Ansible Apt Module: Manage Ubuntu and Debian Packages

The apt module in Ansible is used to manage APT packages on Debian-based systems, such as Ubuntu.

It simplifies package management tasks by allowing users to install, update, and remove packages through Ansible playbooks, thus providing a straightforward way to handle package operations and streamlining the entire process.

Here is a fairly exhaustive list of its parameters:

• allow_unauthenticated: allow installation of unauthenticated packages
• autoclean: erasing old versions of packages
• cache_valid_time: duration during which not to update the apt cache
  -- install_recommends: enable or disable recommended packages (OS dependent)
• name: package name
• purge: purge the configuration files (like apt purge command)
• state: present (install package), absent (delete package), latest (install or update), / fixed (attempt to correct a system with broken dependencies) / build-dep (install build dependencies for a package)
• update_cache: perform an update before installation

The apt module works by taking specific parameters and commands that you would typically use in the APT command line interface and converting them into Ansible tasks. This allows you to automate package management in a consistent and repeatable manner.

Here are some of the common tasks you can perform with the Ansible apt module:

Updating cache using apt module

If you just want to update the local APT cache, here's what you can use:

  - name:
    apt:
      update_cache: yes
      cache_valid_time: 3600

In this scenario, I update the cache and give it a lifetime of 3600 seconds. This simply avoids updating the cache after each pass.

Installing Ubuntu package using apt module

You can also combine updating the cache and installing a package.

- name: install wget
  apt:
    name:
      - wget
    state: present
    update_cache: true

To install a specific version the name syntax is as follows:{{ package_name }}-{{ package_version }}

- name: install specific wget version
  apt:
    name: wget=1.14-18
    state: present
    update_cache: true

To install multiple packages at once, just provide a list of package names in this fashion:

- name: Install multiple packages
  ansible.builtin.apt:
    name:
      - wget
      - curl
      - git
    state: present

Here, you can also specify the release used for the installation.

Deleting a package

To delete a package, you will use an absent state:

- name: 
  apt: 
    name: wget
    state: absent

For total deletion of old versions with autoremove and –purge for linked files:

- name: totally remove wget
  apt:
    name: wget
    state: absent
    purge: yes
    autoremove: yes

Updating Distribution using APT Module

You can also carry out a dist-upgrade to upgrade the distribution (for example, going from Debian Stretch to Buster).

- name: perform dist-upgrade
  apt:
    upgrade: dist

Managing external APT repositories

Two Ansible modules allowing you to manage APT repositories are: ansible.builtin.apt_key and ansible.builtin.apt_repository.

You probably know that when you add an external repository to your system, you'll have to import the repo signing key and add the repo to the sources.list.

- name: import the elasticsearch apt key
  apt_key:
    url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
    state: present

- name: install elasticsearch 8.x deb repository
  apt_repository:
    repo: deb https://artifacts.elastic.co/packages/8.x/apt stable main
    state: present
    update_cache: yes

Removing a repository

As with packages, simply pass the state option to absent:

- name: remove elasticsearch 7.x deb repository
  apt_repository:
    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
    state: absent
    update_cache: yes

Getting information about packages

Ansible provides a module ansible.builtin.package_facts that collects and prints information on installed packages.

- name: Gather the package facts
  ansible.builtin.package_facts:
    manager: auto

- name: Print the package facts
  ansible.builtin.debug:
    var: ansible_facts.packages

Combining package management tasks into a playbook

Here is an example playbook that combines all the tasks:

- name: Manage packages on Debian-based systems
  hosts: all
  become: yes
 
  tasks:
    - name: Update apt cache
      ansible.builtin.apt:
        update_cache: yes
 
    - name: Install Wget
      ansible.builtin.apt:
        name: wget
        state: present
 
    - name: Install multiple packages
      ansible.builtin.apt:
        name:
          - wget
          - curl
          - git
        state: present
       - name: import the elasticsearch apt key
      apt_key:
      url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
    state: present
 
- name: install elasticsearch 8.x deb repository
    apt_repository:
    repo: deb https://artifacts.elastic.co/packages/8.x/apt stable main
    state: present
    update_cache: yes

Final words

Managing Ubuntu packages with Ansible using the apt module can significantly streamline the DevOps processes. Additionally, the ability to gather detailed package information helps in maintaining and audit your systems effectively.

I hope you find this tutorial helpful in managing the packages with the Ansible apt module. Let me know if you have questions.

If you are new to Ansible and want to learn it from scratch, our Ansible tutorial series will be of great help. It's written for RHCE exam but it helps you the same whether you are preparing for the exam or not.

RHCE Ansible EX294 Exam Preparation Course

Learn all the essentials of Ansible with this hands-on tutorial series. It is ideal for RHCE Ansible EX294 exam preparation.

Linux HandbookAhmed Alkabary