ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lint fixes

Browse Source
This commit is contained in:
willtome
2023-03-07 09:26:22 -05:00
parent 36f113aa75
commit 745b755296
57 changed files with 525 additions and 1135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
linux/compliance.yml
View File

@@ -1,14 +1,15 @@
---
- hosts: "{{ HOSTS }}"
- name: Apply compliance profile
hosts: "{{ _hosts | default(omit) }}"
become: true
vars:
compliance_profile: undef
tasks:
- name: Check OS Type
assert:
- name: Check os type
ansible.builtin.assert:
that: "ansible_os_family == 'RedHat'"
- name: Run Compliance Profile
include_role:
name: "redhatofficial.rhel{{ ansible_distribution_major_version }}_{{ compliance_profile }}"
- name: Run compliance profile
ansible.builtin.include_role:
name: "redhatofficial.rhel{{ ansible_distribution_major_version }}_{{ compliance_profile }}"

38
linux/deploy_application.yml
View File

@@ -1,31 +1,31 @@
---
- name: application deployment
hosts: "{{ HOSTS }}"
- name: Application deployment
hosts: "{{ _hosts | default('web') }}"
gather_facts: false
become: true
tasks:
- name: make sure application is not empty
assert:
- name: Make sure application is not empty
ansible.builtin.assert:
that:
- "application != ''"
- name: printing to terminal application information
debug:
msg: "This Ansible Playbook will install {{application}}"
- name: Printing to terminal application information
ansible.builtin.debug:
msg: "This Ansible Playbook will install {{ application }}"
- name: install application
dnf:
name: "{{application}}"
- name: Install application
ansible.builtin.dnf:
name: "{{ application }}"
allow_downgrade: true
register: result
- name: printing to terminal application information
debug:
msg: "The application: {{application}} has been installed"
when: result.changed|bool
- name: Printing to terminal application information
ansible.builtin.debug:
msg: "The application: {{ application }} has been installed"
when: result.changed | bool
- name: printing to terminal application information
debug:
msg: "The application: {{application}} was already installed"
when: not result.changed|bool
- name: Printing to terminal application information
ansible.builtin.debug:
msg: "The application: {{ application }} was already installed"
when: not result.changed | bool

119
linux/ec2_register.yml
View File

@@ -1,72 +1,73 @@
---
- hosts: "{{ HOSTS }}"
become: yes
- name: Register ec2 instance with subscription mangler
hosts: "{{ _hosts | default(omit) }}"
become: true
tasks:
- name: check for vars
assert:
that:
- org_id is defined
- activation_key is defined
- org_id != ''
- activation_key != ''
- org_id != 'undef'
- activation_key != 'undef'
- name: Check for vars
ansible.builtin.assert:
that:
- org_id is defined
- activation_key is defined
- org_id != ''
- activation_key != ''
- org_id != 'undef'
- activation_key != 'undef'
- name: set hostname
hostname:
name: "{{ inventory_hostname | regex_replace('_','-')}}"
- name: Set hostname
ansible.builtin.hostname:
name: "{{ inventory_hostname | regex_replace('_', '-') }}"
# Install subscription-manager if it's not there
- name: Install subscription-manager
ansible.builtin.yum:
name: subscription-manager
state: present
- name: Install subscription-manager
ansible.builtin.yum:
name: subscription-manager
state: present
- name: remove rhui client packages
yum:
name: rh-amazon-rhui-client*
state: removed
- name: Remove rhui client packages
ansible.builtin.yum:
name: rh-amazon-rhui-client*
state: removed
- name: get current repos
command:
cmd: ls /etc/yum.repos.d/
register: repos
changed_when: False
- name: Get current repos
ansible.builtin.command:
cmd: ls /etc/yum.repos.d/
register: repos
changed_when: false
- name: remove existing rhui repos
file:
path: "/etc/yum.repos.d/{{ item }}"
state: absent
loop: "{{ repos.stdout_lines }}"
when: "'rhui' in item"
- name: Remove existing rhui repos
ansible.builtin.file:
path: "/etc/yum.repos.d/{{ item }}"
state: absent
loop: "{{ repos.stdout_lines }}"
when: "'rhui' in item"
- name: install katello package
yum:
name: "https://{{ sat_url }}/pub/katello-ca-consumer-latest.noarch.rpm"
state: present
validate_certs: no
disable_gpg_check: true
when: sat_url is defined
- name: Install katello package
ansible.builtin.yum:
name: "https://{{ sat_url }}/pub/katello-ca-consumer-latest.noarch.rpm"
state: present
validate_certs: false
disable_gpg_check: true
when: sat_url is defined
- name: manage repos with subscription mangler
ansible.builtin.lineinfile:
path: /etc/rhsm/rhsm.conf
regexp: '^manage_repos'
line: 'manage_repos = 1'
- name: Manage repos with subscription mangler
ansible.builtin.lineinfile:
path: /etc/rhsm/rhsm.conf
regexp: '^manage_repos'
line: 'manage_repos = 1'
- name: register subscription mangler
community.general.redhat_subscription:
state: present
activationkey: "{{ activation_key }}"
org_id: "{{ org_id }}"
- name: Register subscription mangler
community.general.redhat_subscription:
state: present
activationkey: "{{ activation_key }}"
org_id: "{{ org_id }}"
- name: configure Red Hat insights
import_role:
name: redhat.insights.insights_client
vars:
insights_display_name: "{{ inventory_hostname }}"
insights_tags:
env: "{{ env }}"
purpose: demo
group: "{{ insights_tag }}"
- name: Configure Red Hat insights
ansible.builtin.import_role:
name: redhat.insights.insights_client
vars:
insights_display_name: "{{ inventory_hostname }}"
insights_tags:
env: "{{ env }}"
purpose: demo
group: "{{ insights_tag }}"

15
linux/fact_scan.yml
View File

@@ -1,12 +1,11 @@
---
- hosts: "{{ HOSTS }}"
become: yes
- name: Scan host for facts
hosts: "{{ _hosts | default(omit) }}"
become: true
tasks:
- name: get packages
ansible.builtin.package_facts:
- name: Get packages
ansible.builtin.package_facts:
- name: get services
ansible.builtin.service_facts:
- name: Get services
ansible.builtin.service_facts:

12
linux/hardening.yml
View File

@@ -1,6 +1,6 @@
---
- name: harden linux systems
hosts: "{{ HOSTS | default('web') }}"
- name: Harden linux systems
hosts: "{{ _hosts | default('web') }}"
become: true
vars:
- harden_firewall: false
@@ -11,21 +11,21 @@
tasks:
- name: Configure Firewall
when: harden_firewall | bool
include_role:
ansible.builtin.include_role:
name: linux-system-roles.firewall
- name: Configure Timesync
when: harden_time | bool
include_role:
ansible.builtin.include_role:
name: redhat.rhel_system_roles.timesync
- name: SSH Hardening
when: harden_ssh | bool
include_role:
ansible.builtin.include_role:
name: dev-sec.ssh-hardening
# run with --skip-tags accounts_passwords_pam_faillock_deny
- name: Apply PCI Baseline
when: harden_pci | bool
include_role:
ansible.builtin.include_role:
name: redhatofficial.rhel8_pci_dss

13
linux/insights_compliance_scan.yml
View File

@@ -1,24 +1,25 @@
---
- hosts: "{{ HOSTS }}"
- name: Run compliance scan with Red Hat Insights
hosts: "{{ _hosts | default(omit) }}"
become: true
vars:
#compliance_profile: undef
# compliance_profile: undef
tasks:
- name: Check OS Type
assert:
ansible.builtin.assert:
that: "ansible_os_family == 'RedHat'"
- name: Check variable values
debug:
ansible.builtin.debug:
msg: "Value of compliance_profile_configured is {{ compliance_profile_configured }}"
- name: Run Insights Compliance scan
import_role:
ansible.builtin.import_role:
name: redhat.insights.compliance
when: compliance_profile_configured == "Yes"
- name: Notify user that Compliance scan is not being attempted
debug:
ansible.builtin.debug:
msg: "User has not confirmed that all hosts are associated with an Insights Compliance profile. Scan aborted."
when: compliance_profile_configured == "No"

4
linux/inventory.insights.yml
View File

@@ -1,11 +1,11 @@
---
plugin: redhat.insights.insights
get_patches: yes
get_patches: true
groups:
patch_bugs: insights_patching.rhba_count > 0
patch_enhancements: insights_patching.rhea_count > 0
patch_security: insights_patching.rhsa_count > 0
get_tags: yes
get_tags: true
selection: none
filter_tags:
- insights-client/purpose=demo

72
linux/patching.yml
View File

@@ -1,43 +1,47 @@
---
- hosts: "{{ HOSTS }}"
become: yes
- name: Linux server patching
hosts: "{{ _hosts | default(omit) }}"
become: true
strategy: linear
vars:
report_server: node1
tasks:
# Install yum-utils if it's not there
- name: Install yum-utils
ansible.builtin.yum:
name: yum-utils
state: latest
# Install yum-utils if it's not there
- name: Install yum-utils
ansible.builtin.yum:
name: yum-utils
state: installed
- include_role:
name: demo.patching.patch_linux
- name: Include patching role
ansible.builtin.include_role:
name: demo.patching.patch_linux
- name: Tell user when Insights Client is not configured
debug:
msg: "Insights client does not appear to be configured. Scan will be skipped"
when:
- ansible_local.insights.system_id is not defined
- name: Tell user when Insights Client is not configured
ansible.builtin.debug:
msg: "Insights client does not appear to be configured. Scan will be skipped"
when:
- ansible_local.insights.system_id is not defined
- name: Run the Insights Client Scan
command: insights-client
when:
- not ansible_check_mode
- ansible_local.insights.system_id is defined
- name: Run the Insights Client Scan
ansible.builtin.command: insights-client
when:
- not ansible_check_mode
- ansible_local.insights.system_id is defined
- block:
- name: Deploy report server
delegate_to: "{{ report_server }}"
run_once: true
block:
- name: Build report server
ansible.builtin.include_role:
name: "{{ item }}"
loop:
- demo.patching.report_server
- demo.patching.report_linux
- demo.patching.report_linux_patching
- include_role:
name: "{{ item }}"
loop:
- demo.patching.report_server
- demo.patching.report_linux
- demo.patching.report_linux_patching
- include_role:
name: demo.patching.report_server
tasks_from: linux_landing_page
delegate_to: "{{ report_server }}"
run_once: yes
- name: Publish landing page
ansible.builtin.include_role:
name: demo.patching.report_server
tasks_from: linux_landing_page

38
linux/patching_report.yml
View File

@@ -1,38 +0,0 @@
---
- hosts: "{{ HOSTS }}"
become: yes
vars:
report_server: node1
tasks:
- include_role:
name: demo.patching.patch_linux
- block:
- yum:
name: httpd
state: latest
check_mode: no
- file:
path: /var/www/html/reports/
state: directory
check_mode: no
- copy:
dest: /var/www/html/reports/.htaccess
content: Options +Indexes
check_mode: no
- service:
name: httpd
state: started
check_mode: no
- include_role:
name: demo.patching.report_linux
- include_role:
name: demo.patching.report_linux_patching
delegate_to: "{{ report_server }}"
run_once: yes

81
linux/podman.yml
View File

@@ -1,54 +1,53 @@
---
- name: Podman
hosts: "{{ HOSTS }}"
hosts: "{{ _hosts | default(omit) }}"
vars:
volume_path: podman
message: undef
tasks:
- name: Install Podman
ansible.builtin.dnf:
name: podman
state: latest
become: yes
- name: Install Podman
ansible.builtin.dnf:
name: podman
state: installed
become: true
- name: Create volume dir
ansible.builtin.file:
path: "{{ volume_path }}"
state: directory
- name: Create volume dir
ansible.builtin.file:
path: "{{ volume_path }}"
state: directory
- name: Create index.html
ansible.builtin.copy:
dest: "{{ volume_path }}/index.html"
content: "{{ message }}"
- name: Create index.html
ansible.builtin.copy:
dest: "{{ volume_path }}/index.html"
content: "{{ message }}"
- name: Run httpd container
containers.podman.podman_container:
name: apache
image: docker.io/httpd
state: started
volume:
- "./{{ volume_path }}/:/usr/local/apache2/htdocs:z"
ports:
- "8080:80"
- name: Run httpd container
containers.podman.podman_container:
name: apache
image: docker.io/httpd
state: started
volume:
- "./{{ volume_path }}/:/usr/local/apache2/htdocs:z"
ports:
- "8080:80"
- name: Check Web Page
ansible.builtin.uri:
url: http://127.0.0.1:8080
return_content: yes
register: web_output
changed_when: false
- name: Check Web Page
ansible.builtin.uri:
url: http://127.0.0.1:8080
return_content: true
register: web_output
changed_when: false
- name: podman ps
shell: podman ps
register: podman_output
changed_when: false
- name: Podman ps
ansible.builtin.command: podman ps
register: podman_output
changed_when: false
- name: Output
ansible.builtin.debug:
msg:
- "Output of podman ps command:"
- "{{ podman_output.stdout_lines }}"
- "Contents of web page:"
- "{{ web_output.content }}"
- name: Output
ansible.builtin.debug:
msg:
- "Output of podman ps command:"
- "{{ podman_output.stdout_lines }}"
- "Contents of web page:"
- "{{ web_output.content }}"

16
linux/run_script.yml
View File

@@ -1,20 +1,22 @@
---
- name: Run Shell Script
hosts: "{{ HOSTS }}"
become: yes
gather_facts: no
hosts: "{{ _hosts | default(omit) }}"
become: true
gather_facts: false
vars:
shell_script: undef
tasks:
- name: Run Shell Script
shell: "{{ shell_script }}"
ansible.builtin.shell: "{{ shell_script }}"
register: shell_output
tags:
- skip_ansible_lint # provided variable could require shell modele
- name: Print script output
debug:
ansible.builtin.debug:
var: shell_output.stdout_lines
- debug:
- name: Print message
ansible.builtin.debug:
msg: You should really consider converting this script to a playbook!
run_once: yes

19
linux/service_start.yml
View File

@@ -1,15 +1,16 @@
---
- hosts: "{{ HOSTS }}"
become: yes
- name: Start service
hosts: "{{ _hosts | default(omit) }}"
become: true
vars:
service_name: undef
tasks:
- name: Check Service
service_facts:
- name: Check Service
ansible.builtin.service_facts:
- name: Start Service
service:
name: "{{ service_name }}"
state: started
when: service_name + '.service' in services
- name: Start Service
ansible.builtin.service:
name: "{{ service_name }}"
state: started
when: service_name + '.service' in services

19
linux/service_stop.yml
View File

@@ -1,15 +1,16 @@
---
- hosts: "{{ HOSTS }}"
become: yes
- name: Stop service
hosts: "{{ _hosts | default(omit) }}"
become: true
vars:
service_name: undef
tasks:
- name: Check Service
service_facts:
- name: Check Service
ansible.builtin.service_facts:
- name: Stop Service
service:
name: "{{ service_name }}"
state: stopped
when: service_name + '.service' in services
- name: Stop Service
ansible.builtin.service:
name: "{{ service_name }}"
state: stopped
when: service_name + '.service' in services

66
linux/setup.yml
View File

@@ -1,6 +1,6 @@
---
user_message:
- Be sure to update the 'activation_key' and 'org_id' extra variables for 'LINUX / Register with Insights'. https://access.redhat.com/management/activation_keys
- Update the 'activation_key' and 'org_id' extra variables for 'LINUX / Register with Insights'. https://access.redhat.com/management/activation_keys
- Update Credential for Insights Inventory with Red Hat account.
- Add variables for system_roles. https://console.redhat.com/ansible/automation-hub/repo/published/redhat/rhel_system_roles
controller_components:
@@ -53,7 +53,7 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
extra_vars:
activation_key: !unsafe "RHEL{{ ansible_distribution_major_version }}_{{ env }}"
@@ -64,7 +64,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Choose Environment
type: multiplechoice
@@ -93,7 +93,7 @@ controller_templates:
notification_templates_error: Telemetry
use_fact_cache: true
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -101,7 +101,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- name: "LINUX / Temporary Sudo"
@@ -113,7 +113,7 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -121,7 +121,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: User Name
type: text
@@ -143,9 +143,9 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
use_fact_cache: true
ask_job_type_on_launch: yes
ask_job_type_on_launch: true
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -153,7 +153,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- name: "LINUX / Start Service"
@@ -166,7 +166,7 @@ controller_templates:
notification_templates_error: Telemetry
use_fact_cache: true
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -174,7 +174,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Service Name
type: text
@@ -191,7 +191,7 @@ controller_templates:
notification_templates_error: Telemetry
use_fact_cache: true
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -199,7 +199,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Service Name
type: text
@@ -215,7 +215,7 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -223,7 +223,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Shell Script
type: textarea
@@ -248,7 +248,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- name: "LINUX / Podman Webserver"
@@ -260,7 +260,7 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -268,7 +268,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Web Page Message
type: textarea
@@ -284,15 +284,15 @@ controller_templates:
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
diff_mode: yes
ask_job_type_on_launch: yes
diff_mode: true
ask_job_type_on_launch: true
extra_vars:
system_roles:
- selinux
selinux_policy: targeted
selinux_state: enforcing
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -300,7 +300,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- name: "LINUX / Install Web Console (cockpit)"
@@ -311,10 +311,10 @@ controller_templates:
notification_templates_started: Telemetry
notification_templates_success: Telemetry
notification_templates_error: Telemetry
diff_mode: yes
ask_job_type_on_launch: yes
diff_mode: true
ask_job_type_on_launch: true
extra_vars:
system_roles:
system_roles:
- cockpit
credentials:
- "Workshop Credential"
@@ -325,7 +325,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Cockpit package load
type: multiplechoice
@@ -346,7 +346,7 @@ controller_templates:
notification_templates_success: Telemetry
notification_templates_error: Telemetry
credentials:
- "Workshop Credential"
- "Workshop Credential"
extra_vars:
sudo_remove_nopasswd: false
survey_enabled: true
@@ -356,7 +356,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Compliance Profile
type: multiplechoice
@@ -371,7 +371,7 @@ controller_templates:
project: "Ansible official demo project"
playbook: "linux/insights_compliance_scan.yml"
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -379,7 +379,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Have you associated a compliance profile in the Insights Console for all hosts to be scanned? If not, then the scan will fail.
type: multiplechoice
@@ -400,7 +400,7 @@ controller_templates:
notification_templates_error: Telemetry
use_fact_cache: true
credentials:
- "Workshop Credential"
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
@@ -408,7 +408,7 @@ controller_templates:
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
variable: _hosts
required: true
- question_name: Application Package Name
type: text

6
linux/system_roles.yml
View File

@@ -1,14 +1,14 @@
---
- name: Apply RHEL System Roles
hosts: "{{ HOSTS }}"
hosts: "{{ _hosts | default(omit) }}"
become: true
vars:
system_roles: undef
tasks:
- name: Apply System Roles
include_role:
ansible.builtin.include_role:
name: "redhat.rhel_system_roles.{{ item }}"
loop: "{{ system_roles }}"
when:
- system_roles | d("") | length > 0
- system_roles | d("") | length > 0

20
linux/temp_sudo.yml
View File

@@ -1,8 +1,8 @@
---
- name: Temporary Sudo
hosts: "{{ HOSTS }}"
become: yes
gather_facts: no
hosts: "{{ _hosts | default(omit) }}"
become: true
gather_facts: false
vars:
sudo_cleanup: true
sudo_user: undef
@@ -11,31 +11,31 @@
tasks:
- name: Check if sudo user exists on system
getent:
ansible.builtin.getent:
database: passwd
key: "{{ sudo_user }}"
- name: Check Cleanup package
yum:
ansible.builtin.yum:
name: at
state: present
- name: Check Cleanup Service
service:
ansible.builtin.service:
name: atd
state: started
- name: Create Sudo Rule
copy:
ansible.builtin.copy:
dest: "/etc/sudoers.d/{{ sudo_user }}"
owner: root
group: root
mode: 0640
mode: "0640"
content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
- name: Set Permission Cleanup
at:
ansible.posix.at:
command: "rm /etc/sudoers.d/{{ sudo_user }}"
count: "{{ sudo_time }}"
units: "{{ sudo_units }}"
when: sudo_cleanup|bool
when: sudo_cleanup | bool

30
linux/tshoot.yml
View File

@@ -1,29 +1,29 @@
---
- name: gather debug info
hosts: "{{ HOSTS }}"
become: yes
- name: Gather debug info
hosts: "{{ _hosts | default(omit) }}"
become: true
tasks:
- name: Gather recent vmstat info
command: /bin/vmstat 1 5
ansible.builtin.command: /bin/vmstat 1 5
register: vmstat
- name: Gather top CPU hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu
ansible.builtin.command: ps -eo user,pid,size,pcpu,cmd --sort=-pcpu
register: pscpu
- name: Gather top memory hogs
command: ps -eo user,pid,size,pcpu,cmd --sort=-size
ansible.builtin.command: ps -eo user,pid,size,pcpu,cmd --sort=-size
register: pssize
- name: Swap + wait states
debug:
ansible.builtin.debug:
var: vmstat.stdout_lines
- name: Top 3 CPU hogs
debug:
ansible.builtin.debug:
var: pscpu.stdout_lines[:4]
- name: Top 3 memory hogs
debug:
var: pssize.stdout_lines[:4]
ansible.builtin.debug:
var: pssize.stdout_lines[:4]