AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible on Fedora 46 Automation Complete Guide

By Luca Berton · Published 2024-01-01 · Category: installation

Automate Fedora 46 with Ansible: dnf5, kernel 6.18, Python 3.14, Podman 5.6, GNOME 50, post-quantum SSH, image mode (bootc).

Fedora 46 is the spring 2027 Fedora release. It ships kernel 6.18, Python 3.14, GNOME 50, OpenSSH 10.1 with stable post-quantum KEX, Podman 5.6, and full image mode (bootc) support. This guide covers the Ansible patterns for Fedora 46 workstations and lab servers.

Fedora 46 release facts

| Item | Value | |---|---| | GA | 2027-04 (target) | | EOL | ~2028-05 | | Default kernel | 6.18 | | Default Python | 3.14 | | Default package manager | dnf5 | | Container engine | Podman 5.6 | | Image mode | bootc (GA) |

See also: Ansible on Fedora 44 Automation Complete Guide

Ansible-core compatibility

Use ansible-core 2.21+ (next LTS). Python 3.14 fully supported as managed-node interpreter.

Baseline playbook

- name: Fedora 46 baseline
  hosts: fedora46
  become: true
  tasks:
    - name: Update packages
      ansible.builtin.dnf5: { name: "*", state: latest, update_cache: true }

- name: Install baseline tools
      ansible.builtin.dnf5:
        name: [vim-enhanced, chrony, firewalld, podman, cockpit, bootc, policycoreutils-python-utils]
        state: present


- name: SELinux enforcing
      ansible.posix.selinux: { policy: targeted, state: enforcing }


- name: Enable services
      ansible.builtin.service:
        name: "{{ item }}"
        enabled: true
        state: started
      loop: [chronyd, firewalld, cockpit.socket]

See also: Ansible on Fedora 45 Automation Complete Guide

Image mode (bootc) on Fedora 46

- name: Switch Fedora 46 to bootc image
  hosts: fedora46
  become: true
  tasks:
    - name: bootc switch
      ansible.builtin.command: bootc switch quay.io/fedora/fedora-bootc:46
      register: bs
      changed_when: "'Image' in bs.stdout"

- name: Reboot
      ansible.builtin.reboot:
      when: bs.changed

Post-quantum SSH (default in OpenSSH 10.1)

- name: Pin PQ KEX
  hosts: fedora46
  become: true
  handlers:
    - name: restart sshd
      ansible.builtin.service: { name: sshd, state: restarted }
  tasks:
    - name: SSH PQ drop-in
      ansible.builtin.copy:
        dest: /etc/ssh/sshd_config.d/10-pq.conf
        mode: "0644"
        content: |
          KexAlgorithms mlkem768x25519-sha256,sntrup761x25519-sha512@openssh.com,curve25519-sha256
          PasswordAuthentication no
          PermitRootLogin no
        validate: 'sshd -tf %s'
      notify: restart sshd

See also: Ansible on AlmaLinux 10 Automation Complete Guide

Best practices

• Use bootc for Kubernetes nodes and edge devices; classic dnf for workstations. • For PQ KEX, ensure your bastion runs OpenSSH 9.9+ (otherwise leave classical KEX as fallback). • Validate playbooks against dnf5 API changes between F45 and F46.

Conclusion

Fedora 46 makes image mode (bootc) GA and finalizes post-quantum SSH defaults. Ansible playbooks remain stable; only the bootc and SSH KEX pieces evolve from F45.

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home