一、簡介
Ansible的默認組態檔是/etc/ansible/ansible.cfg,如果ansible的作業目錄里沒有ansible.cfg那么默認使用全域的組態檔,如果有的話使用作業目錄里的組態檔,這一點和inventory類似,
如果存在多個組態檔,那么可能會搞錯,不知道用的是哪個怎么辦,ansible為我們提供了一個查詢命令:
[root@master ~]# ansible --version
ansible 2.9.18
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Jun 20 2019, 20:27:34) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]上面的輸出使用的是全域的默認組態檔,因為當前目錄不包含ansible.cfg檔案,如果有這個檔案輸出內容就會是下面這個樣子:
[root@master ~]# cd ansible/
[root@master ansible]# ls
ansible.cfg copy_repo.yml inventory pushsshkey.yaml remove_k8s.yaml update_kernel.yml update_vim8.yml yum_install_etcd_3.yml
[root@master ansible]# ansible --version
ansible 2.9.18
config file = /root/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Jun 20 2019, 20:27:34) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]除了ansible --version還有一個命令可以顯示組態檔的資訊,在執行命令的的時候加上 -v選項,如下:
[root@master ansible]# ansible k8s_nodes --list-hosts -v
Using /root/ansible/ansible.cfg as config file
hosts (3):
node1
node2
node3二、管理ansible.cfg組態檔的設定
Ansible的組態檔由幾個部分組成,每一個部分包含以鍵值對形式定義的設定,標題以方括號括起,看一下默認組態檔的幾個部分:
1. defaults
[defaults]
#inventory = /etc/ansible/hosts //定義Inventory
#library = /usr/share/my_modules/ //自定義lib庫存放目錄
#remote_tmp = ~/.ansible/tmp //零時檔案遠程主機存放目錄
#local_tmp = ~/.ansible/tmp //零時檔案本地存放目錄
#forks = 5 //默認開啟的并發數
#poll_interval = 15 //默認輪詢時間間隔
#sudo_user = root //默認sudo用戶
#ask_sudo_pass = True //是否需要sudo密碼
#ask_pass = True //是否需要密碼
#host_key_checking = False //首次連接是否檢查key認證
#roles_path = /etc/ansible/roles //默認下載的Roles存放的目錄
#log_path = /var/log/ansible.log //執行日志存放目錄
#module_name = command //默認執行的模塊
#action_plugins = /usr/share/ansible/plugins/action //action插件存放目錄
#callback_plugins = /usr/share/ansible/plugins/callback //callback插件存放目錄
#connection_plugins = /usr/share/ansible/plugins/connection //connection插件存放目錄
#lookup_plugins = /usr/share/ansible/plugins/lookup //lookup插件存放目錄
#vars_plugins = /usr/share/ansible/plugins/vars //vars插件存放目錄
#filter_plugins = /usr/share/ansible/plugins/filter //filter插件存放目錄
#test_plugins = /usr/share/ansible/plugins/test //test插件存放目錄
#strategy_plugins = /usr/share/ansible/plugins/strategy //strategy插件存放目錄
#fact_caching = memory //getfact快取的主機資訊存放方式
#retry_files_enabled = False
#retry_files_save_path = ~/.ansible-retry //錯誤重啟檔案存放目錄2. privilege_escalation
[privilege_escalation]
#become=True //是否sudo
#become_method=sudo //sudo方式
#become_user=root //sudo后變為root用戶
#become_ask_pass=False //sudo后是否驗證密碼3. paramiko_connection
[paramiko_connection]
#record_host_keys=False //不記錄新主機的key以提升效率
#pty=False //禁用sudo功能4. ssh_connection
[ssh_connection]
#pipelining = False //管道加速功能,需配和requiretty使用方可生效5. selinux
[selinux]
#libvirt_lxc_noseclabel = yes //selinux配置6. colors
[colors]
#highlight = white
#verbose = blue
#warn = bright purple
#error = red
#debug = dark gray
#deprecate = purple
#skip = cyan
#unreachable = red
#ok = green
#changed = yellow
#diff_add = green
#diff_remove = red
#diff_lines = cyan三、ansible作業目錄里常用的組態檔
這里簡單說一下2個部分的配置,[defaults]和[privilege_escalation],示例如下:
[defaults]
inventory = ./inventory
remote_user = root
ask_pass = false
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=Falseinventory
指定清單檔案的路徑
remote_user
要在受管主機上登錄的用戶名,如果未指定使用當前用戶
ask_pass
是否提示輸入SSH密碼,如果使用ssh公鑰身份驗證,則可以是false
become
表示連接后是否在受管主機上切換用戶(通常切換為root)
become_method
如何切換用戶,sudo 或者 su
become_user
要在受管主機上要切換成為的用戶,通常是root,也是默認值
become_ask_pass
是否需要為become_method提示輸入密碼,默認false
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/293473.html
標籤:Linux
上一篇:痞子衡嵌入式:恩智浦i.MX RT1xxx系列MCU啟動那些事(11.B)- FlexSPI NOR連接方式大全(RT1160/1170)