AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible Yum Errors: Fix Package Installation Failures (RHEL/CentOS)

By Luca Berton · Published 2024-01-01 · Category: installation

Fix common Ansible yum module errors: package not found, GPG check failed, locked database, repo errors.

Ansible Yum Errors: Fix Package Installation Failures (RHEL/CentOS)

Introduction

When working with the Yum package manager using Ansible, it’s crucial to ensure tasks are idempotent and avoid triggering unnecessary reboots unless explicitly required. This guide provides practical steps to troubleshoot Yum command failures and maintain efficient playbook execution.

---

See also: Ansible Troubleshooting Installation Issues on macOS and Python

Troubleshooting Steps

1. Check the Yum Logs

Examine the logs to identify the root cause of the failure: • Use journalctl or check /var/log/yum.log to analyze the error.

2. Verify the State

• Confirm that the package you are trying to install exists in the repositories. • Ensure the system has proper connectivity to the Yum repository.

---

Idempotency in Playbooks

Ensure Idempotent Tasks

• Use the state: present parameter to verify that the package installation is idempotent. • Utilize changed_when or failed_when conditions for customized error handling.

---

See also: Install Google Chrome on Red Hat Using Ansible

Avoid Unnecessary Reboots

Conditional Reboots

Avoid adding a reboot task unless absolutely necessary, such as after a kernel update. Use conditional statements to manage reboots: 
- name: Reboot only if required
  ansible.builtin.reboot:
    reboot_timeout: 300
  when: ansible_pkg_mgr == "yum" and package_requires_reboot

---

Testing and Dry Runs

Simulate Execution

Run your playbooks in check mode to identify issues without making changes: 
ansible-playbook --check playbook.yml

---

See also: Ansible yum Module: Install Packages on RHEL/CentOS (Examples & Playbook)

Error Handling in the Yum Module

Example of Error Handling

Implement error handling to manage failures gracefully: 
- name: Install a package with Yum
  ansible.builtin.yum:
    name: httpd
    state: present
  register: yum_result
  failed_when: "'failure' in yum_result"

---

Conclusion

Avoid rebooting as a first troubleshooting measure, as most issues with Yum can be resolved without a system restart. Following these best practices ensures a smooth automation experience while maintaining system stability.

Common Yum Errors and Fixes

Error: "No package matching 'xyz' found"

fatal: [server]: FAILED! => {"msg": "No package matching 'xyz' found available, installed or updated"}

Causes: • Package name is wrong or doesn't exist in enabled repos • Repository metadata is stale

Fix:

- name: Update cache and install
  ansible.builtin.yum:
    name: nginx
    state: present
    update_cache: true
  become: true

Error: GPG check failed

fatal: [server]: FAILED! => {"msg": "GPG check FAILED"}

Fix (proper way — import the key):

- name: Import RPM GPG key
  ansible.builtin.rpm_key:
    key: https://www.redhat.com/security/data/fd431d51.txt
    state: present
  become: true

- name: Install package
  ansible.builtin.yum:
    name: nginx
    state: present
  become: true

Fix (quick way — disable GPG check for one task):

- name: Install without GPG check
  ansible.builtin.yum:
    name: nginx
    state: present
    disable_gpg_check: true
  become: true

Error: Yum lock / Another process is running

fatal: [server]: FAILED! => {"msg": "yum lockfile is held by another process"}

Fix:

- name: Wait for yum lock to clear
  ansible.builtin.shell: |
    while fuser /var/run/yum.pid >/dev/null 2>&1; do
      sleep 5
    done
  become: true
  changed_when: false

- name: Install package
  ansible.builtin.yum:
    name: nginx
    state: present
  become: true

Error: Repository not found / baseurl not set

Fix — add the repo first:

- name: Add EPEL repository
  ansible.builtin.yum:
    name: epel-release
    state: present
  become: true

- name: Install package from EPEL
  ansible.builtin.yum:
    name: htop
    state: present
  become: true

yum vs dnf Module

Starting with RHEL 8 and Fedora 22+, dnf replaced yum. Ansible handles this:

| OS | Use Module | |----|-----------| | RHEL 7 / CentOS 7 | ansible.builtin.yum | | RHEL 8-9+ / CentOS Stream | ansible.builtin.dnf | | Fedora | ansible.builtin.dnf | | AlmaLinux / Rocky Linux | ansible.builtin.dnf |

Or use the generic package module:

- name: Works on any distro
  ansible.builtin.package:
    name: git
    state: present
  become: true

FAQ

How do I install a specific version with yum?

- name: Install specific version
  ansible.builtin.yum:
    name: nginx-1.24.0-1.el9
    state: present
  become: true

How do I enable a disabled repo for one task?

- name: Install from PowerTools repo
  ansible.builtin.yum:
    name: ninja-build
    state: present
    enablerepo: crb  # Called "crb" in RHEL 9, "PowerTools" in RHEL 8
  become: true

Should I use state: latest in production?

Generally nolatest upgrades packages to newest version, which can break things. Use present for stability and latest only when you explicitly want upgrades.

Related Articles

Ansible Check Mode GuideAnsible when conditional guide

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home