* Followup to docs refactor pull request #36067 - fixes gitignore and cleanup in makefile; removes some generated files; moves a straggler to the appropriate subdirectory.
* Fixed some stragglers
* Removed redundant module entries
* Delete generated RST files.
... | ... |
@@ -31,29 +31,22 @@ docs/man/man3/* |
31 | 31 |
# docsite stuff... |
32 | 32 |
docs/api/_build/ |
33 | 33 |
docs/api/rst/ |
34 |
-docs/docsite/*.html |
|
35 | 34 |
docs/docsite/_build |
36 |
-docs/docsite/_static/*.gif |
|
37 |
-docs/docsite/_static/*.png |
|
38 |
-docs/docsite/_static/websupport.js |
|
35 |
+docs/docsite/*.html |
|
39 | 36 |
docs/docsite/htmlout |
40 |
-docs/docsite/searchindex.js |
|
41 |
-docs/docsite/rst_warnings |
|
42 |
-docs/docsite/rst/*_module.rst |
|
43 |
-docs/docsite/rst/ansible.rst |
|
44 |
-docs/docsite/rst/ansible-*.rst |
|
45 |
-docs/docsite/rst/community_maintained.rst |
|
46 |
-docs/docsite/rst/config.rst |
|
47 |
-docs/docsite/rst/core_maintained.rst |
|
48 |
-docs/docsite/rst/list_of_*.rst |
|
49 |
-docs/docsite/rst/module_docs/*.rst |
|
50 |
-docs/docsite/rst/modules_by_category.rst |
|
51 |
-docs/docsite/rst/network_maintained.rst |
|
52 |
-docs/docsite/rst/plugins_by_category.rst |
|
53 |
-docs/docsite/rst/partner_maintained.rst |
|
54 |
-docs/docsite/rst/playbooks_keywords.rst |
|
37 |
+docs/docsite/rst/cli/ansible-*.rst |
|
38 |
+docs/docsite/rst/cli/ansible.rst |
|
39 |
+docs/docsite/rst/modules/*.rst |
|
55 | 40 |
docs/docsite/rst/playbooks_directives.rst |
41 |
+docs/docsite/rst/plugins_by_category.rst |
|
56 | 42 |
docs/docsite/rst/plugins/*/*.rst |
43 |
+docs/docsite/rst/reference_appendices/config.rst |
|
44 |
+docs/docsite/rst/reference_appendices/playbooks_keywords.rst |
|
45 |
+docs/docsite/rst_warnings |
|
46 |
+docs/docsite/searchindex.js |
|
47 |
+docs/docsite/_static/*.gif |
|
48 |
+docs/docsite/_static/*.png |
|
49 |
+docs/docsite/_static/websupport.js |
|
57 | 50 |
# deb building stuff... |
58 | 51 |
/debian/ |
59 | 52 |
deb-build |
... | ... |
@@ -58,19 +58,19 @@ clean: |
58 | 58 |
find . -type f \( -name "*~" -or -name "#*" \) -delete |
59 | 59 |
find . -type f \( -name "*.swp" \) -delete |
60 | 60 |
@echo "Cleaning up generated rst" |
61 |
- -rm rst/list_of_*.rst |
|
62 |
- -rm rst/*_by_category.rst |
|
63 |
- -rm rst/*_module.rst |
|
64 |
- -rm rst/*_plugin.rst |
|
65 |
- -rm rst/*_maintained.rst |
|
61 |
+ -rm rst/cli/ansible-*.rst |
|
62 |
+ -rm rst/cli/ansible.rst |
|
63 |
+ -rm rst/modules/*_by_category.rst |
|
64 |
+ -rm rst/modules/list_of_*.rst |
|
65 |
+ -rm rst/modules/*_maintained.rst |
|
66 |
+ -rm rst/modules/*_module.rst |
|
67 |
+ -rm rst/modules/*_plugin.rst |
|
66 | 68 |
-rm rst/playbooks_directives.rst |
67 |
- -rm rst/playbooks_keywords.rst |
|
68 | 69 |
-rm rst/plugins/*/*.rst |
69 |
- -rm rst/config.rst |
|
70 |
- -rm rst/ansible-*.rst |
|
71 |
- -rm rst/ansible.rst |
|
70 |
+ -rm rst/reference_appendices/config.rst |
|
71 |
+ -rm rst/reference_appendices/playbooks_keywords.rst |
|
72 | 72 |
|
73 |
-.PHONEY: docs clean |
|
73 |
+.PHONY: docs clean |
|
74 | 74 |
|
75 | 75 |
# TODO: make generate_man output dir cli option |
76 | 76 |
cli: $(GENERATE_CLI) |
77 | 77 |
deleted file mode 100644 |
... | ... |
@@ -1,392 +0,0 @@ |
1 |
-Getting started with Cisco ACI |
|
2 |
-============================== |
|
3 |
- |
|
4 |
-.. contents:: Topics |
|
5 |
- :depth: 2 |
|
6 |
- :local: |
|
7 |
- |
|
8 |
-.. _aci_intro: |
|
9 |
- |
|
10 |
-What is Cisco ACI ? |
|
11 |
- |
|
12 |
-Application Centric Infrastructure (ACI) |
|
13 |
-........................................ |
|
14 |
-The Cisco Application Centric Infrastructure (ACI) allows application requirements to define the network. This architecture simplifies, optimizes, and accelerates the entire application deployment life cycle. |
|
15 |
- |
|
16 |
-Application Policy Infrastructure Controller (APIC) |
|
17 |
-................................................... |
|
18 |
-The Cisco Application Policy Infrastructure Controller (APIC) API enables applications to directly connect with a secure, shared, high-performance resource pool that includes network, compute, and storage capabilities. |
|
19 |
- |
|
20 |
-The APIC manages the scalable ACI multi-tenant fabric. The APIC provides a unified point of automation and management, policy programming, application deployment, and health monitoring for the fabric. The APIC, which is implemented as a replicated synchronized clustered controller, optimizes performance, supports any application anywhere, and provides unified operation of the physical and virtual infrastructure. |
|
21 |
- |
|
22 |
-The APIC enables network administrators to easily define the optimal network for applications. Data center operators can clearly see how applications consume network resources, easily isolate and troubleshoot application and infrastructure problems, and monitor and profile resource usage patterns. |
|
23 |
- |
|
24 |
-ACI Fabric |
|
25 |
-.......... |
|
26 |
-The Cisco Application Centric Infrastructure (ACI) Fabric includes Cisco Nexus 9000 Series switches with the APIC to run in the leaf/spine ACI fabric mode. These switches form a "fat-tree" network by connecting each leaf node to each spine node; all other devices connect to the leaf nodes. The APIC manages the ACI fabric. |
|
27 |
- |
|
28 |
-The ACI fabric provides consistent low-latency forwarding across high-bandwidth links (40 Gbps, with a 100-Gbps future capability). Traffic with the source and destination on the same leaf switch is handled locally, and all other traffic travels from the ingress leaf to the egress leaf through a spine switch. Although this architecture appears as two hops from a physical perspective, it is actually a single Layer 3 hop because the fabric operates as a single Layer 3 switch. |
|
29 |
- |
|
30 |
-The ACI fabric object-oriented operating system (OS) runs on each Cisco Nexus 9000 Series node. It enables programming of objects for each configurable element of the system. The ACI fabric OS renders policies from the APIC into a concrete model that runs in the physical infrastructure. The concrete model is analogous to compiled software; it is the form of the model that the switch operating system can execute. |
|
31 |
- |
|
32 |
-All the switch nodes contain a complete copy of the concrete model. When an administrator creates a policy in the APIC that represents a configuration, the APIC updates the logical model. The APIC then performs the intermediate step of creating a fully elaborated policy that it pushes into all the switch nodes where the concrete model is updated. |
|
33 |
- |
|
34 |
-The APIC is responsible for fabric activation, switch firmware management, network policy configuration, and instantiation. While the APIC acts as the centralized policy and network management engine for the fabric, it is completely removed from the data path, including the forwarding topology. Therefore, the fabric can still forward traffic even when communication with the APIC is lost. |
|
35 |
- |
|
36 |
-More information |
|
37 |
-................ |
|
38 |
-Various resources exist to start learning ACI, here is a list of interesting articles from the community. |
|
39 |
- |
|
40 |
-- `Adam Raffe: Learning ACI <https://adamraffe.com/learning-aci/>`_ |
|
41 |
-- `Luca Relandini: ACI for dummies <http://lucarelandini.blogspot.be/2015/03/aci-for-dummies.html>`_ |
|
42 |
-- `Cisco DevNet Learning Labs about ACI <https://learninglabs.cisco.com/labs/tags/ACI>`_ |
|
43 |
- |
|
44 |
- |
|
45 |
-Using the ACI modules |
|
46 |
-The Ansible ACI modules provide a user-friendly interface to managing your ACI environment using Ansible playbooks. |
|
47 |
- |
|
48 |
-For instance ensuring that a specific tenant exists, is done using the following Ansible task: |
|
49 |
- |
|
50 |
-.. code-block:: yaml |
|
51 |
- |
|
52 |
- - name: Ensure tenant customer-xyz exists |
|
53 |
- aci_tenant: |
|
54 |
- host: my-apic-1 |
|
55 |
- username: admin |
|
56 |
- password: my-password |
|
57 |
- |
|
58 |
- tenant: customer-xyz |
|
59 |
- description: Customer XYZ |
|
60 |
- state: present |
|
61 |
- |
|
62 |
-A complete list of existing ACI modules is available for `the latest stable release <http://docs.ansible.com/ansible/latest/list_of_network_modules.html#aci>`_ as well as `the current development version <http://docs.ansible.com/ansible/devel/module_docs/list_of_network_modules.html#aci>`_. |
|
63 |
- |
|
64 |
-Standard module parameters |
|
65 |
-.......................... |
|
66 |
-Every Ansible ACI module accepts the following parameters that influence the module's communication with the APIC REST API: |
|
67 |
- |
|
68 |
-- ``host`` -- Hostname or IP address of the APIC |
|
69 |
-- ``port`` -- Port to use for communication (defaults to ``443`` for HTTPS, and ``80`` for HTTP) |
|
70 |
-- ``username`` -- User name used to log on to the APIC (defaults to ``admin``) |
|
71 |
-- ``password`` -- Password for ``username`` to log on to the APIC (using password-based authentication) |
|
72 |
-- ``private_key`` -- Private key for ``username`` to log on to APIC (using signature-based authentication) |
|
73 |
-- ``certificate_name`` -- Name of the certificate in the ACI Web GUI (defaults to ``private_key`` file base name) |
|
74 |
-- ``timeout`` -- Timeout value for socket-level communication |
|
75 |
-- ``use_proxy`` -- Use system proxy settings (defaults to ``yes``) |
|
76 |
-- ``use_ssl`` -- Use HTTPS or HTTP for APIC REST communication (defaults to ``yes``) |
|
77 |
-- ``validate_certs`` -- Validate certificate when using HTTPS communication (defaults to ``yes``) |
|
78 |
-- ``output_level`` -- Influence the level of detail ACI modules return to the user (one of ``normal``, ``info`` or ``debug``) |
|
79 |
- |
|
80 |
-Module return values |
|
81 |
-.................... |
|
82 |
-By default the ACI modules (excluding :ref:`aci_rest <aci_rest>`) return the resulting state of the managed object in a key ``current``. |
|
83 |
- |
|
84 |
-By increasing the ``output_level`` to ``info``, the modules give access to the ``previous`` state of the object, but also the ``proposed`` and ``sent`` configuration payload. |
|
85 |
- |
|
86 |
-For troubleshooting purposes setting ``output_level: debug`` or defining environment variable ``ANSIBLE_DEBUG=1`` enables more detailed information on the actual APIC REST communication, incl. ``filter_string``, ``method``, ``response``, ``status`` and ``url``. |
|
87 |
- |
|
88 |
-.. note:: The module return values are documented in detail as part of each module's documentation. |
|
89 |
- |
|
90 |
-More information |
|
91 |
-................ |
|
92 |
-Various resources exist to start learn more about ACI programmability, we recommend the following links: |
|
93 |
- |
|
94 |
-- `Jacob McGill: Automating Cisco ACI with Ansible <https://blogs.cisco.com/developer/automating-cisco-aci-with-ansible-eliminates-repetitive-day-to-day-tasks>`_ |
|
95 |
-- `Cisco DevNet Learning Labs about ACI and Ansible <https://learninglabs.cisco.com/labs/tags/ACI,Ansible>`_ |
|
96 |
- |
|
97 |
- |
|
98 |
-.. _aci_auth: |
|
99 |
- |
|
100 |
-ACI authentication |
|
101 |
- |
|
102 |
-Password-based authentication |
|
103 |
-............................. |
|
104 |
-If you want to logon using a username and password, you can use the following parameters with your ACI modules: |
|
105 |
- |
|
106 |
-.. code-block:: yaml |
|
107 |
- |
|
108 |
- username: admin |
|
109 |
- password: my-password |
|
110 |
- |
|
111 |
-Password-based authentication is very simple to work with, but it is not the most efficient form of authentication from ACI's point-of-view as it requires a separate login-request and an open session to work. To avoid having your session time-out and requiring another login, you can use the more efficient Signature-based authentication. |
|
112 |
- |
|
113 |
-.. note:: Password-based authentication also may trigger anti-DoS measures in ACI v3.1+ that causes session throttling and results in HTTP 503 errors and login failures. |
|
114 |
- |
|
115 |
-.. warning:: Never store passwords in plain text. |
|
116 |
- |
|
117 |
-The "Vault" feature of Ansible allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plain text in your playbooks or roles. These vault files can then be distributed or placed in source control. See :doc:`playbooks_vault` for more information. |
|
118 |
- |
|
119 |
- |
|
120 |
- |
|
121 |
-Signature-based authentication using certificates |
|
122 |
-................................................. |
|
123 |
-Using signature-based authentication is more efficient and more reliable than password-based authentication. |
|
124 |
- |
|
125 |
-Generate certificate and private key |
|
126 |
-,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, |
|
127 |
-Signature-based authentication requires a (self-signed) X.509 certificate with private key, and a configuration step for your AAA user in ACI. To generate a working X.509 certificate and private key, use the following procedure: |
|
128 |
- |
|
129 |
-.. code-block:: bash |
|
130 |
- |
|
131 |
- $ openssl req -new -newkey rsa:1024 -days 36500 -nodes -x509 -keyout admin.key -out admin.crt -subj '/CN=Admin/O=Your Company/C=US' |
|
132 |
- |
|
133 |
-Configure your local user |
|
134 |
-,,,,,,,,,,,,,,,,,,,,,,,,, |
|
135 |
-Perform the following steps: |
|
136 |
- |
|
137 |
-- Add the X.509 certificate to your ACI AAA local user at **ADMIN > AAA** |
|
138 |
-- Click **AAA Authentication** |
|
139 |
-- Check that in the **Authentication** field the **Realm** field displays **Local** |
|
140 |
-- Expand **Security Management > Local Users** |
|
141 |
-- Click the name of the user you want to add a certificate to, in the **User Certificates** area |
|
142 |
-- Click the **+** sign and in the **Create X509 Certificate** enter a certificate name in the **Name** field |
|
143 |
- |
|
144 |
- * If you use the basename of your private key here, you don't need to enter ``certificate_name`` in Ansible |
|
145 |
- |
|
146 |
-- Copy and paste your X.509 certificate in the **Data** field. |
|
147 |
- |
|
148 |
-You can automate this by using the following Ansible task: |
|
149 |
- |
|
150 |
-.. code-block:: yaml |
|
151 |
- |
|
152 |
- - name: Ensure we have a certificate installed |
|
153 |
- aci_aaa_user_certificate: |
|
154 |
- host: my-apic-1 |
|
155 |
- username: admin |
|
156 |
- password: my-password |
|
157 |
- |
|
158 |
- aaa_user: admin |
|
159 |
- certificate_name: admin |
|
160 |
- certificate: "{{ lookup('file', 'pki/admin.crt') }}" # This wil read the certificate data from a local file |
|
161 |
- |
|
162 |
-.. note:: Signature-based authentication only works with local users. |
|
163 |
- |
|
164 |
- |
|
165 |
-Use signature-based authentication with Ansible |
|
166 |
-,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, |
|
167 |
-You need the following parameters with your ACI module(s) for it to work: |
|
168 |
- |
|
169 |
-.. code-block:: yaml |
|
170 |
- |
|
171 |
- username: admin |
|
172 |
- private_key: pki/admin.key |
|
173 |
- certificate_name: admin # This could be left out ! |
|
174 |
- |
|
175 |
-.. note:: If you use a certificate name in ACI that matches the private key's basename, you can leave out the ``certificate_name`` parameter like the example above. |
|
176 |
- |
|
177 |
-More information |
|
178 |
-,,,,,,,,,,,,,,,, |
|
179 |
-More information about Signature-based Authentication is available from `Cisco APIC Signature-Based Transactions <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Signature_Based_Transactions.html>`_. |
|
180 |
- |
|
181 |
- |
|
182 |
-.. _aci_rest: |
|
183 |
- |
|
184 |
-Using ACI REST with Ansible |
|
185 |
-While already a lot of ACI modules exists in the Ansible distribution, and the most common actions can be performed with these existing modules, there's always something that may not be possible with off-the-shelf modules. |
|
186 |
- |
|
187 |
-The :ref:`aci_rest <aci_rest>` module provides you with direct access to the APIC REST API and enables you to perform any task not already covered by the existing modules. This may seem like a complex undertaking, but you can generate the needed REST payload for any action performed in the ACI web interface effortlessly. |
|
188 |
- |
|
189 |
-Using the aci-rest module |
|
190 |
-......................... |
|
191 |
-The :ref:`aci_rest <aci_rest>` module accepts the native XML and JSON payloads, but additionally accepts inline YAML payload (structured like JSON). The XML payload requires you to use a path ending with ``.xml`` whereas JSON or YAML require path to end with ``.json``. |
|
192 |
- |
|
193 |
-When you're making modifications, you can use the POST or DELETE methods, whereas doing just queries require the GET method. |
|
194 |
- |
|
195 |
-For instance, if you would like to ensure a specific tenant exists on ACI, these below four examples are identical: |
|
196 |
- |
|
197 |
-**XML** (Native ACI) |
|
198 |
- |
|
199 |
-.. code-block:: yaml |
|
200 |
- |
|
201 |
- - aci_rest: |
|
202 |
- host: my-apic-1 |
|
203 |
- private_key: pki/admin.key |
|
204 |
- |
|
205 |
- method: post |
|
206 |
- path: /api/mo/uni.xml |
|
207 |
- content: | |
|
208 |
- <fvTenant name="customer-xyz" descr="Customer XYZ"/> |
|
209 |
- |
|
210 |
-**JSON** (Native ACI) |
|
211 |
- |
|
212 |
-.. code-block:: yaml |
|
213 |
- |
|
214 |
- - aci_rest: |
|
215 |
- host: my-apic-1 |
|
216 |
- private_key: pki/admin.key |
|
217 |
- |
|
218 |
- method: post |
|
219 |
- path: /api/mo/uni.json |
|
220 |
- content: |
|
221 |
- { |
|
222 |
- "fvTenant": { |
|
223 |
- "attributes": { |
|
224 |
- "name": "customer-xyz", |
|
225 |
- "descr": "Customer XYZ" |
|
226 |
- } |
|
227 |
- } |
|
228 |
- } |
|
229 |
- |
|
230 |
-**YAML** (Ansible-style) |
|
231 |
- |
|
232 |
-.. code-block:: yaml |
|
233 |
- |
|
234 |
- - aci_rest: |
|
235 |
- host: my-apic-1 |
|
236 |
- private_key: pki/admin.key |
|
237 |
- |
|
238 |
- method: post |
|
239 |
- path: /api/mo/uni.json |
|
240 |
- content: |
|
241 |
- fvTenant: |
|
242 |
- attributes: |
|
243 |
- name: customer-xyz |
|
244 |
- descr: Customer XYZ |
|
245 |
- |
|
246 |
-**Ansible task** (Dedicated module) |
|
247 |
- |
|
248 |
-.. code-block:: yaml |
|
249 |
- |
|
250 |
- - aci_tenant: |
|
251 |
- host: my-apic-1 |
|
252 |
- private_key: pki/admin.key |
|
253 |
- |
|
254 |
- tenant: customer-xyz |
|
255 |
- description: Customer XYZ |
|
256 |
- state: present |
|
257 |
- |
|
258 |
-More information |
|
259 |
-................ |
|
260 |
-Plenty of resources exist to learn about ACI's APIC REST interface, we recommend the links below: |
|
261 |
- |
|
262 |
-- `The apic_rest Ansible module <http://docs.ansible.com/ansible/devel/module_docs/aci_rest_module.html>`_ |
|
263 |
-- `APIC REST API Configuration Guide <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide.html>`_ |
|
264 |
-- `Cisco DevNet Learning Labs about ACI and REST <https://learninglabs.cisco.com/labs/tags/ACI,REST>`_ |
|
265 |
- |
|
266 |
- |
|
267 |
-.. _aci_ops: |
|
268 |
- |
|
269 |
-Operational examples |
|
270 |
-Here is a small overview of useful operational tasks to reuse in your playbooks. |
|
271 |
-Feel free to contribute more snippets that are useful to others. |
|
272 |
- |
|
273 |
-Waiting for all controllers to be ready |
|
274 |
-....................................... |
|
275 |
-You can use the below task after you started to build your APICs and configured the cluster to wait until all the APICs have come online. It will wait until the number of controllers equals the number listed in the ``apic`` inventory group. |
|
276 |
- |
|
277 |
-.. code-block:: yaml |
|
278 |
- |
|
279 |
- - name: Waiting for all controllers to be ready |
|
280 |
- aci_rest: |
|
281 |
- host: '{{ apic_ip }}' |
|
282 |
- username: '{{ apic_username }}' |
|
283 |
- private_key: pki/admin.key |
|
284 |
- method: get |
|
285 |
- path: /api/node/class/topSystem.json?query-target-filter=eq(topSystem.role,"controller") |
|
286 |
- changed_when: no |
|
287 |
- register: aci_ready |
|
288 |
- until: aci_ready|success and aci_ready.totalCount|int >= groups['apic']|count |
|
289 |
- retries: 20 |
|
290 |
- delay: 30 |
|
291 |
- |
|
292 |
-Waiting for cluster to be fully-fit |
|
293 |
-................................... |
|
294 |
-The below example waits until the cluster is fully-fit. In this example you know the number of APICs in the cluster and you verify each APIC reports a 'fully-fit' status. |
|
295 |
- |
|
296 |
-.. code-block:: yaml |
|
297 |
- |
|
298 |
- - name: Waiting for cluster to be fully-fit |
|
299 |
- aci_rest: |
|
300 |
- host: '{{ apic_ip }}' |
|
301 |
- username: '{{ apic_username }}' |
|
302 |
- private_key: pki/admin.key |
|
303 |
- method: get |
|
304 |
- path: /api/node/class/infraWiNode.json?query-target-filter=wcard(infraWiNode.dn,"topology/pod-1/node-1/av") |
|
305 |
- changed_when: no |
|
306 |
- register: aci_fit |
|
307 |
- until: > |
|
308 |
- aci_fit|success and |
|
309 |
- aci_fit.totalCount|int >= groups['apic']|count >= 3 and |
|
310 |
- aci_fit.imdata[0].infraWiNode.attributes.health == 'fully-fit' and |
|
311 |
- aci_fit.imdata[1].infraWiNode.attributes.health == 'fully-fit' and |
|
312 |
- aci_fit.imdata[2].infraWiNode.attributes.health == 'fully-fit' |
|
313 |
- # all(apic.infraWiNode.attributes.health == 'fully-fit' for apic in aci_fit.imdata) |
|
314 |
- retries: 30 |
|
315 |
- delay: 30 |
|
316 |
- |
|
317 |
- |
|
318 |
-.. _aci_errors: |
|
319 |
- |
|
320 |
-APIC error messages |
|
321 |
-The following error messages may occur and this section can help you understand what exactly is going on. |
|
322 |
- |
|
323 |
-- **APIC Error 122: unknown managed object class 'polUni'** |
|
324 |
- |
|
325 |
- In case you receive this error while you are certain your :ref:`aci_rest <aci_rest>` payload and object classes are seemingly correct, the issue might be that your payload is not in fact correct JSON (e.g. the sent payload is using single quotes, rather than double quotes), and as a result the APIC is not correctly parsing your object classes from the payload. One way to avoid this is by using a YAML or an XML formatted payload. |
|
326 |
- |
|
327 |
- |
|
328 |
-- **APIC Error 400: invalid data at line '1'. Attributes are missing, tag 'attributes' must be specified first, before any other tag** |
|
329 |
- |
|
330 |
- While JSON does not care about the order of dictionary keys, the APIC is very strict in accepting only ``attributes`` before ``children``. So you need to ensure that your payload conforms to this requirement. Sorting your dictionary keys will do the trick just fine. |
|
331 |
- |
|
332 |
- |
|
333 |
-- **APIC Error 801: property descr of uni/tn-TENANT/ap-AP failed validation for value 'A "legacy" network'** |
|
334 |
- |
|
335 |
- Some values in the APIC have strict format-rules to comply to, and the internal APIC validation check for the provided value failed. In the above case, the ``description`` parameter (internally known as ``descr``) only accepts values conforming to `Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+ <https://pubhub-prod.s3.amazonaws.com/media/apic-mim-ref/docs/MO-fvAp.html#descr>`_ so it must not include quotes. |
|
336 |
- |
|
337 |
- |
|
338 |
-.. _aci_issues: |
|
339 |
- |
|
340 |
-Known issues |
|
341 |
-The :ref:`aci_rest <aci_rest>` module is a wrapper around the APIC REST API. As a result any issues related to the APIC will be reflected in the use of the :ref:`aci_rest <aci_rest>` module. |
|
342 |
- |
|
343 |
-All below issues either have been reported to the vendor, or can simply be avoided. |
|
344 |
- |
|
345 |
-- **Too many consecutive API calls may result in connection throttling** |
|
346 |
- |
|
347 |
- Starting with ACI v3.1 the APIC will actively throttle password-based authenticated connection rates over a specific treshold. This is as part of an anti-DDOS measure but can act up when using Ansible with ACI using password-based authentication. Currently, one solution is to increase this treshold within the nginx configuration, but using signature-based authentication is recommended. |
|
348 |
- |
|
349 |
- **NOTE:** It is advisable to use signature-based authentication with ACI as it not only prevents connection-throttling, but also improves general performance when using the ACI modules. |
|
350 |
- |
|
351 |
- |
|
352 |
-- **Specific requests may not reflect changes correctly** |
|
353 |
- |
|
354 |
- There is a known issue where specific requests to the APIC do not properly reflect changed in the resulting output, even when we request those changes explicitly from the APIC. In one instance using the path ``api/node/mo/uni/infra.xml`` fails, where ``api/node/mo/uni/infra/.xml`` does work correctly. |
|
355 |
- |
|
356 |
- More information from: `#35401 aci_rest: change not detected <https://github.com/ansible/ansible/issues/35041>`_ |
|
357 |
- |
|
358 |
- **NOTE:** Fortunately the behaviour is consistent, so if you have a working example you can trust that it will keep on working. |
|
359 |
- |
|
360 |
- |
|
361 |
-- **Specific requests are known to not be idempotent** |
|
362 |
- |
|
363 |
- The behaviour of the APIC is inconsistent to the use of ``status="created"`` and ``status="deleted"``. The result is that when you use ``status="created"`` in your payload the resulting tasks are not idempotent and creation will fail when the object was already created. However this is not the case with ``status="deleted"`` where such call to an non-existing object does not cause any failure whatsoever. |
|
364 |
- |
|
365 |
- More information from: `#35050 aci_rest: Using status="created" behaves differently than status="deleted" <https://github.com/ansible/ansible/issues/35050>`_ |
|
366 |
- |
|
367 |
- **NOTE:** A workaround is to avoid using ``status="created"`` and instead use ``status="modified"`` when idempotency is essential to your workflow.. |
|
368 |
- |
|
369 |
- |
|
370 |
-- **Setting user password is not idempotent** |
|
371 |
- |
|
372 |
- Due to an inconsistency in the APIC REST API, a task that sets the password of a locally-authenticated user is not idempotent. The APIC will complain with message ``Password history check: user dag should not use previous 5 passwords``. |
|
373 |
- |
|
374 |
- More information from: `#35544 aci_aaa_user: Setting user password is not idempotent <https://github.com/ansible/ansible/issues/35544>`_ |
|
375 |
- |
|
376 |
- **NOTE:** There is no workaround for this issue. |
|
377 |
- |
|
378 |
- |
|
379 |
-.. _aci_community: |
|
380 |
- |
|
381 |
-ACI Ansible community |
|
382 |
-If you have specific issues with the ACI modules, or a feature request, or you like to contribute to the ACI project by proposing changes or documentation updates, look at the Ansible Community wiki ACI page at: https://github.com/ansible/community/wiki/Network:-ACI |
|
383 |
- |
|
384 |
-You will find our roadmap, an overview of open ACI issues and pull-requests and more information about who we are. If you have an interest in using ACI with Ansible, feel free to join ! We occasionally meet online to track progress and prepare for new Ansible releases. |
... | ... |
@@ -50,7 +50,6 @@ Ansible, Inc. releases a new major release of Ansible approximately every two mo |
50 | 50 |
:caption: Scenario Guides |
51 | 51 |
|
52 | 52 |
networking_guide/network |
53 |
- ..scenario_guides/guides |
|
54 | 53 |
scenario_guides/guide_aws |
55 | 54 |
scenario_guides/guide_azure |
56 | 55 |
scenario_guides/guide_rax |
... | ... |
@@ -65,7 +64,7 @@ Ansible, Inc. releases a new major release of Ansible approximately every two mo |
65 | 65 |
:maxdepth: 2 |
66 | 66 |
:caption: Reference & Appendices |
67 | 67 |
|
68 |
- reference_appendices/modules_by_category |
|
68 |
+ ../modules/modules_by_category |
|
69 | 69 |
reference_appendices/playbooks_keywords |
70 | 70 |
reference_appendices/galaxy |
71 | 71 |
reference_appendices/common_return_values |
72 | 72 |
deleted file mode 100644 |
... | ... |
@@ -1,3021 +0,0 @@ |
1 |
-============================== |
|
2 |
-Ansible Configuration Settings |
|
3 |
-============================== |
|
4 |
- |
|
5 |
-Ansible supports a few ways of providing configuration variables, mainly through environment variables, command line switches and an ini file named ``ansible.cfg``. |
|
6 |
- |
|
7 |
-Starting at Ansible 2.4 the ``ansible-config`` utility allows users to see all the configuration settings available, their defaults, how to set them and |
|
8 |
-where their current value comes from. See :doc:ansible-config for more information. |
|
9 |
- |
|
10 |
- |
|
11 |
-The configuration file |
|
12 |
-====================== |
|
13 |
- |
|
14 |
-Changes can be made and used in a configuration file which will be searched for in the following order: |
|
15 |
- |
|
16 |
- * ``ANSIBLE_CONFIG`` (environment variable if set) |
|
17 |
- * ``ansible.cfg`` (in the current directory) |
|
18 |
- * ``~/.ansible.cfg`` (in the home directory) |
|
19 |
- * ``/etc/ansible/ansible.cfg`` |
|
20 |
- |
|
21 |
-Ansible will process the above list and use the first file found, all others are ignored. |
|
22 |
- |
|
23 |
-.. note:: |
|
24 |
- |
|
25 |
- The configuration file is one variant of an INI format. |
|
26 |
- Both the hash sign (``#``) and semicolon (``;``) are allowed as |
|
27 |
- comment markers when the comment starts the line. |
|
28 |
- However, if the comment is inline with regular values, |
|
29 |
- only the semicolon is allowed to introduce the comment. |
|
30 |
- For instance:: |
|
31 |
- |
|
32 |
- # some basic default values... |
|
33 |
- inventory = /etc/ansible/hosts ; This points to the file that lists your hosts |
|
34 |
- |
|
35 |
- |
|
36 |
-Common Options |
|
37 |
-============== |
|
38 |
- |
|
39 |
-This is a copy of the options available from our release, your local install might have extra options due to additional plugins, |
|
40 |
-you can use the command line utility mentioned above (`ansible-config`) to browse through those. |
|
41 |
- |
|
42 |
- |
|
43 |
- |
|
44 |
-.. _ACTION_WARNINGS: |
|
45 |
- |
|
46 |
-ACTION_WARNINGS |
|
47 |
- |
|
48 |
-:Description: By default Ansible will issue a warning when recieved from a task action (module or action plugin) These warnings can be silenced by adjusting this setting to False. |
|
49 |
-:Type: boolean |
|
50 |
-:Default: True |
|
51 |
-:Version Added: 2.5 |
|
52 |
-:Ini Section: defaults |
|
53 |
-:Ini Key: action_warnings |
|
54 |
-:Environment: :envvar:`ANSIBLE_ACTION_WARNINGS` |
|
55 |
- |
|
56 |
-.. _AGNOSTIC_BECOME_PROMPT: |
|
57 |
- |
|
58 |
-AGNOSTIC_BECOME_PROMPT |
|
59 |
- |
|
60 |
-:Description: Display an agnostic become prompt instead of displaying a prompt containing the command line supplied become method |
|
61 |
-:Type: boolean |
|
62 |
-:Default: False |
|
63 |
-:Version Added: 2.5 |
|
64 |
-:Ini Section: privilege_escalation |
|
65 |
-:Ini Key: agnostic_become_prompt |
|
66 |
-:Environment: :envvar:`ANSIBLE_AGNOSTIC_BECOME_PROMPT` |
|
67 |
- |
|
68 |
-.. _ALLOW_WORLD_READABLE_TMPFILES: |
|
69 |
- |
|
70 |
-ALLOW_WORLD_READABLE_TMPFILES |
|
71 |
- |
|
72 |
-:Description: This makes the temporary files created on the machine to be world readable and will issue a warning instead of failing the task. It is useful when becoming an unprivileged user. |
|
73 |
-:Type: boolean |
|
74 |
-:Default: False |
|
75 |
-:Version Added: 2.1 |
|
76 |
-:Ini Section: defaults |
|
77 |
-:Ini Key: allow_world_readable_tmpfiles |
|
78 |
- |
|
79 |
-.. _ANSIBLE_COW_PATH: |
|
80 |
- |
|
81 |
-ANSIBLE_COW_PATH |
|
82 |
- |
|
83 |
-:Description: Specify a custom cowsay path or swap in your cowsay implementation of choice |
|
84 |
-:Type: string |
|
85 |
-:Default: None |
|
86 |
-:Ini Section: defaults |
|
87 |
-:Ini Key: cowpath |
|
88 |
-:Environment: :envvar:`ANSIBLE_COW_PATH` |
|
89 |
- |
|
90 |
-.. _ANSIBLE_COW_SELECTION: |
|
91 |
- |
|
92 |
-ANSIBLE_COW_SELECTION |
|
93 |
- |
|
94 |
-:Description: This allows you to chose a specific cowsay stencil for the banners or use 'random' to cycle through them. |
|
95 |
-:Default: default |
|
96 |
-:Ini Section: defaults |
|
97 |
-:Ini Key: cow_selection |
|
98 |
-:Environment: :envvar:`ANSIBLE_COW_SELECTION` |
|
99 |
- |
|
100 |
-.. _ANSIBLE_COW_WHITELIST: |
|
101 |
- |
|
102 |
-ANSIBLE_COW_WHITELIST |
|
103 |
- |
|
104 |
-:Description: White list of cowsay templates that are 'safe' to use, set to empty list if you want to enable all installed templates. |
|
105 |
-:Type: list |
|
106 |
-:Default: ['bud-frogs', 'bunny', 'cheese', 'daemon', 'default', 'dragon', 'elephant-in-snake', 'elephant', 'eyes', 'hellokitty', 'kitty', 'luke-koala', 'meow', 'milk', 'moofasa', 'moose', 'ren', 'sheep', 'small', 'stegosaurus', 'stimpy', 'supermilker', 'three-eyes', 'turkey', 'turtle', 'tux', 'udder', 'vader-koala', 'vader', 'www'] |
|
107 |
-:Ini Section: defaults |
|
108 |
-:Ini Key: cow_whitelist |
|
109 |
-:Environment: :envvar:`ANSIBLE_COW_WHITELIST` |
|
110 |
- |
|
111 |
-.. _ANSIBLE_FORCE_COLOR: |
|
112 |
- |
|
113 |
-ANSIBLE_FORCE_COLOR |
|
114 |
- |
|
115 |
-:Description: This options forces color mode even when running without a TTY or the "nocolor" setting is True. |
|
116 |
-:Type: boolean |
|
117 |
-:Default: False |
|
118 |
-:Ini Section: defaults |
|
119 |
-:Ini Key: force_color |
|
120 |
-:Environment: :envvar:`ANSIBLE_FORCE_COLOR` |
|
121 |
- |
|
122 |
-.. _ANSIBLE_NOCOLOR: |
|
123 |
- |
|
124 |
-ANSIBLE_NOCOLOR |
|
125 |
- |
|
126 |
-:Description: This setting allows suppressing colorizing output, which is used to give a better indication of failure and status information. |
|
127 |
-:Type: boolean |
|
128 |
-:Default: False |
|
129 |
-:Ini Section: defaults |
|
130 |
-:Ini Key: nocolor |
|
131 |
-:Environment: :envvar:`ANSIBLE_NOCOLOR` |
|
132 |
- |
|
133 |
-.. _ANSIBLE_NOCOWS: |
|
134 |
- |
|
135 |
-ANSIBLE_NOCOWS |
|
136 |
- |
|
137 |
-:Description: If you have cowsay installed but want to avoid the 'cows' (why????), use this. |
|
138 |
-:Type: boolean |
|
139 |
-:Default: False |
|
140 |
-:Ini Section: defaults |
|
141 |
-:Ini Key: nocows |
|
142 |
-:Environment: :envvar:`ANSIBLE_NOCOWS` |
|
143 |
- |
|
144 |
-.. _ANSIBLE_PIPELINING: |
|
145 |
- |
|
146 |
-ANSIBLE_PIPELINING |
|
147 |
- |
|
148 |
-:Description: Pipelining, if supported by the connection plugin, reduces the number of network operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfer. This can result in a very significant performance improvement when enabled. However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. |
|
149 |
-:Type: boolean |
|
150 |
-:Default: False |
|
151 |
-:Ini Section: connection |
|
152 |
-:Ini Key: pipelining |
|
153 |
-:Ini Section: ssh_connection |
|
154 |
-:Ini Key: pipelining |
|
155 |
-:Environment: :envvar:`ANSIBLE_PIPELINING` |
|
156 |
-:Environment: :envvar:`ANSIBLE_SSH_PIPELINING` |
|
157 |
- |
|
158 |
-.. _ANSIBLE_SSH_ARGS: |
|
159 |
- |
|
160 |
-ANSIBLE_SSH_ARGS |
|
161 |
- |
|
162 |
-:Description: If set, this will override the Ansible default ssh arguments. In particular, users may wish to raise the ControlPersist time to encourage performance. A value of 30 minutes may be appropriate. Be aware that if `-o ControlPath` is set in ssh_args, the control path setting is not used. |
|
163 |
-:Default: -C -o ControlMaster=auto -o ControlPersist=60s |
|
164 |
-:Ini Section: ssh_connection |
|
165 |
-:Ini Key: ssh_args |
|
166 |
-:Environment: :envvar:`ANSIBLE_SSH_ARGS` |
|
167 |
- |
|
168 |
-.. _ANSIBLE_SSH_CONTROL_PATH: |
|
169 |
- |
|
170 |
-ANSIBLE_SSH_CONTROL_PATH |
|
171 |
- |
|
172 |
-:Description: This is the location to save ssh's ControlPath sockets, it uses ssh's variable substitution. Since 2.3, if null, ansible will generate a unique hash. Use `%(directory)s` to indicate where to use the control dir path setting. Before 2.3 it defaulted to `control_path=%(directory)s/ansible-ssh-%%h-%%p-%%r`. Be aware that this setting is ignored if `-o ControlPath` is set in ssh args. |
|
173 |
-:Default: None |
|
174 |
-:Ini Section: ssh_connection |
|
175 |
-:Ini Key: control_path |
|
176 |
-:Environment: :envvar:`ANSIBLE_SSH_CONTROL_PATH` |
|
177 |
- |
|
178 |
-.. _ANSIBLE_SSH_CONTROL_PATH_DIR: |
|
179 |
- |
|
180 |
-ANSIBLE_SSH_CONTROL_PATH_DIR |
|
181 |
- |
|
182 |
-:Description: This sets the directory to use for ssh control path if the control path setting is null. Also, provides the `%(directory)s` variable for the control path setting. |
|
183 |
-:Default: ~/.ansible/cp |
|
184 |
-:Ini Section: ssh_connection |
|
185 |
-:Ini Key: control_path_dir |
|
186 |
-:Environment: :envvar:`ANSIBLE_SSH_CONTROL_PATH_DIR` |
|
187 |
- |
|
188 |
-.. _ANSIBLE_SSH_EXECUTABLE: |
|
189 |
- |
|
190 |
-ANSIBLE_SSH_EXECUTABLE |
|
191 |
- |
|
192 |
-:Description: This defines the location of the ssh binary. It defaults to `ssh` which will use the first ssh binary available in $PATH. This option is usually not required, it might be useful when access to system ssh is restricted, or when using ssh wrappers to connect to remote hosts. |
|
193 |
-:Default: ssh |
|
194 |
-:Version Added: 2.2 |
|
195 |
-:Ini Section: ssh_connection |
|
196 |
-:Ini Key: ssh_executable |
|
197 |
-:Environment: :envvar:`ANSIBLE_SSH_EXECUTABLE` |
|
198 |
- |
|
199 |
-.. _ANSIBLE_SSH_RETRIES: |
|
200 |
- |
|
201 |
-ANSIBLE_SSH_RETRIES |
|
202 |
- |
|
203 |
-:Description: Number of attempts to establish a connection before we give up and report the host as 'UNREACHABLE' |
|
204 |
-:Type: integer |
|
205 |
-:Default: 0 |
|
206 |
-:Ini Section: ssh_connection |
|
207 |
-:Ini Key: retries |
|
208 |
-:Environment: :envvar:`ANSIBLE_SSH_RETRIES` |
|
209 |
- |
|
210 |
-.. _ANY_ERRORS_FATAL: |
|
211 |
- |
|
212 |
-ANY_ERRORS_FATAL |
|
213 |
- |
|
214 |
-:Description: Sets the default value for the any_errors_fatal keyword, if True, Task failures will be considered fatal errors. |
|
215 |
-:Type: boolean |
|
216 |
-:Default: False |
|
217 |
-:Version Added: 2.4 |
|
218 |
-:Ini Section: defaults |
|
219 |
-:Ini Key: any_errors_fatal |
|
220 |
-:Environment: :envvar:`ANSIBLE_ANY_ERRORS_FATAL` |
|
221 |
- |
|
222 |
-.. _BECOME_ALLOW_SAME_USER: |
|
223 |
- |
|
224 |
-BECOME_ALLOW_SAME_USER |
|
225 |
- |
|
226 |
-:Description: This setting controls if become is skipped when remote user and become user are the same. I.E root sudo to root. |
|
227 |
-:Type: boolean |
|
228 |
-:Default: False |
|
229 |
-:Ini Section: privilege_escalation |
|
230 |
-:Ini Key: become_allow_same_user |
|
231 |
-:Environment: :envvar:`ANSIBLE_BECOME_ALLOW_SAME_USER` |
|
232 |
- |
|
233 |
-.. _CACHE_PLUGIN: |
|
234 |
- |
|
235 |
-CACHE_PLUGIN |
|
236 |
- |
|
237 |
-:Description: Chooses which cache plugin to use, the default 'memory' is ephimeral. |
|
238 |
-:Default: memory |
|
239 |
-:Ini Section: defaults |
|
240 |
-:Ini Key: fact_caching |
|
241 |
-:Environment: :envvar:`ANSIBLE_CACHE_PLUGIN` |
|
242 |
- |
|
243 |
-.. _CACHE_PLUGIN_CONNECTION: |
|
244 |
- |
|
245 |
-CACHE_PLUGIN_CONNECTION |
|
246 |
- |
|
247 |
-:Description: Defines connection or path information for the cache plugin |
|
248 |
-:Default: None |
|
249 |
-:Ini Section: defaults |
|
250 |
-:Ini Key: fact_caching_connection |
|
251 |
-:Environment: :envvar:`ANSIBLE_CACHE_PLUGIN_CONNECTION` |
|
252 |
- |
|
253 |
-.. _CACHE_PLUGIN_PREFIX: |
|
254 |
- |
|
255 |
-CACHE_PLUGIN_PREFIX |
|
256 |
- |
|
257 |
-:Description: Prefix to use for cache plugin files/tables |
|
258 |
-:Default: ansible_facts |
|
259 |
-:Ini Section: defaults |
|
260 |
-:Ini Key: fact_caching_prefix |
|
261 |
-:Environment: :envvar:`ANSIBLE_CACHE_PLUGIN_PREFIX` |
|
262 |
- |
|
263 |
-.. _CACHE_PLUGIN_TIMEOUT: |
|
264 |
- |
|
265 |
-CACHE_PLUGIN_TIMEOUT |
|
266 |
- |
|
267 |
-:Description: Expiration timeout for the cache plugin data |
|
268 |
-:Type: integer |
|
269 |
-:Default: 86400 |
|
270 |
-:Ini Section: defaults |
|
271 |
-:Ini Key: fact_caching_timeout |
|
272 |
-:Environment: :envvar:`ANSIBLE_CACHE_PLUGIN_TIMEOUT` |
|
273 |
- |
|
274 |
-.. _COLOR_CHANGED: |
|
275 |
- |
|
276 |
-COLOR_CHANGED |
|
277 |
- |
|
278 |
-:Description: Defines the color to use on 'Changed' task status |
|
279 |
-:Default: yellow |
|
280 |
-:Ini Section: colors |
|
281 |
-:Ini Key: changed |
|
282 |
-:Environment: :envvar:`ANSIBLE_COLOR_CHANGED` |
|
283 |
- |
|
284 |
-.. _COLOR_DEBUG: |
|
285 |
- |
|
286 |
-COLOR_DEBUG |
|
287 |
- |
|
288 |
-:Description: Defines the color to use when emitting debug messages |
|
289 |
-:Default: dark gray |
|
290 |
-:Ini Section: colors |
|
291 |
-:Ini Key: debug |
|
292 |
-:Environment: :envvar:`ANSIBLE_COLOR_DEBUG` |
|
293 |
- |
|
294 |
-.. _COLOR_DEPRECATE: |
|
295 |
- |
|
296 |
-COLOR_DEPRECATE |
|
297 |
- |
|
298 |
-:Description: Defines the color to use when emitting deprecation messages |
|
299 |
-:Default: purple |
|
300 |
-:Ini Section: colors |
|
301 |
-:Ini Key: deprecate |
|
302 |
-:Environment: :envvar:`ANSIBLE_COLOR_DEPRECATE` |
|
303 |
- |
|
304 |
-.. _COLOR_DIFF_ADD: |
|
305 |
- |
|
306 |
-COLOR_DIFF_ADD |
|
307 |
- |
|
308 |
-:Description: Defines the color to use when showing added lines in diffs |
|
309 |
-:Default: green |
|
310 |
-:Ini Section: colors |
|
311 |
-:Ini Key: diff_add |
|
312 |
-:Environment: :envvar:`ANSIBLE_COLOR_DIFF_ADD` |
|
313 |
- |
|
314 |
-.. _COLOR_DIFF_LINES: |
|
315 |
- |
|
316 |
-COLOR_DIFF_LINES |
|
317 |
- |
|
318 |
-:Description: Defines the color to use when showing diffs |
|
319 |
-:Default: cyan |
|
320 |
-:Ini Section: colors |
|
321 |
-:Ini Key: diff_lines |
|
322 |
-:Environment: :envvar:`ANSIBLE_COLOR_DIFF_LINES` |
|
323 |
- |
|
324 |
-.. _COLOR_DIFF_REMOVE: |
|
325 |
- |
|
326 |
-COLOR_DIFF_REMOVE |
|
327 |
- |
|
328 |
-:Description: Defines the color to use when showing removed lines in diffs |
|
329 |
-:Default: red |
|
330 |
-:Ini Section: colors |
|
331 |
-:Ini Key: diff_remove |
|
332 |
-:Environment: :envvar:`ANSIBLE_COLOR_DIFF_REMOVE` |
|
333 |
- |
|
334 |
-.. _COLOR_ERROR: |
|
335 |
- |
|
336 |
-COLOR_ERROR |
|
337 |
- |
|
338 |
-:Description: Defines the color to use when emitting error messages |
|
339 |
-:Default: red |
|
340 |
-:Ini Section: colors |
|
341 |
-:Ini Key: error |
|
342 |
-:Environment: :envvar:`ANSIBLE_COLOR_ERROR` |
|
343 |
- |
|
344 |
-.. _COLOR_HIGHLIGHT: |
|
345 |
- |
|
346 |
-COLOR_HIGHLIGHT |
|
347 |
- |
|
348 |
-:Description: Color used for highlights |
|
349 |
-:Default: white |
|
350 |
-:Ini Section: colors |
|
351 |
-:Ini Key: highlight |
|
352 |
-:Environment: :envvar:`ANSIBLE_COLOR_HIGHLIGHT` |
|
353 |
- |
|
354 |
-.. _COLOR_OK: |
|
355 |
- |
|
356 |
-COLOR_OK |
|
357 |
- |
|
358 |
-:Description: Defines the color to use when showing 'OK' task status |
|
359 |
-:Default: green |
|
360 |
-:Ini Section: colors |
|
361 |
-:Ini Key: ok |
|
362 |
-:Environment: :envvar:`ANSIBLE_COLOR_OK` |
|
363 |
- |
|
364 |
-.. _COLOR_SKIP: |
|
365 |
- |
|
366 |
-COLOR_SKIP |
|
367 |
- |
|
368 |
-:Description: Defines the color to use when showing 'Skipped' task status |
|
369 |
-:Default: cyan |
|
370 |
-:Ini Section: colors |
|
371 |
-:Ini Key: skip |
|
372 |
-:Environment: :envvar:`ANSIBLE_COLOR_SKIP` |
|
373 |
- |
|
374 |
-.. _COLOR_UNREACHABLE: |
|
375 |
- |
|
376 |
-COLOR_UNREACHABLE |
|
377 |
- |
|
378 |
-:Description: Defines the color to use on 'Unreachable' status |
|
379 |
-:Default: bright red |
|
380 |
-:Ini Section: colors |
|
381 |
-:Ini Key: unreachable |
|
382 |
-:Environment: :envvar:`ANSIBLE_COLOR_UNREACHABLE` |
|
383 |
- |
|
384 |
-.. _COLOR_VERBOSE: |
|
385 |
- |
|
386 |
-COLOR_VERBOSE |
|
387 |
- |
|
388 |
-:Description: Defines the color to use when emitting verbose messages. i.e those that show with '-v's. |
|
389 |
-:Default: blue |
|
390 |
-:Ini Section: colors |
|
391 |
-:Ini Key: verbose |
|
392 |
-:Environment: :envvar:`ANSIBLE_COLOR_VERBOSE` |
|
393 |
- |
|
394 |
-.. _COLOR_WARN: |
|
395 |
- |
|
396 |
-COLOR_WARN |
|
397 |
- |
|
398 |
-:Description: Defines the color to use when emitting warning messages |
|
399 |
-:Default: bright purple |
|
400 |
-:Ini Section: colors |
|
401 |
-:Ini Key: warn |
|
402 |
-:Environment: :envvar:`ANSIBLE_COLOR_WARN` |
|
403 |
- |
|
404 |
-.. _COMMAND_WARNINGS: |
|
405 |
- |
|
406 |
-COMMAND_WARNINGS |
|
407 |
- |
|
408 |
-:Description: By default Ansible will issue a warning when the shell or command module is used and the command appears to be similar to an existing Ansible module. These warnings can be silenced by adjusting this setting to False. You can also control this at the task level with the module optoin ``warn``. |
|
409 |
-:Type: boolean |
|
410 |
-:Default: True |
|
411 |
-:Version Added: 1.8 |
|
412 |
-:Ini Section: defaults |
|
413 |
-:Ini Key: command_warnings |
|
414 |
-:Environment: :envvar:`ANSIBLE_COMMAND_WARNINGS` |
|
415 |
- |
|
416 |
-.. _DEFAULT_ACTION_PLUGIN_PATH: |
|
417 |
- |
|
418 |
-DEFAULT_ACTION_PLUGIN_PATH |
|
419 |
- |
|
420 |
-:Description: Colon separated paths in which Ansible will search for Action Plugins. |
|
421 |
-:Type: pathspec |
|
422 |
-:Default: ~/.ansible/plugins/action:/usr/share/ansible/plugins/action |
|
423 |
-:Ini Section: defaults |
|
424 |
-:Ini Key: action_plugins |
|
425 |
-:Environment: :envvar:`ANSIBLE_ACTION_PLUGINS` |
|
426 |
- |
|
427 |
-.. _DEFAULT_ALLOW_UNSAFE_LOOKUPS: |
|
428 |
- |
|
429 |
-DEFAULT_ALLOW_UNSAFE_LOOKUPS |
|
430 |
- |
|
431 |
-:Description: When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'. By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backwards-compatibility, however users should first consider adding allow_unsafe=True to any lookups which may be expected to contain data which may be run through the templating engine late |
|
432 |
-:Type: boolean |
|
433 |
-:Default: False |
|
434 |
-:Version Added: 2.2.3 |
|
435 |
-:Ini Section: defaults |
|
436 |
-:Ini Key: allow_unsafe_lookups |
|
437 |
- |
|
438 |
-.. _DEFAULT_ASK_PASS: |
|
439 |
- |
|
440 |
-DEFAULT_ASK_PASS |
|
441 |
- |
|
442 |
-:Description: This controls whether an Ansible playbook should prompt for a login password. If using SSH keys for authentication, you probably do not needed to change this setting. |
|
443 |
-:Type: boolean |
|
444 |
-:Default: False |
|
445 |
-:Ini Section: defaults |
|
446 |
-:Ini Key: ask_pass |
|
447 |
-:Environment: :envvar:`ANSIBLE_ASK_PASS` |
|
448 |
- |
|
449 |
-.. _DEFAULT_ASK_SU_PASS: |
|
450 |
- |
|
451 |
-DEFAULT_ASK_SU_PASS |
|
452 |
- |
|
453 |
-:Description: This controls whether an Ansible playbook should prompt for a su password. |
|
454 |
-:Type: boolean |
|
455 |
-:Default: False |
|
456 |
-:Ini Section: defaults |
|
457 |
-:Ini Key: ask_su_pass |
|
458 |
-:Environment: :envvar:`ANSIBLE_ASK_SU_PASS` |
|
459 |
-:Deprecated in: 2.8 |
|
460 |
-:Deprecated detail: In favor of become which is a generic framework |
|
461 |
-:Deprecated alternatives: become |
|
462 |
- |
|
463 |
-.. _DEFAULT_ASK_SUDO_PASS: |
|
464 |
- |
|
465 |
-DEFAULT_ASK_SUDO_PASS |
|
466 |
- |
|
467 |
-:Description: This controls whether an Ansible playbook should prompt for a sudo password. |
|
468 |
-:Type: boolean |
|
469 |
-:Default: False |
|
470 |
-:Ini Section: defaults |
|
471 |
-:Ini Key: ask_sudo_pass |
|
472 |
-:Environment: :envvar:`ANSIBLE_ASK_SUDO_PASS` |
|
473 |
-:Deprecated in: 2.8 |
|
474 |
-:Deprecated detail: In favor of become which is a generic framework |
|
475 |
-:Deprecated alternatives: become |
|
476 |
- |
|
477 |
-.. _DEFAULT_ASK_VAULT_PASS: |
|
478 |
- |
|
479 |
-DEFAULT_ASK_VAULT_PASS |
|
480 |
- |
|
481 |
-:Description: This controls whether an Ansible playbook should prompt for a vault password. |
|
482 |
-:Type: boolean |
|
483 |
-:Default: False |
|
484 |
-:Ini Section: defaults |
|
485 |
-:Ini Key: ask_vault_pass |
|
486 |
-:Environment: :envvar:`ANSIBLE_ASK_VAULT_PASS` |
|
487 |
- |
|
488 |
-.. _DEFAULT_BECOME: |
|
489 |
- |
|
490 |
-DEFAULT_BECOME |
|
491 |
- |
|
492 |
-:Description: Toggles the use of privilege escalation, allowing you to 'become' another user after login. |
|
493 |
-:Type: boolean |
|
494 |
-:Default: False |
|
495 |
-:Ini Section: privilege_escalation |
|
496 |
-:Ini Key: become |
|
497 |
-:Environment: :envvar:`ANSIBLE_BECOME` |
|
498 |
- |
|
499 |
-.. _DEFAULT_BECOME_ASK_PASS: |
|
500 |
- |
|
501 |
-DEFAULT_BECOME_ASK_PASS |
|
502 |
- |
|
503 |
-:Description: Toggle to prompt for privilege escalation password. |
|
504 |
-:Type: boolean |
|
505 |
-:Default: False |
|
506 |
-:Ini Section: privilege_escalation |
|
507 |
-:Ini Key: become_ask_pass |
|
508 |
-:Environment: :envvar:`ANSIBLE_BECOME_ASK_PASS` |
|
509 |
- |
|
510 |
-.. _DEFAULT_BECOME_EXE: |
|
511 |
- |
|
512 |
-DEFAULT_BECOME_EXE |
|
513 |
- |
|
514 |
-:Description: executable to use for privilege escalation, otherwise Ansible will depend on PATH |
|
515 |
-:Default: None |
|
516 |
-:Ini Section: privilege_escalation |
|
517 |
-:Ini Key: become_exe |
|
518 |
-:Environment: :envvar:`ANSIBLE_BECOME_EXE` |
|
519 |
- |
|
520 |
-.. _DEFAULT_BECOME_FLAGS: |
|
521 |
- |
|
522 |
-DEFAULT_BECOME_FLAGS |
|
523 |
- |
|
524 |
-:Description: Flags to pass to the privilege escalation executable. |
|
525 |
-:Default: |
|
526 |
-:Ini Section: privilege_escalation |
|
527 |
-:Ini Key: become_flags |
|
528 |
-:Environment: :envvar:`ANSIBLE_BECOME_FLAGS` |
|
529 |
- |
|
530 |
-.. _DEFAULT_BECOME_METHOD: |
|
531 |
- |
|
532 |
-DEFAULT_BECOME_METHOD |
|
533 |
- |
|
534 |
-:Description: Privilege escalation method to use when `become` is enabled. |
|
535 |
-:Default: sudo |
|
536 |
-:Ini Section: privilege_escalation |
|
537 |
-:Ini Key: become_method |
|
538 |
-:Environment: :envvar:`ANSIBLE_BECOME_METHOD` |
|
539 |
- |
|
540 |
-.. _DEFAULT_BECOME_USER: |
|
541 |
- |
|
542 |
-DEFAULT_BECOME_USER |
|
543 |
- |
|
544 |
-:Description: The user your login/remote user 'becomes' when using privilege escalation, most systems will use 'root' when no user is specified. |
|
545 |
-:Default: root |
|
546 |
-:Ini Section: privilege_escalation |
|
547 |
-:Ini Key: become_user |
|
548 |
-:Environment: :envvar:`ANSIBLE_BECOME_USER` |
|
549 |
- |
|
550 |
-.. _DEFAULT_CACHE_PLUGIN_PATH: |
|
551 |
- |
|
552 |
-DEFAULT_CACHE_PLUGIN_PATH |
|
553 |
- |
|
554 |
-:Description: Colon separated paths in which Ansible will search for Cache Plugins. |
|
555 |
-:Type: pathspec |
|
556 |
-:Default: ~/.ansible/plugins/cache:/usr/share/ansible/plugins/cache |
|
557 |
-:Ini Section: defaults |
|
558 |
-:Ini Key: cache_plugins |
|
559 |
-:Environment: :envvar:`ANSIBLE_CACHE_PLUGINS` |
|
560 |
- |
|
561 |
-.. _DEFAULT_CALLABLE_WHITELIST: |
|
562 |
- |
|
563 |
-DEFAULT_CALLABLE_WHITELIST |
|
564 |
- |
|
565 |
-:Description: Whitelist of callable methods to be made available to template evaluation |
|
566 |
-:Type: list |
|
567 |
-:Default: [] |
|
568 |
-:Ini Section: defaults |
|
569 |
-:Ini Key: callable_whitelist |
|
570 |
-:Environment: :envvar:`ANSIBLE_CALLABLE_WHITELIST` |
|
571 |
- |
|
572 |
-.. _DEFAULT_CALLBACK_PLUGIN_PATH: |
|
573 |
- |
|
574 |
-DEFAULT_CALLBACK_PLUGIN_PATH |
|
575 |
- |
|
576 |
-:Description: Colon separated paths in which Ansible will search for Callback Plugins. |
|
577 |
-:Type: pathspec |
|
578 |
-:Default: ~/.ansible/plugins/callback:/usr/share/ansible/plugins/callback |
|
579 |
-:Ini Section: defaults |
|
580 |
-:Ini Key: callback_plugins |
|
581 |
-:Environment: :envvar:`ANSIBLE_CALLBACK_PLUGINS` |
|
582 |
- |
|
583 |
-.. _DEFAULT_CALLBACK_WHITELIST: |
|
584 |
- |
|
585 |
-DEFAULT_CALLBACK_WHITELIST |
|
586 |
- |
|
587 |
-:Description: List of whitelisted callbacks, not all callbacks need whitelisting, but many of those shipped with Ansible do as we don't want them activated by default. |
|
588 |
-:Type: list |
|
589 |
-:Default: [] |
|
590 |
-:Ini Section: defaults |
|
591 |
-:Ini Key: callback_whitelist |
|
592 |
-:Environment: :envvar:`ANSIBLE_CALLBACK_WHITELIST` |
|
593 |
- |
|
594 |
-.. _DEFAULT_CONNECTION_PLUGIN_PATH: |
|
595 |
- |
|
596 |
-DEFAULT_CONNECTION_PLUGIN_PATH |
|
597 |
- |
|
598 |
-:Description: Colon separated paths in which Ansible will search for Connection Plugins. |
|
599 |
-:Type: pathspec |
|
600 |
-:Default: ~/.ansible/plugins/connection:/usr/share/ansible/plugins/connection |
|
601 |
-:Ini Section: defaults |
|
602 |
-:Ini Key: connection_plugins |
|
603 |
-:Environment: :envvar:`ANSIBLE_CONNECTION_PLUGINS` |
|
604 |
- |
|
605 |
-.. _DEFAULT_DEBUG: |
|
606 |
- |
|
607 |
-DEFAULT_DEBUG |
|
608 |
- |
|
609 |
-:Description: Toggles debug output in Ansible, VERY verbose and can hinder multiprocessing. |
|
610 |
-:Type: boolean |
|
611 |
-:Default: False |
|
612 |
-:Ini Section: defaults |
|
613 |
-:Ini Key: debug |
|
614 |
-:Environment: :envvar:`ANSIBLE_DEBUG` |
|
615 |
- |
|
616 |
-.. _DEFAULT_EXECUTABLE: |
|
617 |
- |
|
618 |
-DEFAULT_EXECUTABLE |
|
619 |
- |
|
620 |
-:Description: This indicates the command to use to spawn a shell under for Ansible's execution needs on a target. Users may need to change this in rare instances when shell usage is constrained, but in most cases it may be left as is. |
|
621 |
-:Default: /bin/sh |
|
622 |
-:Ini Section: defaults |
|
623 |
-:Ini Key: executable |
|
624 |
-:Environment: :envvar:`ANSIBLE_EXECUTABLE` |
|
625 |
- |
|
626 |
-.. _DEFAULT_FACT_PATH: |
|
627 |
- |
|
628 |
-DEFAULT_FACT_PATH |
|
629 |
- |
|
630 |
-:Description: This option allows you to globally configure a custom path for 'local_facts' for the implied M(setup) task when using fact gathering. If not set, it will fallback to the default from the M(setup) module: ``/etc/ansible/facts.d``. This does **not** affect user defined tasks that use the M(setup) module. |
|
631 |
-:Type: path |
|
632 |
-:Default: None |
|
633 |
-:Ini Section: defaults |
|
634 |
-:Ini Key: fact_path |
|
635 |
-:Environment: :envvar:`ANSIBLE_FACT_PATH` |
|
636 |
- |
|
637 |
-.. _DEFAULT_FILTER_PLUGIN_PATH: |
|
638 |
- |
|
639 |
-DEFAULT_FILTER_PLUGIN_PATH |
|
640 |
- |
|
641 |
-:Description: Colon separated paths in which Ansible will search for Jinja2 Filter Plugins. |
|
642 |
-:Type: pathspec |
|
643 |
-:Default: ~/.ansible/plugins/filter:/usr/share/ansible/plugins/filter |
|
644 |
-:Ini Section: defaults |
|
645 |
-:Ini Key: filter_plugins |
|
646 |
-:Environment: :envvar:`ANSIBLE_FILTER_PLUGINS` |
|
647 |
- |
|
648 |
-.. _DEFAULT_FORCE_HANDLERS: |
|
649 |
- |
|
650 |
-DEFAULT_FORCE_HANDLERS |
|
651 |
- |
|
652 |
-:Description: This option controls if notified handlers run on a host even if a failure occurs on that host. When false, the handlers will not run if a failure has occurred on a host. This can also be set per play or on the command line. See Handlers and Failure for more details. |
|
653 |
-:Type: boolean |
|
654 |
-:Default: False |
|
655 |
-:Version Added: 1.9.1 |
|
656 |
-:Ini Section: defaults |
|
657 |
-:Ini Key: force_handlers |
|
658 |
-:Environment: :envvar:`ANSIBLE_FORCE_HANDLERS` |
|
659 |
- |
|
660 |
-.. _DEFAULT_FORKS: |
|
661 |
- |
|
662 |
-DEFAULT_FORKS |
|
663 |
- |
|
664 |
-:Description: Maximum number of forks Ansible will use to execute tasks on target hosts. |
|
665 |
-:Type: integer |
|
666 |
-:Default: 5 |
|
667 |
-:Ini Section: defaults |
|
668 |
-:Ini Key: forks |
|
669 |
-:Environment: :envvar:`ANSIBLE_FORKS` |
|
670 |
- |
|
671 |
-.. _DEFAULT_GATHER_SUBSET: |
|
672 |
- |
|
673 |
-DEFAULT_GATHER_SUBSET |
|
674 |
- |
|
675 |
-:Description: Set the `gather_subset` option for the M(setup) task in the implicit fact gathering. See the module documentation for specifics. It does **not** apply to user defined M(setup) tasks. |
|
676 |
-:Default: all |
|
677 |
-:Version Added: 2.1 |
|
678 |
-:Ini Section: defaults |
|
679 |
-:Ini Key: gather_subset |
|
680 |
-:Environment: :envvar:`ANSIBLE_GATHER_SUBSET` |
|
681 |
- |
|
682 |
-.. _DEFAULT_GATHER_TIMEOUT: |
|
683 |
- |
|
684 |
-DEFAULT_GATHER_TIMEOUT |
|
685 |
- |
|
686 |
-:Description: Set the timeout in seconds for the implicit fact gathering. It does **not** apply to user defined M(setup) tasks. |
|
687 |
-:Type: integer |
|
688 |
-:Default: 10 |
|
689 |
-:Ini Section: defaults |
|
690 |
-:Ini Key: gather_timeout |
|
691 |
-:Environment: :envvar:`ANSIBLE_GATHER_TIMEOUT` |
|
692 |
- |
|
693 |
-.. _DEFAULT_GATHERING: |
|
694 |
- |
|
695 |
-DEFAULT_GATHERING |
|
696 |
- |
|
697 |
-:Description: This setting controls the default policy of fact gathering (facts discovered about remote systems). When 'implicit' (the default), the cache plugin will be ignored and facts will be gathered per play unless 'gather_facts: False' is set. When 'explicit' the inverse is true, facts will not be gathered unless directly requested in the play. The 'smart' value means each new host that has no facts discovered will be scanned, but if the same host is addressed in multiple plays it will not be contacted again in the playbook run. This option can be useful for those wishing to save fact gathering time. Both 'smart' and 'explicit' will use the cache plugin. |
|
698 |
-:Default: implicit |
|
699 |
-:Version Added: 1.6 |
|
700 |
-:Ini Section: defaults |
|
701 |
-:Ini Key: gathering |
|
702 |
-:Environment: :envvar:`ANSIBLE_GATHERING` |
|
703 |
- |
|
704 |
-.. _DEFAULT_HANDLER_INCLUDES_STATIC: |
|
705 |
- |
|
706 |
-DEFAULT_HANDLER_INCLUDES_STATIC |
|
707 |
- |
|
708 |
-:Description: Since 2.0 M(include) can be 'dynamic', this setting (if True) forces that if the include appears in a ``handlers`` section to be 'static'. |
|
709 |
-:Type: boolean |
|
710 |
-:Default: False |
|
711 |
-:Ini Section: defaults |
|
712 |
-:Ini Key: handler_includes_static |
|
713 |
-:Environment: :envvar:`ANSIBLE_HANDLER_INCLUDES_STATIC` |
|
714 |
-:Deprecated in: 2.8 |
|
715 |
-:Deprecated detail: include itself is deprecated and this setting will not matter in the future |
|
716 |
-:Deprecated alternatives: none as its already built into the decision between include_tasks and import_tasks |
|
717 |
- |
|
718 |
-.. _DEFAULT_HASH_BEHAVIOUR: |
|
719 |
- |
|
720 |
-DEFAULT_HASH_BEHAVIOUR |
|
721 |
- |
|
722 |
-:Description: This setting controls how variables merge in Ansible. By default Ansible will override variables in specific precedence orders, as described in Variables. When a variable of higher precedence wins, it will replace the other value. Some users prefer that variables that are hashes (aka 'dictionaries' in Python terms) are merged. This setting is called 'merge'. This is not the default behavior and it does not affect variables whose values are scalars (integers, strings) or arrays. We generally recommend not using this setting unless you think you have an absolute need for it, and playbooks in the official examples repos do not use this setting In version 2.0 a ``combine`` filter was added to allow doing this for a particular variable (described in Filters). |
|
723 |
-:Type: string |
|
724 |
-:Default: replace |
|
725 |
-:Ini Section: defaults |
|
726 |
-:Ini Key: hash_behaviour |
|
727 |
-:Environment: :envvar:`ANSIBLE_HASH_BEHAVIOUR` |
|
728 |
- |
|
729 |
-.. _DEFAULT_HOST_LIST: |
|
730 |
- |
|
731 |
-DEFAULT_HOST_LIST |
|
732 |
- |
|
733 |
-:Description: Colon separated list of Ansible inventory sources |
|
734 |
-:Type: pathlist |
|
735 |
-:Default: /etc/ansible/hosts |
|
736 |
-:Ini Section: defaults |
|
737 |
-:Ini Key: hostfile |
|
738 |
-:Ini Section: defaults |
|
739 |
-:Ini Key: inventory |
|
740 |
-:Environment: :envvar:`ANSIBLE_HOSTS` |
|
741 |
-:Environment: :envvar:`ANSIBLE_INVENTORY` |
|
742 |
- |
|
743 |
-.. _DEFAULT_INTERNAL_POLL_INTERVAL: |
|
744 |
- |
|
745 |
-DEFAULT_INTERNAL_POLL_INTERVAL |
|
746 |
- |
|
747 |
-:Description: This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios, when UI responsiveness is not required but CPU usage might be a concern. The default corresponds to the value hardcoded in Ansible <= 2.1 |
|
748 |
-:Type: float |
|
749 |
-:Default: 0.001 |
|
750 |
-:Version Added: 2.2 |
|
751 |
-:Ini Section: defaults |
|
752 |
-:Ini Key: internal_poll_interval |
|
753 |
- |
|
754 |
-.. _DEFAULT_INVENTORY_PLUGIN_PATH: |
|
755 |
- |
|
756 |
-DEFAULT_INVENTORY_PLUGIN_PATH |
|
757 |
- |
|
758 |
-:Description: Colon separated paths in which Ansible will search for Inventory Plugins. |
|
759 |
-:Type: pathspec |
|
760 |
-:Default: ~/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory |
|
761 |
-:Ini Section: defaults |
|
762 |
-:Ini Key: inventory_plugins |
|
763 |
-:Environment: :envvar:`ANSIBLE_INVENTORY_PLUGINS` |
|
764 |
- |
|
765 |
-.. _DEFAULT_JINJA2_EXTENSIONS: |
|
766 |
- |
|
767 |
-DEFAULT_JINJA2_EXTENSIONS |
|
768 |
- |
|
769 |
-:Description: This is a developer-specific feature that allows enabling additional Jinja2 extensions. See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) |
|
770 |
-:Default: [] |
|
771 |
-:Ini Section: defaults |
|
772 |
-:Ini Key: jinja2_extensions |
|
773 |
-:Environment: :envvar:`ANSIBLE_JINJA2_EXTENSIONS` |
|
774 |
- |
|
775 |
-.. _DEFAULT_KEEP_REMOTE_FILES: |
|
776 |
- |
|
777 |
-DEFAULT_KEEP_REMOTE_FILES |
|
778 |
- |
|
779 |
-:Description: Enables/disables the cleaning up of the temporary files Ansible used to execute the tasks on the remote. |
|
780 |
-:Type: boolean |
|
781 |
-:Default: False |
|
782 |
-:Ini Section: defaults |
|
783 |
-:Ini Key: keep_remote_files |
|
784 |
-:Environment: :envvar:`ANSIBLE_KEEP_REMOTE_FILES` |
|
785 |
- |
|
786 |
-.. _DEFAULT_LIBVIRT_LXC_NOSECLABEL: |
|
787 |
- |
|
788 |
-DEFAULT_LIBVIRT_LXC_NOSECLABEL |
|
789 |
- |
|
790 |
-:Description: This setting causes libvirt to connect to lxc containers by passing --noseclabel to virsh. This is necessary when running on systems which do not have SELinux. |
|
791 |
-:Type: boolean |
|
792 |
-:Default: False |
|
793 |
-:Version Added: 2.1 |
|
794 |
-:Ini Section: selinux |
|
795 |
-:Ini Key: libvirt_lxc_noseclabel |
|
796 |
-:Environment: :envvar:`LIBVIRT_LXC_NOSECLABEL` |
|
797 |
- |
|
798 |
-.. _DEFAULT_LOAD_CALLBACK_PLUGINS: |
|
799 |
- |
|
800 |
-DEFAULT_LOAD_CALLBACK_PLUGINS |
|
801 |
- |
|
802 |
-:Description: Controls whether callback plugins are loaded when running /usr/bin/ansible. This may be used to log activity from the command line, send notifications, and so on. Callback plugins are always loaded for ``ansible-playbook``. |
|
803 |
-:Type: boolean |
|
804 |
-:Default: False |
|
805 |
-:Version Added: 1.8 |
|
806 |
-:Ini Section: defaults |
|
807 |
-:Ini Key: bin_ansible_callbacks |
|
808 |
-:Environment: :envvar:`ANSIBLE_LOAD_CALLBACK_PLUGINS` |
|
809 |
- |
|
810 |
-.. _DEFAULT_LOCAL_TMP: |
|
811 |
- |
|
812 |
-DEFAULT_LOCAL_TMP |
|
813 |
- |
|
814 |
-:Description: Temporary directory for Ansible to use on the controller. |
|
815 |
-:Type: tmppath |
|
816 |
-:Default: ~/.ansible/tmp |
|
817 |
-:Ini Section: defaults |
|
818 |
-:Ini Key: local_tmp |
|
819 |
-:Environment: :envvar:`ANSIBLE_LOCAL_TEMP` |
|
820 |
- |
|
821 |
-.. _DEFAULT_LOG_PATH: |
|
822 |
- |
|
823 |
-DEFAULT_LOG_PATH |
|
824 |
- |
|
825 |
-:Description: File to which Ansible will log on the controller. When empty logging is disabled. |
|
826 |
-:Type: path |
|
827 |
-:Default: |
|
828 |
-:Ini Section: defaults |
|
829 |
-:Ini Key: log_path |
|
830 |
-:Environment: :envvar:`ANSIBLE_LOG_PATH` |
|
831 |
- |
|
832 |
-.. _DEFAULT_LOOKUP_PLUGIN_PATH: |
|
833 |
- |
|
834 |
-DEFAULT_LOOKUP_PLUGIN_PATH |
|
835 |
- |
|
836 |
-:Description: Colon separated paths in which Ansible will search for Lookup Plugins. |
|
837 |
-:Type: pathspec |
|
838 |
-:Default: ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup |
|
839 |
-:Ini Section: defaults |
|
840 |
-:Ini Key: lookup_plugins |
|
841 |
-:Environment: :envvar:`ANSIBLE_LOOKUP_PLUGINS` |
|
842 |
- |
|
843 |
-.. _DEFAULT_MANAGED_STR: |
|
844 |
- |
|
845 |
-DEFAULT_MANAGED_STR |
|
846 |
- |
|
847 |
-:Description: Sets the macro for the 'ansible_managed' variable available for M(template) tasks. |
|
848 |
-:Default: Ansible managed |
|
849 |
-:Ini Section: defaults |
|
850 |
-:Ini Key: ansible_managed |
|
851 |
- |
|
852 |
-.. _DEFAULT_MODULE_ARGS: |
|
853 |
- |
|
854 |
-DEFAULT_MODULE_ARGS |
|
855 |
- |
|
856 |
-:Description: This sets the default arguments to pass to the ``ansible`` adhoc binary if no ``-a`` is specified. |
|
857 |
-:Default: |
|
858 |
-:Ini Section: defaults |
|
859 |
-:Ini Key: module_args |
|
860 |
-:Environment: :envvar:`ANSIBLE_MODULE_ARGS` |
|
861 |
- |
|
862 |
-.. _DEFAULT_MODULE_COMPRESSION: |
|
863 |
- |
|
864 |
-DEFAULT_MODULE_COMPRESSION |
|
865 |
- |
|
866 |
-:Description: Compression scheme to use when transfering Python modules to the target. |
|
867 |
-:Default: ZIP_DEFLATED |
|
868 |
-:Ini Section: defaults |
|
869 |
-:Ini Key: module_compression |
|
870 |
- |
|
871 |
-.. _DEFAULT_MODULE_LANG: |
|
872 |
- |
|
873 |
-DEFAULT_MODULE_LANG |
|
874 |
- |
|
875 |
-:Description: Language locale setting to use for modules when they execute on the target. If empty it tries to set itself to the LANG environment variable on the controller. This is only used if DEFAULT_MODULE_SET_LOCALE is set to true |
|
876 |
-:Default: {{ CONTROLLER_LANG }} |
|
877 |
-:Ini Section: defaults |
|
878 |
-:Ini Key: module_lang |
|
879 |
-:Environment: :envvar:`ANSIBLE_MODULE_LANG` |
|
880 |
-:Deprecated in: 2.9 |
|
881 |
-:Deprecated detail: Modules are coded to set their own locale if needed for screenscraping |
|
882 |
-:Deprecated alternatives: |
|
883 |
- |
|
884 |
-.. _DEFAULT_MODULE_NAME: |
|
885 |
- |
|
886 |
-DEFAULT_MODULE_NAME |
|
887 |
- |
|
888 |
-:Description: Module to use with the ``ansible`` AdHoc command, if none is specified via ``-m``. |
|
889 |
-:Default: command |
|
890 |
-:Ini Section: defaults |
|
891 |
-:Ini Key: module_name |
|
892 |
- |
|
893 |
-.. _DEFAULT_MODULE_PATH: |
|
894 |
- |
|
895 |
-DEFAULT_MODULE_PATH |
|
896 |
- |
|
897 |
-:Description: Colon separated paths in which Ansible will search for Modules. |
|
898 |
-:Type: pathspec |
|
899 |
-:Default: ~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules |
|
900 |
-:Ini Section: defaults |
|
901 |
-:Ini Key: library |
|
902 |
-:Environment: :envvar:`ANSIBLE_LIBRARY` |
|
903 |
- |
|
904 |
-.. _DEFAULT_MODULE_SET_LOCALE: |
|
905 |
- |
|
906 |
-DEFAULT_MODULE_SET_LOCALE |
|
907 |
- |
|
908 |
-:Description: Controls if we set locale for modules when executing on the target. |
|
909 |
-:Type: boolean |
|
910 |
-:Default: False |
|
911 |
-:Ini Section: defaults |
|
912 |
-:Ini Key: module_set_locale |
|
913 |
-:Environment: :envvar:`ANSIBLE_MODULE_SET_LOCALE` |
|
914 |
-:Deprecated in: 2.9 |
|
915 |
-:Deprecated detail: Modules are coded to set their own locale if needed for screenscraping |
|
916 |
-:Deprecated alternatives: |
|
917 |
- |
|
918 |
-.. _DEFAULT_MODULE_UTILS_PATH: |
|
919 |
- |
|
920 |
-DEFAULT_MODULE_UTILS_PATH |
|
921 |
- |
|
922 |
-:Description: Colon separated paths in which Ansible will search for Module utils files, which are shared by modules. |
|
923 |
-:Type: pathspec |
|
924 |
-:Default: ~/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils |
|
925 |
-:Ini Section: defaults |
|
926 |
-:Ini Key: module_utils |
|
927 |
-:Environment: :envvar:`ANSIBLE_MODULE_UTILS` |
|
928 |
- |
|
929 |
-.. _DEFAULT_NO_LOG: |
|
930 |
- |
|
931 |
-DEFAULT_NO_LOG |
|
932 |
- |
|
933 |
-:Description: Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. |
|
934 |
-:Type: boolean |
|
935 |
-:Default: False |
|
936 |
-:Ini Section: defaults |
|
937 |
-:Ini Key: no_log |
|
938 |
-:Environment: :envvar:`ANSIBLE_NO_LOG` |
|
939 |
- |
|
940 |
-.. _DEFAULT_NO_TARGET_SYSLOG: |
|
941 |
- |
|
942 |
-DEFAULT_NO_TARGET_SYSLOG |
|
943 |
- |
|
944 |
-:Description: Toggle Ansible logging to syslog on the target when it executes tasks. |
|
945 |
-:Type: boolean |
|
946 |
-:Default: False |
|
947 |
-:Ini Section: defaults |
|
948 |
-:Ini Key: no_target_syslog |
|
949 |
-:Environment: :envvar:`ANSIBLE_NO_TARGET_SYSLOG` |
|
950 |
- |
|
951 |
-.. _DEFAULT_NULL_REPRESENTATION: |
|
952 |
- |
|
953 |
-DEFAULT_NULL_REPRESENTATION |
|
954 |
- |
|
955 |
-:Description: What templating should return as a 'null' value. When not set it will let Jinja2 decide. |
|
956 |
-:Type: none |
|
957 |
-:Default: None |
|
958 |
-:Ini Section: defaults |
|
959 |
-:Ini Key: null_representation |
|
960 |
-:Environment: :envvar:`ANSIBLE_NULL_REPRESENTATION` |
|
961 |
- |
|
962 |
-.. _DEFAULT_POLL_INTERVAL: |
|
963 |
- |
|
964 |
-DEFAULT_POLL_INTERVAL |
|
965 |
- |
|
966 |
-:Description: For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how often to check back on the status of those tasks when an explicit poll interval is not supplied. The default is a reasonably moderate 15 seconds which is a tradeoff between checking in frequently and providing a quick turnaround when something may have completed. |
|
967 |
-:Type: integer |
|
968 |
-:Default: 15 |
|
969 |
-:Ini Section: defaults |
|
970 |
-:Ini Key: poll_interval |
|
971 |
-:Environment: :envvar:`ANSIBLE_POLL_INTERVAL` |
|
972 |
- |
|
973 |
-.. _DEFAULT_PRIVATE_KEY_FILE: |
|
974 |
- |
|
975 |
-DEFAULT_PRIVATE_KEY_FILE |
|
976 |
- |
|
977 |
-:Description: Option for connections using a certificate or key file to authenticate, rather than an agent or passwords, you can set the default value here to avoid re-specifying --private-key with every invocation. |
|
978 |
-:Type: path |
|
979 |
-:Default: None |
|
980 |
-:Ini Section: defaults |
|
981 |
-:Ini Key: private_key_file |
|
982 |
-:Environment: :envvar:`ANSIBLE_PRIVATE_KEY_FILE` |
|
983 |
- |
|
984 |
-.. _DEFAULT_PRIVATE_ROLE_VARS: |
|
985 |
- |
|
986 |
-DEFAULT_PRIVATE_ROLE_VARS |
|
987 |
- |
|
988 |
-:Type: boolean |
|
989 |
-:Default: False |
|
990 |
-:Ini Section: defaults |
|
991 |
-:Ini Key: private_role_vars |
|
992 |
-:Environment: :envvar:`ANSIBLE_PRIVATE_ROLE_VARS` |
|
993 |
- |
|
994 |
-.. _DEFAULT_REMOTE_PORT: |
|
995 |
- |
|
996 |
-DEFAULT_REMOTE_PORT |
|
997 |
- |
|
998 |
-:Description: Port to use in remote connections, when blank it will use the connection plugin default. |
|
999 |
-:Type: integer |
|
1000 |
-:Default: None |
|
1001 |
-:Ini Section: defaults |
|
1002 |
-:Ini Key: remote_port |
|
1003 |
-:Environment: :envvar:`ANSIBLE_REMOTE_PORT` |
|
1004 |
- |
|
1005 |
-.. _DEFAULT_REMOTE_USER: |
|
1006 |
- |
|
1007 |
-DEFAULT_REMOTE_USER |
|
1008 |
- |
|
1009 |
-:Description: Sets the login user for the target machines When blank it uses the connection plugin's default, normally the user currently executing Ansible. |
|
1010 |
-:Default: None |
|
1011 |
-:Ini Section: defaults |
|
1012 |
-:Ini Key: remote_user |
|
1013 |
-:Environment: :envvar:`ANSIBLE_REMOTE_USER` |
|
1014 |
- |
|
1015 |
-.. _DEFAULT_ROLES_PATH: |
|
1016 |
- |
|
1017 |
-DEFAULT_ROLES_PATH |
|
1018 |
- |
|
1019 |
-:Description: Colon separated paths in which Ansible will search for Roles. |
|
1020 |
-:Type: pathspec |
|
1021 |
-:Default: ~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles |
|
1022 |
-:Ini Section: defaults |
|
1023 |
-:Ini Key: roles_path |
|
1024 |
-:Environment: :envvar:`ANSIBLE_ROLES_PATH` |
|
1025 |
- |
|
1026 |
-.. _DEFAULT_SCP_IF_SSH: |
|
1027 |
- |
|
1028 |
-DEFAULT_SCP_IF_SSH |
|
1029 |
- |
|
1030 |
-:Description: Prefered method to use when transfering files over ssh When set to smart, Ansible will try them until one succeeds or they all fail If set to True, it will force 'scp', if False it will use 'sftp' |
|
1031 |
-:Default: smart |
|
1032 |
-:Ini Section: ssh_connection |
|
1033 |
-:Ini Key: scp_if_ssh |
|
1034 |
-:Environment: :envvar:`ANSIBLE_SCP_IF_SSH` |
|
1035 |
- |
|
1036 |
-.. _DEFAULT_SELINUX_SPECIAL_FS: |
|
1037 |
- |
|
1038 |
-DEFAULT_SELINUX_SPECIAL_FS |
|
1039 |
- |
|
1040 |
-:Description: Some filesystems do not support safe operations and/or return inconsistent errors, this setting makes Ansible 'tolerate' those in the list w/o causing fatal errors. Data corruption may occur and writes are not always verified when a filesystem is in the list. |
|
1041 |
-:Type: list |
|
1042 |
-:Default: fuse, nfs, vboxsf, ramfs, 9p |
|
1043 |
-:Ini Section: selinux |
|
1044 |
-:Ini Key: special_context_filesystems |
|
1045 |
- |
|
1046 |
-.. _DEFAULT_SFTP_BATCH_MODE: |
|
1047 |
- |
|
1048 |
-DEFAULT_SFTP_BATCH_MODE |
|
1049 |
- |
|
1050 |
-:Type: boolean |
|
1051 |
-:Default: True |
|
1052 |
-:Ini Section: ssh_connection |
|
1053 |
-:Ini Key: sftp_batch_mode |
|
1054 |
-:Environment: :envvar:`ANSIBLE_SFTP_BATCH_MODE` |
|
1055 |
- |
|
1056 |
-.. _DEFAULT_SQUASH_ACTIONS: |
|
1057 |
- |
|
1058 |
-DEFAULT_SQUASH_ACTIONS |
|
1059 |
- |
|
1060 |
-:Description: Ansible can optimise actions that call modules that support list parameters when using ``with_`` looping. Instead of calling the module once for each item, the module is called once with the full list. The default value for this setting is only for certain package managers, but it can be used for any module Currently, this is only supported for modules that have a name or pkg parameter, and only when the item is the only thing being passed to the parameter. |
|
1061 |
-:Type: list |
|
1062 |
-:Default: apk, apt, dnf, homebrew, openbsd_pkg, pacman, pkgng, yum, zypper |
|
1063 |
-:Version Added: 2.0 |
|
1064 |
-:Ini Section: defaults |
|
1065 |
-:Ini Key: squash_actions |
|
1066 |
-:Environment: :envvar:`ANSIBLE_SQUASH_ACTIONS` |
|
1067 |
- |
|
1068 |
-.. _DEFAULT_SSH_TRANSFER_METHOD: |
|
1069 |
- |
|
1070 |
-DEFAULT_SSH_TRANSFER_METHOD |
|
1071 |
- |
|
1072 |
-:Description: unused? |
|
1073 |
-:Default: None |
|
1074 |
-:Ini Section: ssh_connection |
|
1075 |
-:Ini Key: transfer_method |
|
1076 |
-:Environment: :envvar:`ANSIBLE_SSH_TRANSFER_METHOD` |
|
1077 |
- |
|
1078 |
-.. _DEFAULT_STDOUT_CALLBACK: |
|
1079 |
- |
|
1080 |
-DEFAULT_STDOUT_CALLBACK |
|
1081 |
- |
|
1082 |
-:Description: Set the main callback used to display Ansible output, you can only have one at a time. You can have many other callbacks, but just one can be in charge of stdout. |
|
1083 |
-:Default: default |
|
1084 |
-:Ini Section: defaults |
|
1085 |
-:Ini Key: stdout_callback |
|
1086 |
-:Environment: :envvar:`ANSIBLE_STDOUT_CALLBACK` |
|
1087 |
- |
|
1088 |
-.. _DEFAULT_STRATEGY: |
|
1089 |
- |
|
1090 |
-DEFAULT_STRATEGY |
|
1091 |
- |
|
1092 |
-:Description: Set the default strategy used for plays. |
|
1093 |
-:Default: linear |
|
1094 |
-:Version Added: 2.3 |
|
1095 |
-:Ini Section: defaults |
|
1096 |
-:Ini Key: strategy |
|
1097 |
-:Environment: :envvar:`ANSIBLE_STRATEGY` |
|
1098 |
- |
|
1099 |
-.. _DEFAULT_STRATEGY_PLUGIN_PATH: |
|
1100 |
- |
|
1101 |
-DEFAULT_STRATEGY_PLUGIN_PATH |
|
1102 |
- |
|
1103 |
-:Description: Colon separated paths in which Ansible will search for Strategy Plugins. |
|
1104 |
-:Type: pathspec |
|
1105 |
-:Default: ~/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy |
|
1106 |
-:Ini Section: defaults |
|
1107 |
-:Ini Key: strategy_plugins |
|
1108 |
-:Environment: :envvar:`ANSIBLE_STRATEGY_PLUGINS` |
|
1109 |
- |
|
1110 |
-.. _DEFAULT_SU: |
|
1111 |
- |
|
1112 |
-DEFAULT_SU |
|
1113 |
- |
|
1114 |
-:Description: Toggle the use of "su" for tasks. |
|
1115 |
-:Type: boolean |
|
1116 |
-:Default: False |
|
1117 |
-:Ini Section: defaults |
|
1118 |
-:Ini Key: su |
|
1119 |
-:Environment: :envvar:`ANSIBLE_SU` |
|
1120 |
- |
|
1121 |
-.. _DEFAULT_SU_EXE: |
|
1122 |
- |
|
1123 |
-DEFAULT_SU_EXE |
|
1124 |
- |
|
1125 |
-:Description: specify an "su" executable, otherwise it relies on PATH. |
|
1126 |
-:Default: su |
|
1127 |
-:Ini Section: defaults |
|
1128 |
-:Ini Key: su_exe |
|
1129 |
-:Environment: :envvar:`ANSIBLE_SU_EXE` |
|
1130 |
-:Deprecated in: 2.8 |
|
1131 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1132 |
-:Deprecated alternatives: become |
|
1133 |
- |
|
1134 |
-.. _DEFAULT_SU_FLAGS: |
|
1135 |
- |
|
1136 |
-DEFAULT_SU_FLAGS |
|
1137 |
- |
|
1138 |
-:Description: Flags to pass to su |
|
1139 |
-:Default: |
|
1140 |
-:Ini Section: defaults |
|
1141 |
-:Ini Key: su_flags |
|
1142 |
-:Environment: :envvar:`ANSIBLE_SU_FLAGS` |
|
1143 |
-:Deprecated in: 2.8 |
|
1144 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1145 |
-:Deprecated alternatives: become |
|
1146 |
- |
|
1147 |
-.. _DEFAULT_SU_USER: |
|
1148 |
- |
|
1149 |
-DEFAULT_SU_USER |
|
1150 |
- |
|
1151 |
-:Description: User you become when using "su", leaving it blank will use the default configured on the target (normally root) |
|
1152 |
-:Default: None |
|
1153 |
-:Ini Section: defaults |
|
1154 |
-:Ini Key: su_user |
|
1155 |
-:Environment: :envvar:`ANSIBLE_SU_USER` |
|
1156 |
-:Deprecated in: 2.8 |
|
1157 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1158 |
-:Deprecated alternatives: become |
|
1159 |
- |
|
1160 |
-.. _DEFAULT_SUDO: |
|
1161 |
- |
|
1162 |
-DEFAULT_SUDO |
|
1163 |
- |
|
1164 |
-:Description: Toggle the use of "sudo" for tasks. |
|
1165 |
-:Type: boolean |
|
1166 |
-:Default: False |
|
1167 |
-:Ini Section: defaults |
|
1168 |
-:Ini Key: sudo |
|
1169 |
-:Environment: :envvar:`ANSIBLE_SUDO` |
|
1170 |
-:Deprecated in: 2.8 |
|
1171 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1172 |
-:Deprecated alternatives: become |
|
1173 |
- |
|
1174 |
-.. _DEFAULT_SUDO_EXE: |
|
1175 |
- |
|
1176 |
-DEFAULT_SUDO_EXE |
|
1177 |
- |
|
1178 |
-:Description: specify an "sudo" executable, otherwise it relies on PATH. |
|
1179 |
-:Default: sudo |
|
1180 |
-:Ini Section: defaults |
|
1181 |
-:Ini Key: sudo_exe |
|
1182 |
-:Environment: :envvar:`ANSIBLE_SUDO_EXE` |
|
1183 |
-:Deprecated in: 2.8 |
|
1184 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1185 |
-:Deprecated alternatives: become |
|
1186 |
- |
|
1187 |
-.. _DEFAULT_SUDO_FLAGS: |
|
1188 |
- |
|
1189 |
-DEFAULT_SUDO_FLAGS |
|
1190 |
- |
|
1191 |
-:Description: Flags to pass to "sudo" |
|
1192 |
-:Default: -H -S -n |
|
1193 |
-:Ini Section: defaults |
|
1194 |
-:Ini Key: sudo_flags |
|
1195 |
-:Environment: :envvar:`ANSIBLE_SUDO_FLAGS` |
|
1196 |
-:Deprecated in: 2.8 |
|
1197 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1198 |
-:Deprecated alternatives: become |
|
1199 |
- |
|
1200 |
-.. _DEFAULT_SUDO_USER: |
|
1201 |
- |
|
1202 |
-DEFAULT_SUDO_USER |
|
1203 |
- |
|
1204 |
-:Description: User you become when using "sudo", leaving it blank will use the default configured on the target (normally root) |
|
1205 |
-:Default: None |
|
1206 |
-:Ini Section: defaults |
|
1207 |
-:Ini Key: sudo_user |
|
1208 |
-:Environment: :envvar:`ANSIBLE_SUDO_USER` |
|
1209 |
-:Deprecated in: 2.8 |
|
1210 |
-:Deprecated detail: In favor of become which is a generic framework |
|
1211 |
-:Deprecated alternatives: become |
|
1212 |
- |
|
1213 |
-.. _DEFAULT_SYSLOG_FACILITY: |
|
1214 |
- |
|
1215 |
-DEFAULT_SYSLOG_FACILITY |
|
1216 |
- |
|
1217 |
-:Description: Syslog facility to use when Ansible logs to the remote target |
|
1218 |
-:Default: LOG_USER |
|
1219 |
-:Ini Section: defaults |
|
1220 |
-:Ini Key: syslog_facility |
|
1221 |
-:Environment: :envvar:`ANSIBLE_SYSLOG_FACILITY` |
|
1222 |
- |
|
1223 |
-.. _DEFAULT_TASK_INCLUDES_STATIC: |
|
1224 |
- |
|
1225 |
-DEFAULT_TASK_INCLUDES_STATIC |
|
1226 |
- |
|
1227 |
-:Description: The `include` tasks can be static or dynamic, this toggles the default expected behaviour if autodetection fails and it is not explicitly set in task. |
|
1228 |
-:Type: boolean |
|
1229 |
-:Default: False |
|
1230 |
-:Version Added: 2.1 |
|
1231 |
-:Ini Section: defaults |
|
1232 |
-:Ini Key: task_includes_static |
|
1233 |
-:Environment: :envvar:`ANSIBLE_TASK_INCLUDES_STATIC` |
|
1234 |
-:Deprecated in: 2.8 |
|
1235 |
-:Deprecated detail: include itself is deprecated and this setting will not matter in the future |
|
1236 |
-:Deprecated alternatives: None, as its already built into the decision between include_tasks and import_tasks |
|
1237 |
- |
|
1238 |
-.. _DEFAULT_TEST_PLUGIN_PATH: |
|
1239 |
- |
|
1240 |
-DEFAULT_TEST_PLUGIN_PATH |
|
1241 |
- |
|
1242 |
-:Description: Colon separated paths in which Ansible will search for Jinja2 Test Plugins. |
|
1243 |
-:Type: pathspec |
|
1244 |
-:Default: ~/.ansible/plugins/test:/usr/share/ansible/plugins/test |
|
1245 |
-:Ini Section: defaults |
|
1246 |
-:Ini Key: test_plugins |
|
1247 |
-:Environment: :envvar:`ANSIBLE_TEST_PLUGINS` |
|
1248 |
- |
|
1249 |
-.. _DEFAULT_TIMEOUT: |
|
1250 |
- |
|
1251 |
-DEFAULT_TIMEOUT |
|
1252 |
- |
|
1253 |
-:Description: This is the default timeout for connection plugins to use. |
|
1254 |
-:Type: integer |
|
1255 |
-:Default: 10 |
|
1256 |
-:Ini Section: defaults |
|
1257 |
-:Ini Key: timeout |
|
1258 |
-:Environment: :envvar:`ANSIBLE_TIMEOUT` |
|
1259 |
- |
|
1260 |
-.. _DEFAULT_TRANSPORT: |
|
1261 |
- |
|
1262 |
-DEFAULT_TRANSPORT |
|
1263 |
- |
|
1264 |
-:Description: Default connection plugin to use, the 'smart' option will toggle between 'ssh' and 'paramiko' depending on controller OS and ssh versions |
|
1265 |
-:Default: smart |
|
1266 |
-:Ini Section: defaults |
|
1267 |
-:Ini Key: transport |
|
1268 |
-:Environment: :envvar:`ANSIBLE_TRANSPORT` |
|
1269 |
- |
|
1270 |
-.. _DEFAULT_UNDEFINED_VAR_BEHAVIOR: |
|
1271 |
- |
|
1272 |
-DEFAULT_UNDEFINED_VAR_BEHAVIOR |
|
1273 |
- |
|
1274 |
-:Description: When True, this causes ansible templating to fail steps that reference variable names that are likely typoed. Otherwise, any '{{ template_expression }}' that contains undefined variables will be rendered in a template or ansible action line exactly as written. |
|
1275 |
-:Type: boolean |
|
1276 |
-:Default: True |
|
1277 |
-:Version Added: 1.3 |
|
1278 |
-:Ini Section: defaults |
|
1279 |
-:Ini Key: error_on_undefined_vars |
|
1280 |
-:Environment: :envvar:`ANSIBLE_ERROR_ON_UNDEFINED_VARS` |
|
1281 |
- |
|
1282 |
-.. _DEFAULT_VARS_PLUGIN_PATH: |
|
1283 |
- |
|
1284 |
-DEFAULT_VARS_PLUGIN_PATH |
|
1285 |
- |
|
1286 |
-:Description: Colon separated paths in which Ansible will search for Vars Plugins. |
|
1287 |
-:Type: pathspec |
|
1288 |
-:Default: ~/.ansible/plugins/vars:/usr/share/ansible/plugins/vars |
|
1289 |
-:Ini Section: defaults |
|
1290 |
-:Ini Key: vars_plugins |
|
1291 |
-:Environment: :envvar:`ANSIBLE_VARS_PLUGINS` |
|
1292 |
- |
|
1293 |
-.. _DEFAULT_VAULT_ENCRYPT_IDENTITY: |
|
1294 |
- |
|
1295 |
-DEFAULT_VAULT_ENCRYPT_IDENTITY |
|
1296 |
- |
|
1297 |
-:Description: The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The --encrypt-vault-id cli option overrides the configured value. |
|
1298 |
-:Default: None |
|
1299 |
-:Ini Section: defaults |
|
1300 |
-:Ini Key: vault_encrypt_identity |
|
1301 |
-:Environment: :envvar:`ANSIBLE_VAULT_ENCRYPT_IDENTITY` |
|
1302 |
- |
|
1303 |
-.. _DEFAULT_VAULT_ID_MATCH: |
|
1304 |
- |
|
1305 |
-DEFAULT_VAULT_ID_MATCH |
|
1306 |
- |
|
1307 |
-:Description: If true, decrypting vaults with a vault id will only try the password from the matching vault-id |
|
1308 |
-:Default: False |
|
1309 |
-:Ini Section: defaults |
|
1310 |
-:Ini Key: vault_id_match |
|
1311 |
-:Environment: :envvar:`ANSIBLE_VAULT_ID_MATCH` |
|
1312 |
- |
|
1313 |
-.. _DEFAULT_VAULT_IDENTITY: |
|
1314 |
- |
|
1315 |
-DEFAULT_VAULT_IDENTITY |
|
1316 |
- |
|
1317 |
-:Description: The label to use for the default vault id label in cases where a vault id label is not provided |
|
1318 |
-:Default: default |
|
1319 |
-:Ini Section: defaults |
|
1320 |
-:Ini Key: vault_identity |
|
1321 |
-:Environment: :envvar:`ANSIBLE_VAULT_IDENTITY` |
|
1322 |
- |
|
1323 |
-.. _DEFAULT_VAULT_IDENTITY_LIST: |
|
1324 |
- |
|
1325 |
-DEFAULT_VAULT_IDENTITY_LIST |
|
1326 |
- |
|
1327 |
-:Description: A list of vault-ids to use by default. Equivalent to multiple --vault-id args. Vault-ids are tried in order. |
|
1328 |
-:Type: list |
|
1329 |
-:Default: [] |
|
1330 |
-:Ini Section: defaults |
|
1331 |
-:Ini Key: vault_identity_list |
|
1332 |
-:Environment: :envvar:`ANSIBLE_VAULT_IDENTITY_LIST` |
|
1333 |
- |
|
1334 |
-.. _DEFAULT_VAULT_PASSWORD_FILE: |
|
1335 |
- |
|
1336 |
-DEFAULT_VAULT_PASSWORD_FILE |
|
1337 |
- |
|
1338 |
-:Description: The vault password file to use. Equivalent to --vault-password-file or --vault-id |
|
1339 |
-:Type: path |
|
1340 |
-:Default: None |
|
1341 |
-:Ini Section: defaults |
|
1342 |
-:Ini Key: vault_password_file |
|
1343 |
-:Environment: :envvar:`ANSIBLE_VAULT_PASSWORD_FILE` |
|
1344 |
- |
|
1345 |
-.. _DEFAULT_VERBOSITY: |
|
1346 |
- |
|
1347 |
-DEFAULT_VERBOSITY |
|
1348 |
- |
|
1349 |
-:Description: Sets the default verbosity, equivalent to the number of ``-v`` passed in the command line. |
|
1350 |
-:Type: integer |
|
1351 |
-:Default: 0 |
|
1352 |
-:Ini Section: defaults |
|
1353 |
-:Ini Key: verbosity |
|
1354 |
-:Environment: :envvar:`ANSIBLE_VERBOSITY` |
|
1355 |
- |
|
1356 |
-.. _DEPRECATION_WARNINGS: |
|
1357 |
- |
|
1358 |
-DEPRECATION_WARNINGS |
|
1359 |
- |
|
1360 |
-:Description: Toggle to control the showing of deprecation warnings |
|
1361 |
-:Type: boolean |
|
1362 |
-:Default: True |
|
1363 |
-:Ini Section: defaults |
|
1364 |
-:Ini Key: deprecation_warnings |
|
1365 |
-:Environment: :envvar:`ANSIBLE_DEPRECATION_WARNINGS` |
|
1366 |
- |
|
1367 |
-.. _DIFF_ALWAYS: |
|
1368 |
- |
|
1369 |
-DIFF_ALWAYS |
|
1370 |
- |
|
1371 |
-:Description: Configuration toggle to tell modules to show differences when in 'changed' status, equivalent to ``--diff``. |
|
1372 |
-:Type: bool |
|
1373 |
-:Default: False |
|
1374 |
-:Ini Section: diff |
|
1375 |
-:Ini Key: always |
|
1376 |
-:Environment: :envvar:`ANSIBLE_DIFF_ALWAYS` |
|
1377 |
- |
|
1378 |
-.. _DIFF_CONTEXT: |
|
1379 |
- |
|
1380 |
-DIFF_CONTEXT |
|
1381 |
- |
|
1382 |
-:Description: How many lines of context to show when displaying the differences between files. |
|
1383 |
-:Type: integer |
|
1384 |
-:Default: 3 |
|
1385 |
-:Ini Section: diff |
|
1386 |
-:Ini Key: context |
|
1387 |
-:Environment: :envvar:`ANSIBLE_DIFF_CONTEXT` |
|
1388 |
- |
|
1389 |
-.. _DISPLAY_ARGS_TO_STDOUT: |
|
1390 |
- |
|
1391 |
-DISPLAY_ARGS_TO_STDOUT |
|
1392 |
- |
|
1393 |
-:Description: Normally ``ansible-playbook`` will print a header for each task that is run. These headers will contain the name: field from the task if you specified one. If you didn't then ``ansible-playbook`` uses the task's action to help you tell which task is presently running. Sometimes you run many of the same action and so you want more information about the task to differentiate it from others of the same action. If you set this variable to True in the config then ``ansible-playbook`` will also include the task's arguments in the header. This setting defaults to False because there is a chance that you have sensitive values in your parameters and you do not want those to be printed. If you set this to True you should be sure that you have secured your environment's stdout (no one can shoulder surf your screen and you aren't saving stdout to an insecure file) or made sure that all of your playbooks explicitly added the ``no_log: True`` parameter to tasks which have sensistive values See How do I keep secret data in my playbook? for more information. |
|
1394 |
-:Type: boolean |
|
1395 |
-:Default: False |
|
1396 |
-:Version Added: 2.1 |
|
1397 |
-:Ini Section: defaults |
|
1398 |
-:Ini Key: display_args_to_stdout |
|
1399 |
-:Environment: :envvar:`ANSIBLE_DISPLAY_ARGS_TO_STDOUT` |
|
1400 |
- |
|
1401 |
-.. _DISPLAY_SKIPPED_HOSTS: |
|
1402 |
- |
|
1403 |
-DISPLAY_SKIPPED_HOSTS |
|
1404 |
- |
|
1405 |
-:Description: Toggle to control displaying skipped task/host entries in a task in the default callback |
|
1406 |
-:Type: boolean |
|
1407 |
-:Default: True |
|
1408 |
-:Ini Section: defaults |
|
1409 |
-:Ini Key: display_skipped_hosts |
|
1410 |
-:Environment: :envvar:`DISPLAY_SKIPPED_HOSTS` |
|
1411 |
- |
|
1412 |
-.. _ENABLE_TASK_DEBUGGER: |
|
1413 |
- |
|
1414 |
-ENABLE_TASK_DEBUGGER |
|
1415 |
- |
|
1416 |
-:Description: Whether or not to enable the task debugger, this previously was done as a strategy plugin. Now all strategy plugins can inherit this behavior. The debugger defaults to activating when a task is failed on unreachable. Use the debugger keyword for more flexibility. |
|
1417 |
-:Type: boolean |
|
1418 |
-:Default: False |
|
1419 |
-:Version Added: 2.5 |
|
1420 |
-:Ini Section: defaults |
|
1421 |
-:Ini Key: enable_task_debugger |
|
1422 |
-:Environment: :envvar:`ANSIBLE_ENABLE_TASK_DEBUGGER` |
|
1423 |
- |
|
1424 |
-.. _ERROR_ON_MISSING_HANDLER: |
|
1425 |
- |
|
1426 |
-ERROR_ON_MISSING_HANDLER |
|
1427 |
- |
|
1428 |
-:Description: Toggle to allow missing handlers to become a warning instead of an error when notifying. |
|
1429 |
-:Type: boolean |
|
1430 |
-:Default: True |
|
1431 |
-:Ini Section: defaults |
|
1432 |
-:Ini Key: error_on_missing_handler |
|
1433 |
-:Environment: :envvar:`ANSIBLE_ERROR_ON_MISSING_HANDLER` |
|
1434 |
- |
|
1435 |
-.. _GALAXY_IGNORE_CERTS: |
|
1436 |
- |
|
1437 |
-GALAXY_IGNORE_CERTS |
|
1438 |
- |
|
1439 |
-:Description: If set to yes, ansible-galaxy will not validate TLS certificates. This can be useful for testing against a server with a self-signed certificate. |
|
1440 |
-:Type: boolean |
|
1441 |
-:Default: False |
|
1442 |
-:Ini Section: galaxy |
|
1443 |
-:Ini Key: ignore_certs |
|
1444 |
-:Environment: :envvar:`ANSIBLE_GALAXY_IGNORE` |
|
1445 |
- |
|
1446 |
-.. _GALAXY_ROLE_SKELETON: |
|
1447 |
- |
|
1448 |
-GALAXY_ROLE_SKELETON |
|
1449 |
- |
|
1450 |
-:Description: Role skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy``, same as ``--role-skeleton``. |
|
1451 |
-:Type: path |
|
1452 |
-:Default: None |
|
1453 |
-:Ini Section: galaxy |
|
1454 |
-:Ini Key: role_skeleton |
|
1455 |
-:Environment: :envvar:`ANSIBLE_GALAXY_ROLE_SKELETON` |
|
1456 |
- |
|
1457 |
-.. _GALAXY_ROLE_SKELETON_IGNORE: |
|
1458 |
- |
|
1459 |
-GALAXY_ROLE_SKELETON_IGNORE |
|
1460 |
- |
|
1461 |
-:Description: patterns of files to ignore inside a galaxy role skeleton directory |
|
1462 |
-:Type: list |
|
1463 |
-:Default: ['^.git$', '^.*/.git_keep$'] |
|
1464 |
-:Ini Section: galaxy |
|
1465 |
-:Ini Key: role_skeleton_ignore |
|
1466 |
-:Environment: :envvar:`ANSIBLE_GALAXY_ROLE_SKELETON_IGNORE` |
|
1467 |
- |
|
1468 |
-.. _GALAXY_SERVER: |
|
1469 |
- |
|
1470 |
-GALAXY_SERVER |
|
1471 |
- |
|
1472 |
-:Description: URL to prepend when roles don't specify the full URI, assume they are referencing this server as the source. |
|
1473 |
-:Default: https://galaxy.ansible.com |
|
1474 |
-:Ini Section: galaxy |
|
1475 |
-:Ini Key: server |
|
1476 |
-:Environment: :envvar:`ANSIBLE_GALAXY_SERVER` |
|
1477 |
- |
|
1478 |
-.. _GALAXY_TOKEN: |
|
1479 |
- |
|
1480 |
-GALAXY_TOKEN |
|
1481 |
- |
|
1482 |
-:Description: GitHub personal access token |
|
1483 |
-:Default: None |
|
1484 |
-:Ini Section: galaxy |
|
1485 |
-:Ini Key: token |
|
1486 |
-:Environment: :envvar:`ANSIBLE_GALAXY_TOKEN` |
|
1487 |
- |
|
1488 |
-.. _HOST_KEY_CHECKING: |
|
1489 |
- |
|
1490 |
-HOST_KEY_CHECKING |
|
1491 |
- |
|
1492 |
-:Description: Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host |
|
1493 |
-:Type: boolean |
|
1494 |
-:Default: True |
|
1495 |
-:Ini Section: defaults |
|
1496 |
-:Ini Key: host_key_checking |
|
1497 |
-:Environment: :envvar:`ANSIBLE_HOST_KEY_CHECKING` |
|
1498 |
- |
|
1499 |
-.. _INJECT_FACTS_AS_VARS: |
|
1500 |
- |
|
1501 |
-INJECT_FACTS_AS_VARS |
|
1502 |
- |
|
1503 |
-:Description: Facts are available inside the `ansible_facts` variable, this setting also pushes them as their own vars in the main namespace. Unlike inside the `ansible_facts` dictionary, these will have an `ansible_` prefix. |
|
1504 |
-:Type: boolean |
|
1505 |
-:Default: True |
|
1506 |
-:Version Added: 2.5 |
|
1507 |
-:Ini Section: defaults |
|
1508 |
-:Ini Key: inject_facts_as_vars |
|
1509 |
-:Environment: :envvar:`ANSIBLE_INJECT_FACT_VARS` |
|
1510 |
- |
|
1511 |
-.. _INVENTORY_ENABLED: |
|
1512 |
- |
|
1513 |
-INVENTORY_ENABLED |
|
1514 |
- |
|
1515 |
-:Description: List of enabled inventory plugins, it also determines the order in which they are used. |
|
1516 |
-:Type: list |
|
1517 |
-:Default: ['host_list', 'script', 'yaml', 'ini', 'auto'] |
|
1518 |
-:Ini Section: inventory |
|
1519 |
-:Ini Key: enable_plugins |
|
1520 |
-:Environment: :envvar:`ANSIBLE_INVENTORY_ENABLED` |
|
1521 |
- |
|
1522 |
-.. _INVENTORY_IGNORE_EXTS: |
|
1523 |
- |
|
1524 |
-INVENTORY_IGNORE_EXTS |
|
1525 |
- |
|
1526 |
-:Description: List of extensions to ignore when using a directory as an inventory source |
|
1527 |
-:Type: list |
|
1528 |
-:Default: {{(BLACKLIST_EXTS + ( '~', '.orig', '.ini', '.cfg', '.retry'))}} |
|
1529 |
-:Ini Section: defaults |
|
1530 |
-:Ini Key: inventory_ignore_extensions |
|
1531 |
-:Ini Section: inventory |
|
1532 |
-:Ini Key: ignore_extensions |
|
1533 |
-:Environment: :envvar:`ANSIBLE_INVENTORY_IGNORE` |
|
1534 |
- |
|
1535 |
-.. _INVENTORY_IGNORE_PATTERNS: |
|
1536 |
- |
|
1537 |
-INVENTORY_IGNORE_PATTERNS |
|
1538 |
- |
|
1539 |
-:Description: List of patterns to ignore when using a directory as an inventory source |
|
1540 |
-:Type: list |
|
1541 |
-:Default: [] |
|
1542 |
-:Ini Section: defaults |
|
1543 |
-:Ini Key: inventory_ignore_patterns |
|
1544 |
-:Ini Section: inventory |
|
1545 |
-:Ini Key: ignore_patterns |
|
1546 |
-:Environment: :envvar:`ANSIBLE_INVENTORY_IGNORE_REGEX` |
|
1547 |
- |
|
1548 |
-.. _INVENTORY_UNPARSED_IS_FAILED: |
|
1549 |
- |
|
1550 |
-INVENTORY_UNPARSED_IS_FAILED |
|
1551 |
- |
|
1552 |
-:Description: If 'true' unparsed inventory sources become fatal errors, they are warnings otherwise. |
|
1553 |
-:Type: bool |
|
1554 |
-:Default: False |
|
1555 |
-:Ini Section: inventory |
|
1556 |
-:Ini Key: unparsed_is_failed |
|
1557 |
-:Environment: :envvar:`ANSIBLE_INVENTORY_UNPARSED_FAILED` |
|
1558 |
- |
|
1559 |
-.. _MAX_FILE_SIZE_FOR_DIFF: |
|
1560 |
- |
|
1561 |
-MAX_FILE_SIZE_FOR_DIFF |
|
1562 |
- |
|
1563 |
-:Description: Maximum size of files to be considered for diff display |
|
1564 |
-:Type: int |
|
1565 |
-:Default: 104448 |
|
1566 |
-:Ini Section: defaults |
|
1567 |
-:Ini Key: max_diff_size |
|
1568 |
-:Environment: :envvar:`ANSIBLE_MAX_DIFF_SIZE` |
|
1569 |
- |
|
1570 |
-.. _MERGE_MULTIPLE_CLI_TAGS: |
|
1571 |
- |
|
1572 |
-MERGE_MULTIPLE_CLI_TAGS |
|
1573 |
- |
|
1574 |
-:Description: This allows changing how multiple --tags and --skip-tags arguments are handled on the command line. In Ansible up to and including 2.3, specifying --tags more than once will only take the last value of --tags. Setting this config value to True will mean that all of the --tags options will be merged together. The same holds true for --skip-tags. |
|
1575 |
-:Type: bool |
|
1576 |
-:Default: True |
|
1577 |
-:Version Added: 2.3 |
|
1578 |
-:Ini Section: defaults |
|
1579 |
-:Ini Key: merge_multiple_cli_tags |
|
1580 |
-:Environment: :envvar:`ANSIBLE_MERGE_MULTIPLE_CLI_TAGS` |
|
1581 |
- |
|
1582 |
-.. _NETWORK_GROUP_MODULES: |
|
1583 |
- |
|
1584 |
-NETWORK_GROUP_MODULES |
|
1585 |
- |
|
1586 |
-:Type: list |
|
1587 |
-:Default: ['eos', 'nxos', 'ios', 'iosxr', 'junos', 'enos', 'ce', 'vyos', 'sros', 'dellos9', 'dellos10', 'dellos6', 'asa', 'aruba', 'aireos', 'bigip', 'ironware', 'onyx'] |
|
1588 |
-:Ini Section: defaults |
|
1589 |
-:Ini Key: network_group_modules |
|
1590 |
-:Environment: :envvar:`NETWORK_GROUP_MODULES` |
|
1591 |
- |
|
1592 |
-.. _PARAMIKO_HOST_KEY_AUTO_ADD: |
|
1593 |
- |
|
1594 |
-PARAMIKO_HOST_KEY_AUTO_ADD |
|
1595 |
- |
|
1596 |
-:Type: boolean |
|
1597 |
-:Default: False |
|
1598 |
-:Ini Section: paramiko_connection |
|
1599 |
-:Ini Key: host_key_auto_add |
|
1600 |
-:Environment: :envvar:`ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD` |
|
1601 |
- |
|
1602 |
-.. _PARAMIKO_LOOK_FOR_KEYS: |
|
1603 |
- |
|
1604 |
-PARAMIKO_LOOK_FOR_KEYS |
|
1605 |
- |
|
1606 |
-:Type: boolean |
|
1607 |
-:Default: True |
|
1608 |
-:Ini Section: paramiko_connection |
|
1609 |
-:Ini Key: look_for_keys |
|
1610 |
-:Environment: :envvar:`ANSIBLE_PARAMIKO_LOOK_FOR_KEYS` |
|
1611 |
- |
|
1612 |
-.. _PERSISTENT_COMMAND_TIMEOUT: |
|
1613 |
- |
|
1614 |
-PERSISTENT_COMMAND_TIMEOUT |
|
1615 |
- |
|
1616 |
-:Description: This controls the amount of time to wait for response from remote device before timing out presistent connection. |
|
1617 |
-:Type: int |
|
1618 |
-:Default: 10 |
|
1619 |
-:Ini Section: persistent_connection |
|
1620 |
-:Ini Key: command_timeout |
|
1621 |
-:Environment: :envvar:`ANSIBLE_PERSISTENT_COMMAND_TIMEOUT` |
|
1622 |
- |
|
1623 |
-.. _PERSISTENT_CONNECT_RETRY_TIMEOUT: |
|
1624 |
- |
|
1625 |
-PERSISTENT_CONNECT_RETRY_TIMEOUT |
|
1626 |
- |
|
1627 |
-:Description: This contorls the retry timeout for presistent connection to connect to the local domain socket. |
|
1628 |
-:Type: integer |
|
1629 |
-:Default: 15 |
|
1630 |
-:Ini Section: persistent_connection |
|
1631 |
-:Ini Key: connect_retry_timeout |
|
1632 |
-:Environment: :envvar:`ANSIBLE_PERSISTENT_CONNECT_RETRY_TIMEOUT` |
|
1633 |
- |
|
1634 |
-.. _PERSISTENT_CONNECT_TIMEOUT: |
|
1635 |
- |
|
1636 |
-PERSISTENT_CONNECT_TIMEOUT |
|
1637 |
- |
|
1638 |
-:Description: This controls how long the persistent connection will remain idle before it is destroyed. |
|
1639 |
-:Type: integer |
|
1640 |
-:Default: 30 |
|
1641 |
-:Ini Section: persistent_connection |
|
1642 |
-:Ini Key: connect_timeout |
|
1643 |
-:Environment: :envvar:`ANSIBLE_PERSISTENT_CONNECT_TIMEOUT` |
|
1644 |
- |
|
1645 |
-.. _PERSISTENT_CONTROL_PATH_DIR: |
|
1646 |
- |
|
1647 |
-PERSISTENT_CONTROL_PATH_DIR |
|
1648 |
- |
|
1649 |
-:Description: Path to socket to be used by the connection persistence system. |
|
1650 |
-:Type: path |
|
1651 |
-:Default: ~/.ansible/pc |
|
1652 |
-:Ini Section: persistent_connection |
|
1653 |
-:Ini Key: control_path_dir |
|
1654 |
-:Environment: :envvar:`ANSIBLE_PERSISTENT_CONTROL_PATH_DIR` |
|
1655 |
- |
|
1656 |
-.. _PLAYBOOK_VARS_ROOT: |
|
1657 |
- |
|
1658 |
-PLAYBOOK_VARS_ROOT |
|
1659 |
- |
|
1660 |
-:Description: This sets which playbook dirs will be used as a root to process vars plugins, which includes finding host_vars/group_vars The ``top`` option follows the traditional behaviour of using the top playbook in the chain to find the root directory. The ``bottom`` option follows the 2.4.0 behaviour of using the current playbook to find the root directory. The ``all`` option examines from the first parent to the current playbook. |
|
1661 |
-:Default: top |
|
1662 |
-:Version Added: 2.4.1 |
|
1663 |
-:Ini Section: defaults |
|
1664 |
-:Ini Key: playbook_vars_root |
|
1665 |
-:Environment: :envvar:`ANSIBLE_PLAYBOOK_VARS_ROOT` |
|
1666 |
- |
|
1667 |
-.. _PLUGIN_FILTERS_CFG: |
|
1668 |
- |
|
1669 |
-PLUGIN_FILTERS_CFG |
|
1670 |
- |
|
1671 |
-:Description: A path to configuration for filtering which plugins installed on the system are allowed to be used. See :doc:`plugin_filtering_config` for details of the filter file's format. The default is /etc/ansible/plugin_filters.yml |
|
1672 |
-:Default: None |
|
1673 |
-:Version Added: 2.5.0 |
|
1674 |
-:Ini Section: default |
|
1675 |
-:Ini Key: plugin_filters_cfg |
|
1676 |
- |
|
1677 |
-.. _RETRY_FILES_ENABLED: |
|
1678 |
- |
|
1679 |
-RETRY_FILES_ENABLED |
|
1680 |
- |
|
1681 |
-:Description: This controls whether a failed Ansible playbook should create a .retry file. |
|
1682 |
-:Type: bool |
|
1683 |
-:Default: True |
|
1684 |
-:Ini Section: defaults |
|
1685 |
-:Ini Key: retry_files_enabled |
|
1686 |
-:Environment: :envvar:`ANSIBLE_RETRY_FILES_ENABLED` |
|
1687 |
- |
|
1688 |
-.. _RETRY_FILES_SAVE_PATH: |
|
1689 |
- |
|
1690 |
-RETRY_FILES_SAVE_PATH |
|
1691 |
- |
|
1692 |
-:Description: This sets the path in which Ansible will save .retry files when a playbook fails and retry files are enabled. |
|
1693 |
-:Type: path |
|
1694 |
-:Default: None |
|
1695 |
-:Ini Section: defaults |
|
1696 |
-:Ini Key: retry_files_save_path |
|
1697 |
-:Environment: :envvar:`ANSIBLE_RETRY_FILES_SAVE_PATH` |
|
1698 |
- |
|
1699 |
-.. _SHOW_CUSTOM_STATS: |
|
1700 |
- |
|
1701 |
-SHOW_CUSTOM_STATS |
|
1702 |
- |
|
1703 |
-:Description: This adds the custom stats set via the set_stats plugin to the default output |
|
1704 |
-:Type: bool |
|
1705 |
-:Default: False |
|
1706 |
-:Ini Section: defaults |
|
1707 |
-:Ini Key: show_custom_stats |
|
1708 |
-:Environment: :envvar:`ANSIBLE_SHOW_CUSTOM_STATS` |
|
1709 |
- |
|
1710 |
-.. _STRING_TYPE_FILTERS: |
|
1711 |
- |
|
1712 |
-STRING_TYPE_FILTERS |
|
1713 |
- |
|
1714 |
-:Description: This list of filters avoids 'type conversion' when templating variables Useful when you want to avoid conversion into lists or dictionaries for JSON strings, for example. |
|
1715 |
-:Type: list |
|
1716 |
-:Default: ['string', 'to_json', 'to_nice_json', 'to_yaml', 'ppretty', 'json'] |
|
1717 |
-:Ini Section: jinja2 |
|
1718 |
-:Ini Key: dont_type_filters |
|
1719 |
-:Environment: :envvar:`ANSIBLE_STRING_TYPE_FILTERS` |
|
1720 |
- |
|
1721 |
-.. _SYSTEM_WARNINGS: |
|
1722 |
- |
|
1723 |
-SYSTEM_WARNINGS |
|
1724 |
- |
|
1725 |
-:Description: Allows disabling of warnings related to potential issues on the system running ansible itself (not on the managed hosts) These may include warnings about 3rd party packages or other conditions that should be resolved if possible. |
|
1726 |
-:Type: boolean |
|
1727 |
-:Default: True |
|
1728 |
-:Ini Section: defaults |
|
1729 |
-:Ini Key: system_warnings |
|
1730 |
-:Environment: :envvar:`ANSIBLE_SYSTEM_WARNINGS` |
|
1731 |
- |
|
1732 |
-.. _TAGS_RUN: |
|
1733 |
- |
|
1734 |
-TAGS_RUN |
|
1735 |
- |
|
1736 |
-:Description: default list of tags to run in your plays, Skip Tags has precedence. |
|
1737 |
-:Type: list |
|
1738 |
-:Default: [] |
|
1739 |
-:Ini Section: tags |
|
1740 |
-:Ini Key: run |
|
1741 |
-:Environment: :envvar:`ANSIBLE_RUN_TAGS` |
|
1742 |
- |
|
1743 |
-.. _TAGS_SKIP: |
|
1744 |
- |
|
1745 |
-TAGS_SKIP |
|
1746 |
- |
|
1747 |
-:Description: default list of tags to skip in your plays, has precedence over Run Tags |
|
1748 |
-:Type: list |
|
1749 |
-:Default: [] |
|
1750 |
-:Ini Section: tags |
|
1751 |
-:Ini Key: skip |
|
1752 |
-:Environment: :envvar:`ANSIBLE_SKIP_TAGS` |
|
1753 |
- |
|
1754 |
-.. _USE_PERSISTENT_CONNECTIONS: |
|
1755 |
- |
|
1756 |
-USE_PERSISTENT_CONNECTIONS |
|
1757 |
- |
|
1758 |
-:Description: Toggles the use of persistence for connections. |
|
1759 |
-:Type: boolean |
|
1760 |
-:Default: False |
|
1761 |
-:Ini Section: defaults |
|
1762 |
-:Ini Key: use_persistent_connections |
|
1763 |
-:Environment: :envvar:`ANSIBLE_USE_PERSISTENT_CONNECTIONS` |
|
1764 |
- |
|
1765 |
-.. _VARIABLE_PRECEDENCE: |
|
1766 |
- |
|
1767 |
-VARIABLE_PRECEDENCE |
|
1768 |
- |
|
1769 |
-:Description: Allows to change the group variable precedence merge order. |
|
1770 |
-:Type: list |
|
1771 |
-:Default: ['all_inventory', 'groups_inventory', 'all_plugins_inventory', 'all_plugins_play', 'groups_plugins_inventory', 'groups_plugins_play'] |
|
1772 |
-:Version Added: 2.4 |
|
1773 |
-:Ini Section: defaults |
|
1774 |
-:Ini Key: precedence |
|
1775 |
-:Environment: :envvar:`ANSIBLE_PRECEDENCE` |
|
1776 |
- |
|
1777 |
-.. _YAML_FILENAME_EXTENSIONS: |
|
1778 |
- |
|
1779 |
-YAML_FILENAME_EXTENSIONS |
|
1780 |
- |
|
1781 |
-:Description: Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these. This affects vars_files, include_vars, inventory and vars plugins among others. |
|
1782 |
-:Type: list |
|
1783 |
-:Default: ['.yml', '.yaml', '.json'] |
|
1784 |
-:Ini Section: defaults |
|
1785 |
-:Ini Key: yaml_valid_extensions |
|
1786 |
-:Environment: :envvar:`ANSIBLE_YAML_FILENAME_EXT` |
|
1787 |
- |
|
1788 |
- |
|
1789 |
-Environment Variables |
|
1790 |
-===================== |
|
1791 |
- |
|
1792 |
-.. envvar:: ANSIBLE_CONFIG |
|
1793 |
- |
|
1794 |
- |
|
1795 |
- Override the default ansible config file |
|
1796 |
- |
|
1797 |
- |
|
1798 |
-.. envvar:: ANSIBLE_MERGE_MULTIPLE_CLI_TAGS |
|
1799 |
- |
|
1800 |
- This allows changing how multiple --tags and --skip-tags arguments are handled on the command line. In Ansible up to and including 2.3, specifying --tags more than once will only take the last value of --tags.Setting this config value to True will mean that all of the --tags options will be merged together. The same holds true for --skip-tags. |
|
1801 |
- |
|
1802 |
- See also :ref:`MERGE_MULTIPLE_CLI_TAGS <MERGE_MULTIPLE_CLI_TAGS>` |
|
1803 |
- |
|
1804 |
- |
|
1805 |
-.. envvar:: DISPLAY_SKIPPED_HOSTS |
|
1806 |
- |
|
1807 |
- Toggle to control displaying skipped task/host entries in a task in the default callback |
|
1808 |
- |
|
1809 |
- See also :ref:`DISPLAY_SKIPPED_HOSTS <DISPLAY_SKIPPED_HOSTS>` |
|
1810 |
- |
|
1811 |
- |
|
1812 |
-.. envvar:: ANSIBLE_SUDO_FLAGS |
|
1813 |
- |
|
1814 |
- Flags to pass to "sudo" |
|
1815 |
- |
|
1816 |
- See also :ref:`DEFAULT_SUDO_FLAGS <DEFAULT_SUDO_FLAGS>` |
|
1817 |
- |
|
1818 |
- |
|
1819 |
-.. envvar:: ANSIBLE_PERSISTENT_CONNECT_RETRY_TIMEOUT |
|
1820 |
- |
|
1821 |
- This contorls the retry timeout for presistent connection to connect to the local domain socket. |
|
1822 |
- |
|
1823 |
- See also :ref:`PERSISTENT_CONNECT_RETRY_TIMEOUT <PERSISTENT_CONNECT_RETRY_TIMEOUT>` |
|
1824 |
- |
|
1825 |
- |
|
1826 |
-.. envvar:: ANSIBLE_DIFF_CONTEXT |
|
1827 |
- |
|
1828 |
- How many lines of context to show when displaying the differences between files. |
|
1829 |
- |
|
1830 |
- See also :ref:`DIFF_CONTEXT <DIFF_CONTEXT>` |
|
1831 |
- |
|
1832 |
- |
|
1833 |
-.. envvar:: ANSIBLE_COW_PATH |
|
1834 |
- |
|
1835 |
- Specify a custom cowsay path or swap in your cowsay implementation of choice |
|
1836 |
- |
|
1837 |
- See also :ref:`ANSIBLE_COW_PATH <ANSIBLE_COW_PATH>` |
|
1838 |
- |
|
1839 |
- |
|
1840 |
-.. envvar:: ANSIBLE_TEST_PLUGINS |
|
1841 |
- |
|
1842 |
- Colon separated paths in which Ansible will search for Jinja2 Test Plugins. |
|
1843 |
- |
|
1844 |
- See also :ref:`DEFAULT_TEST_PLUGIN_PATH <DEFAULT_TEST_PLUGIN_PATH>` |
|
1845 |
- |
|
1846 |
- |
|
1847 |
-.. envvar:: ANSIBLE_INVENTORY_ENABLED |
|
1848 |
- |
|
1849 |
- List of enabled inventory plugins, it also determines the order in which they are used. |
|
1850 |
- |
|
1851 |
- See also :ref:`INVENTORY_ENABLED <INVENTORY_ENABLED>` |
|
1852 |
- |
|
1853 |
- |
|
1854 |
-.. envvar:: ANSIBLE_GALAXY_ROLE_SKELETON_IGNORE |
|
1855 |
- |
|
1856 |
- patterns of files to ignore inside a galaxy role skeleton directory |
|
1857 |
- |
|
1858 |
- See also :ref:`GALAXY_ROLE_SKELETON_IGNORE <GALAXY_ROLE_SKELETON_IGNORE>` |
|
1859 |
- |
|
1860 |
- |
|
1861 |
-.. envvar:: ANSIBLE_PIPELINING |
|
1862 |
- |
|
1863 |
- Pipelining, if supported by the connection plugin, reduces the number of network operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfer.This can result in a very significant performance improvement when enabled.However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. |
|
1864 |
- |
|
1865 |
- See also :ref:`ANSIBLE_PIPELINING <ANSIBLE_PIPELINING>` |
|
1866 |
- |
|
1867 |
-.. envvar:: ANSIBLE_SSH_PIPELINING |
|
1868 |
- |
|
1869 |
- Pipelining, if supported by the connection plugin, reduces the number of network operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfer.This can result in a very significant performance improvement when enabled.However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. |
|
1870 |
- |
|
1871 |
- See also :ref:`ANSIBLE_PIPELINING <ANSIBLE_PIPELINING>` |
|
1872 |
- |
|
1873 |
- |
|
1874 |
-.. envvar:: ANSIBLE_BECOME_METHOD |
|
1875 |
- |
|
1876 |
- Privilege escalation method to use when `become` is enabled. |
|
1877 |
- |
|
1878 |
- See also :ref:`DEFAULT_BECOME_METHOD <DEFAULT_BECOME_METHOD>` |
|
1879 |
- |
|
1880 |
- |
|
1881 |
-.. envvar:: ANSIBLE_HOST_KEY_CHECKING |
|
1882 |
- |
|
1883 |
- Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host |
|
1884 |
- |
|
1885 |
- See also :ref:`HOST_KEY_CHECKING <HOST_KEY_CHECKING>` |
|
1886 |
- |
|
1887 |
- |
|
1888 |
-.. envvar:: ANSIBLE_ASK_SU_PASS |
|
1889 |
- |
|
1890 |
- This controls whether an Ansible playbook should prompt for a su password. |
|
1891 |
- |
|
1892 |
- See also :ref:`DEFAULT_ASK_SU_PASS <DEFAULT_ASK_SU_PASS>` |
|
1893 |
- |
|
1894 |
- |
|
1895 |
-.. envvar:: ANSIBLE_SU_USER |
|
1896 |
- |
|
1897 |
- User you become when using "su", leaving it blank will use the default configured on the target (normally root) |
|
1898 |
- |
|
1899 |
- See also :ref:`DEFAULT_SU_USER <DEFAULT_SU_USER>` |
|
1900 |
- |
|
1901 |
- |
|
1902 |
-.. envvar:: ANSIBLE_CALLABLE_WHITELIST |
|
1903 |
- |
|
1904 |
- Whitelist of callable methods to be made available to template evaluation |
|
1905 |
- |
|
1906 |
- See also :ref:`DEFAULT_CALLABLE_WHITELIST <DEFAULT_CALLABLE_WHITELIST>` |
|
1907 |
- |
|
1908 |
- |
|
1909 |
-.. envvar:: ANSIBLE_COLOR_VERBOSE |
|
1910 |
- |
|
1911 |
- Defines the color to use when emitting verbose messages. i.e those that show with '-v's. |
|
1912 |
- |
|
1913 |
- See also :ref:`COLOR_VERBOSE <COLOR_VERBOSE>` |
|
1914 |
- |
|
1915 |
- |
|
1916 |
-.. envvar:: ANSIBLE_GATHERING |
|
1917 |
- |
|
1918 |
- This setting controls the default policy of fact gathering (facts discovered about remote systems).When 'implicit' (the default), the cache plugin will be ignored and facts will be gathered per play unless 'gather_facts: False' is set.When 'explicit' the inverse is true, facts will not be gathered unless directly requested in the play.The 'smart' value means each new host that has no facts discovered will be scanned, but if the same host is addressed in multiple plays it will not be contacted again in the playbook run.This option can be useful for those wishing to save fact gathering time. Both 'smart' and 'explicit' will use the cache plugin. |
|
1919 |
- |
|
1920 |
- See also :ref:`DEFAULT_GATHERING <DEFAULT_GATHERING>` |
|
1921 |
- |
|
1922 |
- |
|
1923 |
-.. envvar:: ANSIBLE_TIMEOUT |
|
1924 |
- |
|
1925 |
- This is the default timeout for connection plugins to use. |
|
1926 |
- |
|
1927 |
- See also :ref:`DEFAULT_TIMEOUT <DEFAULT_TIMEOUT>` |
|
1928 |
- |
|
1929 |
- |
|
1930 |
-.. envvar:: ANSIBLE_SCP_IF_SSH |
|
1931 |
- |
|
1932 |
- Prefered method to use when transfering files over sshWhen set to smart, Ansible will try them until one succeeds or they all failIf set to True, it will force 'scp', if False it will use 'sftp' |
|
1933 |
- |
|
1934 |
- See also :ref:`DEFAULT_SCP_IF_SSH <DEFAULT_SCP_IF_SSH>` |
|
1935 |
- |
|
1936 |
- |
|
1937 |
-.. envvar:: ANSIBLE_NOCOWS |
|
1938 |
- |
|
1939 |
- If you have cowsay installed but want to avoid the 'cows' (why????), use this. |
|
1940 |
- |
|
1941 |
- See also :ref:`ANSIBLE_NOCOWS <ANSIBLE_NOCOWS>` |
|
1942 |
- |
|
1943 |
- |
|
1944 |
-.. envvar:: ANSIBLE_INVENTORY_IGNORE_REGEX |
|
1945 |
- |
|
1946 |
- List of patterns to ignore when using a directory as an inventory source |
|
1947 |
- |
|
1948 |
- See also :ref:`INVENTORY_IGNORE_PATTERNS <INVENTORY_IGNORE_PATTERNS>` |
|
1949 |
- |
|
1950 |
- |
|
1951 |
-.. envvar:: ANSIBLE_NO_LOG |
|
1952 |
- |
|
1953 |
- Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. |
|
1954 |
- |
|
1955 |
- See also :ref:`DEFAULT_NO_LOG <DEFAULT_NO_LOG>` |
|
1956 |
- |
|
1957 |
- |
|
1958 |
-.. envvar:: ANSIBLE_MAX_DIFF_SIZE |
|
1959 |
- |
|
1960 |
- Maximum size of files to be considered for diff display |
|
1961 |
- |
|
1962 |
- See also :ref:`MAX_FILE_SIZE_FOR_DIFF <MAX_FILE_SIZE_FOR_DIFF>` |
|
1963 |
- |
|
1964 |
- |
|
1965 |
- |
|
1966 |
-.. envvar:: ANSIBLE_HANDLER_INCLUDES_STATIC |
|
1967 |
- |
|
1968 |
- Since 2.0 M(include) can be 'dynamic', this setting (if True) forces that if the include appears in a ``handlers`` section to be 'static'. |
|
1969 |
- |
|
1970 |
- See also :ref:`DEFAULT_HANDLER_INCLUDES_STATIC <DEFAULT_HANDLER_INCLUDES_STATIC>` |
|
1971 |
- |
|
1972 |
- |
|
1973 |
-.. envvar:: ANSIBLE_KEEP_REMOTE_FILES |
|
1974 |
- |
|
1975 |
- Enables/disables the cleaning up of the temporary files Ansible used to execute the tasks on the remote. |
|
1976 |
- |
|
1977 |
- See also :ref:`DEFAULT_KEEP_REMOTE_FILES <DEFAULT_KEEP_REMOTE_FILES>` |
|
1978 |
- |
|
1979 |
- |
|
1980 |
-.. envvar:: ANSIBLE_POLL_INTERVAL |
|
1981 |
- |
|
1982 |
- For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how often to check back on the status of those tasks when an explicit poll interval is not supplied. The default is a reasonably moderate 15 seconds which is a tradeoff between checking in frequently and providing a quick turnaround when something may have completed. |
|
1983 |
- |
|
1984 |
- See also :ref:`DEFAULT_POLL_INTERVAL <DEFAULT_POLL_INTERVAL>` |
|
1985 |
- |
|
1986 |
- |
|
1987 |
-.. envvar:: ANSIBLE_BECOME_ALLOW_SAME_USER |
|
1988 |
- |
|
1989 |
- This setting controls if become is skipped when remote user and become user are the same. I.E root sudo to root. |
|
1990 |
- |
|
1991 |
- See also :ref:`BECOME_ALLOW_SAME_USER <BECOME_ALLOW_SAME_USER>` |
|
1992 |
- |
|
1993 |
- |
|
1994 |
-.. envvar:: ANSIBLE_SSH_ARGS |
|
1995 |
- |
|
1996 |
- If set, this will override the Ansible default ssh arguments.In particular, users may wish to raise the ControlPersist time to encourage performance. A value of 30 minutes may be appropriate.Be aware that if `-o ControlPath` is set in ssh_args, the control path setting is not used. |
|
1997 |
- |
|
1998 |
- See also :ref:`ANSIBLE_SSH_ARGS <ANSIBLE_SSH_ARGS>` |
|
1999 |
- |
|
2000 |
- |
|
2001 |
-.. envvar:: ANSIBLE_ACTION_PLUGINS |
|
2002 |
- |
|
2003 |
- Colon separated paths in which Ansible will search for Action Plugins. |
|
2004 |
- |
|
2005 |
- See also :ref:`DEFAULT_ACTION_PLUGIN_PATH <DEFAULT_ACTION_PLUGIN_PATH>` |
|
2006 |
- |
|
2007 |
- |
|
2008 |
-.. envvar:: ANSIBLE_REMOTE_USER |
|
2009 |
- |
|
2010 |
- Sets the login user for the target machinesWhen blank it uses the connection plugin's default, normally the user currently executing Ansible. |
|
2011 |
- |
|
2012 |
- See also :ref:`DEFAULT_REMOTE_USER <DEFAULT_REMOTE_USER>` |
|
2013 |
- |
|
2014 |
- |
|
2015 |
-.. envvar:: ANSIBLE_INVENTORY_PLUGINS |
|
2016 |
- |
|
2017 |
- Colon separated paths in which Ansible will search for Inventory Plugins. |
|
2018 |
- |
|
2019 |
- See also :ref:`DEFAULT_INVENTORY_PLUGIN_PATH <DEFAULT_INVENTORY_PLUGIN_PATH>` |
|
2020 |
- |
|
2021 |
- |
|
2022 |
-.. envvar:: ANSIBLE_VAULT_PASSWORD_FILE |
|
2023 |
- |
|
2024 |
- The vault password file to use. Equivalent to --vault-password-file or --vault-id |
|
2025 |
- |
|
2026 |
- See also :ref:`DEFAULT_VAULT_PASSWORD_FILE <DEFAULT_VAULT_PASSWORD_FILE>` |
|
2027 |
- |
|
2028 |
- |
|
2029 |
-.. envvar:: ANSIBLE_CACHE_PLUGINS |
|
2030 |
- |
|
2031 |
- Colon separated paths in which Ansible will search for Cache Plugins. |
|
2032 |
- |
|
2033 |
- See also :ref:`DEFAULT_CACHE_PLUGIN_PATH <DEFAULT_CACHE_PLUGIN_PATH>` |
|
2034 |
- |
|
2035 |
- |
|
2036 |
-.. envvar:: ANSIBLE_CALLBACK_PLUGINS |
|
2037 |
- |
|
2038 |
- Colon separated paths in which Ansible will search for Callback Plugins. |
|
2039 |
- |
|
2040 |
- See also :ref:`DEFAULT_CALLBACK_PLUGIN_PATH <DEFAULT_CALLBACK_PLUGIN_PATH>` |
|
2041 |
- |
|
2042 |
- |
|
2043 |
-.. envvar:: ANSIBLE_CONNECTION_PLUGINS |
|
2044 |
- |
|
2045 |
- Colon separated paths in which Ansible will search for Connection Plugins. |
|
2046 |
- |
|
2047 |
- See also :ref:`DEFAULT_CONNECTION_PLUGIN_PATH <DEFAULT_CONNECTION_PLUGIN_PATH>` |
|
2048 |
- |
|
2049 |
- |
|
2050 |
-.. envvar:: ANSIBLE_JINJA2_EXTENSIONS |
|
2051 |
- |
|
2052 |
- This is a developer-specific feature that allows enabling additional Jinja2 extensions.See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) |
|
2053 |
- |
|
2054 |
- See also :ref:`DEFAULT_JINJA2_EXTENSIONS <DEFAULT_JINJA2_EXTENSIONS>` |
|
2055 |
- |
|
2056 |
- |
|
2057 |
-.. envvar:: ANSIBLE_COMMAND_WARNINGS |
|
2058 |
- |
|
2059 |
- By default Ansible will issue a warning when the shell or command module is used and the command appears to be similar to an existing Ansible module.These warnings can be silenced by adjusting this setting to False. You can also control this at the task level with the module optoin ``warn``. |
|
2060 |
- |
|
2061 |
- See also :ref:`COMMAND_WARNINGS <COMMAND_WARNINGS>` |
|
2062 |
- |
|
2063 |
- |
|
2064 |
-.. envvar:: ANSIBLE_COLOR_OK |
|
2065 |
- |
|
2066 |
- Defines the color to use when showing 'OK' task status |
|
2067 |
- |
|
2068 |
- See also :ref:`COLOR_OK <COLOR_OK>` |
|
2069 |
- |
|
2070 |
- |
|
2071 |
-.. envvar:: ANSIBLE_INJECT_FACT_VARS |
|
2072 |
- |
|
2073 |
- Facts are available inside the `ansible_facts` variable, this setting also pushes them as their own vars in the main namespace.Unlike inside the `ansible_facts` dictionary, these will have an `ansible_` prefix. |
|
2074 |
- |
|
2075 |
- See also :ref:`INJECT_FACTS_AS_VARS <INJECT_FACTS_AS_VARS>` |
|
2076 |
- |
|
2077 |
- |
|
2078 |
-.. envvar:: ANSIBLE_COLOR_CHANGED |
|
2079 |
- |
|
2080 |
- Defines the color to use on 'Changed' task status |
|
2081 |
- |
|
2082 |
- See also :ref:`COLOR_CHANGED <COLOR_CHANGED>` |
|
2083 |
- |
|
2084 |
- |
|
2085 |
-.. envvar:: ANSIBLE_DISPLAY_ARGS_TO_STDOUT |
|
2086 |
- |
|
2087 |
- Normally ``ansible-playbook`` will print a header for each task that is run. These headers will contain the name: field from the task if you specified one. If you didn't then ``ansible-playbook`` uses the task's action to help you tell which task is presently running. Sometimes you run many of the same action and so you want more information about the task to differentiate it from others of the same action. If you set this variable to True in the config then ``ansible-playbook`` will also include the task's arguments in the header.This setting defaults to False because there is a chance that you have sensitive values in your parameters and you do not want those to be printed.If you set this to True you should be sure that you have secured your environment's stdout (no one can shoulder surf your screen and you aren't saving stdout to an insecure file) or made sure that all of your playbooks explicitly added the ``no_log: True`` parameter to tasks which have sensistive values See How do I keep secret data in my playbook? for more information. |
|
2088 |
- |
|
2089 |
- See also :ref:`DISPLAY_ARGS_TO_STDOUT <DISPLAY_ARGS_TO_STDOUT>` |
|
2090 |
- |
|
2091 |
- |
|
2092 |
-.. envvar:: ANSIBLE_LOCAL_TEMP |
|
2093 |
- |
|
2094 |
- Temporary directory for Ansible to use on the controller. |
|
2095 |
- |
|
2096 |
- See also :ref:`DEFAULT_LOCAL_TMP <DEFAULT_LOCAL_TMP>` |
|
2097 |
- |
|
2098 |
- |
|
2099 |
-.. envvar:: ANSIBLE_COLOR_ERROR |
|
2100 |
- |
|
2101 |
- Defines the color to use when emitting error messages |
|
2102 |
- |
|
2103 |
- See also :ref:`COLOR_ERROR <COLOR_ERROR>` |
|
2104 |
- |
|
2105 |
- |
|
2106 |
-.. envvar:: ANSIBLE_VAULT_ID_MATCH |
|
2107 |
- |
|
2108 |
- If true, decrypting vaults with a vault id will only try the password from the matching vault-id |
|
2109 |
- |
|
2110 |
- See also :ref:`DEFAULT_VAULT_ID_MATCH <DEFAULT_VAULT_ID_MATCH>` |
|
2111 |
- |
|
2112 |
- |
|
2113 |
-.. envvar:: ANSIBLE_ERROR_ON_MISSING_HANDLER |
|
2114 |
- |
|
2115 |
- Toggle to allow missing handlers to become a warning instead of an error when notifying. |
|
2116 |
- |
|
2117 |
- See also :ref:`ERROR_ON_MISSING_HANDLER <ERROR_ON_MISSING_HANDLER>` |
|
2118 |
- |
|
2119 |
- |
|
2120 |
-.. envvar:: ANSIBLE_CACHE_PLUGIN |
|
2121 |
- |
|
2122 |
- Chooses which cache plugin to use, the default 'memory' is ephimeral. |
|
2123 |
- |
|
2124 |
- See also :ref:`CACHE_PLUGIN <CACHE_PLUGIN>` |
|
2125 |
- |
|
2126 |
- |
|
2127 |
-.. envvar:: ANSIBLE_BECOME |
|
2128 |
- |
|
2129 |
- Toggles the use of privilege escalation, allowing you to 'become' another user after login. |
|
2130 |
- |
|
2131 |
- See also :ref:`DEFAULT_BECOME <DEFAULT_BECOME>` |
|
2132 |
- |
|
2133 |
- |
|
2134 |
-.. envvar:: ANSIBLE_VERBOSITY |
|
2135 |
- |
|
2136 |
- Sets the default verbosity, equivalent to the number of ``-v`` passed in the command line. |
|
2137 |
- |
|
2138 |
- See also :ref:`DEFAULT_VERBOSITY <DEFAULT_VERBOSITY>` |
|
2139 |
- |
|
2140 |
- |
|
2141 |
-.. envvar:: ANSIBLE_SQUASH_ACTIONS |
|
2142 |
- |
|
2143 |
- Ansible can optimise actions that call modules that support list parameters when using ``with_`` looping. Instead of calling the module once for each item, the module is called once with the full list.The default value for this setting is only for certain package managers, but it can be used for any moduleCurrently, this is only supported for modules that have a name or pkg parameter, and only when the item is the only thing being passed to the parameter. |
|
2144 |
- |
|
2145 |
- See also :ref:`DEFAULT_SQUASH_ACTIONS <DEFAULT_SQUASH_ACTIONS>` |
|
2146 |
- |
|
2147 |
- |
|
2148 |
-.. envvar:: ANSIBLE_VARS_PLUGINS |
|
2149 |
- |
|
2150 |
- Colon separated paths in which Ansible will search for Vars Plugins. |
|
2151 |
- |
|
2152 |
- See also :ref:`DEFAULT_VARS_PLUGIN_PATH <DEFAULT_VARS_PLUGIN_PATH>` |
|
2153 |
- |
|
2154 |
- |
|
2155 |
-.. envvar:: ANSIBLE_FILTER_PLUGINS |
|
2156 |
- |
|
2157 |
- Colon separated paths in which Ansible will search for Jinja2 Filter Plugins. |
|
2158 |
- |
|
2159 |
- See also :ref:`DEFAULT_FILTER_PLUGIN_PATH <DEFAULT_FILTER_PLUGIN_PATH>` |
|
2160 |
- |
|
2161 |
- |
|
2162 |
-.. envvar:: ANSIBLE_GALAXY_ROLE_SKELETON |
|
2163 |
- |
|
2164 |
- Role skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy``, same as ``--role-skeleton``. |
|
2165 |
- |
|
2166 |
- See also :ref:`GALAXY_ROLE_SKELETON <GALAXY_ROLE_SKELETON>` |
|
2167 |
- |
|
2168 |
- |
|
2169 |
-.. envvar:: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT |
|
2170 |
- |
|
2171 |
- This controls how long the persistent connection will remain idle before it is destroyed. |
|
2172 |
- |
|
2173 |
- See also :ref:`PERSISTENT_CONNECT_TIMEOUT <PERSISTENT_CONNECT_TIMEOUT>` |
|
2174 |
- |
|
2175 |
- |
|
2176 |
-.. envvar:: ANSIBLE_BECOME_ASK_PASS |
|
2177 |
- |
|
2178 |
- Toggle to prompt for privilege escalation password. |
|
2179 |
- |
|
2180 |
- See also :ref:`DEFAULT_BECOME_ASK_PASS <DEFAULT_BECOME_ASK_PASS>` |
|
2181 |
- |
|
2182 |
- |
|
2183 |
-.. envvar:: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT |
|
2184 |
- |
|
2185 |
- This controls the amount of time to wait for response from remote device before timing out presistent connection. |
|
2186 |
- |
|
2187 |
- See also :ref:`PERSISTENT_COMMAND_TIMEOUT <PERSISTENT_COMMAND_TIMEOUT>` |
|
2188 |
- |
|
2189 |
- |
|
2190 |
-.. envvar:: ANSIBLE_HOSTS |
|
2191 |
- |
|
2192 |
- Colon separated list of Ansible inventory sources |
|
2193 |
- |
|
2194 |
- See also :ref:`DEFAULT_HOST_LIST <DEFAULT_HOST_LIST>` |
|
2195 |
- |
|
2196 |
-.. envvar:: ANSIBLE_INVENTORY |
|
2197 |
- |
|
2198 |
- Colon separated list of Ansible inventory sources |
|
2199 |
- |
|
2200 |
- See also :ref:`DEFAULT_HOST_LIST <DEFAULT_HOST_LIST>` |
|
2201 |
- |
|
2202 |
- |
|
2203 |
-.. envvar:: ANSIBLE_GATHER_TIMEOUT |
|
2204 |
- |
|
2205 |
- Set the timeout in seconds for the implicit fact gathering.It does **not** apply to user defined M(setup) tasks. |
|
2206 |
- |
|
2207 |
- See also :ref:`DEFAULT_GATHER_TIMEOUT <DEFAULT_GATHER_TIMEOUT>` |
|
2208 |
- |
|
2209 |
- |
|
2210 |
-.. envvar:: ANSIBLE_LIBRARY |
|
2211 |
- |
|
2212 |
- Colon separated paths in which Ansible will search for Modules. |
|
2213 |
- |
|
2214 |
- See also :ref:`DEFAULT_MODULE_PATH <DEFAULT_MODULE_PATH>` |
|
2215 |
- |
|
2216 |
- |
|
2217 |
-.. envvar:: ANSIBLE_MODULE_ARGS |
|
2218 |
- |
|
2219 |
- This sets the default arguments to pass to the ``ansible`` adhoc binary if no ``-a`` is specified. |
|
2220 |
- |
|
2221 |
- See also :ref:`DEFAULT_MODULE_ARGS <DEFAULT_MODULE_ARGS>` |
|
2222 |
- |
|
2223 |
- |
|
2224 |
- |
|
2225 |
-.. envvar:: ANSIBLE_VAULT_IDENTITY_LIST |
|
2226 |
- |
|
2227 |
- A list of vault-ids to use by default. Equivalent to multiple --vault-id args. Vault-ids are tried in order. |
|
2228 |
- |
|
2229 |
- See also :ref:`DEFAULT_VAULT_IDENTITY_LIST <DEFAULT_VAULT_IDENTITY_LIST>` |
|
2230 |
- |
|
2231 |
- |
|
2232 |
-.. envvar:: ANSIBLE_COLOR_DIFF_ADD |
|
2233 |
- |
|
2234 |
- Defines the color to use when showing added lines in diffs |
|
2235 |
- |
|
2236 |
- See also :ref:`COLOR_DIFF_ADD <COLOR_DIFF_ADD>` |
|
2237 |
- |
|
2238 |
- |
|
2239 |
-.. envvar:: ANSIBLE_COW_WHITELIST |
|
2240 |
- |
|
2241 |
- White list of cowsay templates that are 'safe' to use, set to empty list if you want to enable all installed templates. |
|
2242 |
- |
|
2243 |
- See also :ref:`ANSIBLE_COW_WHITELIST <ANSIBLE_COW_WHITELIST>` |
|
2244 |
- |
|
2245 |
- |
|
2246 |
-.. envvar:: ANSIBLE_SFTP_BATCH_MODE |
|
2247 |
- |
|
2248 |
- |
|
2249 |
- See also :ref:`DEFAULT_SFTP_BATCH_MODE <DEFAULT_SFTP_BATCH_MODE>` |
|
2250 |
- |
|
2251 |
- |
|
2252 |
-.. envvar:: ANSIBLE_TRANSPORT |
|
2253 |
- |
|
2254 |
- Default connection plugin to use, the 'smart' option will toggle between 'ssh' and 'paramiko' depending on controller OS and ssh versions |
|
2255 |
- |
|
2256 |
- See also :ref:`DEFAULT_TRANSPORT <DEFAULT_TRANSPORT>` |
|
2257 |
- |
|
2258 |
- |
|
2259 |
-.. envvar:: ANSIBLE_GALAXY_SERVER |
|
2260 |
- |
|
2261 |
- URL to prepend when roles don't specify the full URI, assume they are referencing this server as the source. |
|
2262 |
- |
|
2263 |
- See also :ref:`GALAXY_SERVER <GALAXY_SERVER>` |
|
2264 |
- |
|
2265 |
- |
|
2266 |
- |
|
2267 |
-.. envvar:: ANSIBLE_FORCE_HANDLERS |
|
2268 |
- |
|
2269 |
- This option controls if notified handlers run on a host even if a failure occurs on that host.When false, the handlers will not run if a failure has occurred on a host.This can also be set per play or on the command line. See Handlers and Failure for more details. |
|
2270 |
- |
|
2271 |
- See also :ref:`DEFAULT_FORCE_HANDLERS <DEFAULT_FORCE_HANDLERS>` |
|
2272 |
- |
|
2273 |
- |
|
2274 |
-.. envvar:: ANSIBLE_SUDO_EXE |
|
2275 |
- |
|
2276 |
- specify an "sudo" executable, otherwise it relies on PATH. |
|
2277 |
- |
|
2278 |
- See also :ref:`DEFAULT_SUDO_EXE <DEFAULT_SUDO_EXE>` |
|
2279 |
- |
|
2280 |
- |
|
2281 |
-.. envvar:: ANSIBLE_DEBUG |
|
2282 |
- |
|
2283 |
- Toggles debug output in Ansible, VERY verbose and can hinder multiprocessing. |
|
2284 |
- |
|
2285 |
- See also :ref:`DEFAULT_DEBUG <DEFAULT_DEBUG>` |
|
2286 |
- |
|
2287 |
- |
|
2288 |
-.. envvar:: ANSIBLE_STDOUT_CALLBACK |
|
2289 |
- |
|
2290 |
- Set the main callback used to display Ansible output, you can only have one at a time.You can have many other callbacks, but just one can be in charge of stdout. |
|
2291 |
- |
|
2292 |
- See also :ref:`DEFAULT_STDOUT_CALLBACK <DEFAULT_STDOUT_CALLBACK>` |
|
2293 |
- |
|
2294 |
- |
|
2295 |
-.. envvar:: ANSIBLE_COLOR_DIFF_LINES |
|
2296 |
- |
|
2297 |
- Defines the color to use when showing diffs |
|
2298 |
- |
|
2299 |
- See also :ref:`COLOR_DIFF_LINES <COLOR_DIFF_LINES>` |
|
2300 |
- |
|
2301 |
- |
|
2302 |
-.. envvar:: ANSIBLE_FACT_PATH |
|
2303 |
- |
|
2304 |
- This option allows you to globally configure a custom path for 'local_facts' for the implied M(setup) task when using fact gathering.If not set, it will fallback to the default from the M(setup) module: ``/etc/ansible/facts.d``.This does **not** affect user defined tasks that use the M(setup) module. |
|
2305 |
- |
|
2306 |
- See also :ref:`DEFAULT_FACT_PATH <DEFAULT_FACT_PATH>` |
|
2307 |
- |
|
2308 |
- |
|
2309 |
-.. envvar:: ANSIBLE_TASK_INCLUDES_STATIC |
|
2310 |
- |
|
2311 |
- The `include` tasks can be static or dynamic, this toggles the default expected behaviour if autodetection fails and it is not explicitly set in task. |
|
2312 |
- |
|
2313 |
- See also :ref:`DEFAULT_TASK_INCLUDES_STATIC <DEFAULT_TASK_INCLUDES_STATIC>` |
|
2314 |
- |
|
2315 |
- |
|
2316 |
-.. envvar:: ANSIBLE_BECOME_FLAGS |
|
2317 |
- |
|
2318 |
- Flags to pass to the privilege escalation executable. |
|
2319 |
- |
|
2320 |
- See also :ref:`DEFAULT_BECOME_FLAGS <DEFAULT_BECOME_FLAGS>` |
|
2321 |
- |
|
2322 |
- |
|
2323 |
-.. envvar:: ANSIBLE_SU_FLAGS |
|
2324 |
- |
|
2325 |
- Flags to pass to su |
|
2326 |
- |
|
2327 |
- See also :ref:`DEFAULT_SU_FLAGS <DEFAULT_SU_FLAGS>` |
|
2328 |
- |
|
2329 |
- |
|
2330 |
-.. envvar:: ANSIBLE_COLOR_WARN |
|
2331 |
- |
|
2332 |
- Defines the color to use when emitting warning messages |
|
2333 |
- |
|
2334 |
- See also :ref:`COLOR_WARN <COLOR_WARN>` |
|
2335 |
- |
|
2336 |
- |
|
2337 |
-.. envvar:: ANSIBLE_COLOR_UNREACHABLE |
|
2338 |
- |
|
2339 |
- Defines the color to use on 'Unreachable' status |
|
2340 |
- |
|
2341 |
- See also :ref:`COLOR_UNREACHABLE <COLOR_UNREACHABLE>` |
|
2342 |
- |
|
2343 |
- |
|
2344 |
-.. envvar:: ANSIBLE_ASK_SUDO_PASS |
|
2345 |
- |
|
2346 |
- This controls whether an Ansible playbook should prompt for a sudo password. |
|
2347 |
- |
|
2348 |
- See also :ref:`DEFAULT_ASK_SUDO_PASS <DEFAULT_ASK_SUDO_PASS>` |
|
2349 |
- |
|
2350 |
- |
|
2351 |
-.. envvar:: ANSIBLE_SUDO |
|
2352 |
- |
|
2353 |
- Toggle the use of "sudo" for tasks. |
|
2354 |
- |
|
2355 |
- See also :ref:`DEFAULT_SUDO <DEFAULT_SUDO>` |
|
2356 |
- |
|
2357 |
- |
|
2358 |
-.. envvar:: ANSIBLE_MODULE_LANG |
|
2359 |
- |
|
2360 |
- Language locale setting to use for modules when they execute on the target.If empty it tries to set itself to the LANG environment variable on the controller.This is only used if DEFAULT_MODULE_SET_LOCALE is set to true |
|
2361 |
- |
|
2362 |
- See also :ref:`DEFAULT_MODULE_LANG <DEFAULT_MODULE_LANG>` |
|
2363 |
- |
|
2364 |
- |
|
2365 |
-.. envvar:: LIBVIRT_LXC_NOSECLABEL |
|
2366 |
- |
|
2367 |
- This setting causes libvirt to connect to lxc containers by passing --noseclabel to virsh. This is necessary when running on systems which do not have SELinux. |
|
2368 |
- |
|
2369 |
- See also :ref:`DEFAULT_LIBVIRT_LXC_NOSECLABEL <DEFAULT_LIBVIRT_LXC_NOSECLABEL>` |
|
2370 |
- |
|
2371 |
- |
|
2372 |
-.. envvar:: ANSIBLE_NULL_REPRESENTATION |
|
2373 |
- |
|
2374 |
- What templating should return as a 'null' value. When not set it will let Jinja2 decide. |
|
2375 |
- |
|
2376 |
- See also :ref:`DEFAULT_NULL_REPRESENTATION <DEFAULT_NULL_REPRESENTATION>` |
|
2377 |
- |
|
2378 |
- |
|
2379 |
-.. envvar:: ANSIBLE_COLOR_DIFF_REMOVE |
|
2380 |
- |
|
2381 |
- Defines the color to use when showing removed lines in diffs |
|
2382 |
- |
|
2383 |
- See also :ref:`COLOR_DIFF_REMOVE <COLOR_DIFF_REMOVE>` |
|
2384 |
- |
|
2385 |
- |
|
2386 |
-.. envvar:: ANSIBLE_PRIVATE_ROLE_VARS |
|
2387 |
- |
|
2388 |
- |
|
2389 |
- See also :ref:`DEFAULT_PRIVATE_ROLE_VARS <DEFAULT_PRIVATE_ROLE_VARS>` |
|
2390 |
- |
|
2391 |
- |
|
2392 |
-.. envvar:: ANSIBLE_ENABLE_TASK_DEBUGGER |
|
2393 |
- |
|
2394 |
- Whether or not to enable the task debugger, this previously was done as a strategy plugin.Now all strategy plugins can inherit this behavior. The debugger defaults to activating whena task is failed on unreachable. Use the debugger keyword for more flexibility. |
|
2395 |
- |
|
2396 |
- See also :ref:`ENABLE_TASK_DEBUGGER <ENABLE_TASK_DEBUGGER>` |
|
2397 |
- |
|
2398 |
- |
|
2399 |
-.. envvar:: ANSIBLE_COLOR_DEBUG |
|
2400 |
- |
|
2401 |
- Defines the color to use when emitting debug messages |
|
2402 |
- |
|
2403 |
- See also :ref:`COLOR_DEBUG <COLOR_DEBUG>` |
|
2404 |
- |
|
2405 |
- |
|
2406 |
-.. envvar:: ANSIBLE_LOAD_CALLBACK_PLUGINS |
|
2407 |
- |
|
2408 |
- Controls whether callback plugins are loaded when running /usr/bin/ansible. This may be used to log activity from the command line, send notifications, and so on. Callback plugins are always loaded for ``ansible-playbook``. |
|
2409 |
- |
|
2410 |
- See also :ref:`DEFAULT_LOAD_CALLBACK_PLUGINS <DEFAULT_LOAD_CALLBACK_PLUGINS>` |
|
2411 |
- |
|
2412 |
- |
|
2413 |
-.. envvar:: ANSIBLE_SYSLOG_FACILITY |
|
2414 |
- |
|
2415 |
- Syslog facility to use when Ansible logs to the remote target |
|
2416 |
- |
|
2417 |
- See also :ref:`DEFAULT_SYSLOG_FACILITY <DEFAULT_SYSLOG_FACILITY>` |
|
2418 |
- |
|
2419 |
- |
|
2420 |
-.. envvar:: ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD |
|
2421 |
- |
|
2422 |
- |
|
2423 |
- See also :ref:`PARAMIKO_HOST_KEY_AUTO_ADD <PARAMIKO_HOST_KEY_AUTO_ADD>` |
|
2424 |
- |
|
2425 |
- |
|
2426 |
-.. envvar:: ANSIBLE_USE_PERSISTENT_CONNECTIONS |
|
2427 |
- |
|
2428 |
- Toggles the use of persistence for connections. |
|
2429 |
- |
|
2430 |
- See also :ref:`USE_PERSISTENT_CONNECTIONS <USE_PERSISTENT_CONNECTIONS>` |
|
2431 |
- |
|
2432 |
- |
|
2433 |
- |
|
2434 |
-.. envvar:: ANSIBLE_VAULT_IDENTITY |
|
2435 |
- |
|
2436 |
- The label to use for the default vault id label in cases where a vault id label is not provided |
|
2437 |
- |
|
2438 |
- See also :ref:`DEFAULT_VAULT_IDENTITY <DEFAULT_VAULT_IDENTITY>` |
|
2439 |
- |
|
2440 |
- |
|
2441 |
-.. envvar:: ANSIBLE_YAML_FILENAME_EXT |
|
2442 |
- |
|
2443 |
- Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these.This affects vars_files, include_vars, inventory and vars plugins among others. |
|
2444 |
- |
|
2445 |
- See also :ref:`YAML_FILENAME_EXTENSIONS <YAML_FILENAME_EXTENSIONS>` |
|
2446 |
- |
|
2447 |
- |
|
2448 |
-.. envvar:: ANSIBLE_COLOR_SKIP |
|
2449 |
- |
|
2450 |
- Defines the color to use when showing 'Skipped' task status |
|
2451 |
- |
|
2452 |
- See also :ref:`COLOR_SKIP <COLOR_SKIP>` |
|
2453 |
- |
|
2454 |
- |
|
2455 |
-.. envvar:: ANSIBLE_STRING_TYPE_FILTERS |
|
2456 |
- |
|
2457 |
- This list of filters avoids 'type conversion' when templating variablesUseful when you want to avoid conversion into lists or dictionaries for JSON strings, for example. |
|
2458 |
- |
|
2459 |
- See also :ref:`STRING_TYPE_FILTERS <STRING_TYPE_FILTERS>` |
|
2460 |
- |
|
2461 |
- |
|
2462 |
- |
|
2463 |
-.. envvar:: ANSIBLE_REMOTE_PORT |
|
2464 |
- |
|
2465 |
- Port to use in remote connections, when blank it will use the connection plugin default. |
|
2466 |
- |
|
2467 |
- See also :ref:`DEFAULT_REMOTE_PORT <DEFAULT_REMOTE_PORT>` |
|
2468 |
- |
|
2469 |
- |
|
2470 |
-.. envvar:: ANSIBLE_PLAYBOOK_VARS_ROOT |
|
2471 |
- |
|
2472 |
- This sets which playbook dirs will be used as a root to process vars plugins, which includes finding host_vars/group_varsThe ``top`` option follows the traditional behaviour of using the top playbook in the chain to find the root directory.The ``bottom`` option follows the 2.4.0 behaviour of using the current playbook to find the root directory.The ``all`` option examines from the first parent to the current playbook. |
|
2473 |
- |
|
2474 |
- See also :ref:`PLAYBOOK_VARS_ROOT <PLAYBOOK_VARS_ROOT>` |
|
2475 |
- |
|
2476 |
- |
|
2477 |
-.. envvar:: ANSIBLE_ASK_VAULT_PASS |
|
2478 |
- |
|
2479 |
- This controls whether an Ansible playbook should prompt for a vault password. |
|
2480 |
- |
|
2481 |
- See also :ref:`DEFAULT_ASK_VAULT_PASS <DEFAULT_ASK_VAULT_PASS>` |
|
2482 |
- |
|
2483 |
- |
|
2484 |
- |
|
2485 |
-.. envvar:: ANSIBLE_PRECEDENCE |
|
2486 |
- |
|
2487 |
- Allows to change the group variable precedence merge order. |
|
2488 |
- |
|
2489 |
- See also :ref:`VARIABLE_PRECEDENCE <VARIABLE_PRECEDENCE>` |
|
2490 |
- |
|
2491 |
- |
|
2492 |
-.. envvar:: ANSIBLE_HASH_BEHAVIOUR |
|
2493 |
- |
|
2494 |
- This setting controls how variables merge in Ansible. By default Ansible will override variables in specific precedence orders, as described in Variables. When a variable of higher precedence wins, it will replace the other value.Some users prefer that variables that are hashes (aka 'dictionaries' in Python terms) are merged. This setting is called 'merge'. This is not the default behavior and it does not affect variables whose values are scalars (integers, strings) or arrays. We generally recommend not using this setting unless you think you have an absolute need for it, and playbooks in the official examples repos do not use this settingIn version 2.0 a ``combine`` filter was added to allow doing this for a particular variable (described in Filters). |
|
2495 |
- |
|
2496 |
- See also :ref:`DEFAULT_HASH_BEHAVIOUR <DEFAULT_HASH_BEHAVIOUR>` |
|
2497 |
- |
|
2498 |
- |
|
2499 |
-.. envvar:: ANSIBLE_BECOME_USER |
|
2500 |
- |
|
2501 |
- The user your login/remote user 'becomes' when using privilege escalation, most systems will use 'root' when no user is specified. |
|
2502 |
- |
|
2503 |
- See also :ref:`DEFAULT_BECOME_USER <DEFAULT_BECOME_USER>` |
|
2504 |
- |
|
2505 |
- |
|
2506 |
-.. envvar:: ANSIBLE_ERROR_ON_UNDEFINED_VARS |
|
2507 |
- |
|
2508 |
- When True, this causes ansible templating to fail steps that reference variable names that are likely typoed.Otherwise, any '{{ template_expression }}' that contains undefined variables will be rendered in a template or ansible action line exactly as written. |
|
2509 |
- |
|
2510 |
- See also :ref:`DEFAULT_UNDEFINED_VAR_BEHAVIOR <DEFAULT_UNDEFINED_VAR_BEHAVIOR>` |
|
2511 |
- |
|
2512 |
- |
|
2513 |
-.. envvar:: ANSIBLE_CACHE_PLUGIN_TIMEOUT |
|
2514 |
- |
|
2515 |
- Expiration timeout for the cache plugin data |
|
2516 |
- |
|
2517 |
- See also :ref:`CACHE_PLUGIN_TIMEOUT <CACHE_PLUGIN_TIMEOUT>` |
|
2518 |
- |
|
2519 |
- |
|
2520 |
-.. envvar:: ANSIBLE_SSH_CONTROL_PATH |
|
2521 |
- |
|
2522 |
- This is the location to save ssh's ControlPath sockets, it uses ssh's variable substitution.Since 2.3, if null, ansible will generate a unique hash. Use `%(directory)s` to indicate where to use the control dir path setting.Before 2.3 it defaulted to `control_path=%(directory)s/ansible-ssh-%%h-%%p-%%r`.Be aware that this setting is ignored if `-o ControlPath` is set in ssh args. |
|
2523 |
- |
|
2524 |
- See also :ref:`ANSIBLE_SSH_CONTROL_PATH <ANSIBLE_SSH_CONTROL_PATH>` |
|
2525 |
- |
|
2526 |
- |
|
2527 |
-.. envvar:: ANSIBLE_CACHE_PLUGIN_PREFIX |
|
2528 |
- |
|
2529 |
- Prefix to use for cache plugin files/tables |
|
2530 |
- |
|
2531 |
- See also :ref:`CACHE_PLUGIN_PREFIX <CACHE_PLUGIN_PREFIX>` |
|
2532 |
- |
|
2533 |
- |
|
2534 |
-.. envvar:: NETWORK_GROUP_MODULES |
|
2535 |
- |
|
2536 |
- |
|
2537 |
- See also :ref:`NETWORK_GROUP_MODULES <NETWORK_GROUP_MODULES>` |
|
2538 |
- |
|
2539 |
- |
|
2540 |
-.. envvar:: ANSIBLE_LOG_PATH |
|
2541 |
- |
|
2542 |
- File to which Ansible will log on the controller. When empty logging is disabled. |
|
2543 |
- |
|
2544 |
- See also :ref:`DEFAULT_LOG_PATH <DEFAULT_LOG_PATH>` |
|
2545 |
- |
|
2546 |
- |
|
2547 |
-.. envvar:: ANSIBLE_RUN_TAGS |
|
2548 |
- |
|
2549 |
- default list of tags to run in your plays, Skip Tags has precedence. |
|
2550 |
- |
|
2551 |
- See also :ref:`TAGS_RUN <TAGS_RUN>` |
|
2552 |
- |
|
2553 |
- |
|
2554 |
-.. envvar:: ANSIBLE_SKIP_TAGS |
|
2555 |
- |
|
2556 |
- default list of tags to skip in your plays, has precedence over Run Tags |
|
2557 |
- |
|
2558 |
- See also :ref:`TAGS_SKIP <TAGS_SKIP>` |
|
2559 |
- |
|
2560 |
- |
|
2561 |
-.. envvar:: ANSIBLE_STRATEGY |
|
2562 |
- |
|
2563 |
- Set the default strategy used for plays. |
|
2564 |
- |
|
2565 |
- See also :ref:`DEFAULT_STRATEGY <DEFAULT_STRATEGY>` |
|
2566 |
- |
|
2567 |
- |
|
2568 |
-.. envvar:: ANSIBLE_DIFF_ALWAYS |
|
2569 |
- |
|
2570 |
- Configuration toggle to tell modules to show differences when in 'changed' status, equivalent to ``--diff``. |
|
2571 |
- |
|
2572 |
- See also :ref:`DIFF_ALWAYS <DIFF_ALWAYS>` |
|
2573 |
- |
|
2574 |
- |
|
2575 |
-.. envvar:: ANSIBLE_NO_TARGET_SYSLOG |
|
2576 |
- |
|
2577 |
- Toggle Ansible logging to syslog on the target when it executes tasks. |
|
2578 |
- |
|
2579 |
- See also :ref:`DEFAULT_NO_TARGET_SYSLOG <DEFAULT_NO_TARGET_SYSLOG>` |
|
2580 |
- |
|
2581 |
- |
|
2582 |
-.. envvar:: ANSIBLE_MODULE_SET_LOCALE |
|
2583 |
- |
|
2584 |
- Controls if we set locale for modules when executing on the target. |
|
2585 |
- |
|
2586 |
- See also :ref:`DEFAULT_MODULE_SET_LOCALE <DEFAULT_MODULE_SET_LOCALE>` |
|
2587 |
- |
|
2588 |
- |
|
2589 |
-.. envvar:: ANSIBLE_LOOKUP_PLUGINS |
|
2590 |
- |
|
2591 |
- Colon separated paths in which Ansible will search for Lookup Plugins. |
|
2592 |
- |
|
2593 |
- See also :ref:`DEFAULT_LOOKUP_PLUGIN_PATH <DEFAULT_LOOKUP_PLUGIN_PATH>` |
|
2594 |
- |
|
2595 |
- |
|
2596 |
-.. envvar:: ANSIBLE_ASK_PASS |
|
2597 |
- |
|
2598 |
- This controls whether an Ansible playbook should prompt for a login password. If using SSH keys for authentication, you probably do not needed to change this setting. |
|
2599 |
- |
|
2600 |
- See also :ref:`DEFAULT_ASK_PASS <DEFAULT_ASK_PASS>` |
|
2601 |
- |
|
2602 |
- |
|
2603 |
-.. envvar:: ANSIBLE_INVENTORY_UNPARSED_FAILED |
|
2604 |
- |
|
2605 |
- If 'true' unparsed inventory sources become fatal errors, they are warnings otherwise. |
|
2606 |
- |
|
2607 |
- See also :ref:`INVENTORY_UNPARSED_IS_FAILED <INVENTORY_UNPARSED_IS_FAILED>` |
|
2608 |
- |
|
2609 |
- |
|
2610 |
-.. envvar:: ANSIBLE_CALLBACK_WHITELIST |
|
2611 |
- |
|
2612 |
- List of whitelisted callbacks, not all callbacks need whitelisting, but many of those shipped with Ansible do as we don't want them activated by default. |
|
2613 |
- |
|
2614 |
- See also :ref:`DEFAULT_CALLBACK_WHITELIST <DEFAULT_CALLBACK_WHITELIST>` |
|
2615 |
- |
|
2616 |
- |
|
2617 |
-.. envvar:: ANSIBLE_PRIVATE_KEY_FILE |
|
2618 |
- |
|
2619 |
- Option for connections using a certificate or key file to authenticate, rather than an agent or passwords, you can set the default value here to avoid re-specifying --private-key with every invocation. |
|
2620 |
- |
|
2621 |
- See also :ref:`DEFAULT_PRIVATE_KEY_FILE <DEFAULT_PRIVATE_KEY_FILE>` |
|
2622 |
- |
|
2623 |
- |
|
2624 |
-.. envvar:: ANSIBLE_PERSISTENT_CONTROL_PATH_DIR |
|
2625 |
- |
|
2626 |
- Path to socket to be used by the connection persistence system. |
|
2627 |
- |
|
2628 |
- See also :ref:`PERSISTENT_CONTROL_PATH_DIR <PERSISTENT_CONTROL_PATH_DIR>` |
|
2629 |
- |
|
2630 |
- |
|
2631 |
-.. envvar:: ANSIBLE_MODULE_UTILS |
|
2632 |
- |
|
2633 |
- Colon separated paths in which Ansible will search for Module utils files, which are shared by modules. |
|
2634 |
- |
|
2635 |
- See also :ref:`DEFAULT_MODULE_UTILS_PATH <DEFAULT_MODULE_UTILS_PATH>` |
|
2636 |
- |
|
2637 |
- |
|
2638 |
-.. envvar:: ANSIBLE_ROLES_PATH |
|
2639 |
- |
|
2640 |
- Colon separated paths in which Ansible will search for Roles. |
|
2641 |
- |
|
2642 |
- See also :ref:`DEFAULT_ROLES_PATH <DEFAULT_ROLES_PATH>` |
|
2643 |
- |
|
2644 |
- |
|
2645 |
-.. envvar:: ANSIBLE_CACHE_PLUGIN_CONNECTION |
|
2646 |
- |
|
2647 |
- Defines connection or path information for the cache plugin |
|
2648 |
- |
|
2649 |
- See also :ref:`CACHE_PLUGIN_CONNECTION <CACHE_PLUGIN_CONNECTION>` |
|
2650 |
- |
|
2651 |
- |
|
2652 |
-.. envvar:: ANSIBLE_BECOME_EXE |
|
2653 |
- |
|
2654 |
- executable to use for privilege escalation, otherwise Ansible will depend on PATH |
|
2655 |
- |
|
2656 |
- See also :ref:`DEFAULT_BECOME_EXE <DEFAULT_BECOME_EXE>` |
|
2657 |
- |
|
2658 |
- |
|
2659 |
-.. envvar:: ANSIBLE_SSH_RETRIES |
|
2660 |
- |
|
2661 |
- Number of attempts to establish a connection before we give up and report the host as 'UNREACHABLE' |
|
2662 |
- |
|
2663 |
- See also :ref:`ANSIBLE_SSH_RETRIES <ANSIBLE_SSH_RETRIES>` |
|
2664 |
- |
|
2665 |
- |
|
2666 |
-.. envvar:: ANSIBLE_COLOR_DEPRECATE |
|
2667 |
- |
|
2668 |
- Defines the color to use when emitting deprecation messages |
|
2669 |
- |
|
2670 |
- See also :ref:`COLOR_DEPRECATE <COLOR_DEPRECATE>` |
|
2671 |
- |
|
2672 |
- |
|
2673 |
-.. envvar:: ANSIBLE_EXECUTABLE |
|
2674 |
- |
|
2675 |
- This indicates the command to use to spawn a shell under for Ansible's execution needs on a target. Users may need to change this in rare instances when shell usage is constrained, but in most cases it may be left as is. |
|
2676 |
- |
|
2677 |
- See also :ref:`DEFAULT_EXECUTABLE <DEFAULT_EXECUTABLE>` |
|
2678 |
- |
|
2679 |
- |
|
2680 |
-.. envvar:: ANSIBLE_DEPRECATION_WARNINGS |
|
2681 |
- |
|
2682 |
- Toggle to control the showing of deprecation warnings |
|
2683 |
- |
|
2684 |
- See also :ref:`DEPRECATION_WARNINGS <DEPRECATION_WARNINGS>` |
|
2685 |
- |
|
2686 |
- |
|
2687 |
-.. envvar:: ANSIBLE_NOCOLOR |
|
2688 |
- |
|
2689 |
- This setting allows suppressing colorizing output, which is used to give a better indication of failure and status information. |
|
2690 |
- |
|
2691 |
- See also :ref:`ANSIBLE_NOCOLOR <ANSIBLE_NOCOLOR>` |
|
2692 |
- |
|
2693 |
- |
|
2694 |
-.. envvar:: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS |
|
2695 |
- |
|
2696 |
- |
|
2697 |
- See also :ref:`PARAMIKO_LOOK_FOR_KEYS <PARAMIKO_LOOK_FOR_KEYS>` |
|
2698 |
- |
|
2699 |
- |
|
2700 |
-.. envvar:: ANSIBLE_RETRY_FILES_ENABLED |
|
2701 |
- |
|
2702 |
- This controls whether a failed Ansible playbook should create a .retry file. |
|
2703 |
- |
|
2704 |
- See also :ref:`RETRY_FILES_ENABLED <RETRY_FILES_ENABLED>` |
|
2705 |
- |
|
2706 |
- |
|
2707 |
-.. envvar:: ANSIBLE_SUDO_USER |
|
2708 |
- |
|
2709 |
- User you become when using "sudo", leaving it blank will use the default configured on the target (normally root) |
|
2710 |
- |
|
2711 |
- See also :ref:`DEFAULT_SUDO_USER <DEFAULT_SUDO_USER>` |
|
2712 |
- |
|
2713 |
- |
|
2714 |
-.. envvar:: ANSIBLE_STRATEGY_PLUGINS |
|
2715 |
- |
|
2716 |
- Colon separated paths in which Ansible will search for Strategy Plugins. |
|
2717 |
- |
|
2718 |
- See also :ref:`DEFAULT_STRATEGY_PLUGIN_PATH <DEFAULT_STRATEGY_PLUGIN_PATH>` |
|
2719 |
- |
|
2720 |
- |
|
2721 |
-.. envvar:: ANSIBLE_SSH_CONTROL_PATH_DIR |
|
2722 |
- |
|
2723 |
- This sets the directory to use for ssh control path if the control path setting is null.Also, provides the `%(directory)s` variable for the control path setting. |
|
2724 |
- |
|
2725 |
- See also :ref:`ANSIBLE_SSH_CONTROL_PATH_DIR <ANSIBLE_SSH_CONTROL_PATH_DIR>` |
|
2726 |
- |
|
2727 |
- |
|
2728 |
-.. envvar:: ANSIBLE_INVENTORY_IGNORE |
|
2729 |
- |
|
2730 |
- List of extensions to ignore when using a directory as an inventory source |
|
2731 |
- |
|
2732 |
- See also :ref:`INVENTORY_IGNORE_EXTS <INVENTORY_IGNORE_EXTS>` |
|
2733 |
- |
|
2734 |
- |
|
2735 |
-.. envvar:: ANSIBLE_GALAXY_IGNORE |
|
2736 |
- |
|
2737 |
- If set to yes, ansible-galaxy will not validate TLS certificates. This can be useful for testing against a server with a self-signed certificate. |
|
2738 |
- |
|
2739 |
- See also :ref:`GALAXY_IGNORE_CERTS <GALAXY_IGNORE_CERTS>` |
|
2740 |
- |
|
2741 |
- |
|
2742 |
-.. envvar:: ANSIBLE_RETRY_FILES_SAVE_PATH |
|
2743 |
- |
|
2744 |
- This sets the path in which Ansible will save .retry files when a playbook fails and retry files are enabled. |
|
2745 |
- |
|
2746 |
- See also :ref:`RETRY_FILES_SAVE_PATH <RETRY_FILES_SAVE_PATH>` |
|
2747 |
- |
|
2748 |
- |
|
2749 |
-.. envvar:: ANSIBLE_SHOW_CUSTOM_STATS |
|
2750 |
- |
|
2751 |
- This adds the custom stats set via the set_stats plugin to the default output |
|
2752 |
- |
|
2753 |
- See also :ref:`SHOW_CUSTOM_STATS <SHOW_CUSTOM_STATS>` |
|
2754 |
- |
|
2755 |
- |
|
2756 |
-.. envvar:: ANSIBLE_VAULT_ENCRYPT_IDENTITY |
|
2757 |
- |
|
2758 |
- The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The --encrypt-vault-id cli option overrides the configured value. |
|
2759 |
- |
|
2760 |
- See also :ref:`DEFAULT_VAULT_ENCRYPT_IDENTITY <DEFAULT_VAULT_ENCRYPT_IDENTITY>` |
|
2761 |
- |
|
2762 |
- |
|
2763 |
- |
|
2764 |
-.. envvar:: ANSIBLE_COW_SELECTION |
|
2765 |
- |
|
2766 |
- This allows you to chose a specific cowsay stencil for the banners or use 'random' to cycle through them. |
|
2767 |
- |
|
2768 |
- See also :ref:`ANSIBLE_COW_SELECTION <ANSIBLE_COW_SELECTION>` |
|
2769 |
- |
|
2770 |
- |
|
2771 |
-.. envvar:: ANSIBLE_GALAXY_TOKEN |
|
2772 |
- |
|
2773 |
- GitHub personal access token |
|
2774 |
- |
|
2775 |
- See also :ref:`GALAXY_TOKEN <GALAXY_TOKEN>` |
|
2776 |
- |
|
2777 |
- |
|
2778 |
-.. envvar:: ANSIBLE_FORKS |
|
2779 |
- |
|
2780 |
- Maximum number of forks Ansible will use to execute tasks on target hosts. |
|
2781 |
- |
|
2782 |
- See also :ref:`DEFAULT_FORKS <DEFAULT_FORKS>` |
|
2783 |
- |
|
2784 |
- |
|
2785 |
-.. envvar:: ANSIBLE_SU |
|
2786 |
- |
|
2787 |
- Toggle the use of "su" for tasks. |
|
2788 |
- |
|
2789 |
- See also :ref:`DEFAULT_SU <DEFAULT_SU>` |
|
2790 |
- |
|
2791 |
- |
|
2792 |
-.. envvar:: ANSIBLE_GATHER_SUBSET |
|
2793 |
- |
|
2794 |
- Set the `gather_subset` option for the M(setup) task in the implicit fact gathering. See the module documentation for specifics.It does **not** apply to user defined M(setup) tasks. |
|
2795 |
- |
|
2796 |
- See also :ref:`DEFAULT_GATHER_SUBSET <DEFAULT_GATHER_SUBSET>` |
|
2797 |
- |
|
2798 |
- |
|
2799 |
-.. envvar:: ANSIBLE_COLOR_HIGHLIGHT |
|
2800 |
- |
|
2801 |
- Color used for highlights |
|
2802 |
- |
|
2803 |
- See also :ref:`COLOR_HIGHLIGHT <COLOR_HIGHLIGHT>` |
|
2804 |
- |
|
2805 |
- |
|
2806 |
-.. envvar:: ANSIBLE_FORCE_COLOR |
|
2807 |
- |
|
2808 |
- This options forces color mode even when running without a TTY or the "nocolor" setting is True. |
|
2809 |
- |
|
2810 |
- See also :ref:`ANSIBLE_FORCE_COLOR <ANSIBLE_FORCE_COLOR>` |
|
2811 |
- |
|
2812 |
- |
|
2813 |
-.. envvar:: ANSIBLE_SU_EXE |
|
2814 |
- |
|
2815 |
- specify an "su" executable, otherwise it relies on PATH. |
|
2816 |
- |
|
2817 |
- See also :ref:`DEFAULT_SU_EXE <DEFAULT_SU_EXE>` |
|
2818 |
- |
|
2819 |
- |
|
2820 |
-.. envvar:: ANSIBLE_ANY_ERRORS_FATAL |
|
2821 |
- |
|
2822 |
- Sets the default value for the any_errors_fatal keyword, if True, Task failures will be considered fatal errors. |
|
2823 |
- |
|
2824 |
- See also :ref:`ANY_ERRORS_FATAL <ANY_ERRORS_FATAL>` |
|
2825 |
- |
|
2826 |
- |
|
2827 |
-.. envvar:: ANSIBLE_SYSTEM_WARNINGS |
|
2828 |
- |
|
2829 |
- Allows disabling of warnings related to potential issues on the system running ansible itself (not on the managed hosts)These may include warnings about 3rd party packages or other conditions that should be resolved if possible. |
|
2830 |
- |
|
2831 |
- See also :ref:`SYSTEM_WARNINGS <SYSTEM_WARNINGS>` |
|
2832 |
- |
|
2833 |
- |
|
2834 |
-.. envvar:: ANSIBLE_SSH_TRANSFER_METHOD |
|
2835 |
- |
|
2836 |
- unused? |
|
2837 |
- |
|
2838 |
- See also :ref:`DEFAULT_SSH_TRANSFER_METHOD <DEFAULT_SSH_TRANSFER_METHOD>` |
|
2839 |
- |
|
2840 |
- |
|
2841 |
-.. envvar:: ANSIBLE_SSH_EXECUTABLE |
|
2842 |
- |
|
2843 |
- This defines the location of the ssh binary. It defaults to `ssh` which will use the first ssh binary available in $PATH.This option is usually not required, it might be useful when access to system ssh is restricted, or when using ssh wrappers to connect to remote hosts. |
|
2844 |
- |
|
2845 |
- See also :ref:`ANSIBLE_SSH_EXECUTABLE <ANSIBLE_SSH_EXECUTABLE>` |
|
2846 |
- |
|
2847 |
- |
|
2848 |
-.. envvar:: ANSIBLE_ACTION_WARNINGS |
|
2849 |
- |
|
2850 |
- By default Ansible will issue a warning when recieved from a task action (module or action plugin)These warnings can be silenced by adjusting this setting to False. |
|
2851 |
- |
|
2852 |
- See also :ref:`ACTION_WARNINGS <ACTION_WARNINGS>` |
|
2853 |
- |
|
2854 |
- |
|
2855 |
- |
|
2856 |
-.. envvar:: ANSIBLE_AGNOSTIC_BECOME_PROMPT |
|
2857 |
- |
|
2858 |
- Display an agnostic become prompt instead of displaying a prompt containing the command line supplied become method |
|
2859 |
- |
|
2860 |
- See also :ref:`AGNOSTIC_BECOME_PROMPT <AGNOSTIC_BECOME_PROMPT>` |
|
2861 |
- |
|
2862 |
- |
|
2863 |
- |
2864 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,392 @@ |
0 |
+Getting started with Cisco ACI |
|
1 |
+============================== |
|
2 |
+ |
|
3 |
+.. contents:: Topics |
|
4 |
+ :depth: 2 |
|
5 |
+ :local: |
|
6 |
+ |
|
7 |
+.. _aci_intro: |
|
8 |
+ |
|
9 |
+What is Cisco ACI ? |
|
10 |
+------------------- |
|
11 |
+ |
|
12 |
+Application Centric Infrastructure (ACI) |
|
13 |
+........................................ |
|
14 |
+The Cisco Application Centric Infrastructure (ACI) allows application requirements to define the network. This architecture simplifies, optimizes, and accelerates the entire application deployment life cycle. |
|
15 |
+ |
|
16 |
+Application Policy Infrastructure Controller (APIC) |
|
17 |
+................................................... |
|
18 |
+The Cisco Application Policy Infrastructure Controller (APIC) API enables applications to directly connect with a secure, shared, high-performance resource pool that includes network, compute, and storage capabilities. |
|
19 |
+ |
|
20 |
+The APIC manages the scalable ACI multi-tenant fabric. The APIC provides a unified point of automation and management, policy programming, application deployment, and health monitoring for the fabric. The APIC, which is implemented as a replicated synchronized clustered controller, optimizes performance, supports any application anywhere, and provides unified operation of the physical and virtual infrastructure. |
|
21 |
+ |
|
22 |
+The APIC enables network administrators to easily define the optimal network for applications. Data center operators can clearly see how applications consume network resources, easily isolate and troubleshoot application and infrastructure problems, and monitor and profile resource usage patterns. |
|
23 |
+ |
|
24 |
+ACI Fabric |
|
25 |
+.......... |
|
26 |
+The Cisco Application Centric Infrastructure (ACI) Fabric includes Cisco Nexus 9000 Series switches with the APIC to run in the leaf/spine ACI fabric mode. These switches form a "fat-tree" network by connecting each leaf node to each spine node; all other devices connect to the leaf nodes. The APIC manages the ACI fabric. |
|
27 |
+ |
|
28 |
+The ACI fabric provides consistent low-latency forwarding across high-bandwidth links (40 Gbps, with a 100-Gbps future capability). Traffic with the source and destination on the same leaf switch is handled locally, and all other traffic travels from the ingress leaf to the egress leaf through a spine switch. Although this architecture appears as two hops from a physical perspective, it is actually a single Layer 3 hop because the fabric operates as a single Layer 3 switch. |
|
29 |
+ |
|
30 |
+The ACI fabric object-oriented operating system (OS) runs on each Cisco Nexus 9000 Series node. It enables programming of objects for each configurable element of the system. The ACI fabric OS renders policies from the APIC into a concrete model that runs in the physical infrastructure. The concrete model is analogous to compiled software; it is the form of the model that the switch operating system can execute. |
|
31 |
+ |
|
32 |
+All the switch nodes contain a complete copy of the concrete model. When an administrator creates a policy in the APIC that represents a configuration, the APIC updates the logical model. The APIC then performs the intermediate step of creating a fully elaborated policy that it pushes into all the switch nodes where the concrete model is updated. |
|
33 |
+ |
|
34 |
+The APIC is responsible for fabric activation, switch firmware management, network policy configuration, and instantiation. While the APIC acts as the centralized policy and network management engine for the fabric, it is completely removed from the data path, including the forwarding topology. Therefore, the fabric can still forward traffic even when communication with the APIC is lost. |
|
35 |
+ |
|
36 |
+More information |
|
37 |
+................ |
|
38 |
+Various resources exist to start learning ACI, here is a list of interesting articles from the community. |
|
39 |
+ |
|
40 |
+- `Adam Raffe: Learning ACI <https://adamraffe.com/learning-aci/>`_ |
|
41 |
+- `Luca Relandini: ACI for dummies <http://lucarelandini.blogspot.be/2015/03/aci-for-dummies.html>`_ |
|
42 |
+- `Cisco DevNet Learning Labs about ACI <https://learninglabs.cisco.com/labs/tags/ACI>`_ |
|
43 |
+ |
|
44 |
+ |
|
45 |
+Using the ACI modules |
|
46 |
+--------------------- |
|
47 |
+The Ansible ACI modules provide a user-friendly interface to managing your ACI environment using Ansible playbooks. |
|
48 |
+ |
|
49 |
+For instance ensuring that a specific tenant exists, is done using the following Ansible task: |
|
50 |
+ |
|
51 |
+.. code-block:: yaml |
|
52 |
+ |
|
53 |
+ - name: Ensure tenant customer-xyz exists |
|
54 |
+ aci_tenant: |
|
55 |
+ host: my-apic-1 |
|
56 |
+ username: admin |
|
57 |
+ password: my-password |
|
58 |
+ |
|
59 |
+ tenant: customer-xyz |
|
60 |
+ description: Customer XYZ |
|
61 |
+ state: present |
|
62 |
+ |
|
63 |
+A complete list of existing ACI modules is available for `the latest stable release <http://docs.ansible.com/ansible/latest/list_of_network_modules.html#aci>`_ as well as `the current development version <http://docs.ansible.com/ansible/devel/module_docs/list_of_network_modules.html#aci>`_. |
|
64 |
+ |
|
65 |
+Standard module parameters |
|
66 |
+.......................... |
|
67 |
+Every Ansible ACI module accepts the following parameters that influence the module's communication with the APIC REST API: |
|
68 |
+ |
|
69 |
+- ``host`` -- Hostname or IP address of the APIC |
|
70 |
+- ``port`` -- Port to use for communication (defaults to ``443`` for HTTPS, and ``80`` for HTTP) |
|
71 |
+- ``username`` -- User name used to log on to the APIC (defaults to ``admin``) |
|
72 |
+- ``password`` -- Password for ``username`` to log on to the APIC (using password-based authentication) |
|
73 |
+- ``private_key`` -- Private key for ``username`` to log on to APIC (using signature-based authentication) |
|
74 |
+- ``certificate_name`` -- Name of the certificate in the ACI Web GUI (defaults to ``private_key`` file base name) |
|
75 |
+- ``timeout`` -- Timeout value for socket-level communication |
|
76 |
+- ``use_proxy`` -- Use system proxy settings (defaults to ``yes``) |
|
77 |
+- ``use_ssl`` -- Use HTTPS or HTTP for APIC REST communication (defaults to ``yes``) |
|
78 |
+- ``validate_certs`` -- Validate certificate when using HTTPS communication (defaults to ``yes``) |
|
79 |
+- ``output_level`` -- Influence the level of detail ACI modules return to the user (one of ``normal``, ``info`` or ``debug``) |
|
80 |
+ |
|
81 |
+Module return values |
|
82 |
+.................... |
|
83 |
+By default the ACI modules (excluding :ref:`aci_rest <aci_rest>`) return the resulting state of the managed object in a key ``current``. |
|
84 |
+ |
|
85 |
+By increasing the ``output_level`` to ``info``, the modules give access to the ``previous`` state of the object, but also the ``proposed`` and ``sent`` configuration payload. |
|
86 |
+ |
|
87 |
+For troubleshooting purposes setting ``output_level: debug`` or defining environment variable ``ANSIBLE_DEBUG=1`` enables more detailed information on the actual APIC REST communication, incl. ``filter_string``, ``method``, ``response``, ``status`` and ``url``. |
|
88 |
+ |
|
89 |
+.. note:: The module return values are documented in detail as part of each module's documentation. |
|
90 |
+ |
|
91 |
+More information |
|
92 |
+................ |
|
93 |
+Various resources exist to start learn more about ACI programmability, we recommend the following links: |
|
94 |
+ |
|
95 |
+- `Jacob McGill: Automating Cisco ACI with Ansible <https://blogs.cisco.com/developer/automating-cisco-aci-with-ansible-eliminates-repetitive-day-to-day-tasks>`_ |
|
96 |
+- `Cisco DevNet Learning Labs about ACI and Ansible <https://learninglabs.cisco.com/labs/tags/ACI,Ansible>`_ |
|
97 |
+ |
|
98 |
+ |
|
99 |
+.. _aci_auth: |
|
100 |
+ |
|
101 |
+ACI authentication |
|
102 |
+------------------ |
|
103 |
+ |
|
104 |
+Password-based authentication |
|
105 |
+............................. |
|
106 |
+If you want to logon using a username and password, you can use the following parameters with your ACI modules: |
|
107 |
+ |
|
108 |
+.. code-block:: yaml |
|
109 |
+ |
|
110 |
+ username: admin |
|
111 |
+ password: my-password |
|
112 |
+ |
|
113 |
+Password-based authentication is very simple to work with, but it is not the most efficient form of authentication from ACI's point-of-view as it requires a separate login-request and an open session to work. To avoid having your session time-out and requiring another login, you can use the more efficient Signature-based authentication. |
|
114 |
+ |
|
115 |
+.. note:: Password-based authentication also may trigger anti-DoS measures in ACI v3.1+ that causes session throttling and results in HTTP 503 errors and login failures. |
|
116 |
+ |
|
117 |
+.. warning:: Never store passwords in plain text. |
|
118 |
+ |
|
119 |
+The "Vault" feature of Ansible allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plain text in your playbooks or roles. These vault files can then be distributed or placed in source control. See :doc:`playbooks_vault` for more information. |
|
120 |
+ |
|
121 |
+ |
|
122 |
+ |
|
123 |
+Signature-based authentication using certificates |
|
124 |
+................................................. |
|
125 |
+Using signature-based authentication is more efficient and more reliable than password-based authentication. |
|
126 |
+ |
|
127 |
+Generate certificate and private key |
|
128 |
+,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, |
|
129 |
+Signature-based authentication requires a (self-signed) X.509 certificate with private key, and a configuration step for your AAA user in ACI. To generate a working X.509 certificate and private key, use the following procedure: |
|
130 |
+ |
|
131 |
+.. code-block:: bash |
|
132 |
+ |
|
133 |
+ $ openssl req -new -newkey rsa:1024 -days 36500 -nodes -x509 -keyout admin.key -out admin.crt -subj '/CN=Admin/O=Your Company/C=US' |
|
134 |
+ |
|
135 |
+Configure your local user |
|
136 |
+,,,,,,,,,,,,,,,,,,,,,,,,, |
|
137 |
+Perform the following steps: |
|
138 |
+ |
|
139 |
+- Add the X.509 certificate to your ACI AAA local user at **ADMIN > AAA** |
|
140 |
+- Click **AAA Authentication** |
|
141 |
+- Check that in the **Authentication** field the **Realm** field displays **Local** |
|
142 |
+- Expand **Security Management > Local Users** |
|
143 |
+- Click the name of the user you want to add a certificate to, in the **User Certificates** area |
|
144 |
+- Click the **+** sign and in the **Create X509 Certificate** enter a certificate name in the **Name** field |
|
145 |
+ |
|
146 |
+ * If you use the basename of your private key here, you don't need to enter ``certificate_name`` in Ansible |
|
147 |
+ |
|
148 |
+- Copy and paste your X.509 certificate in the **Data** field. |
|
149 |
+ |
|
150 |
+You can automate this by using the following Ansible task: |
|
151 |
+ |
|
152 |
+.. code-block:: yaml |
|
153 |
+ |
|
154 |
+ - name: Ensure we have a certificate installed |
|
155 |
+ aci_aaa_user_certificate: |
|
156 |
+ host: my-apic-1 |
|
157 |
+ username: admin |
|
158 |
+ password: my-password |
|
159 |
+ |
|
160 |
+ aaa_user: admin |
|
161 |
+ certificate_name: admin |
|
162 |
+ certificate: "{{ lookup('file', 'pki/admin.crt') }}" # This wil read the certificate data from a local file |
|
163 |
+ |
|
164 |
+.. note:: Signature-based authentication only works with local users. |
|
165 |
+ |
|
166 |
+ |
|
167 |
+Use signature-based authentication with Ansible |
|
168 |
+,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, |
|
169 |
+You need the following parameters with your ACI module(s) for it to work: |
|
170 |
+ |
|
171 |
+.. code-block:: yaml |
|
172 |
+ |
|
173 |
+ username: admin |
|
174 |
+ private_key: pki/admin.key |
|
175 |
+ certificate_name: admin # This could be left out ! |
|
176 |
+ |
|
177 |
+.. note:: If you use a certificate name in ACI that matches the private key's basename, you can leave out the ``certificate_name`` parameter like the example above. |
|
178 |
+ |
|
179 |
+More information |
|
180 |
+,,,,,,,,,,,,,,,, |
|
181 |
+More information about Signature-based Authentication is available from `Cisco APIC Signature-Based Transactions <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Signature_Based_Transactions.html>`_. |
|
182 |
+ |
|
183 |
+ |
|
184 |
+.. _aci_rest: |
|
185 |
+ |
|
186 |
+Using ACI REST with Ansible |
|
187 |
+--------------------------- |
|
188 |
+While already a lot of ACI modules exists in the Ansible distribution, and the most common actions can be performed with these existing modules, there's always something that may not be possible with off-the-shelf modules. |
|
189 |
+ |
|
190 |
+The :ref:`aci_rest <aci_rest>` module provides you with direct access to the APIC REST API and enables you to perform any task not already covered by the existing modules. This may seem like a complex undertaking, but you can generate the needed REST payload for any action performed in the ACI web interface effortlessly. |
|
191 |
+ |
|
192 |
+Using the aci-rest module |
|
193 |
+......................... |
|
194 |
+The :ref:`aci_rest <aci_rest>` module accepts the native XML and JSON payloads, but additionally accepts inline YAML payload (structured like JSON). The XML payload requires you to use a path ending with ``.xml`` whereas JSON or YAML require path to end with ``.json``. |
|
195 |
+ |
|
196 |
+When you're making modifications, you can use the POST or DELETE methods, whereas doing just queries require the GET method. |
|
197 |
+ |
|
198 |
+For instance, if you would like to ensure a specific tenant exists on ACI, these below four examples are identical: |
|
199 |
+ |
|
200 |
+**XML** (Native ACI) |
|
201 |
+ |
|
202 |
+.. code-block:: yaml |
|
203 |
+ |
|
204 |
+ - aci_rest: |
|
205 |
+ host: my-apic-1 |
|
206 |
+ private_key: pki/admin.key |
|
207 |
+ |
|
208 |
+ method: post |
|
209 |
+ path: /api/mo/uni.xml |
|
210 |
+ content: | |
|
211 |
+ <fvTenant name="customer-xyz" descr="Customer XYZ"/> |
|
212 |
+ |
|
213 |
+**JSON** (Native ACI) |
|
214 |
+ |
|
215 |
+.. code-block:: yaml |
|
216 |
+ |
|
217 |
+ - aci_rest: |
|
218 |
+ host: my-apic-1 |
|
219 |
+ private_key: pki/admin.key |
|
220 |
+ |
|
221 |
+ method: post |
|
222 |
+ path: /api/mo/uni.json |
|
223 |
+ content: |
|
224 |
+ { |
|
225 |
+ "fvTenant": { |
|
226 |
+ "attributes": { |
|
227 |
+ "name": "customer-xyz", |
|
228 |
+ "descr": "Customer XYZ" |
|
229 |
+ } |
|
230 |
+ } |
|
231 |
+ } |
|
232 |
+ |
|
233 |
+**YAML** (Ansible-style) |
|
234 |
+ |
|
235 |
+.. code-block:: yaml |
|
236 |
+ |
|
237 |
+ - aci_rest: |
|
238 |
+ host: my-apic-1 |
|
239 |
+ private_key: pki/admin.key |
|
240 |
+ |
|
241 |
+ method: post |
|
242 |
+ path: /api/mo/uni.json |
|
243 |
+ content: |
|
244 |
+ fvTenant: |
|
245 |
+ attributes: |
|
246 |
+ name: customer-xyz |
|
247 |
+ descr: Customer XYZ |
|
248 |
+ |
|
249 |
+**Ansible task** (Dedicated module) |
|
250 |
+ |
|
251 |
+.. code-block:: yaml |
|
252 |
+ |
|
253 |
+ - aci_tenant: |
|
254 |
+ host: my-apic-1 |
|
255 |
+ private_key: pki/admin.key |
|
256 |
+ |
|
257 |
+ tenant: customer-xyz |
|
258 |
+ description: Customer XYZ |
|
259 |
+ state: present |
|
260 |
+ |
|
261 |
+More information |
|
262 |
+................ |
|
263 |
+Plenty of resources exist to learn about ACI's APIC REST interface, we recommend the links below: |
|
264 |
+ |
|
265 |
+- `The apic_rest Ansible module <http://docs.ansible.com/ansible/devel/module_docs/aci_rest_module.html>`_ |
|
266 |
+- `APIC REST API Configuration Guide <https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide.html>`_ |
|
267 |
+- `Cisco DevNet Learning Labs about ACI and REST <https://learninglabs.cisco.com/labs/tags/ACI,REST>`_ |
|
268 |
+ |
|
269 |
+ |
|
270 |
+.. _aci_ops: |
|
271 |
+ |
|
272 |
+Operational examples |
|
273 |
+-------------------- |
|
274 |
+Here is a small overview of useful operational tasks to reuse in your playbooks. |
|
275 |
+Feel free to contribute more snippets that are useful to others. |
|
276 |
+ |
|
277 |
+Waiting for all controllers to be ready |
|
278 |
+....................................... |
|
279 |
+You can use the below task after you started to build your APICs and configured the cluster to wait until all the APICs have come online. It will wait until the number of controllers equals the number listed in the ``apic`` inventory group. |
|
280 |
+ |
|
281 |
+.. code-block:: yaml |
|
282 |
+ |
|
283 |
+ - name: Waiting for all controllers to be ready |
|
284 |
+ aci_rest: |
|
285 |
+ host: '{{ apic_ip }}' |
|
286 |
+ username: '{{ apic_username }}' |
|
287 |
+ private_key: pki/admin.key |
|
288 |
+ method: get |
|
289 |
+ path: /api/node/class/topSystem.json?query-target-filter=eq(topSystem.role,"controller") |
|
290 |
+ changed_when: no |
|
291 |
+ register: aci_ready |
|
292 |
+ until: aci_ready|success and aci_ready.totalCount|int >= groups['apic']|count |
|
293 |
+ retries: 20 |
|
294 |
+ delay: 30 |
|
295 |
+ |
|
296 |
+Waiting for cluster to be fully-fit |
|
297 |
+................................... |
|
298 |
+The below example waits until the cluster is fully-fit. In this example you know the number of APICs in the cluster and you verify each APIC reports a 'fully-fit' status. |
|
299 |
+ |
|
300 |
+.. code-block:: yaml |
|
301 |
+ |
|
302 |
+ - name: Waiting for cluster to be fully-fit |
|
303 |
+ aci_rest: |
|
304 |
+ host: '{{ apic_ip }}' |
|
305 |
+ username: '{{ apic_username }}' |
|
306 |
+ private_key: pki/admin.key |
|
307 |
+ method: get |
|
308 |
+ path: /api/node/class/infraWiNode.json?query-target-filter=wcard(infraWiNode.dn,"topology/pod-1/node-1/av") |
|
309 |
+ changed_when: no |
|
310 |
+ register: aci_fit |
|
311 |
+ until: > |
|
312 |
+ aci_fit|success and |
|
313 |
+ aci_fit.totalCount|int >= groups['apic']|count >= 3 and |
|
314 |
+ aci_fit.imdata[0].infraWiNode.attributes.health == 'fully-fit' and |
|
315 |
+ aci_fit.imdata[1].infraWiNode.attributes.health == 'fully-fit' and |
|
316 |
+ aci_fit.imdata[2].infraWiNode.attributes.health == 'fully-fit' |
|
317 |
+ # all(apic.infraWiNode.attributes.health == 'fully-fit' for apic in aci_fit.imdata) |
|
318 |
+ retries: 30 |
|
319 |
+ delay: 30 |
|
320 |
+ |
|
321 |
+ |
|
322 |
+.. _aci_errors: |
|
323 |
+ |
|
324 |
+APIC error messages |
|
325 |
+------------------- |
|
326 |
+The following error messages may occur and this section can help you understand what exactly is going on. |
|
327 |
+ |
|
328 |
+- **APIC Error 122: unknown managed object class 'polUni'** |
|
329 |
+ |
|
330 |
+ In case you receive this error while you are certain your :ref:`aci_rest <aci_rest>` payload and object classes are seemingly correct, the issue might be that your payload is not in fact correct JSON (e.g. the sent payload is using single quotes, rather than double quotes), and as a result the APIC is not correctly parsing your object classes from the payload. One way to avoid this is by using a YAML or an XML formatted payload. |
|
331 |
+ |
|
332 |
+ |
|
333 |
+- **APIC Error 400: invalid data at line '1'. Attributes are missing, tag 'attributes' must be specified first, before any other tag** |
|
334 |
+ |
|
335 |
+ While JSON does not care about the order of dictionary keys, the APIC is very strict in accepting only ``attributes`` before ``children``. So you need to ensure that your payload conforms to this requirement. Sorting your dictionary keys will do the trick just fine. |
|
336 |
+ |
|
337 |
+ |
|
338 |
+- **APIC Error 801: property descr of uni/tn-TENANT/ap-AP failed validation for value 'A "legacy" network'** |
|
339 |
+ |
|
340 |
+ Some values in the APIC have strict format-rules to comply to, and the internal APIC validation check for the provided value failed. In the above case, the ``description`` parameter (internally known as ``descr``) only accepts values conforming to `Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+ <https://pubhub-prod.s3.amazonaws.com/media/apic-mim-ref/docs/MO-fvAp.html#descr>`_ so it must not include quotes. |
|
341 |
+ |
|
342 |
+ |
|
343 |
+.. _aci_issues: |
|
344 |
+ |
|
345 |
+Known issues |
|
346 |
+------------ |
|
347 |
+The :ref:`aci_rest <aci_rest>` module is a wrapper around the APIC REST API. As a result any issues related to the APIC will be reflected in the use of the :ref:`aci_rest <aci_rest>` module. |
|
348 |
+ |
|
349 |
+All below issues either have been reported to the vendor, or can simply be avoided. |
|
350 |
+ |
|
351 |
+- **Too many consecutive API calls may result in connection throttling** |
|
352 |
+ |
|
353 |
+ Starting with ACI v3.1 the APIC will actively throttle password-based authenticated connection rates over a specific treshold. This is as part of an anti-DDOS measure but can act up when using Ansible with ACI using password-based authentication. Currently, one solution is to increase this treshold within the nginx configuration, but using signature-based authentication is recommended. |
|
354 |
+ |
|
355 |
+ **NOTE:** It is advisable to use signature-based authentication with ACI as it not only prevents connection-throttling, but also improves general performance when using the ACI modules. |
|
356 |
+ |
|
357 |
+ |
|
358 |
+- **Specific requests may not reflect changes correctly** |
|
359 |
+ |
|
360 |
+ There is a known issue where specific requests to the APIC do not properly reflect changed in the resulting output, even when we request those changes explicitly from the APIC. In one instance using the path ``api/node/mo/uni/infra.xml`` fails, where ``api/node/mo/uni/infra/.xml`` does work correctly. |
|
361 |
+ |
|
362 |
+ More information from: `#35401 aci_rest: change not detected <https://github.com/ansible/ansible/issues/35041>`_ |
|
363 |
+ |
|
364 |
+ **NOTE:** Fortunately the behaviour is consistent, so if you have a working example you can trust that it will keep on working. |
|
365 |
+ |
|
366 |
+ |
|
367 |
+- **Specific requests are known to not be idempotent** |
|
368 |
+ |
|
369 |
+ The behaviour of the APIC is inconsistent to the use of ``status="created"`` and ``status="deleted"``. The result is that when you use ``status="created"`` in your payload the resulting tasks are not idempotent and creation will fail when the object was already created. However this is not the case with ``status="deleted"`` where such call to an non-existing object does not cause any failure whatsoever. |
|
370 |
+ |
|
371 |
+ More information from: `#35050 aci_rest: Using status="created" behaves differently than status="deleted" <https://github.com/ansible/ansible/issues/35050>`_ |
|
372 |
+ |
|
373 |
+ **NOTE:** A workaround is to avoid using ``status="created"`` and instead use ``status="modified"`` when idempotency is essential to your workflow.. |
|
374 |
+ |
|
375 |
+ |
|
376 |
+- **Setting user password is not idempotent** |
|
377 |
+ |
|
378 |
+ Due to an inconsistency in the APIC REST API, a task that sets the password of a locally-authenticated user is not idempotent. The APIC will complain with message ``Password history check: user dag should not use previous 5 passwords``. |
|
379 |
+ |
|
380 |
+ More information from: `#35544 aci_aaa_user: Setting user password is not idempotent <https://github.com/ansible/ansible/issues/35544>`_ |
|
381 |
+ |
|
382 |
+ **NOTE:** There is no workaround for this issue. |
|
383 |
+ |
|
384 |
+ |
|
385 |
+.. _aci_community: |
|
386 |
+ |
|
387 |
+ACI Ansible community |
|
388 |
+--------------------- |
|
389 |
+If you have specific issues with the ACI modules, or a feature request, or you like to contribute to the ACI project by proposing changes or documentation updates, look at the Ansible Community wiki ACI page at: https://github.com/ansible/community/wiki/Network:-ACI |
|
390 |
+ |
|
391 |
+You will find our roadmap, an overview of open ACI issues and pull-requests and more information about who we are. If you have an interest in using ACI with Ansible, feel free to join ! We occasionally meet online to track progress and prepare for new Ansible releases. |
8 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,424 +0,0 @@ |
1 |
-Playbook Keywords |
|
2 |
-================= |
|
3 |
- |
|
4 |
-These are the keywords available on common playbook objects. |
|
5 |
- |
|
6 |
-.. note:: Please note: |
|
7 |
- |
|
8 |
- * Aliases for the directives are not reflected here, nor are mutable one. For example, |
|
9 |
- :term:`action` in task can be substituted by the name of any Ansible module. |
|
10 |
- * The keywords do not have ``version_added`` information at this time |
|
11 |
- * Some keywords set defaults for the objects inside of them rather than for the objects |
|
12 |
- themselves |
|
13 |
- |
|
14 |
- |
|
15 |
-.. contents:: |
|
16 |
- :local: |
|
17 |
- :depth: 1 |
|
18 |
- |
|
19 |
- |
|
20 |
-Play |
|
21 |
-.. glossary:: |
|
22 |
- |
|
23 |
- always_run |
|
24 |
- *DEPRECATED*, forces a task to run even in check mode. Use :term:`check_mode` directive instead. |
|
25 |
- |
|
26 |
- any_errors_fatal |
|
27 |
- Force any un-handled task errors on any host to propagate to all hosts and end the play. |
|
28 |
- |
|
29 |
- become |
|
30 |
- Boolean that controls if privilege escalation is used or not on :term:`Task` execution. |
|
31 |
- |
|
32 |
- become_flags |
|
33 |
- A string of flag(s) to pass to the privilege escalation program when :term:`become` is True. |
|
34 |
- |
|
35 |
- become_method |
|
36 |
- Which method of privilege escalation to use (such as sudo or su). |
|
37 |
- |
|
38 |
- become_user |
|
39 |
- User that you 'become' after using privilege escalation. The remote/login user must have permissions to become this user. |
|
40 |
- |
|
41 |
- check_mode |
|
42 |
- A boolean that controls if a task is executed in 'check' mode |
|
43 |
- |
|
44 |
- .. seealso:: :ref:`check_mode_dry` |
|
45 |
- |
|
46 |
- connection |
|
47 |
- Allows you to change the connection plugin used for tasks to execute on the target. |
|
48 |
- |
|
49 |
- .. seealso:: :ref:`using_connection` |
|
50 |
- |
|
51 |
- debugger |
|
52 |
- UNDOCUMENTED!! |
|
53 |
- |
|
54 |
- diff |
|
55 |
- Toggle to make tasks return 'diff' information or not. |
|
56 |
- |
|
57 |
- environment |
|
58 |
- A dictionary that gets converted into environment vars to be provided for the task upon execution. |
|
59 |
- |
|
60 |
- fact_path |
|
61 |
- Set the fact path option for the fact gathering plugin controlled by :term:`gather_facts`. |
|
62 |
- |
|
63 |
- force_handlers |
|
64 |
- Will force notified handler execution for hosts even if they failed during the play. Will not trigger if the play itself fails. |
|
65 |
- |
|
66 |
- gather_facts |
|
67 |
- A boolean that controls if the play will automatically run the 'setup' task to gather facts for the hosts. |
|
68 |
- |
|
69 |
- gather_subset |
|
70 |
- Allows you to pass subset options to the fact gathering plugin controlled by :term:`gather_facts`. |
|
71 |
- |
|
72 |
- gather_timeout |
|
73 |
- Allows you to set the timeout for the fact gathering plugin controlled by :term:`gather_facts`. |
|
74 |
- |
|
75 |
- handlers |
|
76 |
- A section with tasks that are treated as handlers, these won't get executed normally, only when notified after each section of tasks is complete. |
|
77 |
- |
|
78 |
- hosts |
|
79 |
- A list of groups, hosts or host pattern that translates into a list of hosts that are the play's target. |
|
80 |
- |
|
81 |
- ignore_errors |
|
82 |
- Boolean that allows you to ignore task failures and continue with play. It does not affect connection errors. |
|
83 |
- |
|
84 |
- max_fail_percentage |
|
85 |
- can be used to abort the run after a given percentage of hosts in the current batch has failed. |
|
86 |
- |
|
87 |
- name |
|
88 |
- Identifier. Can be used for documentation, in or tasks/handlers. |
|
89 |
- |
|
90 |
- no_log |
|
91 |
- Boolean that controls information disclosure. |
|
92 |
- |
|
93 |
- order |
|
94 |
- Controls the sorting of hosts as they are used for executing the play. Possible values are inventory (default), sorted, reverse_sorted, reverse_inventory and shuffle. |
|
95 |
- |
|
96 |
- port |
|
97 |
- Used to override the default port used in a connection. |
|
98 |
- |
|
99 |
- post_tasks |
|
100 |
- A list of tasks to execute after the :term:`tasks` section. |
|
101 |
- |
|
102 |
- pre_tasks |
|
103 |
- A list of tasks to execute before :term:`roles`. |
|
104 |
- |
|
105 |
- remote_user |
|
106 |
- User used to log into the target via the connection plugin. |
|
107 |
- |
|
108 |
- roles |
|
109 |
- List of roles to be imported into the play |
|
110 |
- |
|
111 |
- run_once |
|
112 |
- Boolean that will bypass the host loop, forcing the task to execute on the first host available and will also apply any facts to all active hosts. |
|
113 |
- |
|
114 |
- serial |
|
115 |
- Explicitly define how Ansible batches the execution of the current play on the play's target |
|
116 |
- |
|
117 |
- .. seealso:: :ref:`rolling_update_batch_size` |
|
118 |
- |
|
119 |
- strategy |
|
120 |
- Allows you to choose the connection plugin to use for the play. |
|
121 |
- |
|
122 |
- tags |
|
123 |
- Tags applied to the task or included tasks, this allows selecting subsets of tasks from the command line. |
|
124 |
- |
|
125 |
- tasks |
|
126 |
- Main list of tasks to execute in the play, they run after :term:`roles` and before :term:`post_tasks`. |
|
127 |
- |
|
128 |
- vars |
|
129 |
- Dictionary/map of variables |
|
130 |
- |
|
131 |
- vars_files |
|
132 |
- List of files that contain vars to include in the play. |
|
133 |
- |
|
134 |
- vars_prompt |
|
135 |
- list of variables to prompt for. |
|
136 |
- |
|
137 |
- vault_password |
|
138 |
- Secret used to decrypt vaulted files or variables. |
|
139 |
- |
|
140 |
- |
|
141 |
-Role |
|
142 |
-.. glossary:: |
|
143 |
- |
|
144 |
- always_run |
|
145 |
- *DEPRECATED*, forces a task to run even in check mode. Use :term:`check_mode` directive instead. |
|
146 |
- |
|
147 |
- any_errors_fatal |
|
148 |
- Force any un-handled task errors on any host to propagate to all hosts and end the play. |
|
149 |
- |
|
150 |
- become |
|
151 |
- Boolean that controls if privilege escalation is used or not on :term:`Task` execution. |
|
152 |
- |
|
153 |
- become_flags |
|
154 |
- A string of flag(s) to pass to the privilege escalation program when :term:`become` is True. |
|
155 |
- |
|
156 |
- become_method |
|
157 |
- Which method of privilege escalation to use (such as sudo or su). |
|
158 |
- |
|
159 |
- become_user |
|
160 |
- User that you 'become' after using privilege escalation. The remote/login user must have permissions to become this user. |
|
161 |
- |
|
162 |
- check_mode |
|
163 |
- A boolean that controls if a task is executed in 'check' mode |
|
164 |
- |
|
165 |
- .. seealso:: :ref:`check_mode_dry` |
|
166 |
- |
|
167 |
- connection |
|
168 |
- Allows you to change the connection plugin used for tasks to execute on the target. |
|
169 |
- |
|
170 |
- .. seealso:: :ref:`using_connection` |
|
171 |
- |
|
172 |
- debugger |
|
173 |
- UNDOCUMENTED!! |
|
174 |
- |
|
175 |
- delegate_facts |
|
176 |
- Boolean that allows you to apply facts to a delegated host instead of inventory_hostname. |
|
177 |
- |
|
178 |
- delegate_to |
|
179 |
- Host to execute task instead of the target (inventory_hostname). Connection vars from the delegated host will also be used for the task. |
|
180 |
- |
|
181 |
- diff |
|
182 |
- Toggle to make tasks return 'diff' information or not. |
|
183 |
- |
|
184 |
- environment |
|
185 |
- A dictionary that gets converted into environment vars to be provided for the task upon execution. |
|
186 |
- |
|
187 |
- ignore_errors |
|
188 |
- Boolean that allows you to ignore task failures and continue with play. It does not affect connection errors. |
|
189 |
- |
|
190 |
- name |
|
191 |
- Identifier. Can be used for documentation, in or tasks/handlers. |
|
192 |
- |
|
193 |
- no_log |
|
194 |
- Boolean that controls information disclosure. |
|
195 |
- |
|
196 |
- port |
|
197 |
- Used to override the default port used in a connection. |
|
198 |
- |
|
199 |
- remote_user |
|
200 |
- User used to log into the target via the connection plugin. |
|
201 |
- |
|
202 |
- run_once |
|
203 |
- Boolean that will bypass the host loop, forcing the task to execute on the first host available and will also apply any facts to all active hosts. |
|
204 |
- |
|
205 |
- tags |
|
206 |
- Tags applied to the task or included tasks, this allows selecting subsets of tasks from the command line. |
|
207 |
- |
|
208 |
- vars |
|
209 |
- Dictionary/map of variables |
|
210 |
- |
|
211 |
- when |
|
212 |
- Conditional expression, determines if an iteration of a task is run or not. |
|
213 |
- |
|
214 |
- |
|
215 |
-Block |
|
216 |
-.. glossary:: |
|
217 |
- |
|
218 |
- always |
|
219 |
- List of tasks, in a block, that execute no matter if there is an error in the block or not. |
|
220 |
- |
|
221 |
- always_run |
|
222 |
- *DEPRECATED*, forces a task to run even in check mode. Use :term:`check_mode` directive instead. |
|
223 |
- |
|
224 |
- any_errors_fatal |
|
225 |
- Force any un-handled task errors on any host to propagate to all hosts and end the play. |
|
226 |
- |
|
227 |
- become |
|
228 |
- Boolean that controls if privilege escalation is used or not on :term:`Task` execution. |
|
229 |
- |
|
230 |
- become_flags |
|
231 |
- A string of flag(s) to pass to the privilege escalation program when :term:`become` is True. |
|
232 |
- |
|
233 |
- become_method |
|
234 |
- Which method of privilege escalation to use (such as sudo or su). |
|
235 |
- |
|
236 |
- become_user |
|
237 |
- User that you 'become' after using privilege escalation. The remote/login user must have permissions to become this user. |
|
238 |
- |
|
239 |
- block |
|
240 |
- List of tasks in a block. |
|
241 |
- |
|
242 |
- check_mode |
|
243 |
- A boolean that controls if a task is executed in 'check' mode |
|
244 |
- |
|
245 |
- .. seealso:: :ref:`check_mode_dry` |
|
246 |
- |
|
247 |
- connection |
|
248 |
- Allows you to change the connection plugin used for tasks to execute on the target. |
|
249 |
- |
|
250 |
- .. seealso:: :ref:`using_connection` |
|
251 |
- |
|
252 |
- debugger |
|
253 |
- UNDOCUMENTED!! |
|
254 |
- |
|
255 |
- delegate_facts |
|
256 |
- Boolean that allows you to apply facts to a delegated host instead of inventory_hostname. |
|
257 |
- |
|
258 |
- delegate_to |
|
259 |
- Host to execute task instead of the target (inventory_hostname). Connection vars from the delegated host will also be used for the task. |
|
260 |
- |
|
261 |
- diff |
|
262 |
- Toggle to make tasks return 'diff' information or not. |
|
263 |
- |
|
264 |
- environment |
|
265 |
- A dictionary that gets converted into environment vars to be provided for the task upon execution. |
|
266 |
- |
|
267 |
- ignore_errors |
|
268 |
- Boolean that allows you to ignore task failures and continue with play. It does not affect connection errors. |
|
269 |
- |
|
270 |
- name |
|
271 |
- Identifier. Can be used for documentation, in or tasks/handlers. |
|
272 |
- |
|
273 |
- no_log |
|
274 |
- Boolean that controls information disclosure. |
|
275 |
- |
|
276 |
- port |
|
277 |
- Used to override the default port used in a connection. |
|
278 |
- |
|
279 |
- remote_user |
|
280 |
- User used to log into the target via the connection plugin. |
|
281 |
- |
|
282 |
- rescue |
|
283 |
- List of tasks in a :term:`block` that run if there is a task error in the main :term:`block` list. |
|
284 |
- |
|
285 |
- run_once |
|
286 |
- Boolean that will bypass the host loop, forcing the task to execute on the first host available and will also apply any facts to all active hosts. |
|
287 |
- |
|
288 |
- tags |
|
289 |
- Tags applied to the task or included tasks, this allows selecting subsets of tasks from the command line. |
|
290 |
- |
|
291 |
- vars |
|
292 |
- Dictionary/map of variables |
|
293 |
- |
|
294 |
- when |
|
295 |
- Conditional expression, determines if an iteration of a task is run or not. |
|
296 |
- |
|
297 |
- |
|
298 |
-Task |
|
299 |
-.. glossary:: |
|
300 |
- |
|
301 |
- action |
|
302 |
- The 'action' to execute for a task, it normally translates into a C(module) or action plugin. |
|
303 |
- |
|
304 |
- always_run |
|
305 |
- *DEPRECATED*, forces a task to run even in check mode. Use :term:`check_mode` directive instead. |
|
306 |
- |
|
307 |
- any_errors_fatal |
|
308 |
- Force any un-handled task errors on any host to propagate to all hosts and end the play. |
|
309 |
- |
|
310 |
- args |
|
311 |
- *DEPRECATED*, A secondary way to add arguments into a task. Takes a dictionary in which keys map to options and values. |
|
312 |
- |
|
313 |
- async_val |
|
314 |
- UNDOCUMENTED!! |
|
315 |
- |
|
316 |
- become |
|
317 |
- Boolean that controls if privilege escalation is used or not on :term:`Task` execution. |
|
318 |
- |
|
319 |
- become_flags |
|
320 |
- A string of flag(s) to pass to the privilege escalation program when :term:`become` is True. |
|
321 |
- |
|
322 |
- become_method |
|
323 |
- Which method of privilege escalation to use (such as sudo or su). |
|
324 |
- |
|
325 |
- become_user |
|
326 |
- User that you 'become' after using privilege escalation. The remote/login user must have permissions to become this user. |
|
327 |
- |
|
328 |
- changed_when |
|
329 |
- Conditional expression that overrides the task's normal 'changed' status. |
|
330 |
- |
|
331 |
- check_mode |
|
332 |
- A boolean that controls if a task is executed in 'check' mode |
|
333 |
- |
|
334 |
- .. seealso:: :ref:`check_mode_dry` |
|
335 |
- |
|
336 |
- connection |
|
337 |
- Allows you to change the connection plugin used for tasks to execute on the target. |
|
338 |
- |
|
339 |
- .. seealso:: :ref:`using_connection` |
|
340 |
- |
|
341 |
- debugger |
|
342 |
- UNDOCUMENTED!! |
|
343 |
- |
|
344 |
- delay |
|
345 |
- Number of seconds to delay between retries. This setting is only used in combination with :term:`until`. |
|
346 |
- |
|
347 |
- delegate_facts |
|
348 |
- Boolean that allows you to apply facts to a delegated host instead of inventory_hostname. |
|
349 |
- |
|
350 |
- delegate_to |
|
351 |
- Host to execute task instead of the target (inventory_hostname). Connection vars from the delegated host will also be used for the task. |
|
352 |
- |
|
353 |
- diff |
|
354 |
- Toggle to make tasks return 'diff' information or not. |
|
355 |
- |
|
356 |
- environment |
|
357 |
- A dictionary that gets converted into environment vars to be provided for the task upon execution. |
|
358 |
- |
|
359 |
- failed_when |
|
360 |
- Conditional expression that overrides the task's normal 'failed' status. |
|
361 |
- |
|
362 |
- ignore_errors |
|
363 |
- Boolean that allows you to ignore task failures and continue with play. It does not affect connection errors. |
|
364 |
- |
|
365 |
- local_action |
|
366 |
- Same as action but also implies ``delegate_to: localhost`` |
|
367 |
- |
|
368 |
- loop |
|
369 |
- Takes a list for the task to iterate over, saving each list element into the ``item`` variable (configurable via loop_control) |
|
370 |
- |
|
371 |
- loop_control |
|
372 |
- Several keys here allow you to modify/set loop behaviour in a task. |
|
373 |
- |
|
374 |
- .. seealso:: :ref:`loop_control` |
|
375 |
- |
|
376 |
- loop_with |
|
377 |
- UNDOCUMENTED!! |
|
378 |
- |
|
379 |
- name |
|
380 |
- Identifier. Can be used for documentation, in or tasks/handlers. |
|
381 |
- |
|
382 |
- no_log |
|
383 |
- Boolean that controls information disclosure. |
|
384 |
- |
|
385 |
- notify |
|
386 |
- List of handlers to notify when the task returns a 'changed=True' status. |
|
387 |
- |
|
388 |
- poll |
|
389 |
- Sets the polling interval in seconds for async tasks (default 10s). |
|
390 |
- |
|
391 |
- port |
|
392 |
- Used to override the default port used in a connection. |
|
393 |
- |
|
394 |
- register |
|
395 |
- Name of variable that will contain task status and module return data. |
|
396 |
- |
|
397 |
- remote_user |
|
398 |
- User used to log into the target via the connection plugin. |
|
399 |
- |
|
400 |
- retries |
|
401 |
- Number of retries before giving up in a :term:`until` loop. This setting is only used in combination with :term:`until`. |
|
402 |
- |
|
403 |
- run_once |
|
404 |
- Boolean that will bypass the host loop, forcing the task to execute on the first host available and will also apply any facts to all active hosts. |
|
405 |
- |
|
406 |
- tags |
|
407 |
- Tags applied to the task or included tasks, this allows selecting subsets of tasks from the command line. |
|
408 |
- |
|
409 |
- until |
|
410 |
- This keyword implies a ':term:`retries` loop' that will go on until the condition supplied here is met or we hit the :term:`retries` limit. |
|
411 |
- |
|
412 |
- vars |
|
413 |
- Dictionary/map of variables |
|
414 |
- |
|
415 |
- when |
|
416 |
- Conditional expression, determines if an iteration of a task is run or not. |
|
417 |
- |
|
418 |
- with_<lookup_plugin> |
|
419 |
- DEPRECATED: use ``loop`` instead, ``with_`` used to be how loops were defined, |
|
420 |
- |
421 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,152 +0,0 @@ |
1 |
-.. _ansible-config: |
|
2 |
- |
|
3 |
-============== |
|
4 |
-ansible-config |
|
5 |
-============== |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`View, edit, and manage ansible configuration.` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-config |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-config [view|dump|list] [--help] [options] [ansible.cfg] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-Config command line class |
|
31 |
- |
|
32 |
- |
|
33 |
-Common Options |
|
34 |
-============== |
|
35 |
- |
|
36 |
- |
|
37 |
- |
|
38 |
- |
|
39 |
-.. option:: --version |
|
40 |
- |
|
41 |
- show program's version number and exit |
|
42 |
- |
|
43 |
- |
|
44 |
-.. option:: -c <CONFIG_FILE>, --config <CONFIG_FILE> |
|
45 |
- |
|
46 |
- path to configuration file, defaults to first file found in precedence. |
|
47 |
- |
|
48 |
- |
|
49 |
-.. option:: -h, --help |
|
50 |
- |
|
51 |
- show this help message and exit |
|
52 |
- |
|
53 |
- |
|
54 |
-.. option:: -v, --verbose |
|
55 |
- |
|
56 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
57 |
- |
|
58 |
- |
|
59 |
- |
|
60 |
- |
|
61 |
- |
|
62 |
- |
|
63 |
-Actions |
|
64 |
-======= |
|
65 |
- |
|
66 |
- |
|
67 |
- |
|
68 |
-.. program:: ansible-config list |
|
69 |
-.. _ansible_config_list: |
|
70 |
- |
|
71 |
-list |
|
72 |
- |
|
73 |
-list all current configs reading lib/constants.py and shows env and config file setting names |
|
74 |
- |
|
75 |
- |
|
76 |
- |
|
77 |
- |
|
78 |
- |
|
79 |
-.. program:: ansible-config dump |
|
80 |
-.. _ansible_config_dump: |
|
81 |
- |
|
82 |
-dump |
|
83 |
- |
|
84 |
-Shows the current settings, merges ansible.cfg if specified |
|
85 |
- |
|
86 |
- |
|
87 |
- |
|
88 |
- |
|
89 |
- |
|
90 |
-.. option:: --only-changed |
|
91 |
- |
|
92 |
- Only show configurations that have changed from the default |
|
93 |
- |
|
94 |
- |
|
95 |
- |
|
96 |
- |
|
97 |
- |
|
98 |
-.. program:: ansible-config view |
|
99 |
-.. _ansible_config_view: |
|
100 |
- |
|
101 |
-view |
|
102 |
- |
|
103 |
-Displays the current config file |
|
104 |
- |
|
105 |
- |
|
106 |
- |
|
107 |
- |
|
108 |
-.. program:: ansible-config |
|
109 |
- |
|
110 |
- |
|
111 |
-Environment |
|
112 |
-=========== |
|
113 |
- |
|
114 |
-The following environment variables may be specified. |
|
115 |
- |
|
116 |
- |
|
117 |
- |
|
118 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
119 |
- |
|
120 |
-Many more are available for most options in ansible.cfg |
|
121 |
- |
|
122 |
- |
|
123 |
-Files |
|
124 |
-===== |
|
125 |
- |
|
126 |
- |
|
127 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
128 |
- |
|
129 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
130 |
- |
|
131 |
-Author |
|
132 |
-====== |
|
133 |
- |
|
134 |
-Ansible was originally written by Michael DeHaan. |
|
135 |
- |
|
136 |
-See the `AUTHORS` file for a complete list of contributors. |
|
137 |
- |
|
138 |
- |
|
139 |
-Copyright |
|
140 |
-========= |
|
141 |
- |
|
142 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
143 |
- |
|
144 |
-Ansible is released under the terms of the GPLv3 License. |
|
145 |
- |
|
146 |
-See also |
|
147 |
-======== |
|
148 |
- |
|
149 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
150 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,257 +0,0 @@ |
1 |
-.. _ansible-console: |
|
2 |
- |
|
3 |
-=============== |
|
4 |
-ansible-console |
|
5 |
-=============== |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`REPL console for executing Ansible tasks.` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-console |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-console [<host-pattern>] [options] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-a REPL that allows for running ad-hoc tasks against a chosen inventory (based on dominis' ansible-shell). |
|
31 |
- |
|
32 |
- |
|
33 |
-Common Options |
|
34 |
-============== |
|
35 |
- |
|
36 |
- |
|
37 |
- |
|
38 |
- |
|
39 |
-.. option:: --ask-su-pass |
|
40 |
- |
|
41 |
- ask for su password (deprecated, use become) |
|
42 |
- |
|
43 |
- |
|
44 |
-.. option:: --ask-sudo-pass |
|
45 |
- |
|
46 |
- ask for sudo password (deprecated, use become) |
|
47 |
- |
|
48 |
- |
|
49 |
-.. option:: --ask-vault-pass |
|
50 |
- |
|
51 |
- ask for vault password |
|
52 |
- |
|
53 |
- |
|
54 |
-.. option:: --become-method <BECOME_METHOD> |
|
55 |
- |
|
56 |
- privilege escalation method to use (default=sudo), valid choices: [ sudo | su | pbrun | pfexec | doas | dzdo | ksu | runas | pmrun | enable ] |
|
57 |
- |
|
58 |
- |
|
59 |
-.. option:: --become-user <BECOME_USER> |
|
60 |
- |
|
61 |
- run operations as this user (default=root) |
|
62 |
- |
|
63 |
- |
|
64 |
-.. option:: --list-hosts |
|
65 |
- |
|
66 |
- outputs a list of matching hosts; does not execute anything else |
|
67 |
- |
|
68 |
- |
|
69 |
-.. option:: --playbook-dir <BASEDIR> |
|
70 |
- |
|
71 |
- Since this tool does not use playbooks, use this as a subsitute playbook directory.This sets the relative path for many features including roles/ group_vars/ etc. |
|
72 |
- |
|
73 |
- |
|
74 |
-.. option:: --private-key, --key-file |
|
75 |
- |
|
76 |
- use this file to authenticate the connection |
|
77 |
- |
|
78 |
- |
|
79 |
-.. option:: --scp-extra-args <SCP_EXTRA_ARGS> |
|
80 |
- |
|
81 |
- specify extra arguments to pass to scp only (e.g. -l) |
|
82 |
- |
|
83 |
- |
|
84 |
-.. option:: --sftp-extra-args <SFTP_EXTRA_ARGS> |
|
85 |
- |
|
86 |
- specify extra arguments to pass to sftp only (e.g. -f, -l) |
|
87 |
- |
|
88 |
- |
|
89 |
-.. option:: --ssh-common-args <SSH_COMMON_ARGS> |
|
90 |
- |
|
91 |
- specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) |
|
92 |
- |
|
93 |
- |
|
94 |
-.. option:: --ssh-extra-args <SSH_EXTRA_ARGS> |
|
95 |
- |
|
96 |
- specify extra arguments to pass to ssh only (e.g. -R) |
|
97 |
- |
|
98 |
- |
|
99 |
-.. option:: --step |
|
100 |
- |
|
101 |
- one-step-at-a-time: confirm each task before running |
|
102 |
- |
|
103 |
- |
|
104 |
-.. option:: --syntax-check |
|
105 |
- |
|
106 |
- perform a syntax check on the playbook, but do not execute it |
|
107 |
- |
|
108 |
- |
|
109 |
-.. option:: --vault-id |
|
110 |
- |
|
111 |
- the vault identity to use |
|
112 |
- |
|
113 |
- |
|
114 |
-.. option:: --vault-password-file |
|
115 |
- |
|
116 |
- vault password file |
|
117 |
- |
|
118 |
- |
|
119 |
-.. option:: --version |
|
120 |
- |
|
121 |
- show program's version number and exit |
|
122 |
- |
|
123 |
- |
|
124 |
-.. option:: -C, --check |
|
125 |
- |
|
126 |
- don't make any changes; instead, try to predict some of the changes that may occur |
|
127 |
- |
|
128 |
- |
|
129 |
-.. option:: -D, --diff |
|
130 |
- |
|
131 |
- when changing (small) files and templates, show the differences in those files; works great with --check |
|
132 |
- |
|
133 |
- |
|
134 |
-.. option:: -K, --ask-become-pass |
|
135 |
- |
|
136 |
- ask for privilege escalation password |
|
137 |
- |
|
138 |
- |
|
139 |
-.. option:: -M, --module-path |
|
140 |
- |
|
141 |
- prepend colon-separated path(s) to module library (default=[u'/Users/sbutler/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) |
|
142 |
- |
|
143 |
- |
|
144 |
-.. option:: -R <SU_USER>, --su-user <SU_USER> |
|
145 |
- |
|
146 |
- run operations with su as this user (default=None) (deprecated, use become) |
|
147 |
- |
|
148 |
- |
|
149 |
-.. option:: -S, --su |
|
150 |
- |
|
151 |
- run operations with su (deprecated, use become) |
|
152 |
- |
|
153 |
- |
|
154 |
-.. option:: -T <TIMEOUT>, --timeout <TIMEOUT> |
|
155 |
- |
|
156 |
- override the connection timeout in seconds (default=10) |
|
157 |
- |
|
158 |
- |
|
159 |
-.. option:: -U <SUDO_USER>, --sudo-user <SUDO_USER> |
|
160 |
- |
|
161 |
- desired sudo user (default=root) (deprecated, use become) |
|
162 |
- |
|
163 |
- |
|
164 |
-.. option:: -b, --become |
|
165 |
- |
|
166 |
- run operations with become (does not imply password prompting) |
|
167 |
- |
|
168 |
- |
|
169 |
-.. option:: -c <CONNECTION>, --connection <CONNECTION> |
|
170 |
- |
|
171 |
- connection type to use (default=smart) |
|
172 |
- |
|
173 |
- |
|
174 |
-.. option:: -f <FORKS>, --forks <FORKS> |
|
175 |
- |
|
176 |
- specify number of parallel processes to use (default=5) |
|
177 |
- |
|
178 |
- |
|
179 |
-.. option:: -h, --help |
|
180 |
- |
|
181 |
- show this help message and exit |
|
182 |
- |
|
183 |
- |
|
184 |
-.. option:: -i, --inventory, --inventory-file |
|
185 |
- |
|
186 |
- specify inventory host path or comma separated host list. --inventory-file is deprecated |
|
187 |
- |
|
188 |
- |
|
189 |
-.. option:: -k, --ask-pass |
|
190 |
- |
|
191 |
- ask for connection password |
|
192 |
- |
|
193 |
- |
|
194 |
-.. option:: -l <SUBSET>, --limit <SUBSET> |
|
195 |
- |
|
196 |
- further limit selected hosts to an additional pattern |
|
197 |
- |
|
198 |
- |
|
199 |
-.. option:: -s, --sudo |
|
200 |
- |
|
201 |
- run operations with sudo (nopasswd) (deprecated, use become) |
|
202 |
- |
|
203 |
- |
|
204 |
-.. option:: -u <REMOTE_USER>, --user <REMOTE_USER> |
|
205 |
- |
|
206 |
- connect as this user (default=None) |
|
207 |
- |
|
208 |
- |
|
209 |
-.. option:: -v, --verbose |
|
210 |
- |
|
211 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
212 |
- |
|
213 |
- |
|
214 |
- |
|
215 |
- |
|
216 |
- |
|
217 |
- |
|
218 |
- |
|
219 |
-Environment |
|
220 |
-=========== |
|
221 |
- |
|
222 |
-The following environment variables may be specified. |
|
223 |
- |
|
224 |
- |
|
225 |
- |
|
226 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
227 |
- |
|
228 |
-Many more are available for most options in ansible.cfg |
|
229 |
- |
|
230 |
- |
|
231 |
-Files |
|
232 |
-===== |
|
233 |
- |
|
234 |
- |
|
235 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
236 |
- |
|
237 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
238 |
- |
|
239 |
-Author |
|
240 |
-====== |
|
241 |
- |
|
242 |
-Ansible was originally written by Michael DeHaan. |
|
243 |
- |
|
244 |
-See the `AUTHORS` file for a complete list of contributors. |
|
245 |
- |
|
246 |
- |
|
247 |
-Copyright |
|
248 |
-========= |
|
249 |
- |
|
250 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
251 |
- |
|
252 |
-Ansible is released under the terms of the GPLv3 License. |
|
253 |
- |
|
254 |
-See also |
|
255 |
-======== |
|
256 |
- |
|
257 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
258 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,130 +0,0 @@ |
1 |
-.. _ansible-doc: |
|
2 |
- |
|
3 |
-=========== |
|
4 |
-ansible-doc |
|
5 |
-=========== |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`plugin documentation tool` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-doc |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-doc [-l|-F|-s] [options] [-t <plugin type> ] [plugin] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-displays information on modules installed in Ansible libraries. |
|
31 |
-It displays a terse listing of plugins and their short descriptions, |
|
32 |
-provides a printout of their DOCUMENTATION strings, |
|
33 |
-and it can create a short "snippet" which can be pasted into a playbook. |
|
34 |
- |
|
35 |
- |
|
36 |
-Common Options |
|
37 |
-============== |
|
38 |
- |
|
39 |
- |
|
40 |
- |
|
41 |
- |
|
42 |
-.. option:: --version |
|
43 |
- |
|
44 |
- show program's version number and exit |
|
45 |
- |
|
46 |
- |
|
47 |
-.. option:: -F, --list_files |
|
48 |
- |
|
49 |
- Show plugin names and their source files without summaries (implies --list) |
|
50 |
- |
|
51 |
- |
|
52 |
-.. option:: -M, --module-path |
|
53 |
- |
|
54 |
- prepend colon-separated path(s) to module library (default=[u'/Users/sbutler/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) |
|
55 |
- |
|
56 |
- |
|
57 |
-.. option:: -a, --all |
|
58 |
- |
|
59 |
- **For internal testing only** Show documentation for all plugins. |
|
60 |
- |
|
61 |
- |
|
62 |
-.. option:: -h, --help |
|
63 |
- |
|
64 |
- show this help message and exit |
|
65 |
- |
|
66 |
- |
|
67 |
-.. option:: -l, --list |
|
68 |
- |
|
69 |
- List available plugins |
|
70 |
- |
|
71 |
- |
|
72 |
-.. option:: -s, --snippet |
|
73 |
- |
|
74 |
- Show playbook snippet for specified plugin(s) |
|
75 |
- |
|
76 |
- |
|
77 |
-.. option:: -t <TYPE>, --type <TYPE> |
|
78 |
- |
|
79 |
- Choose which plugin type (defaults to "module") |
|
80 |
- |
|
81 |
- |
|
82 |
-.. option:: -v, --verbose |
|
83 |
- |
|
84 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
85 |
- |
|
86 |
- |
|
87 |
- |
|
88 |
- |
|
89 |
- |
|
90 |
- |
|
91 |
- |
|
92 |
-Environment |
|
93 |
-=========== |
|
94 |
- |
|
95 |
-The following environment variables may be specified. |
|
96 |
- |
|
97 |
- |
|
98 |
- |
|
99 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
100 |
- |
|
101 |
-Many more are available for most options in ansible.cfg |
|
102 |
- |
|
103 |
- |
|
104 |
-Files |
|
105 |
-===== |
|
106 |
- |
|
107 |
- |
|
108 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
109 |
- |
|
110 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
111 |
- |
|
112 |
-Author |
|
113 |
-====== |
|
114 |
- |
|
115 |
-Ansible was originally written by Michael DeHaan. |
|
116 |
- |
|
117 |
-See the `AUTHORS` file for a complete list of contributors. |
|
118 |
- |
|
119 |
- |
|
120 |
-Copyright |
|
121 |
-========= |
|
122 |
- |
|
123 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
124 |
- |
|
125 |
-Ansible is released under the terms of the GPLv3 License. |
|
126 |
- |
|
127 |
-See also |
|
128 |
-======== |
|
129 |
- |
|
130 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
131 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,380 +0,0 @@ |
1 |
-.. _ansible-galaxy: |
|
2 |
- |
|
3 |
-============== |
|
4 |
-ansible-galaxy |
|
5 |
-============== |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`None` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-galaxy |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-galaxy [delete|import|info|init|install|list|login|remove|search|setup] [--help] [options] ... |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-command to manage Ansible roles in shared repostories, the default of which is Ansible Galaxy *https://galaxy.ansible.com*. |
|
31 |
- |
|
32 |
- |
|
33 |
-Common Options |
|
34 |
-============== |
|
35 |
- |
|
36 |
- |
|
37 |
- |
|
38 |
- |
|
39 |
-.. option:: --list |
|
40 |
- |
|
41 |
- List all of your integrations. |
|
42 |
- |
|
43 |
- |
|
44 |
-.. option:: --remove <REMOVE_ID> |
|
45 |
- |
|
46 |
- Remove the integration matching the provided ID value. Use --list to see ID values. |
|
47 |
- |
|
48 |
- |
|
49 |
-.. option:: --version |
|
50 |
- |
|
51 |
- show program's version number and exit |
|
52 |
- |
|
53 |
- |
|
54 |
-.. option:: -c, --ignore-certs |
|
55 |
- |
|
56 |
- Ignore SSL certificate validation errors. |
|
57 |
- |
|
58 |
- |
|
59 |
-.. option:: -h, --help |
|
60 |
- |
|
61 |
- show this help message and exit |
|
62 |
- |
|
63 |
- |
|
64 |
-.. option:: -s <API_SERVER>, --server <API_SERVER> |
|
65 |
- |
|
66 |
- The API server destination |
|
67 |
- |
|
68 |
- |
|
69 |
-.. option:: -v, --verbose |
|
70 |
- |
|
71 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
72 |
- |
|
73 |
- |
|
74 |
- |
|
75 |
- |
|
76 |
- |
|
77 |
- |
|
78 |
-Actions |
|
79 |
-======= |
|
80 |
- |
|
81 |
- |
|
82 |
- |
|
83 |
-.. program:: ansible-galaxy info |
|
84 |
-.. _ansible_galaxy_info: |
|
85 |
- |
|
86 |
-info |
|
87 |
- |
|
88 |
-prints out detailed information about an installed role as well as info available from the galaxy API. |
|
89 |
- |
|
90 |
- |
|
91 |
- |
|
92 |
- |
|
93 |
- |
|
94 |
-.. option:: --offline |
|
95 |
- |
|
96 |
- Don't query the galaxy API when creating roles |
|
97 |
- |
|
98 |
-.. option:: -p , --roles-path |
|
99 |
- |
|
100 |
- The path to the directory containing your roles. The default is the roles_path configured in your ansible.cfgfile (/etc/ansible/roles if not configured) |
|
101 |
- |
|
102 |
- |
|
103 |
- |
|
104 |
- |
|
105 |
- |
|
106 |
-.. program:: ansible-galaxy search |
|
107 |
-.. _ansible_galaxy_search: |
|
108 |
- |
|
109 |
-search |
|
110 |
- |
|
111 |
-searches for roles on the Ansible Galaxy server |
|
112 |
- |
|
113 |
- |
|
114 |
- |
|
115 |
- |
|
116 |
- |
|
117 |
-.. option:: --author <AUTHOR> |
|
118 |
- |
|
119 |
- GitHub username |
|
120 |
- |
|
121 |
-.. option:: --galaxy-tags <GALAXY_TAGS> |
|
122 |
- |
|
123 |
- list of galaxy tags to filter by |
|
124 |
- |
|
125 |
-.. option:: --platforms <PLATFORMS> |
|
126 |
- |
|
127 |
- list of OS platforms to filter by |
|
128 |
- |
|
129 |
-.. option:: -p , --roles-path |
|
130 |
- |
|
131 |
- The path to the directory containing your roles. The default is the roles_path configured in your ansible.cfgfile (/etc/ansible/roles if not configured) |
|
132 |
- |
|
133 |
- |
|
134 |
- |
|
135 |
- |
|
136 |
- |
|
137 |
-.. program:: ansible-galaxy setup |
|
138 |
-.. _ansible_galaxy_setup: |
|
139 |
- |
|
140 |
-setup |
|
141 |
- |
|
142 |
-Setup an integration from Github or Travis for Ansible Galaxy roles |
|
143 |
- |
|
144 |
- |
|
145 |
- |
|
146 |
- |
|
147 |
- |
|
148 |
-.. option:: --list |
|
149 |
- |
|
150 |
- List all of your integrations. |
|
151 |
- |
|
152 |
-.. option:: --remove <REMOVE_ID> |
|
153 |
- |
|
154 |
- Remove the integration matching the provided ID value. Use --list to see ID values. |
|
155 |
- |
|
156 |
- |
|
157 |
- |
|
158 |
- |
|
159 |
- |
|
160 |
-.. program:: ansible-galaxy list |
|
161 |
-.. _ansible_galaxy_list: |
|
162 |
- |
|
163 |
-list |
|
164 |
- |
|
165 |
-lists the roles installed on the local system or matches a single role passed as an argument. |
|
166 |
- |
|
167 |
- |
|
168 |
- |
|
169 |
- |
|
170 |
- |
|
171 |
-.. option:: -p , --roles-path |
|
172 |
- |
|
173 |
- The path to the directory containing your roles. The default is the roles_path configured in your ansible.cfgfile (/etc/ansible/roles if not configured) |
|
174 |
- |
|
175 |
- |
|
176 |
- |
|
177 |
- |
|
178 |
- |
|
179 |
-.. program:: ansible-galaxy remove |
|
180 |
-.. _ansible_galaxy_remove: |
|
181 |
- |
|
182 |
-remove |
|
183 |
- |
|
184 |
-removes the list of roles passed as arguments from the local system. |
|
185 |
- |
|
186 |
- |
|
187 |
- |
|
188 |
- |
|
189 |
- |
|
190 |
-.. option:: -p , --roles-path |
|
191 |
- |
|
192 |
- The path to the directory containing your roles. The default is the roles_path configured in your ansible.cfgfile (/etc/ansible/roles if not configured) |
|
193 |
- |
|
194 |
- |
|
195 |
- |
|
196 |
- |
|
197 |
- |
|
198 |
-.. program:: ansible-galaxy init |
|
199 |
-.. _ansible_galaxy_init: |
|
200 |
- |
|
201 |
-init |
|
202 |
- |
|
203 |
-creates the skeleton framework of a role that complies with the galaxy metadata format. |
|
204 |
- |
|
205 |
- |
|
206 |
- |
|
207 |
- |
|
208 |
- |
|
209 |
-.. option:: --container-enabled |
|
210 |
- |
|
211 |
- Initialize the skeleton role with default contents for a Container Enabled role. |
|
212 |
- |
|
213 |
-.. option:: --init-path <INIT_PATH> |
|
214 |
- |
|
215 |
- The path in which the skeleton role will be created. The default is the current working directory. |
|
216 |
- |
|
217 |
-.. option:: --offline |
|
218 |
- |
|
219 |
- Don't query the galaxy API when creating roles |
|
220 |
- |
|
221 |
-.. option:: --role-skeleton <ROLE_SKELETON> |
|
222 |
- |
|
223 |
- The path to a role skeleton that the new role should be based upon. |
|
224 |
- |
|
225 |
-.. option:: -f , --force |
|
226 |
- |
|
227 |
- Force overwriting an existing role |
|
228 |
- |
|
229 |
- |
|
230 |
- |
|
231 |
- |
|
232 |
- |
|
233 |
-.. program:: ansible-galaxy install |
|
234 |
-.. _ansible_galaxy_install: |
|
235 |
- |
|
236 |
-install |
|
237 |
- |
|
238 |
-uses the args list of roles to be installed, unless -f was specified. The list of roles |
|
239 |
-can be a name (which will be downloaded via the galaxy API and github), or it can be a local .tar.gz file. |
|
240 |
- |
|
241 |
- |
|
242 |
- |
|
243 |
- |
|
244 |
- |
|
245 |
-.. option:: -f , --force |
|
246 |
- |
|
247 |
- Force overwriting an existing role |
|
248 |
- |
|
249 |
-.. option:: -i , --ignore-errors |
|
250 |
- |
|
251 |
- Ignore errors and continue with the next specified role. |
|
252 |
- |
|
253 |
-.. option:: -n , --no-deps |
|
254 |
- |
|
255 |
- Don't download roles listed as dependencies |
|
256 |
- |
|
257 |
-.. option:: -p , --roles-path |
|
258 |
- |
|
259 |
- The path to the directory containing your roles. The default is the roles_path configured in your ansible.cfgfile (/etc/ansible/roles if not configured) |
|
260 |
- |
|
261 |
-.. option:: -r <ROLE_FILE>, --role-file <ROLE_FILE> |
|
262 |
- |
|
263 |
- A file containing a list of roles to be imported |
|
264 |
- |
|
265 |
- |
|
266 |
- |
|
267 |
- |
|
268 |
- |
|
269 |
-.. program:: ansible-galaxy import |
|
270 |
-.. _ansible_galaxy_import: |
|
271 |
- |
|
272 |
-import |
|
273 |
- |
|
274 |
-used to import a role into Ansible Galaxy |
|
275 |
- |
|
276 |
- |
|
277 |
- |
|
278 |
- |
|
279 |
- |
|
280 |
-.. option:: --branch <REFERENCE> |
|
281 |
- |
|
282 |
- The name of a branch to import. Defaults to the repository's default branch (usually master) |
|
283 |
- |
|
284 |
-.. option:: --no-wait |
|
285 |
- |
|
286 |
- Don't wait for import results. |
|
287 |
- |
|
288 |
-.. option:: --role-name <ROLE_NAME> |
|
289 |
- |
|
290 |
- The name the role should have, if different than the repo name |
|
291 |
- |
|
292 |
-.. option:: --status |
|
293 |
- |
|
294 |
- Check the status of the most recent import request for given github_user/github_repo. |
|
295 |
- |
|
296 |
- |
|
297 |
- |
|
298 |
- |
|
299 |
- |
|
300 |
-.. program:: ansible-galaxy login |
|
301 |
-.. _ansible_galaxy_login: |
|
302 |
- |
|
303 |
-login |
|
304 |
- |
|
305 |
-verify user's identify via Github and retrieve an auth token from Ansible Galaxy. |
|
306 |
- |
|
307 |
- |
|
308 |
- |
|
309 |
- |
|
310 |
- |
|
311 |
-.. option:: --github-token <TOKEN> |
|
312 |
- |
|
313 |
- Identify with github token rather than username and password. |
|
314 |
- |
|
315 |
- |
|
316 |
- |
|
317 |
- |
|
318 |
- |
|
319 |
-.. program:: ansible-galaxy delete |
|
320 |
-.. _ansible_galaxy_delete: |
|
321 |
- |
|
322 |
-delete |
|
323 |
- |
|
324 |
-Delete a role from Ansible Galaxy. |
|
325 |
- |
|
326 |
- |
|
327 |
- |
|
328 |
- |
|
329 |
-.. program:: ansible-galaxy |
|
330 |
- |
|
331 |
- |
|
332 |
-Environment |
|
333 |
-=========== |
|
334 |
- |
|
335 |
-The following environment variables may be specified. |
|
336 |
- |
|
337 |
- |
|
338 |
- |
|
339 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
340 |
- |
|
341 |
-Many more are available for most options in ansible.cfg |
|
342 |
- |
|
343 |
- |
|
344 |
-Files |
|
345 |
-===== |
|
346 |
- |
|
347 |
- |
|
348 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
349 |
- |
|
350 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
351 |
- |
|
352 |
-Author |
|
353 |
-====== |
|
354 |
- |
|
355 |
-Ansible was originally written by Michael DeHaan. |
|
356 |
- |
|
357 |
-See the `AUTHORS` file for a complete list of contributors. |
|
358 |
- |
|
359 |
- |
|
360 |
-Copyright |
|
361 |
-========= |
|
362 |
- |
|
363 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
364 |
- |
|
365 |
-Ansible is released under the terms of the GPLv3 License. |
|
366 |
- |
|
367 |
-See also |
|
368 |
-======== |
|
369 |
- |
|
370 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
371 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,157 +0,0 @@ |
1 |
-.. _ansible-inventory: |
|
2 |
- |
|
3 |
-================= |
|
4 |
-ansible-inventory |
|
5 |
-================= |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`None` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-inventory |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-inventory [options] [host|group] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-used to display or dump the configured inventory as Ansible sees it |
|
31 |
- |
|
32 |
- |
|
33 |
-Common Options |
|
34 |
-============== |
|
35 |
- |
|
36 |
- |
|
37 |
- |
|
38 |
- |
|
39 |
-.. option:: --ask-vault-pass |
|
40 |
- |
|
41 |
- ask for vault password |
|
42 |
- |
|
43 |
- |
|
44 |
-.. option:: --graph |
|
45 |
- |
|
46 |
- create inventory graph, if supplying pattern it must be a valid group name |
|
47 |
- |
|
48 |
- |
|
49 |
-.. option:: --host <HOST> |
|
50 |
- |
|
51 |
- Output specific host info, works as inventory script |
|
52 |
- |
|
53 |
- |
|
54 |
-.. option:: --list |
|
55 |
- |
|
56 |
- Output all hosts info, works as inventory script |
|
57 |
- |
|
58 |
- |
|
59 |
-.. option:: --list-hosts |
|
60 |
- |
|
61 |
- outputs a list of matching hosts; does not execute anything else |
|
62 |
- |
|
63 |
- |
|
64 |
-.. option:: --playbook-dir <BASEDIR> |
|
65 |
- |
|
66 |
- Since this tool does not use playbooks, use this as a subsitute playbook directory.This sets the relative path for many features including roles/ group_vars/ etc. |
|
67 |
- |
|
68 |
- |
|
69 |
-.. option:: --vars |
|
70 |
- |
|
71 |
- Add vars to graph display, ignored unless used with --graph |
|
72 |
- |
|
73 |
- |
|
74 |
-.. option:: --vault-id |
|
75 |
- |
|
76 |
- the vault identity to use |
|
77 |
- |
|
78 |
- |
|
79 |
-.. option:: --vault-password-file |
|
80 |
- |
|
81 |
- vault password file |
|
82 |
- |
|
83 |
- |
|
84 |
-.. option:: --version |
|
85 |
- |
|
86 |
- show program's version number and exit |
|
87 |
- |
|
88 |
- |
|
89 |
-.. option:: -h, --help |
|
90 |
- |
|
91 |
- show this help message and exit |
|
92 |
- |
|
93 |
- |
|
94 |
-.. option:: -i, --inventory, --inventory-file |
|
95 |
- |
|
96 |
- specify inventory host path or comma separated host list. --inventory-file is deprecated |
|
97 |
- |
|
98 |
- |
|
99 |
-.. option:: -l <SUBSET>, --limit <SUBSET> |
|
100 |
- |
|
101 |
- further limit selected hosts to an additional pattern |
|
102 |
- |
|
103 |
- |
|
104 |
-.. option:: -v, --verbose |
|
105 |
- |
|
106 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
107 |
- |
|
108 |
- |
|
109 |
-.. option:: -y, --yaml |
|
110 |
- |
|
111 |
- Use YAML format instead of default JSON, ignored for --graph |
|
112 |
- |
|
113 |
- |
|
114 |
- |
|
115 |
- |
|
116 |
- |
|
117 |
- |
|
118 |
- |
|
119 |
-Environment |
|
120 |
-=========== |
|
121 |
- |
|
122 |
-The following environment variables may be specified. |
|
123 |
- |
|
124 |
- |
|
125 |
- |
|
126 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
127 |
- |
|
128 |
-Many more are available for most options in ansible.cfg |
|
129 |
- |
|
130 |
- |
|
131 |
-Files |
|
132 |
-===== |
|
133 |
- |
|
134 |
- |
|
135 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
136 |
- |
|
137 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
138 |
- |
|
139 |
-Author |
|
140 |
-====== |
|
141 |
- |
|
142 |
-Ansible was originally written by Michael DeHaan. |
|
143 |
- |
|
144 |
-See the `AUTHORS` file for a complete list of contributors. |
|
145 |
- |
|
146 |
- |
|
147 |
-Copyright |
|
148 |
-========= |
|
149 |
- |
|
150 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
151 |
- |
|
152 |
-Ansible is released under the terms of the GPLv3 License. |
|
153 |
- |
|
154 |
-See also |
|
155 |
-======== |
|
156 |
- |
|
157 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
158 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,293 +0,0 @@ |
1 |
-.. _ansible-playbook: |
|
2 |
- |
|
3 |
-================ |
|
4 |
-ansible-playbook |
|
5 |
-================ |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`Runs Ansible playbooks, executing the defined tasks on the targeted hosts.` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-playbook |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-playbook [options] playbook.yml [playbook2 ...] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-the tool to run *Ansible playbooks*, which are a configuration and multinode deployment system. |
|
31 |
-See the project home page (https://docs.ansible.com) for more information. |
|
32 |
- |
|
33 |
- |
|
34 |
-Common Options |
|
35 |
-============== |
|
36 |
- |
|
37 |
- |
|
38 |
- |
|
39 |
- |
|
40 |
-.. option:: --ask-su-pass |
|
41 |
- |
|
42 |
- ask for su password (deprecated, use become) |
|
43 |
- |
|
44 |
- |
|
45 |
-.. option:: --ask-sudo-pass |
|
46 |
- |
|
47 |
- ask for sudo password (deprecated, use become) |
|
48 |
- |
|
49 |
- |
|
50 |
-.. option:: --ask-vault-pass |
|
51 |
- |
|
52 |
- ask for vault password |
|
53 |
- |
|
54 |
- |
|
55 |
-.. option:: --become-method <BECOME_METHOD> |
|
56 |
- |
|
57 |
- privilege escalation method to use (default=sudo), valid choices: [ sudo | su | pbrun | pfexec | doas | dzdo | ksu | runas | pmrun | enable ] |
|
58 |
- |
|
59 |
- |
|
60 |
-.. option:: --become-user <BECOME_USER> |
|
61 |
- |
|
62 |
- run operations as this user (default=root) |
|
63 |
- |
|
64 |
- |
|
65 |
-.. option:: --flush-cache |
|
66 |
- |
|
67 |
- clear the fact cache for every host in inventory |
|
68 |
- |
|
69 |
- |
|
70 |
-.. option:: --force-handlers |
|
71 |
- |
|
72 |
- run handlers even if a task fails |
|
73 |
- |
|
74 |
- |
|
75 |
-.. option:: --list-hosts |
|
76 |
- |
|
77 |
- outputs a list of matching hosts; does not execute anything else |
|
78 |
- |
|
79 |
- |
|
80 |
-.. option:: --list-tags |
|
81 |
- |
|
82 |
- list all available tags |
|
83 |
- |
|
84 |
- |
|
85 |
-.. option:: --list-tasks |
|
86 |
- |
|
87 |
- list all tasks that would be executed |
|
88 |
- |
|
89 |
- |
|
90 |
-.. option:: --private-key, --key-file |
|
91 |
- |
|
92 |
- use this file to authenticate the connection |
|
93 |
- |
|
94 |
- |
|
95 |
-.. option:: --scp-extra-args <SCP_EXTRA_ARGS> |
|
96 |
- |
|
97 |
- specify extra arguments to pass to scp only (e.g. -l) |
|
98 |
- |
|
99 |
- |
|
100 |
-.. option:: --sftp-extra-args <SFTP_EXTRA_ARGS> |
|
101 |
- |
|
102 |
- specify extra arguments to pass to sftp only (e.g. -f, -l) |
|
103 |
- |
|
104 |
- |
|
105 |
-.. option:: --skip-tags |
|
106 |
- |
|
107 |
- only run plays and tasks whose tags do not match these values |
|
108 |
- |
|
109 |
- |
|
110 |
-.. option:: --ssh-common-args <SSH_COMMON_ARGS> |
|
111 |
- |
|
112 |
- specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) |
|
113 |
- |
|
114 |
- |
|
115 |
-.. option:: --ssh-extra-args <SSH_EXTRA_ARGS> |
|
116 |
- |
|
117 |
- specify extra arguments to pass to ssh only (e.g. -R) |
|
118 |
- |
|
119 |
- |
|
120 |
-.. option:: --start-at-task <START_AT_TASK> |
|
121 |
- |
|
122 |
- start the playbook at the task matching this name |
|
123 |
- |
|
124 |
- |
|
125 |
-.. option:: --step |
|
126 |
- |
|
127 |
- one-step-at-a-time: confirm each task before running |
|
128 |
- |
|
129 |
- |
|
130 |
-.. option:: --syntax-check |
|
131 |
- |
|
132 |
- perform a syntax check on the playbook, but do not execute it |
|
133 |
- |
|
134 |
- |
|
135 |
-.. option:: --vault-id |
|
136 |
- |
|
137 |
- the vault identity to use |
|
138 |
- |
|
139 |
- |
|
140 |
-.. option:: --vault-password-file |
|
141 |
- |
|
142 |
- vault password file |
|
143 |
- |
|
144 |
- |
|
145 |
-.. option:: --version |
|
146 |
- |
|
147 |
- show program's version number and exit |
|
148 |
- |
|
149 |
- |
|
150 |
-.. option:: -C, --check |
|
151 |
- |
|
152 |
- don't make any changes; instead, try to predict some of the changes that may occur |
|
153 |
- |
|
154 |
- |
|
155 |
-.. option:: -D, --diff |
|
156 |
- |
|
157 |
- when changing (small) files and templates, show the differences in those files; works great with --check |
|
158 |
- |
|
159 |
- |
|
160 |
-.. option:: -K, --ask-become-pass |
|
161 |
- |
|
162 |
- ask for privilege escalation password |
|
163 |
- |
|
164 |
- |
|
165 |
-.. option:: -M, --module-path |
|
166 |
- |
|
167 |
- prepend colon-separated path(s) to module library (default=[u'/Users/sbutler/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) |
|
168 |
- |
|
169 |
- |
|
170 |
-.. option:: -R <SU_USER>, --su-user <SU_USER> |
|
171 |
- |
|
172 |
- run operations with su as this user (default=None) (deprecated, use become) |
|
173 |
- |
|
174 |
- |
|
175 |
-.. option:: -S, --su |
|
176 |
- |
|
177 |
- run operations with su (deprecated, use become) |
|
178 |
- |
|
179 |
- |
|
180 |
-.. option:: -T <TIMEOUT>, --timeout <TIMEOUT> |
|
181 |
- |
|
182 |
- override the connection timeout in seconds (default=10) |
|
183 |
- |
|
184 |
- |
|
185 |
-.. option:: -U <SUDO_USER>, --sudo-user <SUDO_USER> |
|
186 |
- |
|
187 |
- desired sudo user (default=root) (deprecated, use become) |
|
188 |
- |
|
189 |
- |
|
190 |
-.. option:: -b, --become |
|
191 |
- |
|
192 |
- run operations with become (does not imply password prompting) |
|
193 |
- |
|
194 |
- |
|
195 |
-.. option:: -c <CONNECTION>, --connection <CONNECTION> |
|
196 |
- |
|
197 |
- connection type to use (default=smart) |
|
198 |
- |
|
199 |
- |
|
200 |
-.. option:: -e, --extra-vars |
|
201 |
- |
|
202 |
- set additional variables as key=value or YAML/JSON, if filename prepend with @ |
|
203 |
- |
|
204 |
- |
|
205 |
-.. option:: -f <FORKS>, --forks <FORKS> |
|
206 |
- |
|
207 |
- specify number of parallel processes to use (default=5) |
|
208 |
- |
|
209 |
- |
|
210 |
-.. option:: -h, --help |
|
211 |
- |
|
212 |
- show this help message and exit |
|
213 |
- |
|
214 |
- |
|
215 |
-.. option:: -i, --inventory, --inventory-file |
|
216 |
- |
|
217 |
- specify inventory host path or comma separated host list. --inventory-file is deprecated |
|
218 |
- |
|
219 |
- |
|
220 |
-.. option:: -k, --ask-pass |
|
221 |
- |
|
222 |
- ask for connection password |
|
223 |
- |
|
224 |
- |
|
225 |
-.. option:: -l <SUBSET>, --limit <SUBSET> |
|
226 |
- |
|
227 |
- further limit selected hosts to an additional pattern |
|
228 |
- |
|
229 |
- |
|
230 |
-.. option:: -s, --sudo |
|
231 |
- |
|
232 |
- run operations with sudo (nopasswd) (deprecated, use become) |
|
233 |
- |
|
234 |
- |
|
235 |
-.. option:: -t, --tags |
|
236 |
- |
|
237 |
- only run plays and tasks tagged with these values |
|
238 |
- |
|
239 |
- |
|
240 |
-.. option:: -u <REMOTE_USER>, --user <REMOTE_USER> |
|
241 |
- |
|
242 |
- connect as this user (default=None) |
|
243 |
- |
|
244 |
- |
|
245 |
-.. option:: -v, --verbose |
|
246 |
- |
|
247 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
248 |
- |
|
249 |
- |
|
250 |
- |
|
251 |
- |
|
252 |
- |
|
253 |
- |
|
254 |
- |
|
255 |
-Environment |
|
256 |
-=========== |
|
257 |
- |
|
258 |
-The following environment variables may be specified. |
|
259 |
- |
|
260 |
- |
|
261 |
- |
|
262 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
263 |
- |
|
264 |
-Many more are available for most options in ansible.cfg |
|
265 |
- |
|
266 |
- |
|
267 |
-Files |
|
268 |
-===== |
|
269 |
- |
|
270 |
- |
|
271 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
272 |
- |
|
273 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
274 |
- |
|
275 |
-Author |
|
276 |
-====== |
|
277 |
- |
|
278 |
-Ansible was originally written by Michael DeHaan. |
|
279 |
- |
|
280 |
-See the `AUTHORS` file for a complete list of contributors. |
|
281 |
- |
|
282 |
- |
|
283 |
-Copyright |
|
284 |
-========= |
|
285 |
- |
|
286 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
287 |
- |
|
288 |
-Ansible is released under the terms of the GPLv3 License. |
|
289 |
- |
|
290 |
-See also |
|
291 |
-======== |
|
292 |
- |
|
293 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
294 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,285 +0,0 @@ |
1 |
-.. _ansible-pull: |
|
2 |
- |
|
3 |
-============ |
|
4 |
-ansible-pull |
|
5 |
-============ |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`pulls playbooks from a VCS repo and executes them for the local host` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-pull |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-pull -U <repository> [options] [<playbook.yml>] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-is used to up a remote copy of ansible on each managed node, |
|
31 |
-each set to run via cron and update playbook source via a source repository. |
|
32 |
-This inverts the default *push* architecture of ansible into a *pull* architecture, |
|
33 |
-which has near-limitless scaling potential. |
|
34 |
- |
|
35 |
-The setup playbook can be tuned to change the cron frequency, logging locations, and parameters to ansible-pull. |
|
36 |
-This is useful both for extreme scale-out as well as periodic remediation. |
|
37 |
-Usage of the 'fetch' module to retrieve logs from ansible-pull runs would be an |
|
38 |
-excellent way to gather and analyze remote logs from ansible-pull. |
|
39 |
- |
|
40 |
- |
|
41 |
-Common Options |
|
42 |
-============== |
|
43 |
- |
|
44 |
- |
|
45 |
- |
|
46 |
- |
|
47 |
-.. option:: --accept-host-key |
|
48 |
- |
|
49 |
- adds the hostkey for the repo url if not already added |
|
50 |
- |
|
51 |
- |
|
52 |
-.. option:: --ask-su-pass |
|
53 |
- |
|
54 |
- ask for su password (deprecated, use become) |
|
55 |
- |
|
56 |
- |
|
57 |
-.. option:: --ask-sudo-pass |
|
58 |
- |
|
59 |
- ask for sudo password (deprecated, use become) |
|
60 |
- |
|
61 |
- |
|
62 |
-.. option:: --ask-vault-pass |
|
63 |
- |
|
64 |
- ask for vault password |
|
65 |
- |
|
66 |
- |
|
67 |
-.. option:: --check |
|
68 |
- |
|
69 |
- don't make any changes; instead, try to predict some of the changes that may occur |
|
70 |
- |
|
71 |
- |
|
72 |
-.. option:: --clean |
|
73 |
- |
|
74 |
- modified files in the working repository will be discarded |
|
75 |
- |
|
76 |
- |
|
77 |
-.. option:: --full |
|
78 |
- |
|
79 |
- Do a full clone, instead of a shallow one. |
|
80 |
- |
|
81 |
- |
|
82 |
-.. option:: --list-hosts |
|
83 |
- |
|
84 |
- outputs a list of matching hosts; does not execute anything else |
|
85 |
- |
|
86 |
- |
|
87 |
-.. option:: --private-key, --key-file |
|
88 |
- |
|
89 |
- use this file to authenticate the connection |
|
90 |
- |
|
91 |
- |
|
92 |
-.. option:: --purge |
|
93 |
- |
|
94 |
- purge checkout after playbook run |
|
95 |
- |
|
96 |
- |
|
97 |
-.. option:: --scp-extra-args <SCP_EXTRA_ARGS> |
|
98 |
- |
|
99 |
- specify extra arguments to pass to scp only (e.g. -l) |
|
100 |
- |
|
101 |
- |
|
102 |
-.. option:: --sftp-extra-args <SFTP_EXTRA_ARGS> |
|
103 |
- |
|
104 |
- specify extra arguments to pass to sftp only (e.g. -f, -l) |
|
105 |
- |
|
106 |
- |
|
107 |
-.. option:: --skip-tags |
|
108 |
- |
|
109 |
- only run plays and tasks whose tags do not match these values |
|
110 |
- |
|
111 |
- |
|
112 |
-.. option:: --ssh-common-args <SSH_COMMON_ARGS> |
|
113 |
- |
|
114 |
- specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) |
|
115 |
- |
|
116 |
- |
|
117 |
-.. option:: --ssh-extra-args <SSH_EXTRA_ARGS> |
|
118 |
- |
|
119 |
- specify extra arguments to pass to ssh only (e.g. -R) |
|
120 |
- |
|
121 |
- |
|
122 |
-.. option:: --track-subs |
|
123 |
- |
|
124 |
- submodules will track the latest changes. This is equivalent to specifying the --remote flag to git submodule update |
|
125 |
- |
|
126 |
- |
|
127 |
-.. option:: --vault-id |
|
128 |
- |
|
129 |
- the vault identity to use |
|
130 |
- |
|
131 |
- |
|
132 |
-.. option:: --vault-password-file |
|
133 |
- |
|
134 |
- vault password file |
|
135 |
- |
|
136 |
- |
|
137 |
-.. option:: --verify-commit |
|
138 |
- |
|
139 |
- verify GPG signature of checked out commit, if it fails abort running the playbook. This needs the corresponding VCS module to support such an operation |
|
140 |
- |
|
141 |
- |
|
142 |
-.. option:: --version |
|
143 |
- |
|
144 |
- show program's version number and exit |
|
145 |
- |
|
146 |
- |
|
147 |
-.. option:: -C <CHECKOUT>, --checkout <CHECKOUT> |
|
148 |
- |
|
149 |
- branch/tag/commit to checkout. Defaults to behavior of repository module. |
|
150 |
- |
|
151 |
- |
|
152 |
-.. option:: -K, --ask-become-pass |
|
153 |
- |
|
154 |
- ask for privilege escalation password |
|
155 |
- |
|
156 |
- |
|
157 |
-.. option:: -M, --module-path |
|
158 |
- |
|
159 |
- prepend colon-separated path(s) to module library (default=[u'/Users/sbutler/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) |
|
160 |
- |
|
161 |
- |
|
162 |
-.. option:: -T <TIMEOUT>, --timeout <TIMEOUT> |
|
163 |
- |
|
164 |
- override the connection timeout in seconds (default=10) |
|
165 |
- |
|
166 |
- |
|
167 |
-.. option:: -U <URL>, --url <URL> |
|
168 |
- |
|
169 |
- URL of the playbook repository |
|
170 |
- |
|
171 |
- |
|
172 |
-.. option:: -c <CONNECTION>, --connection <CONNECTION> |
|
173 |
- |
|
174 |
- connection type to use (default=smart) |
|
175 |
- |
|
176 |
- |
|
177 |
-.. option:: -d <DEST>, --directory <DEST> |
|
178 |
- |
|
179 |
- directory to checkout repository to |
|
180 |
- |
|
181 |
- |
|
182 |
-.. option:: -e, --extra-vars |
|
183 |
- |
|
184 |
- set additional variables as key=value or YAML/JSON, if filename prepend with @ |
|
185 |
- |
|
186 |
- |
|
187 |
-.. option:: -f, --force |
|
188 |
- |
|
189 |
- run the playbook even if the repository could not be updated |
|
190 |
- |
|
191 |
- |
|
192 |
-.. option:: -h, --help |
|
193 |
- |
|
194 |
- show this help message and exit |
|
195 |
- |
|
196 |
- |
|
197 |
-.. option:: -i, --inventory, --inventory-file |
|
198 |
- |
|
199 |
- specify inventory host path or comma separated host list. --inventory-file is deprecated |
|
200 |
- |
|
201 |
- |
|
202 |
-.. option:: -k, --ask-pass |
|
203 |
- |
|
204 |
- ask for connection password |
|
205 |
- |
|
206 |
- |
|
207 |
-.. option:: -l <SUBSET>, --limit <SUBSET> |
|
208 |
- |
|
209 |
- further limit selected hosts to an additional pattern |
|
210 |
- |
|
211 |
- |
|
212 |
-.. option:: -m <MODULE_NAME>, --module-name <MODULE_NAME> |
|
213 |
- |
|
214 |
- Repository module name, which ansible will use to check out the repo. Choices are ('git', 'subversion', 'hg', 'bzr'). Default is git. |
|
215 |
- |
|
216 |
- |
|
217 |
-.. option:: -o, --only-if-changed |
|
218 |
- |
|
219 |
- only run the playbook if the repository has been updated |
|
220 |
- |
|
221 |
- |
|
222 |
-.. option:: -s <SLEEP>, --sleep <SLEEP> |
|
223 |
- |
|
224 |
- sleep for random interval (between 0 and n number of seconds) before starting. This is a useful way to disperse git requests |
|
225 |
- |
|
226 |
- |
|
227 |
-.. option:: -t, --tags |
|
228 |
- |
|
229 |
- only run plays and tasks tagged with these values |
|
230 |
- |
|
231 |
- |
|
232 |
-.. option:: -u <REMOTE_USER>, --user <REMOTE_USER> |
|
233 |
- |
|
234 |
- connect as this user (default=None) |
|
235 |
- |
|
236 |
- |
|
237 |
-.. option:: -v, --verbose |
|
238 |
- |
|
239 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
240 |
- |
|
241 |
- |
|
242 |
- |
|
243 |
- |
|
244 |
- |
|
245 |
- |
|
246 |
- |
|
247 |
-Environment |
|
248 |
-=========== |
|
249 |
- |
|
250 |
-The following environment variables may be specified. |
|
251 |
- |
|
252 |
- |
|
253 |
- |
|
254 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
255 |
- |
|
256 |
-Many more are available for most options in ansible.cfg |
|
257 |
- |
|
258 |
- |
|
259 |
-Files |
|
260 |
-===== |
|
261 |
- |
|
262 |
- |
|
263 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
264 |
- |
|
265 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
266 |
- |
|
267 |
-Author |
|
268 |
-====== |
|
269 |
- |
|
270 |
-Ansible was originally written by Michael DeHaan. |
|
271 |
- |
|
272 |
-See the `AUTHORS` file for a complete list of contributors. |
|
273 |
- |
|
274 |
- |
|
275 |
-Copyright |
|
276 |
-========= |
|
277 |
- |
|
278 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
279 |
- |
|
280 |
-Ansible is released under the terms of the GPLv3 License. |
|
281 |
- |
|
282 |
-See also |
|
283 |
-======== |
|
284 |
- |
|
285 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
286 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,281 +0,0 @@ |
1 |
-.. _ansible-vault: |
|
2 |
- |
|
3 |
-============= |
|
4 |
-ansible-vault |
|
5 |
-============= |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`encryption/decryption utility for Ansible data files` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible-vault |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible-vault [create|decrypt|edit|encrypt|encrypt_string|rekey|view] [options] [vaultfile.yml] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-can encrypt any structured data file used by Ansible. |
|
31 |
-This can include *group_vars/* or *host_vars/* inventory variables, |
|
32 |
-variables loaded by *include_vars* or *vars_files*, or variable files |
|
33 |
-passed on the ansible-playbook command line with *-e @file.yml* or *-e @file.json*. |
|
34 |
-Role variables and defaults are also included! |
|
35 |
- |
|
36 |
-Because Ansible tasks, handlers, and other objects are data, these can also be encrypted with vault. |
|
37 |
-If you'd like to not expose what variables you are using, you can keep an individual task file entirely encrypted. |
|
38 |
- |
|
39 |
-The password used with vault currently must be the same for all files you wish to use together at the same time. |
|
40 |
- |
|
41 |
- |
|
42 |
-Common Options |
|
43 |
-============== |
|
44 |
- |
|
45 |
- |
|
46 |
- |
|
47 |
- |
|
48 |
-.. option:: --ask-vault-pass |
|
49 |
- |
|
50 |
- ask for vault password |
|
51 |
- |
|
52 |
- |
|
53 |
-.. option:: --new-vault-id <NEW_VAULT_ID> |
|
54 |
- |
|
55 |
- the new vault identity to use for rekey |
|
56 |
- |
|
57 |
- |
|
58 |
-.. option:: --new-vault-password-file |
|
59 |
- |
|
60 |
- new vault password file for rekey |
|
61 |
- |
|
62 |
- |
|
63 |
-.. option:: --vault-id |
|
64 |
- |
|
65 |
- the vault identity to use |
|
66 |
- |
|
67 |
- |
|
68 |
-.. option:: --vault-password-file |
|
69 |
- |
|
70 |
- vault password file |
|
71 |
- |
|
72 |
- |
|
73 |
-.. option:: --version |
|
74 |
- |
|
75 |
- show program's version number and exit |
|
76 |
- |
|
77 |
- |
|
78 |
-.. option:: -h, --help |
|
79 |
- |
|
80 |
- show this help message and exit |
|
81 |
- |
|
82 |
- |
|
83 |
-.. option:: -v, --verbose |
|
84 |
- |
|
85 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
86 |
- |
|
87 |
- |
|
88 |
- |
|
89 |
- |
|
90 |
- |
|
91 |
- |
|
92 |
-Actions |
|
93 |
-======= |
|
94 |
- |
|
95 |
- |
|
96 |
- |
|
97 |
-.. program:: ansible-vault encrypt |
|
98 |
-.. _ansible_vault_encrypt: |
|
99 |
- |
|
100 |
-encrypt |
|
101 |
- |
|
102 |
-encrypt the supplied file using the provided vault secret |
|
103 |
- |
|
104 |
- |
|
105 |
- |
|
106 |
- |
|
107 |
- |
|
108 |
-.. option:: --encrypt-vault-id <ENCRYPT_VAULT_ID> |
|
109 |
- |
|
110 |
- the vault id used to encrypt (required if more than vault-id is provided) |
|
111 |
- |
|
112 |
-.. option:: --output |
|
113 |
- |
|
114 |
- output file name for encrypt or decrypt; use - for stdout |
|
115 |
- |
|
116 |
- |
|
117 |
- |
|
118 |
- |
|
119 |
- |
|
120 |
-.. program:: ansible-vault rekey |
|
121 |
-.. _ansible_vault_rekey: |
|
122 |
- |
|
123 |
-rekey |
|
124 |
- |
|
125 |
-re-encrypt a vaulted file with a new secret, the previous secret is required |
|
126 |
- |
|
127 |
- |
|
128 |
- |
|
129 |
- |
|
130 |
- |
|
131 |
-.. option:: --encrypt-vault-id <ENCRYPT_VAULT_ID> |
|
132 |
- |
|
133 |
- the vault id used to encrypt (required if more than vault-id is provided) |
|
134 |
- |
|
135 |
- |
|
136 |
- |
|
137 |
- |
|
138 |
- |
|
139 |
-.. program:: ansible-vault encrypt_string |
|
140 |
-.. _ansible_vault_encrypt_string: |
|
141 |
- |
|
142 |
-encrypt_string |
|
143 |
- |
|
144 |
-encrypt the supplied string using the provided vault secret |
|
145 |
- |
|
146 |
- |
|
147 |
- |
|
148 |
- |
|
149 |
- |
|
150 |
-.. option:: --encrypt-vault-id <ENCRYPT_VAULT_ID> |
|
151 |
- |
|
152 |
- the vault id used to encrypt (required if more than vault-id is provided) |
|
153 |
- |
|
154 |
-.. option:: --output |
|
155 |
- |
|
156 |
- output file name for encrypt or decrypt; use - for stdout |
|
157 |
- |
|
158 |
-.. option:: --stdin-name <ENCRYPT_STRING_STDIN_NAME> |
|
159 |
- |
|
160 |
- Specify the variable name for stdin |
|
161 |
- |
|
162 |
-.. option:: -n , --name |
|
163 |
- |
|
164 |
- Specify the variable name |
|
165 |
- |
|
166 |
-.. option:: -p , --prompt |
|
167 |
- |
|
168 |
- Prompt for the string to encrypt |
|
169 |
- |
|
170 |
- |
|
171 |
- |
|
172 |
- |
|
173 |
- |
|
174 |
-.. program:: ansible-vault edit |
|
175 |
-.. _ansible_vault_edit: |
|
176 |
- |
|
177 |
-edit |
|
178 |
- |
|
179 |
-open and decrypt an existing vaulted file in an editor, that will be encryped again when closed |
|
180 |
- |
|
181 |
- |
|
182 |
- |
|
183 |
- |
|
184 |
- |
|
185 |
-.. program:: ansible-vault create |
|
186 |
-.. _ansible_vault_create: |
|
187 |
- |
|
188 |
-create |
|
189 |
- |
|
190 |
-create and open a file in an editor that will be encryped with the provided vault secret when closed |
|
191 |
- |
|
192 |
- |
|
193 |
- |
|
194 |
- |
|
195 |
- |
|
196 |
-.. option:: --encrypt-vault-id <ENCRYPT_VAULT_ID> |
|
197 |
- |
|
198 |
- the vault id used to encrypt (required if more than vault-id is provided) |
|
199 |
- |
|
200 |
- |
|
201 |
- |
|
202 |
- |
|
203 |
- |
|
204 |
-.. program:: ansible-vault decrypt |
|
205 |
-.. _ansible_vault_decrypt: |
|
206 |
- |
|
207 |
-decrypt |
|
208 |
- |
|
209 |
-decrypt the supplied file using the provided vault secret |
|
210 |
- |
|
211 |
- |
|
212 |
- |
|
213 |
- |
|
214 |
- |
|
215 |
-.. option:: --output |
|
216 |
- |
|
217 |
- output file name for encrypt or decrypt; use - for stdout |
|
218 |
- |
|
219 |
- |
|
220 |
- |
|
221 |
- |
|
222 |
- |
|
223 |
-.. program:: ansible-vault view |
|
224 |
-.. _ansible_vault_view: |
|
225 |
- |
|
226 |
-view |
|
227 |
- |
|
228 |
-open, decrypt and view an existing vaulted file using a pager using the supplied vault secret |
|
229 |
- |
|
230 |
- |
|
231 |
- |
|
232 |
- |
|
233 |
-.. program:: ansible-vault |
|
234 |
- |
|
235 |
- |
|
236 |
-Environment |
|
237 |
-=========== |
|
238 |
- |
|
239 |
-The following environment variables may be specified. |
|
240 |
- |
|
241 |
- |
|
242 |
- |
|
243 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
244 |
- |
|
245 |
-Many more are available for most options in ansible.cfg |
|
246 |
- |
|
247 |
- |
|
248 |
-Files |
|
249 |
-===== |
|
250 |
- |
|
251 |
- |
|
252 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
253 |
- |
|
254 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
255 |
- |
|
256 |
-Author |
|
257 |
-====== |
|
258 |
- |
|
259 |
-Ansible was originally written by Michael DeHaan. |
|
260 |
- |
|
261 |
-See the `AUTHORS` file for a complete list of contributors. |
|
262 |
- |
|
263 |
- |
|
264 |
-Copyright |
|
265 |
-========= |
|
266 |
- |
|
267 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
268 |
- |
|
269 |
-Ansible is released under the terms of the GPLv3 License. |
|
270 |
- |
|
271 |
-See also |
|
272 |
-======== |
|
273 |
- |
|
274 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
275 | 1 |
deleted file mode 100644 |
... | ... |
@@ -1,288 +0,0 @@ |
1 |
-.. _ansible: |
|
2 |
- |
|
3 |
-======= |
|
4 |
-ansible |
|
5 |
-======= |
|
6 |
- |
|
7 |
- |
|
8 |
-:strong:`Define and run a single task 'playbook' against a set of hosts` |
|
9 |
- |
|
10 |
- |
|
11 |
-.. contents:: |
|
12 |
- :local: |
|
13 |
- :depth: 2 |
|
14 |
- |
|
15 |
- |
|
16 |
-.. program:: ansible |
|
17 |
- |
|
18 |
-Synopsis |
|
19 |
-======== |
|
20 |
- |
|
21 |
-.. code-block:: bash |
|
22 |
- |
|
23 |
- ansible <host-pattern> [options] |
|
24 |
- |
|
25 |
- |
|
26 |
-Description |
|
27 |
-=========== |
|
28 |
- |
|
29 |
- |
|
30 |
-is an extra-simple tool/framework/API for doing 'remote things'. |
|
31 |
-this command allows you to define and run a single task 'playbook' against a set of hosts |
|
32 |
- |
|
33 |
- |
|
34 |
-Common Options |
|
35 |
-============== |
|
36 |
- |
|
37 |
- |
|
38 |
- |
|
39 |
- |
|
40 |
-.. option:: --ask-su-pass |
|
41 |
- |
|
42 |
- ask for su password (deprecated, use become) |
|
43 |
- |
|
44 |
- |
|
45 |
-.. option:: --ask-sudo-pass |
|
46 |
- |
|
47 |
- ask for sudo password (deprecated, use become) |
|
48 |
- |
|
49 |
- |
|
50 |
-.. option:: --ask-vault-pass |
|
51 |
- |
|
52 |
- ask for vault password |
|
53 |
- |
|
54 |
- |
|
55 |
-.. option:: --become-method <BECOME_METHOD> |
|
56 |
- |
|
57 |
- privilege escalation method to use (default=sudo), valid choices: [ sudo | su | pbrun | pfexec | doas | dzdo | ksu | runas | pmrun | enable ] |
|
58 |
- |
|
59 |
- |
|
60 |
-.. option:: --become-user <BECOME_USER> |
|
61 |
- |
|
62 |
- run operations as this user (default=root) |
|
63 |
- |
|
64 |
- |
|
65 |
-.. option:: --list-hosts |
|
66 |
- |
|
67 |
- outputs a list of matching hosts; does not execute anything else |
|
68 |
- |
|
69 |
- |
|
70 |
-.. option:: --playbook-dir <BASEDIR> |
|
71 |
- |
|
72 |
- Since this tool does not use playbooks, use this as a subsitute playbook directory.This sets the relative path for many features including roles/ group_vars/ etc. |
|
73 |
- |
|
74 |
- |
|
75 |
-.. option:: --private-key, --key-file |
|
76 |
- |
|
77 |
- use this file to authenticate the connection |
|
78 |
- |
|
79 |
- |
|
80 |
-.. option:: --scp-extra-args <SCP_EXTRA_ARGS> |
|
81 |
- |
|
82 |
- specify extra arguments to pass to scp only (e.g. -l) |
|
83 |
- |
|
84 |
- |
|
85 |
-.. option:: --sftp-extra-args <SFTP_EXTRA_ARGS> |
|
86 |
- |
|
87 |
- specify extra arguments to pass to sftp only (e.g. -f, -l) |
|
88 |
- |
|
89 |
- |
|
90 |
-.. option:: --ssh-common-args <SSH_COMMON_ARGS> |
|
91 |
- |
|
92 |
- specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) |
|
93 |
- |
|
94 |
- |
|
95 |
-.. option:: --ssh-extra-args <SSH_EXTRA_ARGS> |
|
96 |
- |
|
97 |
- specify extra arguments to pass to ssh only (e.g. -R) |
|
98 |
- |
|
99 |
- |
|
100 |
-.. option:: --syntax-check |
|
101 |
- |
|
102 |
- perform a syntax check on the playbook, but do not execute it |
|
103 |
- |
|
104 |
- |
|
105 |
-.. option:: --vault-id |
|
106 |
- |
|
107 |
- the vault identity to use |
|
108 |
- |
|
109 |
- |
|
110 |
-.. option:: --vault-password-file |
|
111 |
- |
|
112 |
- vault password file |
|
113 |
- |
|
114 |
- |
|
115 |
-.. option:: --version |
|
116 |
- |
|
117 |
- show program's version number and exit |
|
118 |
- |
|
119 |
- |
|
120 |
-.. option:: -B <SECONDS>, --background <SECONDS> |
|
121 |
- |
|
122 |
- run asynchronously, failing after X seconds (default=N/A) |
|
123 |
- |
|
124 |
- |
|
125 |
-.. option:: -C, --check |
|
126 |
- |
|
127 |
- don't make any changes; instead, try to predict some of the changes that may occur |
|
128 |
- |
|
129 |
- |
|
130 |
-.. option:: -D, --diff |
|
131 |
- |
|
132 |
- when changing (small) files and templates, show the differences in those files; works great with --check |
|
133 |
- |
|
134 |
- |
|
135 |
-.. option:: -K, --ask-become-pass |
|
136 |
- |
|
137 |
- ask for privilege escalation password |
|
138 |
- |
|
139 |
- |
|
140 |
-.. option:: -M, --module-path |
|
141 |
- |
|
142 |
- prepend colon-separated path(s) to module library (default=[u'/Users/sbutler/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']) |
|
143 |
- |
|
144 |
- |
|
145 |
-.. option:: -P <POLL_INTERVAL>, --poll <POLL_INTERVAL> |
|
146 |
- |
|
147 |
- set the poll interval if using -B (default=15) |
|
148 |
- |
|
149 |
- |
|
150 |
-.. option:: -R <SU_USER>, --su-user <SU_USER> |
|
151 |
- |
|
152 |
- run operations with su as this user (default=None) (deprecated, use become) |
|
153 |
- |
|
154 |
- |
|
155 |
-.. option:: -S, --su |
|
156 |
- |
|
157 |
- run operations with su (deprecated, use become) |
|
158 |
- |
|
159 |
- |
|
160 |
-.. option:: -T <TIMEOUT>, --timeout <TIMEOUT> |
|
161 |
- |
|
162 |
- override the connection timeout in seconds (default=10) |
|
163 |
- |
|
164 |
- |
|
165 |
-.. option:: -U <SUDO_USER>, --sudo-user <SUDO_USER> |
|
166 |
- |
|
167 |
- desired sudo user (default=root) (deprecated, use become) |
|
168 |
- |
|
169 |
- |
|
170 |
-.. option:: -a <MODULE_ARGS>, --args <MODULE_ARGS> |
|
171 |
- |
|
172 |
- module arguments |
|
173 |
- |
|
174 |
- |
|
175 |
-.. option:: -b, --become |
|
176 |
- |
|
177 |
- run operations with become (does not imply password prompting) |
|
178 |
- |
|
179 |
- |
|
180 |
-.. option:: -c <CONNECTION>, --connection <CONNECTION> |
|
181 |
- |
|
182 |
- connection type to use (default=smart) |
|
183 |
- |
|
184 |
- |
|
185 |
-.. option:: -e, --extra-vars |
|
186 |
- |
|
187 |
- set additional variables as key=value or YAML/JSON, if filename prepend with @ |
|
188 |
- |
|
189 |
- |
|
190 |
-.. option:: -f <FORKS>, --forks <FORKS> |
|
191 |
- |
|
192 |
- specify number of parallel processes to use (default=5) |
|
193 |
- |
|
194 |
- |
|
195 |
-.. option:: -h, --help |
|
196 |
- |
|
197 |
- show this help message and exit |
|
198 |
- |
|
199 |
- |
|
200 |
-.. option:: -i, --inventory, --inventory-file |
|
201 |
- |
|
202 |
- specify inventory host path or comma separated host list. --inventory-file is deprecated |
|
203 |
- |
|
204 |
- |
|
205 |
-.. option:: -k, --ask-pass |
|
206 |
- |
|
207 |
- ask for connection password |
|
208 |
- |
|
209 |
- |
|
210 |
-.. option:: -l <SUBSET>, --limit <SUBSET> |
|
211 |
- |
|
212 |
- further limit selected hosts to an additional pattern |
|
213 |
- |
|
214 |
- |
|
215 |
-.. option:: -m <MODULE_NAME>, --module-name <MODULE_NAME> |
|
216 |
- |
|
217 |
- module name to execute (default=command) |
|
218 |
- |
|
219 |
- |
|
220 |
-.. option:: -o, --one-line |
|
221 |
- |
|
222 |
- condense output |
|
223 |
- |
|
224 |
- |
|
225 |
-.. option:: -s, --sudo |
|
226 |
- |
|
227 |
- run operations with sudo (nopasswd) (deprecated, use become) |
|
228 |
- |
|
229 |
- |
|
230 |
-.. option:: -t <TREE>, --tree <TREE> |
|
231 |
- |
|
232 |
- log output to this directory |
|
233 |
- |
|
234 |
- |
|
235 |
-.. option:: -u <REMOTE_USER>, --user <REMOTE_USER> |
|
236 |
- |
|
237 |
- connect as this user (default=None) |
|
238 |
- |
|
239 |
- |
|
240 |
-.. option:: -v, --verbose |
|
241 |
- |
|
242 |
- verbose mode (-vvv for more, -vvvv to enable connection debugging) |
|
243 |
- |
|
244 |
- |
|
245 |
- |
|
246 |
- |
|
247 |
- |
|
248 |
- |
|
249 |
- |
|
250 |
-Environment |
|
251 |
-=========== |
|
252 |
- |
|
253 |
-The following environment variables may be specified. |
|
254 |
- |
|
255 |
- |
|
256 |
- |
|
257 |
-:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file |
|
258 |
- |
|
259 |
-Many more are available for most options in ansible.cfg |
|
260 |
- |
|
261 |
- |
|
262 |
-Files |
|
263 |
-===== |
|
264 |
- |
|
265 |
- |
|
266 |
-:file:`/etc/ansible/ansible.cfg` -- Config file, used if present |
|
267 |
- |
|
268 |
-:file:`~/.ansible.cfg` -- User config file, overrides the default config if present |
|
269 |
- |
|
270 |
-Author |
|
271 |
-====== |
|
272 |
- |
|
273 |
-Ansible was originally written by Michael DeHaan. |
|
274 |
- |
|
275 |
-See the `AUTHORS` file for a complete list of contributors. |
|
276 |
- |
|
277 |
- |
|
278 |
-Copyright |
|
279 |
-========= |
|
280 |
- |
|
281 |
-Copyright © 2017 Red Hat, Inc | Ansible. |
|
282 |
- |
|
283 |
-Ansible is released under the terms of the GPLv3 License. |
|
284 |
- |
|
285 |
-See also |
|
286 |
-======== |
|
287 |
- |
|
288 |
-:manpage:`ansible(1)`, :manpage:`ansible-config(1)`, :manpage:`ansible-console(1)`, :manpage:`ansible-doc(1)`, :manpage:`ansible-galaxy(1)`, :manpage:`ansible-inventory(1)`, :manpage:`ansible-playbook(1)`, :manpage:`ansible-pull(1)`, :manpage:`ansible-vault(1)`, |
... | ... |
@@ -7,13 +7,13 @@ Below is a complete list of Ansible utilities. Each page contains a description |
7 | 7 |
.. toctree:: |
8 | 8 |
:maxdepth: 1 |
9 | 9 |
|
10 |
- ansible.rst |
|
11 |
- ansible-config.rst |
|
12 |
- ansible-console.rst |
|
13 |
- ansible-doc.rst |
|
14 |
- ansible-galaxy.rst |
|
15 |
- ansible-inventory.rst |
|
16 |
- ansible-playbook.rst |
|
17 |
- ansible-pull.rst |
|
18 |
- ansible-vault.rst |
|
10 |
+ ../cli/ansible.rst |
|
11 |
+ ../cli/ansible-config.rst |
|
12 |
+ ../cli/ansible-console.rst |
|
13 |
+ ../cli/ansible-doc.rst |
|
14 |
+ ../cli/ansible-galaxy.rst |
|
15 |
+ ../cli/ansible-inventory.rst |
|
16 |
+ ../cli/ansible-playbook.rst |
|
17 |
+ ../cli/ansible-pull.rst |
|
18 |
+ ../cli/ansible-vault.rst |
|
19 | 19 |
|
20 | 20 |
\ No newline at end of file |