ansible-yum(ansible playbook)

YUM (/usr/lib/python2.7/site-packages/ansible/modules/packaging/os/yum.py)

Installs, upgrade, downgrades, removes, and lists packages and groups with the `yum’ package manager. This module only works on Python 2.
If you require Python 3 support see the [dnf] module.

  • This module is maintained by The Ansible Core Team
  • note: This module has a corresponding action plugin.

OPTIONS (= is mandatory):

  • allow_downgrade
    Specify if the named package and version is allowed to downgrade a maybe already installed higher version of that package. Note that
    setting allow_downgrade=True can make this module behave in a non-idempotent way. The task could end up with a set of packages that does
    not match the complete list of specified packages to install (because dependencies between the downgraded package and others can cause
    changes to the packages which were in the earlier transaction).
    [Default: no]
    type: bool
    version_added: 2.4

  • autoremove
    If yes', removes all "leaf" packages from the system that were originally installed as dependencies of user-installed packages but which are no longer required by any such package. Should be used alone or when state isabsent’
    NOTE: This feature requires yum >= 3.4.3 (RHEL/CentOS 7+)
    [Default: no]
    type: bool
    version_added: 2.7

  • bugfix
    If set to yes', andstate=latest’ then only installs updates that have been marked bugfix related.
    [Default: no]
    version_added: 2.6

  • conf_file
    The remote yum configuration file to use for the transaction.
    [Default: (null)]
    version_added: 0.6

  • disable_excludes
    Disable the excludes defined in YUM config files.
    If set to all', disables all excludes. If set tomain’, disable excludes defined in [main] in yum.conf.
    If set to `repoid’, disable excludes defined for given repo id.
    [Default: (null)]
    version_added: 2.7

  • disable_gpg_check
    Whether to disable the GPG checking of signatures of packages being installed. Has an effect only if state is present' orlatest’.
    [Default: no]
    type: bool
    version_added: 1.2

  • disable_plugin
    `Plugin’ name to disable for the install/update operation. The disabled plugins will not persist beyond the transaction.
    [Default: (null)]
    version_added: 2.5

  • disablerepo
    Repoid' of repositories to disable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a“,”‘.
    As of Ansible 2.7, this can alternatively be a list instead of `”,”‘ separated string
    [Default: (null)]
    version_added: 0.9

  • download_dir
    Specifies an alternate directory to store packages.
    Has an effect only if `download_only’ is specified.
    [Default: (null)]
    type: str
    version_added: 2.8

  • download_only
    Only download the packages, do not install them.
    [Default: no]
    type: bool
    version_added: 2.7

  • enable_plugin
    `Plugin’ name to enable for the install/update operation. The enabled plugin will not persist beyond the transaction.
    [Default: (null)]
    version_added: 2.5

  • enablerepo
    Repoid' of repositories to enable for the install/update operation. These repos will not persist beyond the transaction. When specifying multiple repos, separate them with a“,”‘.
    As of Ansible 2.7, this can alternatively be a list instead of `”,”‘ separated string
    [Default: (null)]
    version_added: 0.9

  • exclude
    Package name(s) to exclude when state=present, or latest
    [Default: (null)]
    version_added: 2.0

  • install_weak_deps
    Will also install all packages linked by a weak dependency relation.
    NOTE: This feature requires yum >= 4 (RHEL/CentOS 8+)
    [Default: yes]
    type: bool
    version_added: 2.8

  • installroot
    Specifies an alternative installroot, relative to which all packages will be installed.
    [Default: /]
    version_added: 2.3

  • list
    Package name to run the equivalent of yum list against. In addition to listing packages, use can also list the following:
    installed',updates’, available' andrepos’.
    [Default: (null)]

  • lock_timeout
    Amount of time to wait for the yum lockfile to be freed.
    [Default: 0]
    type: int
    version_added: 2.8

  • name
    A package name or package specifier with version, like name-1.0'. If a previous version is specified, the task also needs to turnallow_downgrade’ on. See the allow_downgrade' documentation for caveats with downgrading packages. When using state=latest, this can be‘*’’ which means run `yum -y update’.
    You can also pass a url or a local path to a rpm file (using state=present). To operate on several packages this can accept a comma
    separated string of packages or (as of 2.0) a list of packages.
    (Aliases: pkg)[Default: (null)]

  • releasever
    Specifies an alternative release from which all packages will be installed.
    [Default: (null)]
    version_added: 2.7

  • security
    If set to yes', andstate=latest’ then only installs updates that have been marked security related.
    [Default: no]
    type: bool
    version_added: 2.4

  • skip_broken
    Skip packages with broken dependencies(devsolve) and are causing problems.
    [Default: no]
    type: bool
    version_added: 2.3

  • state
    Whether to install (present' orinstalled’, latest'), or remove (absent’ or removed') a package.present’ and installed' will simply ensure that a desired package is installed.latest’ will update the specified package if it’s not of the latest available version.
    absent' andremoved’ will remove the specified package.
    Default is None', however in effect the default action ispresent’ unless the autoremove' option is¬ enabled for this module, thenabsent’ is inferred.
    (Choices: absent, installed, latest, present, removed)[Default: (null)]

  • update_cache
    Force yum to check if cache is out of date and redownload if needed. Has an effect only if state is present' orlatest’.
    (Aliases: expire-cache)[Default: no]
    type: bool
    version_added: 1.9

  • update_only
    When using latest, only update installed packages. Do not install packages.
    Has an effect only if state is `latest’
    [Default: no]
    type: bool
    version_added: 2.5

  • use_backend
    This module supports yum' (as it always has), this is known asyum3’/YUM3'/yum-deprecated’ by upstream yum developers. As of Ansible

2.7+, this module also supports YUM4', which is the "new yum" and it has andnf’ backend.
By default, this module will select the backend based on the `ansible_pkg_mgr’ fact.
(Choices: auto, yum, yum4, dnf)[Default: auto]
version_added: 2.7

  • validate_certs
    This only applies if using a https url as the source of the rpm. e.g. for localinstall. If set to no', the SSL certificates will not be validated. This should only set tono’ used on personally controlled sites using self-signed certificates as it avoids verifying the source site.
    Prior to 2.1 the code worked as if this was set to `yes’.
    [Default: yes]
    type: bool
    version_added: 2.1

NOTES:

  • When used with a loop: each package will be processed individually, it is much more efficient to pass the list directly to the
    name option.
  • In versions prior to 1.9.2 this module installed and removed each package given to the yum module separately. This caused problems
    when packages specified by filename or url had to be installed or removed together. In 1.9.2 this was fixed so that packages are
    installed in one yum transaction. However, if one of the packages adds a new yum repository that the other packages come from (such
    as epel-release) then that package needs to be installed in a separate task. This mimics yum’s command line behaviour.
  • Yum itself has two types of groups. “Package groups” are specified in the rpm itself while “environment groups” are specified in a
    separate file (usually by the distribution). Unfortunately, this division becomes apparent to ansible users because ansible needs
    to operate on the group of packages in a single transaction and yum requires groups to be specified in different ways when used in
    that way. Package groups are specified as “@development-tools” and environment groups are “@^gnome-desktop-environment”. Use the
    “yum group list hidden ids” command to see which category of group the group you want to install falls into.
  • The yum module does not support clearing yum cache in an idempotent way, so it was decided not to implement it, the only method is
    to use shell and call the yum command directly, namely “shell: yum clean all”
    https://github.com/ansible/ansible/pull/31450#issuecomment-352889579

REQUIREMENTS: yum

AUTHOR: Ansible Core Team, Seth Vidal (@skvidal), Eduard Snesarev (@verm666), Berend De Schouwer (@berenddeschouwer), Abhijeet Kasurde (@Akasurde), Adam Miller (@maxamillion)
METADATA:
status:

  • stableinterface
    supported_by: core
    EXAMPLES:

  • name: install the latest version of Apache
    yum:
    name: httpd
    state: latest

  • name: ensure a list of packages installed
    yum:
    name: ““
    vars:
    packages:

  • httpd

  • httpd-tools

  • name: remove the Apache package
    yum:
    name: httpd
    state: absent

  • name: install the latest version of Apache from the testing repo
    yum:
    name: httpd
    enablerepo: testing
    state: present

  • name: install one specific version of Apache
    yum:
    name: httpd-2.2.29-1.4.amzn1
    state: present

  • name: upgrade all packages
    yum:
    name: ‘*’
    state: latest

  • name: upgrade all packages, excluding kernel & foo related packages
    yum:
    name: ‘
    state: latest
    exclude: kernel
    ,foo*

  • name: install the nginx rpm from a remote repo
    yum:
    name: http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
    state: present

  • name: install nginx rpm from a local file
    yum:
    name: /usr/local/src/nginx-release-centos-6-0.el6.ngx.noarch.rpm
    state: present

  • name: install the ‘Development tools’ package group
    yum:
    name: “@Development tools”
    state: present

  • name: install the ‘Gnome desktop’ environment group
    yum:
    name: “@^gnome-desktop-environment”
    state: present

  • name: List ansible packages and register result to print with debug later.
    yum:
    list: ansible
    register: result

  • name: Install package with multiple repos enabled
    yum:
    name: sos
    enablerepo: “epel,ol7_latest”

  • name: Install package with multiple repos disabled
    yum:
    name: sos
    disablerepo: “epel,ol7_latest”

  • name: Install a list of packages
    yum:
    name:

  • nginx

  • postgresql

  • postgresql-server
    state: present

  • name: Download the nginx package but do not install it
    yum:
    name:

  • nginx
    state: latest
    download_only: true