AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible on AlmaLinux 9 Automation Complete Guide

By Luca Berton · Published 2024-01-01 · Category: installation

Automate AlmaLinux 9 (Turquoise Kodkod) servers with Ansible: dnf, ELevate migration, SELinux, firewalld, Podman, kernel live patching.

AlmaLinux 9 (Turquoise Kodkod) is a community-driven RHEL 9 rebuild produced by the AlmaLinux OS Foundation. It tracks RHEL 9.x ABI and is supported through May 2032. AlmaLinux additionally backports critical fixes for hardware that Red Hat has dropped from RHEL 9 (the Application Binary Compatibility model). This is the master Ansible guide for AlmaLinux 9.

AlmaLinux 9 release facts

| Item | Value | |---|---| | Code name | Turquoise Kodkod | | GA | 2022-05-26 | | Support end | 2032-05-31 | | Default kernel | 5.14 | | Default Python | 3.9 |

See also: Ansible on AlmaLinux 10 Automation Complete Guide

Ansible-core compatibility

Use ansible-core 2.18 LTS.

Baseline playbook

- name: AlmaLinux 9 baseline
  hosts: alma9
  become: true
  tasks:
    - name: Update packages
      ansible.builtin.dnf: { name: "*", state: latest, update_cache: true }

- name: Enable EPEL
      ansible.builtin.dnf: { name: epel-release, state: present }


- name: Install baseline tools
      ansible.builtin.dnf:
        name: [vim-enhanced, chrony, firewalld, policycoreutils-python-utils, podman, cockpit]
        state: present


- name: Enable services
      ansible.builtin.service:
        name: "{{ item }}"
        enabled: true
        state: started
      loop: [chronyd, firewalld, cockpit.socket]


- name: SELinux enforcing
      ansible.posix.selinux: { policy: targeted, state: enforcing }

See also: Ansible on RHEL 9 Automation Complete Guide

ELevate migration (CentOS 7 -> AlmaLinux 9)

The AlmaLinux ELevate project migrates major versions across RHEL forks (CentOS 7 -> 8/9). Drive it from Ansible:

- name: Migrate CentOS 7 to AlmaLinux 9 with ELevate
  hosts: centos7
  become: true
  tasks:
    - name: Add ELevate repo
      ansible.builtin.dnf:
        name: "https://repo.almalinux.org/elevate/elevate-release-latest-el7.noarch.rpm"
        state: present
        disable_gpg_check: true

- name: Install leapp + AlmaLinux migration data
      ansible.builtin.dnf:
        name: [leapp-upgrade, leapp-data-almalinux]
        state: present


- name: Run preupgrade
      ansible.builtin.command: leapp preupgrade
      register: pre
      changed_when: false


- name: Run upgrade (will reboot through several stages)
      ansible.builtin.command: leapp upgrade
      async: 7200
      poll: 0

Kernel live patching with kpatch

- name: Subscribe to AlmaLinux kpatch
  hosts: alma9
  become: true
  tasks:
    - name: Install kpatch
      ansible.builtin.dnf: { name: [kpatch, kpatch-dnf], state: present }

- name: Auto subscribe
      ansible.builtin.command: dnf kpatch auto

See also: Ansible on Fedora 44 Automation Complete Guide

Best practices

• ELevate is one-way; always snapshot or back up before running. • Mirror AlmaLinux repos in your local Satellite/Pulp for air-gapped sites. • Pair dnf-automatic with Ansible-driven reboots for predictable patching.

Conclusion

AlmaLinux 9 is a binary-compatible RHEL 9 alternative with strong community governance and the unique ELevate migration path. Existing RHEL/CentOS Ansible playbooks run unchanged.

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home