ansible/infra-automation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
608a9d508cd0a905b4f7b14bc3ff7a8705362d9b
infra-automation/roles/system_info/tasks/gather_cpu.yml
ansible 70b57d223f Add system_info role for comprehensive infrastructure inventory 
New role for gathering detailed system information including CPU, GPU,
RAM, disk, network, and hypervisor details with JSON export capabilities.

Role capabilities:
- Comprehensive hardware detection (CPU, GPU, RAM, disk, network)
- Hypervisor detection (KVM, Proxmox, LXD, Docker, Podman, VMware, Hyper-V)
- System information gathering (OS, kernel, uptime, security modules)
- Health checks and validation tasks
- JSON export with timestamped backups
- Human-readable summary generation
- Support for multiple Linux distributions

Features:
- Modular task organization by information type
- Feature toggles for selective gathering
- CLAUDE.md compliant validation tasks including:
  * Disk usage monitoring (>80% warnings)
  * Memory usage statistics
  * Top CPU and memory processes
  * System uptime tracking
  * Logged users reporting
- OS-specific variable handling
- DMI/SMBIOS hardware information
- SMART disk health status
- Network interface statistics

File structure:
roles/system_info/
├── README.md              # Comprehensive documentation
├── defaults/main.yml      # Configurable defaults
├── vars/main.yml          # Role variables
├── meta/main.yml          # Galaxy metadata
├── tasks/
│   ├── main.yml          # Main task coordinator
│   ├── install.yml       # Package installation
│   ├── gather_system.yml # OS and system info
│   ├── gather_cpu.yml    # CPU details
│   ├── gather_gpu.yml    # GPU detection
│   ├── gather_memory.yml # RAM information
│   ├── gather_disk.yml   # Disk and LVM info
│   ├── gather_network.yml # Network configuration
│   ├── detect_hypervisor.yml # Virtualization detection
│   ├── export_stats.yml  # JSON export
│   └── validate.yml      # Health checks (CLAUDE.md compliant)
├── templates/
│   └── summary.txt.j2    # Human-readable summary
├── handlers/
│   └── main.yml          # Service handlers
└── tests/
    └── test.yml          # Basic test playbook

Use cases:
- Infrastructure inventory for CMDB integration
- Capacity planning and resource optimization
- Hardware audit and compliance reporting
- Hypervisor and VM tracking
- System health monitoring
- Documentation generation

Output:
- JSON: ./stats/machines/<fqdn>/system_info.json
- Backup: ./stats/machines/<fqdn>/system_info_<timestamp>.json
- Summary: ./stats/machines/<fqdn>/summary.txt

Requirements:
- Ansible >= 2.9
- Root/sudo access for hardware information
- Packages: lshw, dmidecode, pciutils, usbutils, smartmontools, ethtool

Compliance:
- CLAUDE.md health check requirements implemented
- CIS Benchmark support for system auditing
- NIST compliance documentation support
- Security-first design with minimal system impact

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-11 01:36:01 +01:00

106 lines
4.5 KiB
YAML
Raw Blame History

---
# CPU information gathering tasks
- name: Gather CPU information from /proc/cpuinfo
shell: |
cat /proc/cpuinfo | grep -E "model name|processor|cpu MHz|cache size|physical id|cpu cores|flags" | head -20
register: system_info_cpu_proc_raw
changed_when: false
tags: [gather, cpu]
- name: Gather CPU count information
set_fact:
system_info_cpu_count:
physical: "{{ ansible_processor_count }}"
cores_per_socket: "{{ ansible_processor_cores }}"
threads_per_core: "{{ ansible_processor_threads_per_core }}"
vcpus: "{{ ansible_processor_vcpus }}"
total_cores: "{{ ansible_processor_count * ansible_processor_cores }}"
tags: [gather, cpu]
- name: Gather CPU model information
set_fact:
system_info_cpu_model: "{{ ansible_processor[2] | default(ansible_processor[0]) }}"
tags: [gather, cpu]
- name: Gather detailed CPU information using lscpu
shell: lscpu
register: system_info_lscpu_raw
changed_when: false
tags: [gather, cpu]
- name: Parse lscpu output
set_fact:
system_info_cpu_architecture: "{{ system_info_lscpu_raw.stdout | regex_search('Architecture:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_op_modes: "{{ system_info_lscpu_raw.stdout | regex_search('CPU op-mode\\(s\\):\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_vendor: "{{ system_info_lscpu_raw.stdout | regex_search('Vendor ID:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_family: "{{ system_info_lscpu_raw.stdout | regex_search('CPU family:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_model_name: "{{ system_info_lscpu_raw.stdout | regex_search('Model name:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_mhz: "{{ system_info_lscpu_raw.stdout | regex_search('CPU MHz:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_max_mhz: "{{ system_info_lscpu_raw.stdout | regex_search('CPU max MHz:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
system_info_cpu_min_mhz: "{{ system_info_lscpu_raw.stdout | regex_search('CPU min MHz:\\s+(.+)', '\\1') | default(['Unknown'], true) | first | trim }}"
tags: [gather, cpu]
- name: Check for CPU vulnerability mitigations
shell: lscpu | grep -i vulnerab || echo "No vulnerability information available"
register: system_info_cpu_vulnerabilities_raw
changed_when: false
tags: [gather, cpu, security]
- name: Gather CPU flags/features
shell: |
grep -m1 "^flags" /proc/cpuinfo | cut -d: -f2 | tr ' ' '\n' | sort | tr '\n' ' '
register: system_info_cpu_flags_raw
changed_when: false
tags: [gather, cpu]
- name: Set CPU flags fact
set_fact:
system_info_cpu_flags: "{{ system_info_cpu_flags_raw.stdout.split() | default([]) }}"
tags: [gather, cpu]
- name: Check for virtualization support
set_fact:
system_info_cpu_virtualization:
vmx: "{{ 'vmx' in system_info_cpu_flags }}"
svm: "{{ 'svm' in system_info_cpu_flags }}"
support: "{{ 'vmx' in system_info_cpu_flags or 'svm' in system_info_cpu_flags }}"
type: "{{ 'Intel VT-x' if 'vmx' in system_info_cpu_flags else ('AMD-V' if 'svm' in system_info_cpu_flags else 'None') }}"
tags: [gather, cpu]
- name: Gather CPU cache information
shell: lscpu | grep -i cache
register: system_info_cpu_cache_raw
changed_when: false
tags: [gather, cpu]
- name: Gather current CPU load
shell: |
uptime | awk -F'load average:' '{print $2}' | sed 's/^ *//'
register: system_info_cpu_load_raw
changed_when: false
tags: [gather, cpu]
- name: Set CPU load fact
set_fact:
system_info_cpu_load: "{{ system_info_cpu_load_raw.stdout | trim }}"
tags: [gather, cpu]
- name: Aggregate CPU information
set_fact:
system_info_cpu:
model: "{{ system_info_cpu_model_name }}"
vendor: "{{ system_info_cpu_vendor }}"
architecture: "{{ system_info_cpu_architecture }}"
family: "{{ system_info_cpu_family }}"
count: "{{ system_info_cpu_count }}"
current_mhz: "{{ system_info_cpu_mhz }}"
max_mhz: "{{ system_info_cpu_max_mhz }}"
min_mhz: "{{ system_info_cpu_min_mhz }}"
cache: "{{ system_info_cpu_cache_raw.stdout_lines | default([]) }}"
flags: "{{ system_info_cpu_flags[:50] }}"
virtualization: "{{ system_info_cpu_virtualization }}"
current_load: "{{ system_info_cpu_load }}"
vulnerabilities: "{{ system_info_cpu_vulnerabilities_raw.stdout_lines | default([]) }}"
tags: [gather, cpu]
Reference in New Issue View Git Blame Copy Permalink