Ansible 配置文件详解
常用参数详解:
| [defaults] | 通用默认配置段; |
|---|---|
| inventory = /etc/ansible/hosts | 被控端 IP 或者 DNS 列表; |
| library = /usr/share/my_modules/ | Ansible 默认搜寻模块的位置; |
| remote_tmp = $HOME/.ansible/tmp | Ansible 远程执行临时文件; |
| pattern = * | 对所有主机通信; |
| forks = 5 | 并行进程数; |
| poll_interval = 15 | 回频率或轮训间隔时间; |
| sudo_user = root | sudo 远程执行用户名; |
| ask_sudo_pass = True | 使用 sudo,是否需要输入密码; |
| ask_pass = True | 是否需要输入密码; |
| transport = smart | 通信机制; |
| remote_port = 22 | 远程 SSH 端口; |
| module_lang = C | 模块和系统之间通信的语言; |
| gathering = implicit | 控制默认 facts 收集(远程系统变量); |
| roles_path= /etc/ansible/roles | 用于 playbook 搜索 Ansible roles; |
| host_key_checking = False | 检查远程主机密钥; |
| #sudo_exe = sudo | sudo 远程执行命令; |
| #sudo_flags = -H | 传递 sudo 之外的参数; |
| timeout = 10 SSH | 超时时间; |
| remote_user = root | 远程登陆用户名; |
| log_path = /var/log/ansible.log | 日志文件存放路径; |
| module_name = command | Ansible 命令执行默认的模块; |
| #executable = /bin/sh | 执行的 Shell 环境,用户 Shell 模块; |
| #hash_behaviour = replace | 特定的优先级覆盖变量; |
| #jinja2_extensions | 允许开启 Jinja2 拓展模块; |
| #private_key_file = /path/to/file | 私钥文件存储位置; |
| #display_skipped_hosts = True | 显示任何跳过任务的状态; |
| #system_warnings = True | 禁用系统运行 ansible 潜在问题警告; |
| #deprecation_warnings = True | Playbook 输出禁用“不建议使用”警告; |
| #command_warnings = False | command 模块 Ansible 默认发出警告; |
| #nocolor = 1 | 输出带上颜色区别,开启/关闭:0/1; |
| pipelining = False | 开启 pipe SSH 通道优化; |
| [accelerate] | accelerate 缓存加速。 |
| accelerate_port = 5099 | |
| accelerate_timeout = 30 | |
| accelerate_connect_timeout = 5.0 | |
| accelerate_daemon_timeout = 30 | |
| accelerate_multi_key = yes |
Ansible 性能调优
(1) Ansible SSH 关闭秘钥检测
host_key_checking = False
(2) OpenSSH 连接优化
sed -i '/^GSSAPI/s/yes/no/g; /UseDNS/d; /Protocol/aUseDNS no' /etc/ssh/sshd_config
/etc/init.d/sshd restart
(3) SSH pipelining 加速 Ansible
sed -i '/^pipelining/s/False/True/g' /etc/ansible/ansible.cfg
(4)Ansible Facts 缓存优化
gather_facts: nogather_facts: no
在配置文件/etc/ansible/ansible.cfg 中 defaluts 段中加入代码,如果 redis 密码为 admin,则开启 admin 密码行:
# yum install -y python-pip
# pip install redis==3.0.0
gathering = smart
fact_caching = redis
fact_caching_timeout = 86400
fact_caching_connection = localhost:6379
#fact_caching_connection = localhost:6379:0:admin
fact_caching = jsonfile
fact_caching_timeout = 86400
fact_caching_connection = /tmp
