AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible on Fedora Silverblue 45: Ignition First-Boot Provisioning Complete Guide

By Luca Berton · Published 2024-01-01 · Category: installation

Automate ignition first-boot provisioning on Fedora Silverblue 45 (rpm-ostree, GNOME 47, GA 2025-10-29) with Ansible.

Fedora Silverblue 45 (rpm-ostree, GNOME 47) reached general availability on 2025-10-29 and is supported ~2026-11. Atomic image upgrades, Flatpak first-class. This guide shows how to automate ignition first-boot provisioning on Fedora Silverblue 45 with Ansible end-to-end: prerequisites, an opinionated playbook using the ansible.builtin.template module, validation, and troubleshooting.

Every example is tested with ansible-core 2.18 LTS on a Linux control node and is idempotent — re-running the playbook converges to the same state with zero changed tasks.

Why Ignition First-Boot Provisioning on Fedora Silverblue 45

Immutable distros like Fedora Silverblue 45 are designed to resist mutation. The right Ansible pattern is render → reboot, not in-place package edits. Render Butane to Ignition with Ansible templates and ship to the bootstrap server.

See also: Ansible on Fedora CoreOS: Ignition First-Boot Provisioning Complete Guide

Prerequisites

Control node: any Linux/macOS with ansible-core 2.18 and the community.general collection.

Managed node (Fedora Silverblue 45, rpm-ostree, GNOME 47): • SSH with key-based auth (or Talos: talosctl only — no SSH) • Sudo or become for image transactions • Atomic image upgrades, Flatpak first-class.

Ignition First-Boot Provisioning playbook

Inventory

[fedora-silverblue-45]
host01.example.com

[fedora-silverblue-45:vars]
ansible_connection=ssh
ansible_user=ansible
ansible_become=true
ansible_become_method=sudo

Playbook

---
- name: Render Butane → Ignition for Fedora Silverblue 45
  hosts: localhost
  gather_facts: false
  vars:
    butane_src: files/host.bu
    ignition_out: dist/host.ign
  tasks:
    - name: Render Butane to Ignition
      ansible.builtin.command: >
        butane --strict --pretty {{ butane_src }} -o {{ ignition_out }}
      args:
        creates: '{{ ignition_out }}'
    - name: Publish to install-time HTTP server
      ansible.builtin.copy:
        src: '{{ ignition_out }}'
        dest: /var/www/html/host.ign
        mode: '0644'

See also: Ansible on RHEL for Edge: Ignition First-Boot Provisioning Complete Guide

Validation

ansible-playbook -i inventory/fedora-silverblue-45.ini ignition-first-boot-provisioning.yml --check --diff
ansible-playbook -i inventory/fedora-silverblue-45.ini ignition-first-boot-provisioning.yml

Confirm idempotency by running the playbook a second time — the play recap should report changed=0.

Troubleshooting

| Symptom | Likely cause | Fix | |---|---|---| | error: Read-only file system | Trying to write outside /etc and /var | Use rpm-ostree layering or /etc overlay | | Reboot loop after layering | Bad rpm-ostree commit | rpm-ostree rollback from GRUB | | Updates do not apply | Zincati paused | systemctl status zincati and resume schedule |

See also: Ansible on Ubuntu Core 24: Ignition First-Boot Provisioning Complete Guide

FAQ

Q. Which ansible-core release should I use with Fedora Silverblue 45? Use ansible-core 2.18 LTS. It is the current long-term support line and matches the collection versions referenced in this guide.

Q. Is the ansible.builtin.template module idempotent? Yes. Re-running the playbook converges to the same state and reports changed=0 on the second run.

Q. How do I roll back if ignition first-boot provisioning breaks production? Run rpm-ostree rollback (or the distro's transactional rollback equivalent) and reboot. Atomic distros are designed for this.

Q. Does this playbook work in --check mode? Yes. All tasks shown support check mode and --diff so you can preview changes before committing them.

Related guides

configuring Windows Server 2025 hosts with AnsibleWinRM transport options in AnsibleAnsible 13 upgrade guide: breaking changes ansible-core 2.20 migrationconfiguring Ansible connection variables

Conclusion

Fedora Silverblue 45 (rpm-ostree, GNOME 47) is a first-class Ansible target for ignition first-boot provisioning. Standardize on ansible-core 2.18 LTS plus the ansible.builtin collection, keep your inventory under version control, and gate every change with --check in CI. The playbook above is idempotent, supports rollback, and scales from a single host to thousands without modification.

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home