Introduction to Ansible Linux System Roles on SLES 16

In modern IT environments, system administrators are expected to configure and maintain a growing number of systems across physical, virtual, cloud, and edge deployments. Doing this manually is time-consuming, prone to inconsistency, and hard to scale.

Ansible Linux System Roles provide a solution: prebuilt Ansible roles packaged and supported by SUSE that deliver a stable, consistent interface to configure and manage SLES systems.

These roles encapsulate SUSE best practices and allow you to automate complex configuration tasks.

What Are Ansible Linux System Roles?

Ansible Linux System Roles are collections of Ansible content that:

• Provide ready-to-use automation for common services and workloads
• Allow you to standardize deployments
• Save time by reducing repetitive manual steps

The roles are shipped in the ansible-linux-system-roles package on SLES 16. They can be run from any supported Ansible control node and do not require installation on managed nodes.

Available Roles in SLES 16

The following Ansible Linux System Roles are included and supported in SLES 16:

• aide – Configure and manage the Advanced Intrusion Detection Environment
• cockpit – Set up and configure the Cockpit web-based management interface
• firewall – Manage firewalld zones and rules
• ha_cluster – Deploy and configure SUSE Linux Enterprise High Availability clusters
• suseconnect – Automate system registration and module management
• journald – Manage systemd-journald logging configuration
• podman – Deploy and manage containers using Podman
• certificate – Automate TLS/SSL certificate issuance and renewal
• crypto_policies – Apply consistent cryptographic standards
• mssql – Install and configure SQL Server on SLES
• selinux – Configure SELinux settings and modes
• ssh – Configure SSH client
• systemd – Manage services, targets, and systemd unit configurations
• timesync – Configure NTP or chrony for accurate timekeeping

The collection is actively maintained. Additional roles will be added as they complete development and SUSE validation.

Installing Ansible Linux System Roles

On a SLES 16 control node:

sudo zypper refresh

sudo zypper install ansible-linux-system-roles

Once the Ansible Linux System Roles collection is installed you’ll find:

• Roles: /usr/share/ansible/collections/ansible_collections/suse/linux_system_roles/roles
• Documentation: /usr/share/ansible/collections/ansible_collections/suse/linux_system_roles/docs

Each role’s README_.md in the docs directory includes:

• A description of the role’s purpose
• Supported variables and their usage
• Example playbooks

Many roles also include a subdirectory (named after the role) containing sample playbooks and additional resources to help you get started quickly.

Using Ansible Linux System Roles

Ansible Linux System Roles are variable-driven: you describe the desired state with variables, and the role turns that intent into idempotent changes. No custom tasks are required set the inputs and run the role.

In this example, we’ll apply a small baseline to configure time synchronization across systems.

Create a playbook, for example ~/baseline.yml:

---
- name: Apply a baseline on SLES 16
  hosts: all
  become: true
  tasks:
    - name: Configure network time synchronization
      ansible.builtin.include_role:
        name: suse.linux_system_roles.timesync
      vars:
        timesync_ntp_servers:
          - hostname: time1.example.com
            iburst: yes
          - hostname: time2.example.com
            iburst: yes

Validate syntax:

ansible-playbook --syntax-check ~/baseline.yml

Run the playbook:

ansible-playbook ~/baseline.yml -i ~/inventory.yml

Documentation and Guides

Learn more about available roles and detailed installations and usage steps in the official SLES 16 Ansible System Roles guide

Conclusion

Ansible Linux System Roles bring SUSE-maintained, repeatable automation to SLES 16, letting you standardize configuration across fleets with minimal custom code. Start with a small, verifiable role (like timesync or cockpit), reuse the same pattern for other services, and keep ansible-linux-system-roles updated to receive new, SUSE-validated roles as the collection grows.