At the heart of Linux automation is the cron scheduler.
One of the biggest use cases I use cron personally for is system/package updates. How many of you forget to brew upgrade or apt update or docker pull? I have the same problem. Fortunately for us there is cron.
In this blog I will show you how to set up a cron job to run a playbook that updates your system.
A crontab is a file that lists jobs (commands) to run. These jobs can include patch updates, script executions, server reboots—almost anything. The jobs are run on a schedule, allowing you to automate actions in the future. The schedule for each job is set up within the crontab file using a specific time and date format.
To edit the crontab, you can use the command crontab -e
. This opens the crontab file in your default text editor.
The crontab has multiple parts when you open it to edit it.
We will break this up into a few parts. The time/date, the command, and the output.
0 6 * * *
means what?
When scheduling your cronjob half of the battle is knowing when to schedule it.
Upon first glance, it would be hard to understand how the
system knows how to make all those symbols and numbers into date/time format without understanding cron scheduler. Luckily for all of us there is
crontab.guru. LOL Honestly, this is a great site to help you understand how to schedule your cron jobs. It
breaks down the cron syntax in a way that's easy to understand. Each asterisk represents a field for the minute, hour, day of the month, month, and day of the week. You can replace the asterisks with specific values to schedule the command to run at a
specific time. For example, if you want the command to run every day at 6 AM, you would use the
following format:0 6 * * *
The first field is for minutes, the second is for hours, the third is for the day of the month, the fourth is for the month, and the fifth is for the day of the week. The asterisks mean "every" in that field.
This is the action you want to take or script to run. In this case, I am going to run an Ansible
playbook that updates my system from a specific file location. The command is
ansible-playbook -i inventory.ini /home/ansible/playbooks/update.yml
. This tells cron to run the Ansible
playbook located /home/ansible/playbooks/
directory with the inventory file inventory.ini
and the
playbook file update.yml
. Feel free to check out the actual code from the repo hyperlinked. Scheduling commands or scripts to run at specific times is crucial for automation.
This is where you can specify where to send the output of the command or any errors if you have them. ansible-playbook /home/ansible/playbooks/update.yml >> /mnt/QNAP/backuplogs/update.log 2>&1
In
this case, I am sending the output to a file called update.log
in the /mnt/QNAP/backuplogs
directory.
This is useful for debugging and auditing purposes. If there are any errors or output from the command,
they will be logged in this file. Sometimes you want to see exactly what happened when the script was ran as if you ran it yourself in the terminal. This output to a log file does it for you.
To wrap it up, each line in a crontab schedules a different task, such as running an Ansible playbook or a shell script. The output (including any errors) is redirected to a location of your choice. This makes it easy to review what happened during each scheduled run and troubleshoot. I have quite a few crontab entries. Automating tasks like this can save you a lot of time and effort in the long run. It really helps me stay on top of vulnerabilities and updates. Do you think the first entry in my crontab is scheduled?
I served in the U.S. Army, specializing in Network Switching Systems and was attached to a Patriot Missile System Battalion. After my deployment and Honorable discharge, I went to college in Jacksonville, FL for Computer Science. I have two beautiful and very intelligent daughters. I have more than 20 years professional IT experience. This page is made to learn and have fun. If its messed up, let me know. Im still learning :)