Welcome to another detailed guide on Ansible! In this post, we’ll dive into configuring the Ansible configuration file (ansible.cfg) and setting up a custom inventory — essential concepts that every beginner should understand before moving on to more advanced topics like Playbooks and Roles. If you haven’t already, I recommend reading my previous article on Ansible Basics , where I covered the architecture of Ansible, how to configure passwordless authentication, and running ad-hoc commands efficiently.
Why the Ansible Configuration File Is Essential
When starting small, ad-hoc commands can quickly automate tasks. However, as your automation projects scale, customizing Ansible’s behavior becomes crucial. This is where the Ansible configuration file (ansible.cfg) comes into play. It allows you to tailor Ansible’s settings to fit the needs of your project.
Watch the Video!
If you prefer a visual tutorial, check out my YouTube video where I walk you through each step in detail. Be sure to like and subscribe to get notified when the next video on Playbooks is released.
How to Generate a Sample Configuration File
If Ansible was installed using Python, you might notice that a default ansible.cfg file is not automatically generated. Fortunately, you can create one easily with the following command:
ansible-config init --disabled > ansible.cfgThis command generates a configuration template that you can customize for your project. By default, Ansible checks the current working directory for this file. If it’s not found, Ansible will default to using /etc/ansible/ansible.cfg.
Customizing Your Ansible Configuration File
Creating your own ansible.cfg file in the project directory is straightforward. Below is a basic structure that includes commonly used settings. Modify these options based on your project’s requirements:
[defaults]
inventory = inventory
forks = 5
timeout = 30
host_key_checking = FalseHere’s a breakdown of the key settings:
- inventory: Defines the path to the inventory file, where hosts managed by Ansible are listed. In this case, it’s set to
./inventory. - forks: Determines how many parallel connections can be made at once. Here, it’s set to 5.
- timeout: Specifies how long Ansible will wait for a connection before timing out.
- host_key_checking: Disables SSH host key verification, making it easier to manage hosts in a test environment without verifying their authenticity.
Taking Your Configuration Further
You can enhance the configuration by adding more options that are specific to your project:
[defaults]
inventory = inventory
forks = 5
timeout = 30
remote_user = ec2-user
private_key_file = ~/.ssh/id_rsa
[privilege_escalation]
become = True
become_method = sudo
become_user = rootIn this example:
- remote_user: Defines the default SSH user (here,
ec2-user) that Ansible will use to connect to the hosts. - private_key_file: Specifies the SSH private key used for authentication.
- [privilege_escalation]: Configures privilege escalation, allowing Ansible to execute commands requiring elevated permissions (e.g., root).
Understanding Privilege Escalation
When tasks need higher-level permissions, privilege escalation allows Ansible to execute commands as a different user. To make this possible, the user connecting to the remote system must have permission defined in the sudoers file.
- become = True: Enables privilege escalation for tasks that need it.
- become_method = sudo: Uses
sudofor privilege escalation, a common method in Linux/Unix environments. - become_user = root: Instructs Ansible to switch to the
rootuser when elevated privileges are required.
Setting Up a Custom Inventory
The inventory file is crucial because it lists the hosts and groups of hosts Ansible will manage. By default, Ansible looks for an inventory file at /etc/ansible/hosts. However, as configured in ansible.cfg, you can define a custom inventory in your project directory.
To create a custom inventory file, run the following command:
vi my_custom_inventoryIn the file, define hosts and organize them into groups. For instance:
[webservers]
web1.example.com
web2.example.com
[databases]
db1.example.com
db2.example.comAdditionally, you can specify host-specific variables, such as custom SSH users or ports, for each group or individual host.
Running an Ad-Hoc Command Using Custom Inventory
Once your inventory and configuration files are ready, you can test the setup by running a quick ad-hoc command. Here’s how you can ping all hosts in the webservers group using the ping module:
ansible -i my_custom_inventory webservers -m pingthis will run the ping module on all hosts in the webservers group.
What’s Next?
You’ve mastered the basics of configuring Ansible’s behavior and managing inventories. With this knowledge, you’re well-prepared to move on to Playbooks — the heart of Ansible automation. Playbooks let you define tasks in YAML format, making them reusable across different environments. In the next post, we’ll explore Playbooks in detail and cover how to manage configurations, deploy applications, and use Ansible Roles and Variables for more advanced automation.
For more detailed insights about Ansible configuration settings check out official doc.
