From aba39cbad49c8f1c005f5f0811a516cb1e95c32e Mon Sep 17 00:00:00 2001 From: Chris Hammer Date: Tue, 6 Aug 2024 11:30:30 -0400 Subject: [PATCH] new service state handling --- bigboot_execute_resize.yml | 35 ++------------------ bigboot_setup_environment.yml | 12 +++---- tasks/check_services.yml | 53 ++++++++++++++++++++++++++++++ tasks/cleanup.yml | 8 ++--- tasks/disable_systemd_services.yml | 20 ++++++----- tasks/restore_services.yml | 25 ++++++++++++++ vars/bigboot_vars.yml | 10 +++++- 7 files changed, 108 insertions(+), 55 deletions(-) create mode 100644 tasks/check_services.yml create mode 100644 tasks/restore_services.yml diff --git a/bigboot_execute_resize.yml b/bigboot_execute_resize.yml index 953e4c6..a6f7b70 100644 --- a/bigboot_execute_resize.yml +++ b/bigboot_execute_resize.yml @@ -9,13 +9,10 @@ - bigboot_vars.yml tasks: - - name: Perform service and filesystem checks prior to Bigboot execution + - name: Perform filesystem check prior to Bigboot execution when: - bigboot_data[inventory_hostname]['bigboot_execute_bigboot'] | default(false) | bool block: - - name: Check for and disable services exceeding the timeout threshold - ansible.builtin.import_tasks: tasks/check_systemd_services.yml - - name: Perform filesystem check prior to Bigboot execution ansible.builtin.import_tasks: tasks/grub_filesystem_check.yml @@ -45,31 +42,5 @@ when: - bigboot_data[inventory_hostname]['bigboot_execute_bigboot'] | bool - - name: Ensure service facts are available - ansible.builtin.service_facts: - - - name: Restore named-chroot service to its pre-Bigboot state - ansible.builtin.service: - name: "{{ bigboot_named_chroot_service }}" - state: "{{ bigboot_data[inventory_hostname]['bigboot_named_chroot_running'] }}" - enabled: "{{ bigboot_data[inventory_hostname]['bigboot_named_chroot_enabled'] }}" - when: - - ansible_facts['services'][bigboot_named_chroot_service] is defined - - - name: Restore Docker service to its pre-Bigboot state - ansible.builtin.service: - name: "{{ bigboot_docker_service }}" - state: "{{ bigboot_data[inventory_hostname]['bigboot_docker_running'] }}" - enabled: "{{ bigboot_data[inventory_hostname]['bigboot_docker_enabled'] }}" - when: - - ansible_facts['services'][bigboot_docker_service] is defined - - - name: Re-enabling services previously disabled - ansible.builtin.service: - name: "{{ item }}" - state: started - enabled: true - loop: "{{ bigboot_systemd_disabled_services }}" - when: - - bigboot_systemd_disabled_services is defined - - bigboot_systemd_disabled_services | length > 0 + - name: Restore service state for disabled services + ansible.builtin.import_tasks: tasks/restore_services.yml diff --git a/bigboot_setup_environment.yml b/bigboot_setup_environment.yml index 7b39b16..f3a84bf 100644 --- a/bigboot_setup_environment.yml +++ b/bigboot_setup_environment.yml @@ -12,11 +12,11 @@ - name: Cleanup from any previous executions ansible.builtin.import_tasks: tasks/cleanup.yml - - name: Stop and disable the Docker service if present and running - ansible.builtin.import_tasks: tasks/disable_docker_service.yml + - name: Ensure service facts are available + ansible.builtin.service_facts: - - name: Stop and disable the named-chroot service if present and running - ansible.builtin.import_tasks: tasks/disable_named_chroot_service.yml + - name: Check for services that require being disabled + ansible.builtin.import_tasks: tasks/check_services.yml - name: Set boot device details ansible.builtin.import_tasks: tasks/capture_boot_device_details.yml @@ -36,10 +36,6 @@ 'bigboot_adjacent_lvm_device': bigboot_adjacent_lvm_device, 'bigboot_lv_shrink_size': bigboot_lv_shrink_size | int, 'bigboot_size': bigboot_size, - 'bigboot_docker_running': bigboot_docker_running, - 'bigboot_docker_enabled': bigboot_docker_enabled, - 'bigboot_named_chroot_running': bigboot_named_chroot_running, - 'bigboot_named_chroot_enabled': bigboot_named_chroot_enabled, 'ip_addresses': ansible_all_ipv4_addresses, 'server_hostname': ansible_hostname } diff --git a/tasks/check_services.yml b/tasks/check_services.yml new file mode 100644 index 0000000..078c8c1 --- /dev/null +++ b/tasks/check_services.yml @@ -0,0 +1,53 @@ +--- +- name: Capture a list of running services + ansible.builtin.set_fact: + bigboot_systemd_running_services: + "{{ bigboot_systemd_running_services | default([]) + [item['key']] }}" + loop: "{{ ansible_facts['services'] | dict2items }}" + loop_control: + label: "{{ item['key'] }}" + when: + - "'running' in item['value']['state']" + +- name: Get the stop timeout value for running services + ansible.builtin.shell: + cmd: | + set -o pipefail + systemctl show {{ item }} | grep TimeoutStopUSec + changed_when: false + register: bigboot_systemd_service_timeout + loop: "{{ bigboot_systemd_running_services }}" + +- name: Adding service to a list of services to disable for exceeding timeout threshold + ansible.builtin.set_fact: + bigboot_services_disabled: "{{ bigboot_services_disabled | default([]) + [item['item']] }}" + loop: "{{ bigboot_systemd_service_timeout['results'] }}" + loop_control: + label: "{{ item['item'] }}" + when: + - item['item'] not in bigboot_protected_services + - item['stdout'] | regex_replace('^.*=(.*$)', '\\1') | community.general.to_minutes >= bigboot_service_max_timeout | int + +- name: Adding service to a list of services to disable for being incompatible + ansible.builtin.set_fact: + bigboot_services_disabled: "{{ bigboot_services_disabled | default([]) + [item] }}" + loop: "{{ bigboot_incompatible_services }}" + when: + - item not in bigboot_protected_services + - ansible_facts['services'][item] is defined + - ansible_facts['services'][item]['state'] == "running" + +- name: Log and disable services + ansible.builtin.include_tasks: tasks/disable_systemd_services.yml + loop: "{{ bigboot_services_disabled }}" + when: + - bigboot_services_disabled is defined + +- name: Services disabled notice + ansible.builtin.debug: + msg: >- + The following services were disabled, and will be re-enabled post + Bigboot execution: {{ bigboot_services_disabled | join(', ') }} + when: + - bigboot_services_disabled is defined + - bigboot_services_disabled | length > 0 diff --git a/tasks/cleanup.yml b/tasks/cleanup.yml index 180e5be..1e30e8f 100644 --- a/tasks/cleanup.yml +++ b/tasks/cleanup.yml @@ -29,12 +29,10 @@ path: "/boot/initramfs-{{ initramfs_kernel_version }}.img.{{ initramfs_backup_extension }}" state: absent -- name: Check if disable services log exists - ansible.builtin.stat: - path: "{{ bigboot_disabled_services_log }}" - register: bigboot_disabled_services_log_stat +- name: Check for Bigboot state log and restore services to pre-Bigboot state + ansible.builtin.import_tasks: tasks/restore_services.yml -- name: Remove disabled services log if present +- name: Cleanup previous Bigboot state log if present ansible.builtin.file: path: "{{ bigboot_disabled_services_log }}" state: absent diff --git a/tasks/disable_systemd_services.yml b/tasks/disable_systemd_services.yml index 5356484..0e8fcad 100644 --- a/tasks/disable_systemd_services.yml +++ b/tasks/disable_systemd_services.yml @@ -1,19 +1,21 @@ --- -- name: Disabling service for exceeding the timeout threshold +- name: Save service state + ansible.builtin.set_fact: + bigboot_service_to_disable: + service: "{{ ansible_facts['services'][item]['name'] }}" + state: "{{ (ansible_facts['services'][item]['state'] == 'running') | ternary('started', 'stopped') }}" + status: "{{ (ansible_facts['services'][item]['status'] == 'enabled') | ternary('true', 'false') }}" + +- name: Disabling service ansible.builtin.service: - name: "{{ item['item'] }}" + name: "{{ item }}" state: stopped enabled: false -- name: Append service to list of disabled services - ansible.builtin.set_fact: - bigboot_systemd_disabled_services: - "{{ bigboot_systemd_disabled_services | default([]) + [item['item']] }}" - -- name: Log disabled service to log file +- name: Log disabled service state ansible.builtin.lineinfile: path: "{{ bigboot_disabled_services_log }}" - line: "{{ item['item'] }}" + line: "{{ item }},{{ bigboot_service_to_disable['state'] }},{{ bigboot_service_to_disable['status'] }}" create: true state: present owner: root diff --git a/tasks/restore_services.yml b/tasks/restore_services.yml new file mode 100644 index 0000000..4d0c915 --- /dev/null +++ b/tasks/restore_services.yml @@ -0,0 +1,25 @@ +--- +- name: Check for Bigboot service state log presence + ansible.builtin.stat: + path: "{{ bigboot_disabled_services_log }}" + register: bigboot_disabled_services_log_stat + +- name: Read state log and restore service state + when: + - bigboot_disabled_services_log_stat['stat']['exists'] | bool + block: + - name: Read service state from log + community.general.read_csv: + path: "{{ bigboot_disabled_services_log }}" + fieldnames: service,state,enabled + delimiter: ',' + register: bigboot_service_state_contents + + - name: Restore service state + ansible.builtin.service: + name: "{{ item['service'] }}" + state: "{{ item['state'] }}" + enabled: "{{ item['enabled'] | bool }}" + loop: "{{ bigboot_service_state_contents['list'] }}" + loop_control: + label: "{{ item['service'] }}" diff --git a/vars/bigboot_vars.yml b/vars/bigboot_vars.yml index 2e14b38..d7ac546 100644 --- a/vars/bigboot_vars.yml +++ b/vars/bigboot_vars.yml @@ -16,9 +16,17 @@ bigboot_named_chroot_service: named-chroot.service bigboot_named_chroot_running: stopped bigboot_named_chroot_enabled: false -# Max value in minutes for the timeout threshold: +# Max value in minutes for services timeout threshold: bigboot_service_max_timeout: 5 +# List of services incompatible with calculations +# to obtain required disk information: +# +# (These services will ALWAYS be disabled) +bigboot_incompatible_services: + - docker.service + - named-chroot.service + # List of services which will be excluded from being # disabled during Bigboot execution: bigboot_protected_services: