Ansible yum Module: Install Packages on RHEL/CentOS (Examples & Playbook)

By Luca Berton · Published 2024-01-01 · Category: installation

How to install packages on RHEL, CentOS, Fedora, and AlmaLinux using Ansible yum module. Install, update, remove packages with state, enablerepo, and version.

Ansible yum Module: Install Packages on RHEL/CentOS (Examples & Playbook)

How to Install a package with Ansible in RedHat-like systems?

I’m going to show you a live Playbook and some simple Ansible code. I’m Luca Berton and welcome to today’s episode of Ansible Pilot

See also: Install Google Chrome on Red Hat Using Ansible

Ansible Install a package in RedHat-like systems

Today we’re talking about the Ansible module YUM and DNF. The full names are ansible.builtin.yum and ansible.builtin.dnf, which means are part of the collection of modules “builtin” with ansible and shipped with it. These modules are pretty stable and out for years. They work on RedHat-like operating systems and Manages packages with the yum/DNF package manager. For compatibility purpose you probably ended up using more the yum module than the DNF one, that is designed for modern operating systems.

Main Parameters

• name _string_ • state _string_ • update_cache _boolean_ • allow_downgrade _boolean_

The parameter list is pretty wide but this four are the most important options. In the “name” parameter you are going to specify the name of the package or the specific version you would like to install. The “state” specifies the action that we would like to perform. In our case for install is “present or installed”. I’d like to mention some additional parameters that might be useful for you. For example “update_cache” forces to update the repository metadata before the installation. It could be useful to make sure that the repository is up-to-date. “allow_downgrade” is an interesting option that allows you to install a previous version of a package currently installed (the downgrade process), default disabled.

See also: Install PostgreSQL in RedHat-like systems - Ansible modules yum, stat, shell, service

Demo

Let’s jump in a real-life playbook to install a package in RedHat-like systems with Ansible

single package

• package install


---
- name: yum module Playbook
  hosts: all
  become: true
  tasks:
    - name: install package
      yum:
        name: wget
        state: present

specific package version

• specific package version

---
- name: yum module Playbook
  hosts: all
  become: true
  tasks:
    - name: install package
      yum:
        name: wget-1.19.5-7.el8
        state: present
        allow_downgrade: true

code with ❤️ in GitHub

Conclusion

Now you know how to install a package and a specific version of a package in RedHat-like systems.

See also: Ansible Playbook for Installing Docker on Linux Systems

Package Installation Examples

Install specific version

- name: Install specific nginx version
  ansible.builtin.yum:
    name: nginx-1.24.0-1.el9
    state: present
  become: true

Install multiple packages

- name: Install development tools
  ansible.builtin.yum:
    name:
      - git
      - vim-enhanced
      - curl
      - wget
      - jq
    state: present
  become: true

Install from a specific repo

- name: Install from EPEL
  ansible.builtin.yum:
    name: htop
    state: present
    enablerepo: epel
  become: true

Install from URL or local RPM

- name: Install from URL ansible.builtin.yum: name: https://example.com/package-1.0.rpm state: present become: true

- name: Install local RPM ansible.builtin.yum: name: /tmp/my-package-1.0.rpm state: present disable_gpg_check: true become: true

Package States

| State | Description | |-------|-------------| | present | Install if not already installed | | latest | Install or update to latest version | | absent | Remove the package | | installed | Alias for present | | removed | Alias for absent |

Update Packages

# Update specific package - ansible.builtin.yum: name: openssl state: latest become: true # Update all packages - ansible.builtin.yum: name: '*' state: latest become: true

# Security updates only - ansible.builtin.yum: name: '*' state: latest security: true become: true

Package Groups

- name: Install Development Tools group
  ansible.builtin.yum:
    name: '@Development Tools'
    state: present
  become: true

yum vs dnf vs package

| Module | Distros | |--------|---------| | yum | RHEL 7, CentOS 7 | | dnf | RHEL 8+, Fedora 22+, AlmaLinux, Rocky | | package | Any (auto-selects backend) |

# Cross-distro compatible
- ansible.builtin.package:
    name: git
    state: present
  become: true

Key Parameters

| Parameter | Description | |-----------|-------------| | name | Package name(s) | | state | present, latest, absent | | enablerepo | Enable specific repo | | disablerepo | Disable specific repo | | exclude | Packages to exclude from update | | update_cache | Refresh yum cache | | security | Only security updates | | disable_gpg_check | Skip GPG verification |

FAQ

How do I list available versions?

- name: List available nginx versions
  ansible.builtin.command: yum list available nginx --showduplicates
  register: versions
  changed_when: false

How do I hold/pin a package version?

- name: Install versionlock plugin ansible.builtin.yum: name: yum-plugin-versionlock state: present

- name: Lock nginx version ansible.builtin.command: yum versionlock nginx-1.24.0 become: true

Why use `present` instead of `latest`?

latest upgrades on every run if a newer version exists. present only installs if missing. Use present for stability, latest for always-updated packages.

Related Articles

• Ansible privilege escalation patterns

Category: installation

Watch the video: Ansible yum Module: Install Packages on RHEL/CentOS (Examples & Playbook) — Video Tutorial

Browse all Ansible tutorials · AnsiblePilot Home