Ansible Configuration and Inventory files

This entry is part 2 of 4 in the series Ansible Tutorial

In the Ansible Configuration and Inventory section, we will get to know the basics of Ansible Configuration file and Ansible Inventory. We will get to know the nuances once we go along the tutorial.

 

Ansbile Configuration

The settings of ansible can be changed through a configuration file ( ansible.cfg ). The default configuration can be used out of the box. However, there could be reasons where you might need to tweak the settings to cater your needs.

During installation, a default configuration file gets created under /etc/ansible. This has the lowest order in terms of precedence. The precedence of ansible.cfg file follows the below order in the latest version of ansible.

  • ANSIBLE_CONFIG (an environment variable)
  • ansible.cfg (in the current directory)
  • .ansible.cfg (in the home directory)
  • /etc/ansible/ansible.cfg

 

Lets go through some of the commonly tuned parameters within the ansible.cfg file. You can find the default configuration file at /etc/ansible/ansible.cfg

 

inventory      = /etc/ansible/hosts

This defines the path where ansible searches for hosts file ( Inventory ). You can override it by specifying a different inventory file using -i <path> option on the command line.

 

forks          = 5

By default, Ansible runs the command in parallel using multiple forks. You can increase this value depending on how much your system and network connection can handle. If you set the value to 1, the command gets executed serially, i.e one after the other.

 

ask_pass      = False

This controls whether an Ansible playbook should prompt for a password by default. The default behavior is no. If using SSH keys for authentication, it’s probably not needed to change this setting.

 

ask_sudo_pass = False

Similar to ask_pass, this controls whether an Ansible playbook should prompt for a sudo password by default when sudoing. The default behavior is also no. Users on platforms where sudo passwords are enabled should consider changing this setting. But it is recommended to use passwordless sudo access to make it non-interactive.

 

roles_path = /opt/Ansible/roles

#Additional Paths
roles_path = /home/vagrant/Ansible/roles:/opt/Ansible/roles

roles_path indicate additional directories to search beyond the the ‘roles/’ subdirectory of a playbook project.  Additional paths can be provided separated by colon characters, in the same way as other path strings. Roles will be first searched for in the playbook directory. Should a role not be found, it will indicate all the possible paths that were searched.

 

host_key_checking = True

By default, host key checking is on. If you understand the implications and wish to disable it, you may do so here by setting the value to False.

 

remote_user = root

This is the default username ansible will connect as.  Ansible will always default to the current user if this is not defined

 

Inventory

Hosts file contains the inventory of servers that will be managed through Ansible. There is a default hosts file located at /etc/ansible/hosts which is an ini file. You can specify a different inventory file using the -i <path> option on the command line.

 

Hosts and Groups

Inventory file contains both hosts and groups. Groups are nothing but collection of individual host. This way, it is easy for us to manage and execute command on multiple hosts by using their group name. Below examples will explain the various ways we can define an Inventory file.

 

Hosts example ( IP Address ):

192.168.33.10
192.168.33.20
192.168.33.30

Above inventory file contains series of IP address which Ansible can connect to.

 

Hosts example ( Hostname and Alias ):

app1.example.com
app2.example.com
db.example.com ansible_host=192.168.33.30

The above example contains host names and alias for an IP address. Here, db.example.com is an alias set for an host with an IP 192.168.33.30 using Ansible variable ‘ansible_host’.

Note: You can pass Ansible variables in the inventory file

 

Groups example:

192.168.22.10

[web]
192.168.33.10
192.168.33.20

[db]
192.168.33.30
192.168.33.40

[all]
192.168.33.10
192.168.33.20
192.168.33.30
192.168.33.40

The headings in brackets are group names, which are used in classifying systems and deciding what systems you are controlling at what times and for what purpose.

It is ok to put systems in more than one group, for instance a server could be both a webserver and a dbserver.

 

Group of Groups:

[web]
192.168.33.10
192.168.33.20

[db]
192.168.33.30
192.168.33.40

[all:children]
web
db

It is also possible to make groups of groups using the ‘:children’ suffix. This makes the configuration much simpler.

 

Group example ( with group variables ):

[web]
192.168.33.10
192.168.33.20

[db]
192.168.33.30
db2.example.com

[db:vars]
ansible_host=192.168.33.40
remote_user=vagrant

‘ansible_host’ and ‘remote_user’ are group variables for the group db.

 

Splitting Out Host and Group Specific Data:

The preferred practice in Ansible is actually not to store variables in the main inventory file.

In addition to storing variables directly in the INI file, host and group variables can be stored in individual files relative to the inventory file.

We will deep dive into this in the later section.

Series Navigation<< Ansible Tutorial – Introduction and Installation of AnsibleAnsible Local Testing: Vagrant and Virtualbox >>

DevopsIdeas

Established in 2016, a community where system admins and devops practitioners can find useful in-depth articles, latest trends and technologies, interview ideas, best practices and much more on Devops

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + 6 =

Hello. Add your message here.
Any Udemy Technical course for $10 Redeem Offer