Home  >  Article  >  System Tutorial  >  Introduction to ansible's ansible.cfg configuration

Introduction to ansible's ansible.cfg configuration

王林
王林Original
2024-09-02 16:40:09926browse

Introduction to ansibles ansible.cfg configuration

Ansible默认安装好后有一个配置文件/etc/ansible/ansible.cfg,该配置文件中定义了ansible的主机的默认配置部分,如默认是否需要输入密码、是否开启sudo认证、action_plugins插件的位置、hosts主机组的位置、是否开启log功能、默认端口、key文件位置等等。

具体如下:

[defaults]
# some basic default values...
hostfile = /etc/ansible/hosts                 \\指定默认hosts配置的位置
# library_path = /usr/share/my_modules/
remote_tmp = $HOME/.ansible/tmp
pattern = *
forks = 5
poll_interval = 15
sudo_user = root                             \\远程sudo用户
#ask_sudo_pass = True                        \\每次执行ansible命令是否询问ssh密码
#ask_pass = True                             \\每次执行ansible命令时是否询问sudo密码
transport = smart
remote_port = 22
module_lang = C
gathering = implicit
host_key_checking = False                   \\关闭第一次使用ansible连接客户端是输入命令提示
log_path = /var/log/ansible.log                   
                                            \\需要时可以自行添加chown -R root:root ansible.log
system_warnings = False                     \\关闭运行ansible时系统的提示信息,一般为提示升级
# set plugin path directories here, separate with colons
action_plugins = /usr/share/ansible_plugins/action_plugins
callback_plugins = /usr/share/ansible_plugins/callback_plugins
connection_plugins = /usr/share/ansible_plugins/connection_plugins
lookup_plugins = /usr/share/ansible_plugins/lookup_plugins
vars_plugins = /usr/share/ansible_plugins/vars_plugins
filter_plugins = /usr/share/ansible_plugins/filter_plugins
fact_caching = memory
[accelerate]
accelerate_port = 5099
accelerate_timeout = 30
accelerate_connect_timeout = 5.0
# The daemon timeout is measured in minutes. This time is measured
# from the last activity to the accelerate daemon.
accelerate_daemon_timeout = 30

本篇就结合一个示例对其进行下了解。我在对之前未连接的主机进行连结时报错如下:

[root@361way.com ~]# ansible test -a 'uptime'
10.212.52.14 | FAILED => Using a SSH password instead of a key is not possible because Host Key
checking is enabled and sshpass does not support this. Please add this host's fingerprint to 
your known_hosts file to manage this host.
10.212.52.16 | FAILED => Using a SSH password instead of a key is not possible because Host Key
 checking is enabled and sshpass does not support this. Please add this host's fingerprint to 
your known_hosts file to manage this host.

从上面的输出提示上基本可以了解到由于在本机的~/.ssh/known_hosts文件中并有fingerprint key串,ssh第一次连接的时候一般会提示输入yes 进行确认为将key字符串加入到  ~/.ssh/known_hosts 文件中。

方法1:

了解到问题原因为,我们了解到进行ssh连接时,可以使用-o参数将StrictHostKeyChecking设置为no,使用ssh连接时避免首次连接时让输入yes/no部分的提示。通过查看ansible.cfg配置文件,发现如下行:

[ssh_connection]
# ssh arguments to use
# Leaving off ControlPersist will result in poor performance, so use
# paramiko on older platforms rather than removing it
#ssh_args = -o ControlMaster=auto -o ControlPersist=60s

所以这里我们可以启用ssh_args 部分,使用下面的配置,避免上面出现的错误:

ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no
方法2:

在ansible.cfg配置文件中,也会找到如下部分:

# uncomment this to disable SSH key host checking
host_key_checking = False

默认host_key_checking部分是注释的,通过找开该行的注释,同样也可以实现跳过 ssh 首次连接提示验证部分。由于配置文件中直接有该选项,所以推荐用方法2 。

其他部分

由于官方给的说明比较详细,同时ansible.cfg 文件本身默认也有注释提示部分,所以不做过多说明,这里再举个例子,默认ansible 执行的时候,并不会输出日志到文件,不过在ansible.cfg 配置文件中有如下行:

# logging is off by default unless this path is defined
# if so defined, consider logrotate
log_path = /var/log/ansible.log

同样,默认log_path这行是注释的,打开该行的注释,所有的命令执行后,都会将日志输出到/var/log/ansible.log 文件,便于了解在何时执行了何操作及其结果,如下:

[root@361way.com ansible]# cat /var/log/ansible.log
2015-05-04 01:57:19,758 p=4667 u=root |
2015-05-04 01:57:19,759 p=4667 u=root | /usr/bin/ansible test -a uptime
2015-05-04 01:57:19,759 p=4667 u=root |
2015-05-04 01:57:20,563 p=4667 u=root | 10.212.52.252 | success | rc=0 >>
01:57am up 23 days 11:20, 2 users, load average: 0.38, 0.38, 0.40
2015-05-04 01:57:20,831 p=4667 u=root | 10.212.52.14 | success | rc=0 >>
02:03am up 331 days 8:19, 2 users, load average: 0.08, 0.05, 0.05
2015-05-04 01:57:20,909 p=4667 u=root | 10.212.52.16 | success | rc=0 >>
02:05am up 331 days 8:56, 2 users, load average: 0.00, 0.01, 0.05

更多部分可以参看官方文档。

The above is the detailed content of Introduction to ansible's ansible.cfg configuration. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn