Ansible has amazing support for testing services during playbook execution. This is super useful for validating your services are working after a set of changes take place, and when combined with serial you can stop execution if a change negatively impacts one one or more servers in your fleet. Ansible has a number of modules that can be used to test services, including the uri module.
The uri module allows Ansible to interact with a web endpoint, and provides numerous options to control its behavior. When I apply OS updates to my kubelets, I typically use the reboot module along with uri to verify that the kubelet healthz endpoint is returning a 200 status code after updates are applied:
- name: Reboot the server to pick up a kernel update
reboot:
reboot_timeout: 600
- name: Wait for the kubelet healthz endpoint to return a 200
uri:
url: "http://{{ inventory_hostname }}:10256/healthz"
method: GET
status_code: 200
return_content: no
register: result
until: result.status == 200
retries: 60
delay: 1
In the example above, the uri module issues an HTTP GET to the kubelet’s healthz endpoint, and checks the response for a 200 status code. It will also retry the GET operation 60 times, waiting one second between each request. This allows you to update one or more hosts, test them after the change is made, then move on to next system if the service running on that system is healthy. If the update breaks a service, you can fail the playbook run immediately. Good stuff!