AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible on AlmaLinux 10 Automation Complete Guide

By Luca Berton · Published 2024-01-01 · Category: installation

Automate AlmaLinux 10 (Purple Lion) servers with Ansible: dnf, image mode, SELinux, firewalld, Podman 5, AlmaLinux Kitten testing channel, ELevate.

AlmaLinux 10 (Purple Lion) is the community RHEL 10 rebuild. It ships kernel 6.12, Python 3.12, OpenSSH 9.9, Podman 5, and supports both classic RPM and bootc image-mode deployments. Support runs through May 2035. AlmaLinux 10 also restores hardware support that upstream RHEL 10 dropped — a meaningful differentiator for older fleets.

AlmaLinux 10 release facts

| Item | Value | |---|---| | Code name | Purple Lion | | GA | 2025-05-27 | | Support end | 2035-05-31 | | Default kernel | 6.12 | | Default Python | 3.12 | | Default OpenSSH | 9.9p1 | | Container engine | Podman 5 | | Image mode | bootc | | Testing channel | AlmaLinux Kitten 10 |

See also: Ansible on AlmaLinux 9 Automation Complete Guide

Ansible-core compatibility

Use ansible-core 2.18 LTS or newer.

Inventory

[alma10]
alma10-01.example.com
alma10-02.example.com

[alma10:vars]
ansible_user=almalinux
ansible_python_interpreter=/usr/bin/python3

See also: Ansible on RHEL 10 Automation Complete Guide

Baseline playbook

- name: AlmaLinux 10 baseline
  hosts: alma10
  become: true
  tasks:
    - name: Update packages
      ansible.builtin.dnf: { name: "*", state: latest, update_cache: true }

- name: Enable EPEL 10
      ansible.builtin.dnf: { name: epel-release, state: present }


- name: Install baseline tools
      ansible.builtin.dnf:
        name: [vim-enhanced, chrony, firewalld, policycoreutils-python-utils, podman, cockpit, bootc]
        state: present


- name: Enable services
      ansible.builtin.service:
        name: "{{ item }}"
        enabled: true
        state: started
      loop: [chronyd, firewalld, cockpit.socket]


- name: SELinux enforcing
      ansible.posix.selinux: { policy: targeted, state: enforcing }

Image mode with bootc

- name: Roll out new bootc image
  hosts: alma10
  become: true
  tasks:
    - name: bootc switch
      ansible.builtin.command: bootc switch quay.io/almalinuxorg/almalinux-bootc:10
      register: bs
      changed_when: "'Image' in bs.stdout"

- name: Reboot
      ansible.builtin.reboot:
      when: bs.changed

See also: Ansible on Rocky Linux 10 Automation Complete Guide

AlmaLinux Kitten preview channel

- name: Track Kitten 10 (preview) channel
  hosts: alma10_lab
  become: true
  tasks:
    - name: Switch to Kitten repos
      ansible.builtin.command: almalinux-release-kitten
      args:
        creates: /etc/yum.repos.d/almalinux-kitten.repo

- name: Refresh metadata
      ansible.builtin.dnf: { update_cache: true }

Migration from AlmaLinux 9

- name: ELevate migrate Alma 9 -> Alma 10
  hosts: alma9_to_migrate
  become: true
  tasks:
    - name: Add ELevate
      ansible.builtin.dnf:
        name: https://repo.almalinux.org/elevate/elevate-release-latest-el9.noarch.rpm
        state: present
        disable_gpg_check: true

- name: Install leapp data
      ansible.builtin.dnf:
        name: [leapp-upgrade, leapp-data-almalinux]
        state: present


- name: Preupgrade
      ansible.builtin.command: leapp preupgrade


- name: Upgrade
      ansible.builtin.command: leapp upgrade
      async: 7200
      poll: 0

Best practices

• Use Kitten in lab environments to validate playbooks against the next AlmaLinux 10 minor. • Adopt bootc image mode for stateless workloads; classic RPM for stateful databases. • Mirror Quay-hosted bootc images to your registry for offline updates.

Conclusion

AlmaLinux 10 brings RHEL 10 capabilities — image mode, post-quantum SSH, Podman 5 — to community-supported infrastructure with restored hardware coverage. Ansible playbooks port directly from RHEL 10.

Installing Ansible on AlmaLinux 10

sudo dnf install epel-release -y
sudo dnf install ansible-core -y
ansible --version

Server Automation

- name: Configure AlmaLinux 10
  hosts: almalinux
  become: true
  tasks:
    - name: Install packages
      ansible.builtin.dnf:
        name:
          - vim-enhanced
          - git
          - curl
          - firewalld
          - dnf-automatic
        state: present

- name: Configure firewall
      ansible.posix.firewalld:
        service: "{{ item }}"
        permanent: true
        immediate: true
        state: enabled
      loop: [ssh, http, https]


- name: SELinux enforcing
      ansible.posix.selinux:
        policy: targeted
        state: enforcing


- name: Create admin users
      ansible.builtin.user:
        name: "{{ item.name }}"
        groups: wheel
        append: true
      loop: "{{ vault_admin_users }}"


- name: Deploy SSH keys
      ansible.posix.authorized_key:
        user: "{{ item.name }}"
        key: "{{ item.ssh_key }}"
      loop: "{{ vault_admin_users }}"


- name: Enable auto-updates
      ansible.builtin.systemd:
        name: dnf-automatic-install.timer
        state: started
        enabled: true

FAQ

What is the difference between AlmaLinux 9 and 10?

AlmaLinux 10 tracks RHEL 10 with updated kernel, toolchain, and packages. Ansible playbooks from AlmaLinux 9 generally work with minor package name adjustments.

Is AlmaLinux or Rocky Linux better for Ansible?

Both are RHEL-compatible and work identically with Ansible. Choose based on organizational preference — both have strong community support.

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home