欢迎加入 “全栈运维答疑群 632578555” ，希望能在群里对于大家的运维问题能到得到很好的解答。

还记得在上节中说到ansible安装完成之后通过 ansible --version来验证ansible是否安装OK

root@pts/0 # ansible --version
ansible 2.5.2
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]

配置路径说明

从这里我们可以看到 ansible 的配置文件是 /etc/ansible/ansible.cfg 以及一些其他信息。这里介绍ansible几个常用到的配置和目录。

• /etc/ansible

ansible 主配置目录，下面的ansible.cfg 是主配置文件，hosts是Inventory主机信息配置文件，roles 是配置playbook用到的。ansible所有的配置都会存放到这个目录下

root@pts/0 # ls -l /etc/ansible/
total 28
-rw-r--r--. 1 root root 19315 Apr 27 04:20 ansible.cfg
-rw-r--r--. 1 root root  1016 Apr 27 04:20 hosts
drwxr-xr-x. 2 root root  4096 Apr 27 04:20 roles

• /usr/bin/pythonxx/site-packages/ansible
  了解Python的同学都知道，/usr/bin/pythonxx/site-packages 是Python安装包存放的地方，ansible是Python开发的，当然其先关的lib库文件和模块文件也会存放到这里。想研究源码的同学可以从这里看到源码或者从GitHub上面clone

• /root/.ansible/plugins/modules 和 /usr/share/ansible/plugins/modules
  ansible自定义的插件模块存放的路径，

• /usr/local/doc/ansible/
  +/usr/share/man/man1/
  下面这两个目录对Linux了解的同学就知道这个是Linux下存放文档和帮助文件的地方。不做深入了解

ansible.cfg 解析

ansible.cfg 是标准的ini 文件格式，通过如下命令解析我们可以了解它有几个部分

root@pts/0 # cat /etc/ansible/ansible.cfg |egrep -v '^#'|grep '\['
[defaults]
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]

defaults

配置文件中 defaults 部分是最多的，这里只列举说明关键的配置项

[defaults]

# some basic default values...

#inventory      = /etc/ansible/hosts       # 定义Inventory 主机列表的
#library        = /usr/share/my_modules/  
#module_utils   = /usr/share/my_module_utils/
#remote_tmp     = ~/.ansible/tmp        # 临时文件远程主机存放目录
#local_tmp      = ~/.ansible/tmp          # 临时文件本地存放目录
#plugin_filters_cfg = /etc/ansible/plugin_filters.yml
#forks          = 5                                  # 默认开启的并发数
#poll_interval  = 15                            # 默认轮询时间间隔
#sudo_user      = root                        # 默认的sudo用户
#ask_sudo_pass = True                    # 是否需要sudo密码
#ask_pass      = True
#transport      = smart
#remote_port    = 22
#module_lang    = C
#module_set_locale = False
# additional paths to search for roles in, colon separated
#roles_path    = /etc/ansible/roles   # 默认的下载roles 存放目录
... ...

这里需要说明几点

• 配置文件的大部分配置项都有明确的注释，比如上面的 roles_path，相信大家都能看懂
• 配置文件中所有配置项都可以通过命令行指定具体的值来覆盖
• ansible读取配置配置文件的顺序是
  当前执行命令目录 -> 用户家目录下.ansible.cfg（$HOME/.ansible.cfg） -> /etc/ansible.cfg

Inventory

针对Inventory主机列表的一些配置

[inventory]
# enable inventory plugins, default: 'host_list', 'script', 'yaml', 'ini'
#enable_plugins = host_list, virtualbox, yaml, constructed

# ignore these extensions when parsing a directory as inventory source
#ignore_extensions = .pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, ~, .orig, .ini, .cfg, .retry

# ignore files matching these patterns when parsing a directory as inventory source
#ignore_patterns=

# If 'true' unparsed inventory sources become fatal errors, they are warnings otherwise.
#unparsed_is_failed=False

privilege_escalation

这里主要是针对普通用户给予sudo权限而做的配置，因为不是所有公司都会用root权限来部署应用

[privilege_escalation]
#become=True              ## 是否sudo
#become_method=sudo
#become_user=root
#become_ask_pass=False

paramiko_connection

因为目前ansible默认的连接方式为openssh ，paramiko已经逐渐淡化，所以可以不用了解

ssh_connection

ansible 采用openssh 协议，底层调用的还是Linux的ssh协议，这里配置一些关于ssh连接相关的配置

[ssh_connection]

# ssh arguments to use
# Leaving off ControlPersist will result in poor performance, so use
# paramiko on older platforms rather than removing it, -C controls compression use
#ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s

# The base directory for the ControlPath sockets.
# This is the "%(directory)s" in the control_path option
#
# Example:
# control_path_dir = /tmp/.ansible/cp
#control_path_dir = ~/.ansible/cp
... ...

persistent_connection

主要针对持久化长连接和超时相关的配置

persistent_connection]

# Configures the persistent connection timeout value in seconds.  This value is
# how long the persistent connection will remain idle before it is destroyed.
# If the connection doesn't receive a request before the timeout value
# expires, the connection is shutdown. The default value is 30 seconds.
#connect_timeout = 30

# Configures the persistent connection retry timeout.  This value configures the
# the retry timeout that ansible-connection will wait to connect
# to the local domain socket. This value must be larger than the
# ssh timeout (timeout) and less than persistent connection idle timeout (connect_timeout).
# The default value is 15 seconds.
#connect_retry_timeout = 15

# The command timeout value defines the amount of time to wait for a command
# or RPC call before timing out. The value for the command timeout must
# be less than the value of the persistent connection idle timeout (connect_timeout)
# The default value is 10 second.
#command_timeout = 10

accelerate

在使用过程中有些人反馈ansible会出现卡顿的情况，新版本官网对其做了加速优化，就有了这个配置选项，加你保持默认即可

selinux

结合Linux的selinux规则来，记住保持默认就好

colors

顾名思义就是定义ansible输出结果的颜色，可以保持默认就好

[colors]
#highlight = white
#verbose = blue
#warn = bright purple
#error = red
#debug = dark gray
#deprecate = purple
#skip = cyan
#unreachable = red
#ok = green
#changed = yellow
#diff_add = green
#diff_remove = red
#diff_lines = cyan

diff

[diff]
# Always print diff when running ( same as always running with -D/--diff )
# always = no

# Set how many context lines to show in diff
# context = 3

重点

其实看了这么多配置，对于初学者而已，一个建议：
安装好之后配置文件不需要做任何修改，我们就可以正常的使用ansible来批量自动化执行。
但是了解了相关参数对于后续高阶的学习还是有必要的嘛~