[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

[Ansible 2.12] Playbook to use yum on EOL CentOS 6

Hello everyone.
He is a member of the System Solutions Department and wants to improve work efficiency with Ansible.

previously wrote an article titled ``Enable yum to be used on EOL CentOS 6 [Repository change]''

The default repository of EOL CentOS 6 is no longer available, and yum cannot be used due to an error.
Therefore, the content is to change the repository to something that can still be used.

However, in the above article, the changes were done "manually".

you have an environment with multiple CentOS 6 servers , it will be a pain to manually support all of them.
Also, since there is a high probability of accidents if multiple units are operated manually, I would like to handle this using a "code".

This time, we will introduce "Code" and "Ansible's playbook to enable use of yum on EOL CentOS 6" and explain how to run it.

Preface

  • We do not recommend operating on CentOS 6.
    This is only an emergency response to CentOS 6, which exists for unavoidable reasons
  • You are using a version that is no longer supported.
    This is also for emergency use and is not intended to be recommended.

Explanation of the premise

Q. Why do you change it using a playbook?

A.

1. "If you do it manually, the work time increases in proportion to the number of machines"
→ With Ansible , even if the number of machines increases, it can be handled in a much shorter time compared to manual work .
Therefore, the more units there are, the more efficient the work will be.

You can avoid having your personnel tied up all day long on the job.

2. ``Manual work on multiple machines is prone to accidents.''
→ When work is performed continuously, it tends to become assembly line work, and work errors are very likely to occur.

By converting this into a playbook, you can make the same changes to all machines without making any mistakes.

3. "Playbooks can also be reused and inherited as procedure manuals"
→ There are cases where procedure manuals do not remain, or where modifications are necessary before they can be reused.
However, with playbooks, you can often use them as-is by simply changing the target, and they are "hard to perish."

Q. What if I still want to do it manually?

A.I explained the manual procedure in an article I wrote previously.

Please refer here.

Enable yum to be used on EOL CentOS 6 [Repository change]

Q. If you get the "(libselinux-python) aren't installed!" error, it seems easier to do it manually.

A. I think this error occurs when SELinux is not completely disabled and the "libselinux-python" package is not available.


It's easy to put the cart before the horse and think, ``It's easier to do the work manually to correct errors.''

Therefore, in the previous article, we introduced a playbook for solving the problem that can be used in combination, so please make use of it.

[Ansible] Solution for "(libselinux-python) aren't installed!" for CentOS 6 Playbook

Execution environment

■ Linux environment
OS: AlmaLinux release 8.10 (WSL2 environment)
Shell: Bash
Docker version 26.1.3, build b72abbb

■ Ansible environment (Docker container in WSL2)
OS: AlmaLinux release 8.9
Ansible: Ansible-core 2.12.10

■ Windows environment
OS: Windows11 Pro (version: 23H2)
Language setting: Changed to Japanese

■ CentOS 6 environment (Vagrant + VirtualBox)
OS: CentOS 6.9 (bento / centos-6.9)
Vagrant: 2.4.1
VirtualBox: 7.0.18 r162988 (Qt5.15.2)
IP: 192.168.33.15

Ansible 2.12 environment construction steps

Since the CentOS 6 environment basically uses an old version of Python, Ansible uses the corresponding old version (2.12).

In a previous article, I explained how to build Ansible 2.12, so please refer to it here.

[Ansible 2.12] Build an Ansible execution environment for CentOS 6 using Docker in WSL2

Playbook

Performed manually
: - "Backing up the repository"
- "Specifying the version"
- "Rewriting the base repository"
- "Deleting the yum cache"

The above four steps have been put into one playbook.

centos6_repo_change.yml

We use import_tasks on the main.yml side to load this playbook.
(Because I like to separate playbooks into roles to improve reusability, readability, and maintainability)

--- ## Variable default # repo_source | default('/etc/yum.repos.d/CentOS-Base.repo') # repo_dest | default(default_repo_path) # repo_url | default('http://ftp.iij. ad.jp/pub/linux/centos-vault/$releasever')" # Base.repo backup # Do not obtain if today's backup already exists - name: Check backup for base.repo ansible.builtin.stat : path: "{{ repo_dest | default('/etc/yum.repos.d/CentOS-Base.repo_' + lookup('pipe', 'date +\"%Y%m%d\"')) } }" register: backup_base_repo_result< - name: Backup base.repo ansible.builtin.copy: src: "{{ repo_source | default('/etc/yum.repos.d/CentOS-Base.repo') }}" dest: "{{ repo_dest | default('/etc/yum.repos.d/CentOS-Base.repo_' + lookup('pipe', 'date +\"%Y%m%d\"')) }}" mode : "0644" remote_src: yes when: not backup_base_repo_result.stat.exists # If releasever does not exist, create it with the current version number - name: Set releasever ansible.builtin.shell: cmd: echo "{{ ansible_distribution_version }}" > /etc/yum/vars/releasever args: creates: /etc/yum/vars/releasever - ansible.builtin.debug: var: ansible_distribution_version # Enable by commenting out the repo's mirrorlist & rewriting the baseurl to an available repository - name : Replace mirrorlist ansible.builtin.replace: path: "{{ repo_source | default('/etc/yum.repos.d/CentOS-Base.repo') }}" regexp: "{{ item.regexp }}" replace : "{{ item.replace }}" loop: - regexp: '^mirrorlist=http://mirrorlist.centos.org' replace: '#mirrorlist=http://mirrorlist.centos.org' - regexp: '^ #baseurl=http://mirror.centos.org/centos/\$releasever' replace: "baseurl={{ repo_url | default('http://ftp.iij.ad.jp/pub/linux/centos-vault /$releasever') }}" register: replace_result # Delete yum cache when changing repository - name: Clean yum cache ansible.builtin.command: cmd: yum clean all when: replace_result is changed
The intention is mostly written in the comments, but I will also explain it below.

## Variable default

Explicit default value of variables.

It is also listed as a guideline to make it easier to understand when you want to specify it separately in relation to vars.

# Base.repo backup

Check its existence using the stat module and store it in a variable using register.

It is determined by when and if there is no backup of the repository on that day, it will be obtained.

From now on, make the path destination, repository, etc. into a variable and use the default filter to specify the default value of the variable.

In addition, for backups using the lookup plugin, we added the year, month, and day to the end of the file name to make it easier to identify .

# If releasever does not exist, create it with the current version number

Create a variable file to fix the version when using yum.

The ansible.builtin.shell module is used to perform judgment and processing.
Since this module uses OS-side functionality, idempotency checks are not performed.

However, the args -> creates parameter allows you to specify the condition that ``do not execute if the specified file does not exist'' , so I used it because I could control the situation as I intended.

ansible_distribution_version

on the Ansible side , you can get the current OS version of the execution environment (6.9 in this case).

The above is used to create a file via the echo command.

Just to be sure, use the ansible.builtin.debug module to display the contents of the variables on the console.

# Comment out mirrorlist in repo & rewrite baseurl to an available repository to enable it

In the ansible.builtin.replace module, two places are rewritten as shown in the title.

This corresponds to the part that is rewritten using the sed command during the manual procedure

I use loop to specify two locations, but it can also be executed with with_items.

Save the execution result with register and use it in the when of the next process.

# Delete the yum cache when the repository is changed
when: replace_result is changed

The yum module does not have a function equivalent to yum clean all, which deletes the yum cache

Therefore, we use the ansible.builtin.command module, which executes OS commands like shell.

The result of using the replace module that rewrites the repository is saved with register, and is executed only when "changed" is confirmed.

Side note: Difference between shell module and Command module

Since the Shell module it is possible to use environment variables and pipes in the OS .
It is convenient because it allows you to execute one-liners that you normally use in the environment.

the Command module does not go through the shell, environment variables etc. cannot be used .
This is also an advantage, as it eliminates the possibility of unintended behavior due to environment-specific variables .

However, since these use commands of the target OS rather than Ansible, idempotency cannot be ensured .
This is only a last resort if the module cannot handle it

Execution example

Inventory file for verification environment

In the CentOS 6 (bento / centos-6.9) environment, password authentication (not recommended) may exist, so this time we also verified in this state.

--- all: vars: ansible_user: vagrant hosts: targetnode: ansible_host: 192.168.33.15 ansible_ssh_pass: vagrant

main.yml

No tasks are written on the main.yml side, and the playbook is loaded using import_tasks.
(Because the author likes to separate playbooks into roles in order to improve reusability, readability, and maintainability)

For variables, the values ​​specified in default in the playbook are used, so it can be executed even if they are not specified.

However, we purposely write down the items and contents that can be changed using variables because we think they are easy to understand intuitively.

- name: main.yml hosts: targetnode become: yes vars: wget_repo: "http://ftp.iij.ad.jp/pub/linux/centos-vault" repo_source: "/etc/yum.repos.d/CentOS -Base.repo" repo_dest: "/etc/yum.repos.d/CentOS-Base.repo_{{ lookup('pipe', 'date +\"%Y%m%d\"') }}" repo_url: '{{ wget_repo }}/$releasever' tasks: #Install when SELinux is not disabled and libselinux-python is not present - name: Include libeselinux-python(wget) ansible.builtin.import_tasks: libselinux-python_wget.yml # Change the initial repository of Centos6 Base - name: Include centos6_repo_change ansible.builtin.import_tasks: centos6_repo_change.yml

libselinux-python_wget.yml is a playbook for dealing with SElinux-related errors in the previous article introduced above

centos6_repo_change.yml is the playbook introduced this time.

Playbook execution

we will run it from a container equipped with a previous Ansible version, which was introduced in another article

Before executing, check that yum cannot be used on the verification machine and then execute.

■Preliminary confirmation [vagrant@targetnode ~]$ yum info php Loaded plugins: fastestmirror Determining fastest mirrors Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os&infra=stock error was 14: PYCURL ERROR 6 - "Couldn't resolve host 'mirrorlist.centos.org'" Error: Cannot find a valid baseurl for repo: base *An error occurs and it cannot be used because the repository is no longer available.
■Playbook execution [root@author container environment work]# ansible-playbook -i hosts main.yml ~Omitted~ PLAY RECAP ******************************** ************************************************** ************************************************ targetnode: ok=17 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=2 *Results of two playbooks are output
■Post-confirmation [vagrant@targetnode ~]$ yum info php Loaded plugins: fastestmirror Determining fastest mirrors base | 3.7 kB 00:00 base/primary_db | 4.7 MB 00:00 extras | 3.4 kB 00:00 extras/primary_db | 30 kB 00 :00 updates | 3.4 kB 00:00 updates/primary_db | 8.1 MB 00:00 Available Packages Name : php Arch : x86_64 Version : 5.3.3 ~Omitted~

After running the playbook, the repository error has been resolved and metadata has been retrieved.
After that, the results of yum info php were output, so I was able to confirm that I was able to use yum successfully.

lastly

The content I wrote this time is based on my experience of actually doing something with Ansible.
His playbook at the time was created in a hurry, so it was rougher and less reusable than it is now, but I'm glad I was able to improve it for writing about it in this blog.

If something needs to be done, you'll be in a hurry to prepare it, and I think you tend to end up with something that can only be used on the spot.
If you have the time, it may be a good idea to prepare a playbook with general-purpose content.

I hope that those who read this article will be able to get started using Ansible, or that they will find some useful knowledge/information.
Thank you for reading this far!

Reference materials

ansible.builtin.yum module – Manages packages with the yum package manager
https://docs.ansible.com/ansible/9/collections/ansible/builtin/yum_module.html

ansible.builtin.replace module – Replace all instances of a particular string in a file using a back-referenced regular expression
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/replace_module.html

How do I change the CentOS 6 repository address? | Alibaba Cloud
https://www.alibabacloud.com/help/en/ecs/user-guide/change-the-centos-6-source-address

If you found this article helpful , please give it a like!
3
Loading...
3 votes, average: 1.00 / 13
260
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

inside

Beyond mid-career in 2022 Belongs to
the System Solutions Department
LPIC-3 I have a 304 and AWS SAA I only
have three choices for regular drinks: milk, cola, and black tea.