|
| 1 | +### Ansible configuration |
| 2 | + |
| 3 | +We can configure Ansible using different methods. Convention is use ```ansible.cfg``` as the file name. Order of configuration parsing |
| 4 | + |
| 5 | +```shell |
| 6 | +- export ANSIBLE_CONFIG=/path/to/ansible.cfg # Environment variable |
| 7 | +- ansible.cfg # In the current directory |
| 8 | +- .ansible.cfg # In ~/. ( home ) directory |
| 9 | +- /etc/ansible/ansible.cfg |
| 10 | +``` |
| 11 | + |
| 12 | +Sample configuration file |
| 13 | + |
| 14 | +```shell |
| 15 | +[defaults] |
| 16 | +remote_user=ec2-user # User which has ssh permission on target machines |
| 17 | +host_key_checking = False # This way you don't get prompted for accepting host key. This however could have security implications. Please read documentation |
| 18 | +inventory = /Users/my-generic-user/my-work/ansible-code/hosts/ # Location of inventory file |
| 19 | +# Enabling pipelining reduces the number of SSH operations required to |
| 20 | +# execute a module on the remote server. This can result in a significant |
| 21 | +# performance improvement when enabled, however when using "sudo:" you must |
| 22 | +# first disable 'require-tty' in /etc/sudoers |
| 23 | +pipelining = True |
| 24 | +timeout = 25 |
| 25 | +retry_files_enabled = False |
| 26 | +connect_timeout = 30 |
| 27 | +connect_retries = 30 |
| 28 | + |
| 29 | +# Below settings are relevant for cases where you have a private/public network and ansible is to be executed from a specific machine in public subnet with restrictive permissions |
| 30 | +[ssh_connection] |
| 31 | +ssh_args = -F /Users/my-generic-user/my-work/ansible-code/ssh.cfg -o UserKnownHostsFile=/dev/null |
| 32 | +control_path = ~/.ssh/ansible-%%r@%%h:%%p |
| 33 | +private_key_file = /Users/my-generic-user/.ssh/myprivate-keys.pem |
| 34 | + |
| 35 | +``` |
| 36 | + |
| 37 | + |
| 38 | +[Ansible-config-document](http://docs.ansible.com/ansible/latest/intro_configuration.html) |
| 39 | + |
| 40 | + |
| 41 | +### Exercise |
| 42 | + |
| 43 | +- Setup ansible.cfg |
| 44 | +- Find uptime of the target machine using ansible command ( ) # Hint: Use [command](http://docs.ansible.com/ansible/latest/command_module.html) module |
| 45 | +- Tail /var/log/syslog # Hint: You may have to use elevated privileges to do this |
| 46 | +- Install apache or nginx using ansible command. # Hint: Use [apt](http://docs.ansible.com/ansible/latest/apt_module.html) module |
| 47 | + |
| 48 | +#### NOTE: |
| 49 | + |
| 50 | +- Modules are the ones that do the actual work in ansible. They are like pluggable components that allow you perform actions on target hosts. Example modules |
| 51 | + - command |
| 52 | + - ping |
| 53 | + - apt |
| 54 | + - yum |
| 55 | + and many more |
0 commit comments