||
) else 'yes'
|
||||
) }}
|
||||
|
||||
- name: Download current RPM key
|
||||
get_url:
|
||||
url: "{{ datadog_yum_gpgkey_current }}"
|
||||
dest: /tmp/DATADOG_RPM_KEY_CURRENT.public
|
||||
force: yes
|
||||
|
||||
- name: Import current RPM key
|
||||
rpm_key:
|
||||
key: /tmp/DATADOG_RPM_KEY_CURRENT.public
|
||||
state: present
|
||||
when: not ansible_check_mode
|
||||
|
||||
- name: Download new RPM key (Expires in 2022)
|
||||
get_url:
|
||||
url: "{{ datadog_yum_gpgkey_e09422b3 }}"
|
||||
dest: /tmp/DATADOG_RPM_KEY_E09422B3.public
|
||||
checksum: "sha256:{{ datadog_yum_gpgkey_e09422b3_sha256sum }}"
|
||||
|
||||
- name: Import new RPM key (Expires in 2022)
|
||||
rpm_key:
|
||||
key: /tmp/DATADOG_RPM_KEY_E09422B3.public
|
||||
state: present
|
||||
when: not ansible_check_mode
|
||||
|
||||
- name: Download new RPM key (Expires in 2024)
|
||||
get_url:
|
||||
url: "{{ datadog_yum_gpgkey_20200908 }}"
|
||||
dest: /tmp/DATADOG_RPM_KEY_20200908.public
|
||||
checksum: "sha256:{{ datadog_yum_gpgkey_20200908_sha256sum }}"
|
||||
|
||||
- name: Import new RPM key (Expires in 2024)
|
||||
rpm_key:
|
||||
key: /tmp/DATADOG_RPM_KEY_20200908.public
|
||||
state: present
|
||||
when: not ansible_check_mode
|
||||
|
||||
- name: Set versioned includepkgs variable
|
||||
set_fact:
|
||||
datadog_includepkgs: "{{ datadog_agent_flavor }}-{{ datadog_agent_redhat_version | regex_replace('^\\d+:', '') }}"
|
||||
when: datadog_agent_redhat_version is defined
|
||||
|
||||
- name: Set plain includepkgs variable
|
||||
set_fact:
|
||||
datadog_includepkgs: "{{ datadog_agent_flavor }}"
|
||||
when: datadog_agent_redhat_version is not defined
|
||||
|
||||
- name: Install Datadog Agent 5 yum repo
|
||||
yum_repository:
|
||||
name: datadog
|
||||
description: Datadog, Inc.
|
||||
baseurl: "{{ datadog_agent5_yum_repo }}"
|
||||
enabled: yes
|
||||
includepkgs: "{{ datadog_includepkgs }}"
|
||||
repo_gpgcheck: no # we don't sign Agent 5 repodata
|
||||
gpgcheck: "{{ datadog_yum_gpgcheck }}"
|
||||
gpgkey: [
|
||||
"{{ datadog_yum_gpgkey_current }}",
|
||||
"{{ datadog_yum_gpgkey_20200908 }}",
|
||||
"{{ datadog_yum_gpgkey_e09422b3 }}",
|
||||
]
|
||||
register: repofile5
|
||||
when: (datadog_agent_major_version|int == 5) and (datadog_yum_repo | length == 0) and (not ansible_check_mode)
|
||||
|
||||
- name: Install Datadog Agent 6 yum repo
|
||||
yum_repository:
|
||||
name: datadog
|
||||
description: Datadog, Inc.
|
||||
baseurl: "{{ datadog_agent6_yum_repo }}"
|
||||
enabled: yes
|
||||
includepkgs: "{{ datadog_includepkgs }}"
|
||||
repo_gpgcheck: "{{ do_yum_repo_gpgcheck }}"
|
||||
gpgcheck: "{{ datadog_yum_gpgcheck }}"
|
||||
gpgkey: [
|
||||
"{{ datadog_yum_gpgkey_current }}",
|
||||
"{{ datadog_yum_gpgkey_20200908 }}",
|
||||
"{{ datadog_yum_gpgkey_e09422b3 }}",
|
||||
]
|
||||
register: repofile6
|
||||
when: (datadog_agent_major_version|int == 6) and (datadog_yum_repo | length == 0) and (not ansible_check_mode)
|
||||
|
||||
- name: Install Datadog Agent 7 yum repo
|
||||
yum_repository:
|
||||
name: datadog
|
||||
description: Datadog, Inc.
|
||||
baseurl: "{{ datadog_agent7_yum_repo }}"
|
||||
enabled: yes
|
||||
includepkgs: "{{ datadog_includepkgs }}"
|
||||
repo_gpgcheck: "{{ do_yum_repo_gpgcheck }}"
|
||||
gpgcheck: "{{ datadog_yum_gpgcheck }}"
|
||||
gpgkey: [
|
||||
"{{ datadog_yum_gpgkey_current }}",
|
||||
"{{ datadog_yum_gpgkey_20200908 }}",
|
||||
"{{ datadog_yum_gpgkey_e09422b3 }}",
|
||||
]
|
||||
register: repofile7
|
||||
when: (datadog_agent_major_version|int == 7) and (datadog_yum_repo | length == 0) and (not ansible_check_mode)
|
||||
|
||||
- name: Install Datadog Custom yum repo
|
||||
yum_repository:
|
||||
name: datadog
|
||||
description: Datadog, Inc.
|
||||
baseurl: "{{ datadog_yum_repo }}"
|
||||
enabled: yes
|
||||
includepkgs: "{{ datadog_includepkgs }}"
|
||||
repo_gpgcheck: "{{ do_yum_repo_gpgcheck }}"
|
||||
gpgcheck: "{{ datadog_yum_gpgcheck }}"
|
||||
gpgkey: [
|
||||
"{{ datadog_yum_gpgkey_current }}",
|
||||
"{{ datadog_yum_gpgkey_20200908 }}",
|
||||
"{{ datadog_yum_gpgkey_e09422b3 }}",
|
||||
]
|
||||
register: repofilecustom
|
||||
when: (datadog_yum_repo | length > 0) and (not ansible_check_mode)
|
||||
|
||||
- name: Clean repo metadata if repo changed # noqa 503
|
||||
command: yum clean metadata --disablerepo="*" --enablerepo=datadog
|
||||
failed_when: false # Cleaning the metadata is only needed when downgrading a major version of the Agent, don't fail because of this
|
||||
args:
|
||||
warn: no
|
||||
when: repofile5.changed or repofile6.changed or repofile7.changed or repofilecustom.changed
|
||||
|
||||
# On certain version of dnf, gpg keys aren't imported into the local db with the package install task.
|
||||
# This rule assures that they are correctly imported into the local db and users won't have to manually accept
|
||||
# them if running dnf commands on the hosts.
|
||||
- name: Refresh Datadog repository cache # noqa 503
|
||||
command: yum -y makecache --disablerepo="*" --enablerepo=datadog
|
||||
failed_when: false
|
||||
args:
|
||||
warn: no
|
||||
when: repofile5.changed or repofile6.changed or repofile7.changed or repofilecustom.changed
|
||||
|
||||
- name: Remove old yum repo files
|
||||
yum_repository:
|
||||
name: "ansible_datadog_{{ item }}"
|
||||
state: absent
|
||||
with_items: [ 5, 6, 7, "custom" ]
|
||||
|
||||
- include_tasks: pkg-redhat/install-pinned.yml
|
||||
when: datadog_agent_redhat_version is defined
|
||||
|
||||
- include_tasks: pkg-redhat/install-latest.yml
|
||||
when: datadog_agent_redhat_version is not defined
|
||||
Reference in New Issue
Block a user