Ansible on openSUSE Tumbleweed Automation Complete Guide

openSUSE Tumbleweed is a rolling-release distribution that always carries the latest stable upstream packages — typically kernel 6.x, Python 3.13/3.14, GNOME/KDE current, OpenSSH 10.0, Podman 5.x. It pairs aggressive updates with Btrfs snapshots and Snapper rollback to keep developer and lab systems safe. This guide covers idempotent Ansible automation on Tumbleweed.

Tumbleweed release facts

| Item | Value | |---|---| | Type | Rolling release | | Kernel | latest stable (~6.16+) | | Python | 3.13/3.14 | | Package manager | zypper | | Update mode | zypper dup | | Snapshot tool | Snapper (Btrfs) |

See also: Ansible on openSUSE Leap 15.6 Automation Complete Guide

Ansible-core compatibility

Use ansible-core 2.20 with ansible_python_interpreter=/usr/bin/python3.

Baseline playbook

- name: Tumbleweed baseline
  hosts: tumbleweed
  become: true
  tasks:
    - name: Refresh repos
      community.general.zypper_repository: { repo: "*", autorefresh: true, runrefresh: true }
- name: Distribution upgrade
      community.general.zypper:
        name: "*"
        state: dist-upgrade
        update_cache: true
- name: Install baseline tools
      community.general.zypper:
        name: [vim, chrony, firewalld, apparmor-utils, cockpit, podman, snapper]
        state: present
- name: Enable services
      ansible.builtin.service:
        name: "{{ item }}"
        enabled: true
        state: started
      loop: [chronyd, firewalld, cockpit.socket, snapper-timeline.timer, snapper-cleanup.timer]

See also: Ansible on SUSE Linux Enterprise Server 15 SP6 Automation Complete Guide

Snapshot-aware patching

- name: Patch with explicit pre/post snapshots
  hosts: tumbleweed
  become: true
  tasks:
    - name: Pre-update snapshot
      ansible.builtin.command: snapper create --type pre --description "Ansible pre-dup" --print-number
      register: pre
- name: Distribution upgrade
      community.general.zypper: { name: "*", state: dist-upgrade }
- name: Post-update snapshot linked to pre
      ansible.builtin.command: snapper create --type post --pre-number {{ pre.stdout }} --description "Ansible post-dup"
- name: Reboot if kernel updated
      ansible.builtin.reboot:
      when: ansible_facts['kernel'] != lookup('ansible.builtin.file', '/proc/version')

Rollback (when an update breaks something)

- name: Rollback last snapshot
  hosts: tumbleweed
  become: true
  tasks:
    - name: List snapshots
      ansible.builtin.command: snapper list
      register: snaps
      changed_when: false
- name: Roll back to specified snapshot
      ansible.builtin.command: snapper rollback {{ rollback_number }}
      register: rb
      changed_when: "'New default subvolume' in rb.stdout"
- name: Reboot
      ansible.builtin.reboot:
      when: rb.changed

See also: Ansible on SUSE Linux Enterprise Server 16 Automation Complete Guide

Best practices

• Always create a Snapper pre/post pair around zypper dup runs. • Pin development tooling per project (containers, venvs) to absorb rolling churn. • Don't run Tumbleweed for production workloads — pick SLES 15/16 or Leap.

Conclusion

Tumbleweed gives you bleeding-edge Linux backed by Btrfs snapshots. Ansible orchestrates the rolling-update workflow safely: snapshot, dup, verify, reboot, and roll back if needed.