This Ansible Collection provides a comprehensive set of roles for configuring and managing KVM hosts on bare-metal servers using RHEL-based Linux operating systems. The collection simplifies virtual machine deployment and management through automated setup processes.
This collection uses the Diátaxis framework for comprehensive, user-focused documentation:
- New users: Start with Quick Start Guide
- Learning: Follow Your First KVM Host Setup
- 📚 Tutorials - Step-by-step learning guides
- 🛠️ How-To Guides - Problem-solving guides
- 👨💻 Developer Guides - Contribution and development
- 📖 Reference - Technical specifications
- 💡 Explanations - Architecture and design decisions
- Learning the collection? → Tutorials
- Solving a specific problem? → How-To Guides
- Contributing to the project? → Developer Guides
- Looking up technical details? → Reference
- Understanding the design? → Explanations
| variable | definition | 
|---|---|
| project_dir | location of code and qcow iamge | 
| required_rpm_pakcages | list of packages that will be installed | 
| libvirt_services | libvirt services | 
| libvirt_host_networks | dictionary variable that creates libvirt network xml file. must set the name, mode, and bridge key | 
| libvirt_host_pool | Content Cell | 
| kvm_host_ipaddr | default value is ansible_default_ipv4.address | 
| kvm_host_ip | default value is ansible_default_ipv4.address | 
| kvm_host_interface | default value is ansible_default_ipv4.interface | 
| kvm_host_gw | default value is ansible_default_ipv4.gateway | 
| kvm_host_macaddr | default value is ansible_default_ipv4.mac | 
| kvm_host_netmask | default value is ansible_default_ipv4.netmask | 
| kvm_host_mask_prefix | default value is ansible_default_ipv4.gateway | 
| kvm_host_bootproto | default value is dhcp | 
| kvm_bridge_type | default value is Bridge | 
| storage_nic | default value is false | 
| libvirt_disk | default value is false | 
| qubinode_bridge_name | default qubibr0 name of bridge network | 
| qubinode_bridge_fact | name of bridge to check ansible_qubibr0.active for active status | 
| qcow_rhel_name | name of default qcow image | 
| admin_user | ssh username for kvm server | 
| kvm_host_domain | default value is "lab.example" | 
| kvm_host_dns_server | default value is "1.1.1.1" | 
| dns_servers | default value is"{{ dns_server }}" and 8.8.8.8 | 
| kvm_host_libvirt_dir | default value is /var/lib/libvirt/images | 
| configure_bridge | set to false to skip creating a bridge interface | 
| configure_shell | Configure the user bash shell login prompt | 
| cockpit_packages | default packages for cockpit | 
| cicd_test | set to true to test in container | 
This collection supports configurable EPEL (Extra Packages for Enterprise Linux) repository management with optional GPG verification control.
| Variable | Default | Description | 
|---|---|---|
| enable_epel | true | Enable EPEL repository installation | 
| epel_gpg_check | false | Enable/disable GPG verification for EPEL packages | 
| epel_gpg_import_keys | true | Import EPEL GPG keys for optional future use | 
enable_epel: true
epel_gpg_check: false
epel_gpg_import_keys: trueenable_epel: true
epel_gpg_check: true
epel_gpg_import_keys: trueenable_epel: falseThe GitHub Actions workflow supports an optional input parameter to control EPEL GPG verification:
- Parameter: enable_epel_gpg
- Default: false
- Description: Enable GPG verification for EPEL repositories
If you encounter EPEL GPG verification errors, you can:
- 
Use the manual cleanup script: sudo ./scripts/fix-epel-on-runner.sh 
- 
Disable GPG verification (for CI/CD environments): epel_gpg_check: false 
- 
Check the ADR documentation: - EPEL Repository Management: docs/adr/ADR-0012-EPEL-REPOSITORY-MANAGEMENT.md
- GitHub Actions Runner Setup: docs/adr/ADR-0013-GITHUB-ACTIONS-RUNNER-SETUP.md
 
- EPEL Repository Management: 
This collection is designed to work with GitHub Actions self-hosted runners on RHEL-based systems.
🥇 Primary Recommendation: Rocky Linux 9.x
- Free and open-source
- RHEL-compatible without subscription requirements
- Reliable EPEL repository access
- Excellent for CI/CD environments
🥈 Alternative Options:
- AlmaLinux 9.x (identical setup to Rocky Linux)
- RHEL 9.x (requires active subscription)
- CentOS Stream 9 (rolling release, more maintenance)
# For Rocky Linux, AlmaLinux, RHEL, or CentOS Stream
sudo ./scripts/setup-github-runner-rocky.sh
# The script automatically:
# ✅ Detects your distribution
# ✅ Installs Python 3.11 and dependencies
# ✅ Configures EPEL repository
# ✅ Sets up Podman for testing
# ✅ Installs Ansible and Molecule| Component | Minimum | Recommended | 
|---|---|---|
| CPU | 2 cores | 4+ cores | 
| RAM | 4 GB | 8+ GB | 
| Storage | 20 GB | 50+ GB | 
| OS | RHEL-based 8+ | Rocky Linux 9.x | 
For detailed setup instructions and troubleshooting, see:
- Setup Guide: scripts/README.md
- Architecture Decision: docs/adr/ADR-0013-GITHUB-ACTIONS-RUNNER-SETUP.md
collection/
├── docs/
├── galaxy.yml
├── meta/
│   └── runtime.yml
├── plugins/
│   ├── modules/
│   │   └── module1.py
│   ├── inventory/
│   └── .../
├── README.md
├── roles/
│   ├── role1/
│   ├── role2/
│   └── .../
├── playbooks/
│   ├── files/
│   ├── vars/
│   ├── templates/
│   └── tasks/
└── tests/
graph TD
    A[KVMHost Setup Collection] --> B[kvmhost_setup]
    A --> C[edge_hosts_validate]
    A --> D[swygue_lvm]
    
    B --> B1[Libvirt Setup]
    B --> B2[Network Config]
    B --> B3[Storage Setup]
    B --> B4[User Config]
    
    C --> C1[FS Validation]
    C --> C2[Package Validation]
    C --> C3[RHSM Validation]
    
    D --> D1[LVM Precheck]
    D --> D2[LVM Deploy]
    
    B1 --> E[KVM Environment]
    B2 --> E
    B3 --> E
    B4 --> E
    We follow the Ansible Code of Conduct in all our interactions within this project.
If you encounter abusive behavior, please refer to the policy violations section of the Code for information on how to raise a complaint.
We announce releases and important changes through Ansible's The Bullhorn newsletter. Be sure you are subscribed.
Join us in the #ansible (general use questions and support), #ansible-community (community and collection development questions), and other IRC channels.
We take part in the global quarterly Ansible Contributor Summit virtually or in-person. Track The Bullhorn newsletter and join us.
For more information about communication, refer to the Ansible Communication guide.
The content of this collection is made by people like you, a community of individuals collaborating on making the world better through developing automation software.
We are actively accepting new contributors.
Any kind of contribution is very welcome.
You don't know how to start? Refer to our contribution guide!
We use the following guidelines:
- CONTRIBUTING.md
- REVIEW_CHECKLIST.md
- Ansible Community Guide
- Ansible Development Guide
- Ansible Collection Development Guide
The current maintainers are listed in the MAINTAINERS file. If you have questions or need help, feel free to mention them in the proposals.
To learn how to maintain / become a maintainer of this collection, refer to the Maintainer guidelines.
The process of decision making in this collection is based on discussing and finding consensus among participants.
Every voice is important. If you have something on your mind, create an issue or dedicated discussion and let's discuss it!
For detailed testing instructions, see our Testing Guide. This includes:
- Prerequisites and setup
- Molecule testing
- Integration testing
- CI/CD pipeline configuration
- Container-based testing
- Troubleshooting tips
The collection includes comprehensive testing through GitHub Actions CI/CD pipelines, supporting:
- Ansible: 2.13, 2.14, 2.15
- Python: 3.9 and 3.10
This collection features an advanced automated lint fixing workflow that leverages Google Gemini AI for intelligent code analysis and fixes. The workflow provides three modes:
- Auto: Standard ansible-lint auto-fix functionality
- Manual Review: Generates detailed reports for manual intervention
- Gemini-assisted: AI-powered analysis and prioritized fix recommendations
- Navigate to the repository's Actions tab
- Select "Automated Ansible Lint Fixes with Gemini"
- Click "Run workflow" and choose your preferred fix mode
- The workflow will create a pull request with fixes if issues are found
To use Gemini-assisted mode, add your Google Gemini API key as a repository secret:
- Secret name: GEMINI_API_KEY
- Obtain from: Google AI Studio
- Intelligent Prioritization: AI analyzes issues by criticality
- Best Practice Compliance: Ensures fixes follow Ansible conventions
- Breaking Change Detection: Identifies potential compatibility issues
- Automated PR Creation: Creates detailed pull requests with context
The AI assistant provides expert-level analysis of ansible-lint issues, recommending fix strategies that align with Ansible best practices while maintaining backwards compatibility.
Before using this collection, you need to install it with the Ansible Galaxy command-line tool:
ansible-galaxy collection install qubinode.qubinode_kvmhost_setup_collectionYou can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format:
---
collections:
  - name: qubinode.qubinode_kvmhost_setup_collectionNote that if you install the collection from Ansible Galaxy, it will not be upgraded automatically when you upgrade the ansible package. To upgrade the collection to the latest available version, run the following command:
ansible-galaxy collection install qubinode.qubinode_kvmhost_setup_collection --upgradeYou can also install a specific version of the collection, for example, if you need to downgrade when something is broken in the latest version (please report an issue in this repository). Use the following syntax to install version 0.1.0:
ansible-galaxy collection install qubinode.qubinode_kvmhost_setup_collection:==0.1.0See Ansible Using collections for more details.
See the changelog.
- Aider-Lint-Fixer Integration - AI-powered automated lint fixing
- Ansible Lint Automation - Automated linting workflows
- DevOps Automation Framework - Complete automation framework
- Ansible Collection overview
- Ansible User guide
- Ansible Developer guide
- Ansible Collections Checklist
- Ansible Community code of conduct
- The Bullhorn (the Ansible Contributor newsletter)
- News for Maintainers
GNU General Public License v3.0 or later.
See LICENSE to see the full text.