017 Configuration Files

Tech Tutorial: Understand Core Components of Ansible - Configuration Files #

Introduction #

Ansible, a powerful IT automation tool, simplifies complex configuration tasks, and manages IT infrastructure. Being an agentless tool, it primarily uses SSH to connect and configure systems, leveraging simple YAML syntax for its playbooks. An essential aspect of mastering Ansible, especially for the Red Hat Certified Engineer (RHCE) exam, is understanding its configuration files. This tutorial focuses on the Ansible configuration file, which is pivotal in defining how Ansible behaves with systems and projects.

Step-by-Step Guide #

1. Understanding the Ansible Configuration File #

Ansible configuration can be altered using the /etc/ansible/ansible.cfg file on a Red Hat Enterprise Linux (RHEL) system. This file dictates the behavior of all Ansible plays, but it can be overridden by user-specific configuration files or environment variables.

2. Locating the Configuration File #

Ansible looks for the configuration file in the following order:

  1. ANSIBLE_CONFIG (an environment variable pointing to a configuration file)
  2. ansible.cfg (in the current directory)
  3. .ansible.cfg (in the home directory)
  4. /etc/ansible/ansible.cfg (global settings)

You can check the used configuration file by running:

ansible --version

This command will show you the path to the configuration file Ansible is currently using at the top of its output.

3. Key Configuration Settings #

Let’s explore some of the critical settings within the ansible.cfg file:

3.1 inventory #

This setting specifies the location of the inventory file that Ansible will use to find the hosts it can operate on.

[defaults]
inventory = /etc/ansible/hosts

3.2 remote_user #

The default user account Ansible will use for connection establishment.

[defaults]
remote_user = root

3.3 private_key_file #

Path to the private key file to use for SSH connections.

[defaults]
private_key_file = /path/to/private/key

3.4 host_key_checking #

This setting defines if SSH should verify the host key of the servers it’s connecting to. For automation, you might want to disable this during initial rollouts and testing but ensure it’s enabled in production for security.

[defaults]
host_key_checking = False

4. Detailed Code Example: Customizing the Ansible Configuration #

To demonstrate, let’s create a custom configuration for a project. Assume we are working in a directory /home/user/ansible-project. We’ll create an ansible.cfg in this directory with specific settings.

  1. Create the directory and navigate into it:

    mkdir /home/user/ansible-project
    cd /home/user/ansible-project
    
  2. Create a custom ansible.cfg:

    vim ansible.cfg
    
  3. Add the following configurations:

    [defaults]
    inventory = ./inventory
    remote_user = ansibleuser
    host_key_checking = False
    retry_files_enabled = False
    
    [privilege_escalation]
    become = True
    become_method = sudo
    become_user = root
    become_ask_pass = False
    
  4. Create an inventory file in the same directory:

    vim inventory
    

    And add a server IP:

    [webservers]
    192.168.56.101
    
  5. Run a simple ping test using your new configuration:

    ansible all -m ping
    

This setup uses the configuration file in the current project directory, overriding the global /etc/ansible/ansible.cfg.

Conclusion #

Understanding and effectively managing the Ansible configuration files is crucial for automating at scale with precision in RHEL environments. By mastering configuration files, you ensure that Ansible behaves exactly as you need, adapting to different environments or project requirements. For the RHCE exam, a deep understanding of these configurations will not only help in passing the exam but also in practical, real-world system administration and automation tasks.