If you are not familiar with modules, check out Ansible - Getting Started with Modules.
There are a few modules that can be used to manage packages.
- apt module
- dnf module
- package module
- package_facts module
- yum module (this article)
It often make sense to use the ansible.builtin.package module because the package module should be able to be used against any Linux distribution. On the other hand, the other package management modules are can only be used against certain distributions. For example, the dnf module can only be used against Red Hat distributions (CentOS, Fedora, Red Hat).
However, be aware that the ansible.builtin.package module may fail fatal with the following based on the package manager being used on the target server, and the version(s) of Python on the target server.
fatal: [server1.example.com]: FAILED! => {"changed": false, "msg": "The Python 2 yum module is needed for this module. If you require Python 3 support use the `dnf` Ansible module instead."}
What I have found to be most stable is to use the ansible_pkg_mgr fact to determine if the package manager being used on the target server and to then use the module for the package manager being used on the target server.
---
- hosts: all
tasks:
- name: update wget using dnf
ansible.builtin.dnf:
name: wget
state: latest
when: ansible_pkg_mgr == 'dnf'
- name: update wget using yum
ansible.builtin.yum:
name: wget
state: latest
when: ansible_pkg_mgr == 'yum'
- name: update wget using apt
ansible.builtin.apt:
name: wget
state: latest
when: ansible_pkg_mgr == 'apt'
...
On a Red Hat distributions (CentOS, Fedora, Red Hat), if you need to create a .repo file, such as /etc/yum.repos.d/epel.com, the yum_repository module can be used to create the .repo file.
---
- hosts: all
tasks:
- name: add the /etc/yum.repos.d/epel.repo
ansible.builtin.yum_repository:
name: epel
description: EPEL repo
baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
...
In this example, if the wget package is not installed on the system, the latest version of wget will be installed. If wget is already installed, wget will be updated to to the latest version.
---
- hosts: all
tasks:
- name: update wget
ansible.builtin.yum:
name: wget
state: latest
...
Install / Upgrade multiple packages
You could also install or upgrade multiple packages at once, like this.
---
- hosts: all
tasks:
- name: update wget and bzip2
ansible.builtin.yum:
name: ['wget', 'bzip2']
state: latest
...
Or like this.
---
- hosts: all
tasks:
- name: update wget and bzip2
ansible.builtin.yum:
name:
- wget
- bzip2
state: latest
...
Update all packages
The wildcard character can be used to update all installed packages on the managed node.
---
- hosts: all
tasks:
- name: update all packages - this is like running the 'yum update' command
ansible.builtin.yum:
name: "*"
state: latest
...
On the managed node, the ps command could be used to see that the yum update command is being run.
[root@server1 ~]# ps -ef | grep yum
root 9111 9011 0 07:15 pts/0 00:00:00 /bin/sh -c /usr/bin/python /root/.ansible/tmp/ansible-tmp-1612617280.7864397-7023-219484007335662/AnsiballZ_yum.py && sleep 0
root 9114 9111 0 07:15 pts/0 00:00:00 /usr/bin/python /root/.ansible/tmp/ansible-tmp-1612617280.7864397-7023-219484007335662/AnsiballZ_yum.py
root 9172 9114 27 07:15 pts/0 00:00:27 /usr/bin/python /usr/bin/yum -d 2 -y update
root 18075 9233 0 07:17 pts/1 00:00:00 grep --color=auto yum
Package successfull installed or updated
If the package was successfully installed or updated, the task should have a status of "changed".
PLAY [all]
TASK [Gather Facts]
ok: [server1.example.com]
TASK [install or upgrade wget]
changed: [server1.example.com]
PLAY RECAP
server1.example.com : ok=2 changed=1 unreachable=0 failed=0
Lastest version of package already installed
If the latest version of the package is already installed on the managed node (e.g. target system), the "install or upgrade wget" task should have a status of "ok".
PLAY [all]
TASK [Gather Facts]
ok: [server1.example.com]
TASK [install or upgrade wget]
ok: [server1.example.com]
PLAY RECAP
server1.example.com : ok=2 changed=0 unreachable=0 failed=0
Become (root, sudo)
Typically, only root can use yum to install packages. The become module can be used to become root.
Did you find this article helpful?
If so, consider buying me a coffee over at