Getting Started With Ansible - Part Three

This is in continuation to the article if the series “Learning Ansible”. So, in this article, we will learn -
  • Order of Ansible Configuration
  • Ansible Configuration Settings

Ansible Configuration Settings (Change the default behavior of Ansible)

We can manage the Ansible configuration in different files and there is also a different order of priority for these files depending on their location.
  1. We can set a variable and define any path and use it. This has the highest priority.
  2. We can create the .ansible.cfg file in the same directory where we keep our playbook as well. We will be using this local configuration file for our tasks in this article.
  3. We can create the .ansible.cfg file in the home directory starting with dot(.) so it will be a hidden file.
  4. This is the default global Ansible configuration file from where in the previous article, Getting Started With Ansible - Part 2 we changed the host key settings to false which is enabled by default.
So now, let’s see some of the common global Ansible settings in the Ansible machine.
We can see we have a lot of options here which we can change.
  • Inventory
    Here, every time we execute the Ansible command, we have to give the inventory path. Here, in the default section, we can give the path of the inventory. Then, we don’t need to give -I option while executing the Ansible command.

  • Forks
    Suppose we have 100 machines and if we want to do parallel execution for, suppose, 10 instances at a time then we can change the value of the fork to 10. So now it will make 10 SSH/ winrm /API connections at a time but make sure that your Ansible machine has good resources like RAM, CPU.

  • Ask_pass
    If we don’t want to mention password in the inventory file for hosts and if we don’t want to do the key exchange as well, then we can enable this option and it will then ask for the password. This is not recommended for automation.

  • Remote_port
    The SSH default port is 22 but if we are running SSH on a different port on the target machine. Then, we can change this value as by default Ansible tries to connect through SSH using port 22. For security reasons, we sometimes change the default ports.

  • SSH_timeout
    We can change the SSH timeout value from this global configuration file. By default it's 10 seconds so if a target machine will not respond in 10 secs then ansible will move to the next target.

  • Remote_user
    In the previous article "Getting started With Ansible – Part 2" we specified the user as DevOps but here, we can also change the remote user.

  • Log_path
    Ansible does not store logs by default, but if we want to store logs then we can specify the log path. We also have to make sure that the file specified in the log_path should be owned by the user who is executing ansible.
And there are lots of other settings like inventory specific, privilege_escalation and more.
We can check the detailed ansible configuration here.


So, we have seen different ways to store Ansible configuration and their priority order as well. We also saw a lot of settings which are commonly used and can be really helpful, though there are many more and we can anytime refer to the official documentation if we are curious to know more.
I hope you find this article helpful. Stay tuned for more … Cheers!!
You can also check out some of my previous articles of the series “Learning Ansible” here,