98

I'm trying to use Ansible to run the following two commands:

sudo apt-get update && sudo apt-get upgrade -y

I know with ansible you can use:

ansible all -m shell -u user -K -a "uptime"

Would running the following command do it? Or do I have to use some sort of raw command

ansible all -m shell -u user -K -a "sudo apt-get update && sudo apt-get upgrade -y"

Tom Manterfield
  • 6,515
  • 6
  • 36
  • 52
nadermx
  • 2,596
  • 7
  • 31
  • 66
  • 1
    Have you tried it? Why do you prefer this versus the built-in `apt` module? – tedder42 Jan 08 '17 at 19:25
  • I'm new to ansible just trying to understand, I would preffer with the apt module but not sure that does upgrade as well? – nadermx Jan 08 '17 at 19:31
  • the main way to get your version working is to add a `-b` to the ansible parameters and get rid of the `sudo`s in the command.... (Ansible will do the sudo with the `-b`) (The apt module as in (at least some of) the answers is the better way though) – Gert van den Berg Jan 20 '22 at 11:50

4 Answers4

201

I wouldn't recommend using shell for this, as Ansible has the apt module designed for just this purpose. I've detailed using apt below.

In a playbook, you can update and upgrade like so:

- name: Update and upgrade apt packages
  become: true
  apt:
    upgrade: yes
    update_cache: yes
    cache_valid_time: 86400 #One day

The cache_valid_time value can be omitted. Its purpose from the docs:

Update the apt cache if its older than the cache_valid_time. This option is set in seconds.

So it's good to include if you don't want to update the cache when it has only recently been updated.

To do this as an ad-hoc command you can run:

$ ansible all -m apt -a "upgrade=yes update_cache=yes cache_valid_time=86400" --become

ad-hoc commands are described in detail here

Note that I am using --become and become: true. This is an example of typical privilege escalation through Ansible. You use -u user and -K (ask for privilege escalation password). Use whichever works for you, this is just to show you the most common form.

Septatrix
  • 195
  • 1
  • 10
Tom Manterfield
  • 6,515
  • 6
  • 36
  • 52
  • 2
    thanks. for reference also works if behind corporate proxy with `environment: http_proxy: "http://{{ proxy_user }}:{{ vault_proxy_password }}@{{ proxy_host }}:{{ proxy_port }}" https_proxy: "http://{{ proxy_user }}:{{ vault_proxy_password }}@{{ proxy_host }}:{{ proxy_port }}" no_proxy: "{{ proxy_no_proxy }}" ` – Markus May 02 '18 at 13:25
9

Just to add a flavour on the answer. This one is an executable playbook in all the hosts specified in your inventory file.

- hosts: all
  become: true
  tasks:
  - name: Update and upgrade apt packages
    apt:
      upgrade: yes
      update_cache: yes
      cache_valid_time: 86400
Pini Cheyni
  • 5,073
  • 2
  • 40
  • 58
ewalel
  • 1,932
  • 20
  • 25
6

Using Ubuntu 16.04, I did a little adjustement:

- name: Update and upgrade apt packages
  become: true
  apt:
    update_cache: yes
    upgrade: 'yes'

I juste put the upgrade yes between apostrophe to avoid un annoying warning:

[WARNING]: The value True (type bool) in a string field was converted to u'True' (type string). If this does
not look like what you expect, quote the entire value to ensure it does not change.

At 2020, I would like just to comment into the original answer, but no enough reputation at that time...

Ref: The value True (type bool) in a string field was converted to u'True' (type string)

marcio
  • 566
  • 7
  • 19
  • 1
    What does this have to do with OP's question? It seems more like a tangent answer based on another answer. Also, warnings are not the same as errors. – David Rachwalik May 07 '20 at 00:54
  • Did you read what I wrote? I would like just to comment into the original answer, but no permission in that time. And thanks, I changed "error" to "warning". – marcio May 07 '20 at 14:20
  • Now that you have sufficient rep you can maybe add a comment and remove your answer. – bfontaine Sep 29 '21 at 16:13
-1

We use the following command to update and upgrade all packages :

ansible all -m apt -a "name='*' state=latest update_cache=yes upgrade=yes" -b --become-user root
behnam hoseyni
  • 69
  • 1
  • 3