ansible更新jdk补丁的123

ansible更新jdk补丁的123

其实这个事情比较简单, 本不需要记录。 但是进行中发现简单的事情也有些小玄机
我习惯于oracle_jdk,修复bug和漏洞快。一般oracle系的中间件都用oracle_jdk跑,红帽的jboss等就用openjdk跑。
因此我们的环境是多种多样的。
简单操作直接手写一个yaml, 我称这种操作为adhoc。 即时操作。

ansible somehosts -m yum -a "name=java-1.7.0-oracle state=latest"

ok现在检查一下,是不是打上了

ansible all -a 'java -version'

输出:

xxx01 | SUCCESS | rc=0 >>
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)
xxtest01 | SUCCESS | rc=0 >>
java version "1.7.0_111"
Java(TM) SE Runtime Environment (build 1.7.0_111-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.111-b13, mixed mode)

貌似这个事情没做完

用ansible统一JDK版本。

通过ansible检查包其实都已经打上了,问题是没有对默认java的连接做处理。RHEL使用的是alternatives 方法

# alternatives 
alternatives version 1.3.61 - Copyright (C) 2001 Red Hat, Inc.
This may be freely redistributed under the terms of the GNU Public License.

usage: alternatives --install <link> <name> <path> <priority>
[--initscript <service>]
[--slave <link> <name> <path>]*
alternatives --remove <name> <path>
alternatives --auto <name>
alternatives --config <name>
alternatives --display <name>
alternatives --set <name> <path>
alternatives --list

common options: --verbose --test --help --usage --version
--altdir <directory> --admindir <directory>

检查java的alternatives

##RHEL7
alternatives --list
libnssckbi.so.x86_64 auto /usr/lib64/pkcs11/p11-kit-trust.so
ld auto /usr/bin/ld.bfd
mta auto /usr/sbin/sendmail.postfix
java auto /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64/jre/bin/java
jre_oracle auto /usr/lib/jvm/jre-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64
jre_1.7.0 auto /usr/lib/jvm/jre-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64
jre_1.7.0_oracle auto /usr/lib/jvm/jre-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64
jce_1.7.0_oracle_local_policy.x86_64 auto /usr/lib/jvm-private/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64/jce/vanilla/local_policy.jar
pax auto /usr/bin/spax
javac auto /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64/bin/javac
java_sdk_oracle auto /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64
java_sdk_1.7.0 auto /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64
java_sdk_1.7.0_oracle auto /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64
jaxp_transform_impl auto /usr/share/java/xalan-j2.jar
jaxp_parser_impl auto /usr/share/java/xerces-j2.jar

其实补丁已经打上了 java auto /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111-1jpp.1.el7.x86_64/jre/bin/java

检查具体设置

 slave unpack200.1.gz: /usr/share/man/man1/unpack200-java-1.6.0-openjdk.1.gz
/usr/java/jdk1.7.0_51/bin/java - priority 1
slave keytool: (null)
slave orbd: (null)
slave pack200: (null)
slave policytool: (null)
slave rmid: (null)
slave rmiregistry: (null)
slave servertool: (null)
slave tnameserv: (null)
slave unpack200: (null)
slave jre_exports: (null)
slave jre: (null)
slave java.1.gz: (null)
slave keytool.1.gz: (null)
slave orbd.1.gz: (null)
slave pack200.1.gz: (null)
slave policytool.1.gz: (null)
slave rmid.1.gz: (null)
slave rmiregistry.1.gz: (null)
slave servertool.1.gz: (null)
slave tnameserv.1.gz: (null)
slave unpack200.1.gz: (null)
/usr/lib/jvm/jre-1.7.0-oracle.x86_64/bin/java - priority 170101
slave keytool: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/keytool
slave orbd: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/orbd
slave pack200: (null)
slave policytool: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/policytool
slave rmid: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/rmid
slave rmiregistry: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/rmiregistry
slave servertool: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/servertool
slave tnameserv: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre/bin/tnameserv
slave unpack200: (null)
slave jre_exports: /usr/lib/jvm-exports/java-1.7.0-oracle-1.7.0.101.x86_64
slave jre: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.101.x86_64/jre
slave java.1.gz: /usr/share/man/man1/java-java-1.7.0-oracle.x86_64.1.gz
slave keytool.1.gz: /usr/share/man/man1/keytool-java-1.7.0-oracle.x86_64.1.gz
slave orbd.1.gz: /usr/share/man/man1/orbd-java-1.7.0-oracle.x86_64.1.gz
slave pack200.1.gz: (null)
slave policytool.1.gz: /usr/share/man/man1/policytool-java-1.7.0-oracle.x86_64.1.gz
slave rmid.1.gz: /usr/share/man/man1/rmid-java-1.7.0-oracle.x86_64.1.gz
slave rmiregistry.1.gz: /usr/share/man/man1/rmiregistry-java-1.7.0-oracle.x86_64.1.gz
slave servertool.1.gz: /usr/share/man/man1/servertool-java-1.7.0-oracle.x86_64.1.gz
slave tnameserv.1.gz: /usr/share/man/man1/tnameserv-java-1.7.0-oracle.x86_64.1.gz
slave unpack200.1.gz: (null)
/usr/lib/jvm/jre-1.7.0-oracle.x86_64/bin/java - priority 170111
slave keytool: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/keytool
slave orbd: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/orbd
slave pack200: (null)
slave policytool: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/policytool
slave rmid: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/rmid
slave rmiregistry: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/rmiregistry
slave servertool: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/servertool
slave tnameserv: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre/bin/tnameserv
slave unpack200: (null)
slave jre_exports: /usr/lib/jvm-exports/java-1.7.0-oracle-1.7.0.111.x86_64
slave jre: /usr/lib/jvm/java-1.7.0-oracle-1.7.0.111.x86_64/jre
slave java.1.gz: /usr/share/man/man1/java-java-1.7.0-oracle.x86_64.1.gz
slave keytool.1.gz: /usr/share/man/man1/keytool-java-1.7.0-oracle.x86_64.1.gz
slave orbd.1.gz: /usr/share/man/man1/orbd-java-1.7.0-oracle.x86_64.1.gz
slave pack200.1.gz: (null)
slave policytool.1.gz: /usr/share/man/man1/policytool-java-1.7.0-oracle.x86_64.1.gz
slave rmid.1.gz: /usr/share/man/man1/rmid-java-1.7.0-oracle.x86_64.1.gz
slave rmiregistry.1.gz: /usr/share/man/man1/rmiregistry-java-1.7.0-oracle.x86_64.1.gz
slave servertool.1.gz: /usr/share/man/man1/servertool-java-1.7.0-oracle.x86_64.1.gz
slave tnameserv.1.gz: /usr/share/man/man1/tnameserv-java-1.7.0-oracle.x86_64.1.gz
slave unpack200.1.gz: (null)
Current `best' version is /usr/lib/jvm/jre-1.7.0-oracle.x86_64/bin/java.

设置java和javac到最新版本

/usr/lib/jvm/jre-1.7.0-oracle.x86_64/bin/java – priority 170101
这里的优先级就是java的版本号, 也就是说版本越新,号的数字越大,优先级也就最高。
这就好办了,只需要让alternatives自动设置为最新就行了。

sudo alternatives --auto javac
sudo alternatives --auto java

然后就ok了

java -version
java version "1.7.0_111"
Java(TM) SE Runtime Environment (build 1.7.0_111-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.111-b13, mixed mode)

如果需要手动指定

sudo alternatives --set java java路经

最后修改playbook给所有机器执行去吧

- hosts:  somehosts
tasks:
- name: jdk patch
yum: name=java-1.7.0-oracle state=latest

- name: alternatives java
shell: "/usr/sbin/alternatives --auto java"

- name: alternatives javac
shell: "/usr/sbin/alternatives --auto javac"