Ansible Configuration File (ansible.cfg): A Comprehensive Guide

Discover Ansible-Core, the essential foundation of Ansible automation, offering a minimalist yet powerful platform for managing and executing automation tasks.

The ansible.cfg file is a crucial component in the Ansible ecosystem, providing a centralized configuration point to customize the behavior of Ansible. This article explores the structure, key sections, and settings of the ansible.cfg file, and provides best practices for its usage.

What is ansible.cfg?

The ansible.cfg file is an INI-like configuration file used to define various settings and parameters that influence how Ansible operates. This file can be placed in different locations, with Ansible searching for it in the following order of precedence:

1. ANSIBLE_CONFIG environment variable (if set)

2. ansible.cfg file in the current working directory

3. .ansible.cfg file in the user’s home directory

4. /etc/ansible/ansible.cfg file (global configuration)

Each of these configuration files can override the settings specified in the others, with the highest precedence being given to the environment variable.

Structure of ansible.cfg

The ansible.cfg file is divided into sections, each containing various parameters that can be customized. Here are some of the key sections and their important settings:

1. [defaults]

This section contains the default settings for Ansible, including the inventory file location, remote user, and module path.

``ini


   [defaults]
   inventory = /path/to/inventory
   remote_user = your_user
   host_key_checking = False



2. [privilege_escalation]

This section manages settings for privilege escalation, such as sudo.

`ini


   [privilege_escalation]
   become = True
   become_method = sudo
   become_user = root



3. [ssh_connection]
   This section contains settings related to SSH connections.

`ini


   [ssh_connection]
   ssh_args = -o ControlMaster=auto -o ControlPersist=60s



4. [paramiko_connection]
   This section configures settings specific to Paramiko, an alternative to SSH.

`ini


   [paramiko_connection]
   pipelining = True



5. [inventory]
   This section deals with the configuration of the inventory.

`ini


   [inventory]
   enable_plugins = host_list, script, yaml, ini, auto



6. [logging]
   This section manages Ansible's logging settings.

`ini


   [logging]
   log_path = /var/log/ansible.log



Key Settings and Their Usage

1. Inventory File:

The inventory setting in the [defaults] section specifies the location of the inventory file.

`ini


   inventory = /path/to/inventory



2. Remote User:

The remote_user setting defines the user Ansible will use to connect to remote hosts.

`ini


   remote_user = ansible



3. Host Key Checking:
   Disabling host key checking can be useful in development environments.

`ini


   host_key_checking = False



4. Privilege Escalation:

The become settings allow you to specify whether Ansible should use privilege escalation and the method to use.

`ini


   become = True
   become_method = sudo