ansible/kubernetes_update_nodes.yml

---
- name: system updates
  hosts: k8s-worker
  become: true
  serial: 5
  tasks:
    - name: print host
      become: false
      debug:
        var: inventory_hostname

    - name: drain hosts
      become: false
      environment:
        KUBECONFIG: "{{ lookup('env', 'KUBECONFIG') }}"
      kubernetes.core.k8s_drain:
        name: "{{ inventory_hostname }}"
        delete_options:
          delete_emptydir_data: true
          ignore_daemonsets: true
          terminate_grace_period: 0
      delegate_to: 127.0.0.1
      ignore_errors: true

    - name: update packages
      ansible.builtin.shell: yum update -y --disablerepo=kubernetes
      when: ansible_os_family == "RedHat"

    - name: update debian/ubuntu packages
      ansible.builtin.apt:
        update_cache: yes
        cache_valid_time: 3600
        state: latest
        name: "*"
      when: ansible_os_family == "Debian"

    - name: reboot
      ansible.builtin.reboot:

    - name: wait for node to be ready
      become: false
      kubernetes.core.k8s_info:
        kind: Node
        name: "{{ inventory_hostname }}"
        wait: yes
        wait_condition:
          type: Ready
          status: True
      delegate_to: 127.0.0.1

    - name: uncordon hosts
      become: false
      environment:
        KUBECONFIG: "{{ lookup('env', 'KUBECONFIG') }}"
      kubernetes.core.k8s_drain:
        name: "{{ inventory_hostname }}"
        state: uncordon
      delegate_to: 127.0.0.1


- name: system updates
  hosts: k8s-control-plane
  become: true
  serial: 1
  tasks:
    - name: print host
      become: false
      debug:
        var: inventory_hostname

    - name: drain hosts
      become: false
      environment:
        KUBECONFIG: "{{ lookup('env', 'KUBECONFIG') }}"
      kubernetes.core.k8s_drain:
        name: "{{ inventory_hostname }}"
        delete_options:
          delete_emptydir_data: true
          ignore_daemonsets: true
          terminate_grace_period: 0
      delegate_to: 127.0.0.1

    - name: update packages
      ansible.builtin.shell: yum update -y --disablerepo=kubernetes
      when: ansible_os_family == "RedHat"

    - name: update debian/ubuntu packages
      ansible.builtin.apt:
        update_cache: yes
        cache_valid_time: 3600
        state: latest
        name: "*"
      when: ansible_os_family == "Debian"

    - name: reboot
      ansible.builtin.reboot:

    - name: wait for node to be ready
      become: false
      kubernetes.core.k8s_info:
        kind: Node
        name: "{{ inventory_hostname }}"
        wait: yes
        wait_condition:
          type: Ready
          status: True
      delegate_to: 127.0.0.1

    - name: uncordon hosts
      become: false
      environment:
        KUBECONFIG: "{{ lookup('env', 'KUBECONFIG') }}"
      kubernetes.core.k8s_drain:
        name: "{{ inventory_hostname }}"
        state: uncordon
      delegate_to: 127.0.0.1