ansible 配置文件设置

ansible 配置文件设置

一、ansible configuration settings

ansible支持多种形式,对它进行配置,其中包括命令行配置、配置文件配置(ansible.cfg)、直接修改linux环境变量、以及playbook中使用变量去修改ansible配置。总共4种表现形式。

二、ansible 配置文件查找顺序(从上到下,依次查找)

  1. ANSIBLE_CONFIG用来设置配置文件所在位置
  2. ansible.cfg (在当前执行命令的目录下,是否有ansible.cfg)
  3. ~/.ansible.cfg(查找家目录下是否有.ansible.cfg文件)
  4. /etc/ansible/ansible.cfg(查找etc下面是否有ansible.cfg配置文件)

ansible 将使用第一个查找到的配置文件,其他的将被忽略。

ansible配置文件使用 #;来进行注释;如果是内联注释,只允许使用 ;

# some basic default values...
inventory = /etc/ansible/hosts  ; This points to the file that lists your hosts

三、附录ansible配置参数

官网所有可配置参数:

https://docs.ansible.com/ansible/latest/reference_appendices/config.html

ACTION_WARNINGS:
  default: true
  description: [By default Ansible will issue a warning when received from a task
      action (module or action plugin), These warnings can be silenced by adjusting
      this setting to False.]
  env:
  - {name: ANSIBLE_ACTION_WARNINGS}
  ini:
  - {key: action_warnings, section: defaults}
  name: Toggle action warnings
  type: boolean
  version_added: '2.5'
AGNOSTIC_BECOME_PROMPT:
  default: true
  description: Display an agnostic become prompt instead of displaying a prompt containing
    the command line supplied become method
  env:
  - {name: ANSIBLE_AGNOSTIC_BECOME_PROMPT}
  ini:
  - {key: agnostic_become_prompt, section: privilege_escalation}
  name: Display an agnostic become prompt
  type: boolean
  version_added: '2.5'
  yaml: {key: privilege_escalation.agnostic_become_prompt}
ALLOW_WORLD_READABLE_TMPFILES:
  default: false
  description: [This makes the temporary files created on the machine to be world
      readable and will issue a warning instead of failing the task., It is useful
      when becoming an unprivileged user.]
  env: []
  ini:
  - {key: allow_world_readable_tmpfiles, section: defaults}
  name: Allow world readable temporary files
  type: boolean
  version_added: '2.1'
  yaml: {key: defaults.allow_world_readable_tmpfiles}
ANSIBLE_CONNECTION_PATH:
  default: null
  description: [Specify where to look for the ansible-connection script. This location
      will be checked before searching $PATH., 'If null, ansible will start with the
      same directory as the ansible script.']
  env:
  - {name: ANSIBLE_CONNECTION_PATH}
  ini:
  - {key: ansible_connection_path, section: persistent_connection}
  name: Path of ansible-connection script
  type: path
  version_added: '2.8'
  yaml: {key: persistent_connection.ansible_connection_path}
ANSIBLE_COW_PATH:
  default: null
  description: Specify a custom cowsay path or swap in your cowsay implementation
    of choice
  env:
  - {name: ANSIBLE_COW_PATH}
  ini:
  - {key: cowpath, section: defaults}
  name: Set path to cowsay command
  type: string
  yaml: {key: display.cowpath}
ANSIBLE_COW_SELECTION:
  default: default
  description: This allows you to chose a specific cowsay stencil for the banners
    or use 'random' to cycle through them.
  env:
  - {name: ANSIBLE_COW_SELECTION}
  ini:
  - {key: cow_selection, section: defaults}
  name: Cowsay filter selection
ANSIBLE_COW_WHITELIST:
  default: [bud-frogs, bunny, cheese, daemon, default, dragon, elephant-in-snake,
    elephant, eyes, hellokitty, kitty, luke-koala, meow, milk, moofasa, moose, ren,
    sheep, small, stegosaurus, stimpy, supermilker, three-eyes, turkey, turtle, tux,
    udder, vader-koala, vader, www]
  description: White list of cowsay templates that are 'safe' to use, set to empty
    list if you want to enable all installed templates.
  env:
  - {name: ANSIBLE_COW_WHITELIST}
  ini:
  - {key: cow_whitelist, section: defaults}
  name: Cowsay filter whitelist
  type: list
  yaml: {key: display.cowsay_whitelist}
ANSIBLE_FORCE_COLOR:
  default: false
  description: This options forces color mode even when running without a TTY or the
    "nocolor" setting is True.
  env:
  - {name: ANSIBLE_FORCE_COLOR}
  ini:
  - {key: force_color, section: defaults}
  name: Force color output
  type: boolean
  yaml: {key: display.force_color}
ANSIBLE_NOCOLOR:
  default: false
  description: This setting allows suppressing colorizing output, which is used to
    give a better indication of failure and status information.
  env:
  - {name: ANSIBLE_NOCOLOR}
  ini:
  - {key: nocolor, section: defaults}
  name: Suppress color output
  type: boolean
  yaml: {key: display.nocolor}
ANSIBLE_NOCOWS:
  default: false
  description: If you have cowsay installed but want to avoid the 'cows' (why????),
    use this.
  env:
  - {name: ANSIBLE_NOCOWS}
  ini:
  - {key: nocows, section: defaults}
  name: Suppress cowsay output
  type: boolean
  yaml: {key: display.i_am_no_fun}
ANSIBLE_PIPELINING:
  default: false
  description: ['Pipelining, if supported by the connection plugin, reduces the number
      of network operations required to execute a module on the remote server, by
      executing many Ansible modules without actual file transfer.', This can result
      in a very significant performance improvement when enabled., 'However this conflicts
      with privilege escalation (become). For example, when using ''sudo:'' operations
      you must first disable ''requiretty'' in /etc/sudoers on all managed hosts,
      which is why it is disabled by default.', This options is disabled if ``ANSIBLE_KEEP_REMOTE_FILES``
      is enabled.]
  env:
  - {name: ANSIBLE_PIPELINING}
  - {name: ANSIBLE_SSH_PIPELINING}
  ini:
  - {key: pipelining, section: connection}
  - {key: pipelining, section: ssh_connection}
  name: Connection pipelining
  type: boolean
  yaml: {key: plugins.connection.pipelining}
ANSIBLE_SSH_ARGS:
  default: -C -o ControlMaster=auto -o ControlPersist=60s
  description: ['If set, this will override the Ansible default ssh arguments.', 'In
      particular, users may wish to raise the ControlPersist time to encourage performance.  A
      value of 30 minutes may be appropriate.', 'Be aware that if `-o ControlPath`
      is set in ssh_args, the control path setting is not used.']
  env:
  - {name: ANSIBLE_SSH_ARGS}
  ini:
  - {key: ssh_args, section: ssh_connection}
  yaml: {key: ssh_connection.ssh_args}
ANSIBLE_SSH_CONTROL_PATH:
  default: null
  description: ['This is the location to save ssh''s ControlPath sockets, it uses
      ssh''s variable substitution.', 'Since 2.3, if null, ansible will generate a
      unique hash. Use `%(directory)s` to indicate where to use the control dir path
      setting.', Before 2.3 it defaulted to `control_path=%(directory)s/ansible-ssh-%%h-%%p-%%r`.,
    Be aware that this setting is ignored if `-o ControlPath` is set in ssh args.]
  env:
  - {name: ANSIBLE_SSH_CONTROL_PATH}
  ini:
  - {key: control_path, section: ssh_connection}
  yaml: {key: ssh_connection.control_path}
ANSIBLE_SSH_CONTROL_PATH_DIR:
  default: ~/.ansible/cp
  description: [This sets the directory to use for ssh control path if the control
      path setting is null., 'Also, provides the `%(directory)s` variable for the
      control path setting.']
  env:
  - {name: ANSIBLE_SSH_CONTROL_PATH_DIR}
  ini:
  - {key: control_path_dir, section: ssh_connection}
  yaml: {key: ssh_connection.control_path_dir}
ANSIBLE_SSH_EXECUTABLE:
  default: ssh
  description: [This defines the location of the ssh binary. It defaults to `ssh`
      which will use the first ssh binary available in $PATH., 'This option is usually
      not required, it might be useful when access to system ssh is restricted, or
      when using ssh wrappers to connect to remote hosts.']
  env:
  - {name: ANSIBLE_SSH_EXECUTABLE}
  ini:
  - {key: ssh_executable, section: ssh_connection}
  version_added: '2.2'
  yaml: {key: ssh_connection.ssh_executable}
ANSIBLE_SSH_RETRIES:
  default: 0
  description: Number of attempts to establish a connection before we give up and
    report the host as 'UNREACHABLE'
  env:
  - {name: ANSIBLE_SSH_RETRIES}
  ini:
  - {key: retries, section: ssh_connection}
  type: integer
  yaml: {key: ssh_connection.retries}
ANY_ERRORS_FATAL:
  default: false
  description: Sets the default value for the any_errors_fatal keyword, if True, Task
    failures will be considered fatal errors.
  env:
  - {name: ANSIBLE_ANY_ERRORS_FATAL}
  ini:
  - {key: any_errors_fatal, section: defaults}
  name: Make Task failures fatal
  type: boolean
  version_added: '2.4'
  yaml: {key: errors.any_task_errors_fatal}
BECOME_ALLOW_SAME_USER:
  default: false
  description: This setting controls if become is skipped when remote user and become
    user are the same. I.E root sudo to root.
  env:
  - {name: ANSIBLE_BECOME_ALLOW_SAME_USER}
  ini:
  - {key: become_allow_same_user, section: privilege_escalation}
  name: Allow becoming the same user
  type: boolean
  yaml: {key: privilege_escalation.become_allow_same_user}
BECOME_PLUGIN_PATH:
  default: ~/.ansible/plugins/become:/usr/share/ansible/plugins/become
  description: Colon separated paths in which Ansible will search for Become Plugins.
  env:
  - {name: ANSIBLE_BECOME_PLUGINS}
  ini:
  - {key: become_plugins, section: defaults}
  name: Become plugins path
  type: pathspec
  version_added: '2.8'
CACHE_PLUGIN:
  default: memory
  description: Chooses which cache plugin to use, the default 'memory' is ephimeral.
  env:
  - {name: ANSIBLE_CACHE_PLUGIN}
  ini:
  - {key: fact_caching, section: defaults}
  name: Persistent Cache plugin
  yaml: {key: facts.cache.plugin}
CACHE_PLUGIN_CONNECTION:
  default: null
  description: Defines connection or path information for the cache plugin
  env:
  - {name: ANSIBLE_CACHE_PLUGIN_CONNECTION}
  ini:
  - {key: fact_caching_connection, section: defaults}
  name: Cache Plugin URI
  yaml: {key: facts.cache.uri}
CACHE_PLUGIN_PREFIX:
  default: ansible_facts
  description: Prefix to use for cache plugin files/tables
  env:
  - {name: ANSIBLE_CACHE_PLUGIN_PREFIX}
  ini:
  - {key: fact_caching_prefix, section: defaults}
  name: Cache Plugin table prefix
  yaml: {key: facts.cache.prefix}
CACHE_PLUGIN_TIMEOUT:
  default: 86400
  description: Expiration timeout for the cache plugin data
  env:
  - {name: ANSIBLE_CACHE_PLUGIN_TIMEOUT}
  ini:
  - {key: fact_caching_timeout, section: defaults}
  name: Cache Plugin expiration timeout
  type: integer
  yaml: {key: facts.cache.timeout}
COLLECTIONS_PATHS:
  default: ~/.ansible/collections:/usr/share/ansible/collections
  env:
  - {name: ANSIBLE_COLLECTIONS_PATHS}
  ini:
  - {key: collections_paths, section: defaults}
  name: ordered list of root paths for loading installed Ansible collections content
  type: pathspec
COLOR_CHANGED:
  default: yellow
  description: Defines the color to use on 'Changed' task status
  env:
  - {name: ANSIBLE_COLOR_CHANGED}
  ini:
  - {key: changed, section: colors}
  name: Color for 'changed' task status
  yaml: {key: display.colors.changed}
COLOR_CONSOLE_PROMPT:
  default: white
  description: Defines the default color to use for ansible-console
  env:
  - {name: ANSIBLE_COLOR_CONSOLE_PROMPT}
  ini:
  - {key: console_prompt, section: colors}
  name: Color for ansible-console's prompt task status
  version_added: '2.7'
COLOR_DEBUG:
  default: dark gray
  description: Defines the color to use when emitting debug messages
  env:
  - {name: ANSIBLE_COLOR_DEBUG}
  ini:
  - {key: debug, section: colors}
  name: Color for debug statements
  yaml: {key: display.colors.debug}
COLOR_DEPRECATE:
  default: purple
  description: Defines the color to use when emitting deprecation messages
  env:
  - {name: ANSIBLE_COLOR_DEPRECATE}
  ini:
  - {key: deprecate, section: colors}
  name: Color for deprecation messages
  yaml: {key: display.colors.deprecate}
COLOR_DIFF_ADD:
  default: green
  description: Defines the color to use when showing added lines in diffs
  env:
  - {name: ANSIBLE_COLOR_DIFF_ADD}
  ini:
  - {key: diff_add, section: colors}
  name: Color for diff added display
  yaml: {key: display.colors.diff.add}
COLOR_DIFF_LINES:
  default: cyan
  description: Defines the color to use when showing diffs
  env:
  - {name: ANSIBLE_COLOR_DIFF_LINES}
  ini:
  - {key: diff_lines, section: colors}
  name: Color for diff lines display
COLOR_DIFF_REMOVE:
  default: red
  description: Defines the color to use when showing removed lines in diffs
  env:
  - {name: ANSIBLE_COLOR_DIFF_REMOVE}
  ini:
  - {key: diff_remove, section: colors}
  name: Color for diff removed display
COLOR_ERROR:
  default: red
  description: Defines the color to use when emitting error messages
  env:
  - {name: ANSIBLE_COLOR_ERROR}
  ini:
  - {key: error, section: colors}
  name: Color for error messages
  yaml: {key: colors.error}
COLOR_HIGHLIGHT:
  default: white
  description: Defines the color to use for highlighting
  env:
  - {name: ANSIBLE_COLOR_HIGHLIGHT}
  ini:
  - {key: highlight, section: colors}
  name: Color for highlighting
COLOR_OK:
  default: green
  description: Defines the color to use when showing 'OK' task status
  env:
  - {name: ANSIBLE_COLOR_OK}
  ini:
  - {key: ok, section: colors}
  name: Color for 'ok' task status
COLOR_SKIP:
  default: cyan
  description: Defines the color to use when showing 'Skipped' task status
  env:
  - {name: ANSIBLE_COLOR_SKIP}
  ini:
  - {key: skip, section: colors}
  name: Color for 'skip' task status
COLOR_UNREACHABLE:
  default: bright red
  description: Defines the color to use on 'Unreachable' status
  env:
  - {name: ANSIBLE_COLOR_UNREACHABLE}
  ini:
  - {key: unreachable, section: colors}
  name: Color for 'unreachable' host state
COLOR_VERBOSE:
  default: blue
  description: Defines the color to use when emitting verbose messages. i.e those
    that show with '-v's.
  env:
  - {name: ANSIBLE_COLOR_VERBOSE}
  ini:
  - {key: verbose, section: colors}
  name: Color for verbose messages
COLOR_WARN:
  default: bright purple
  description: Defines the color to use when emitting warning messages
  env:
  - {name: ANSIBLE_COLOR_WARN}
  ini:
  - {key: warn, section: colors}
  name: Color for warning messages
COMMAND_WARNINGS:
  default: true
  description: [By default Ansible will issue a warning when the shell or command
      module is used and the command appears to be similar to an existing Ansible
      module., These warnings can be silenced by adjusting this setting to False.
      You can also control this at the task level with the module option ``warn``.]
  env:
  - {name: ANSIBLE_COMMAND_WARNINGS}
  ini:
  - {key: command_warnings, section: defaults}
  name: Command module warnings
  type: boolean
  version_added: '1.8'
CONDITIONAL_BARE_VARS:
  default: true
  description: ['With this setting on (True), running conditional evaluation ''var''
      is treated differently than ''var.subkey'' as the first is evaluated directly
      while the second goes through the Jinja2 parser. But ''false'' strings in ''var''
      get evaluated as booleans.', With this setting off they both evaluate the same
      but in cases in which 'var' was 'false' (a string) it won't get evaluated as
      a boolean anymore., Currently this setting defaults to 'True' but will soon
      change to 'False' and the setting itself will be removed in the future., Expect
      the default to change in version 2.10 and that this setting eventually will
      be deprecated after 2.12]
  env:
  - {name: ANSIBLE_CONDITIONAL_BARE_VARS}
  ini:
  - {key: conditional_bare_variables, section: defaults}
  name: Allow bare variable evaluation in conditionals
  type: boolean
  version_added: '2.8'
CONNECTION_FACTS_MODULES:
  default: {eos: eos_facts, frr: frr_facts, ios: ios_facts, iosxr: iosxr_facts, junos: junos_facts,
    nxos: nxos_facts, vyos: vyos_facts}
  description: Which modules to run during a play's fact gathering stage based on
    connection
  env:
  - {name: ANSIBLE_CONNECTION_FACTS_MODULES}
  ini:
  - {key: connection_facts_modules, section: defaults}
  name: Map of connections to fact modules
  type: dict
DEFAULT_ACTION_PLUGIN_PATH:
  default: ~/.ansible/plugins/action:/usr/share/ansible/plugins/action
  description: Colon separated paths in which Ansible will search for Action Plugins.
  env:
  - {name: ANSIBLE_ACTION_PLUGINS}
  ini:
  - {key: action_plugins, section: defaults}
  name: Action plugins path
  type: pathspec
  yaml: {key: plugins.action.path}
DEFAULT_ALLOW_UNSAFE_LOOKUPS:
  default: false
  description: ['When enabled, this option allows lookup plugins (whether used in
      variables as ``{{lookup(''foo'')}}`` or as a loop as with_foo) to return data
      that is not marked ''unsafe''.', 'By default, such data is marked as unsafe
      to prevent the templating engine from evaluating any jinja2 templating language,
      as this could represent a security risk.  This option is provided to allow for
      backwards-compatibility, however users should first consider adding allow_unsafe=True
      to any lookups which may be expected to contain data which may be run through
      the templating engine late']
  env: []
  ini:
  - {key: allow_unsafe_lookups, section: defaults}
  name: Allow unsafe lookups
  type: boolean
  version_added: 2.2.3
DEFAULT_ASK_PASS:
  default: false
  description: ['This controls whether an Ansible playbook should prompt for a login
      password. If using SSH keys for authentication, you probably do not needed to
      change this setting.']
  env:
  - {name: ANSIBLE_ASK_PASS}
  ini:
  - {key: ask_pass, section: defaults}
  name: Ask for the login password
  type: boolean
  yaml: {key: defaults.ask_pass}
DEFAULT_ASK_SUDO_PASS:
  default: false
  deprecated: {alternatives: become, version: '2.9', why: 'In favor of Ansible Become,
      which is a generic framework. See become_ask_pass.'}
  description: [This controls whether an Ansible playbook should prompt for a sudo
      password.]
  env:
  - {name: ANSIBLE_ASK_SUDO_PASS}
  ini:
  - {key: ask_sudo_pass, section: defaults}
  name: Ask for the sudo password
  type: boolean
DEFAULT_ASK_SU_PASS:
  default: false
  deprecated: {alternatives: become, version: '2.9', why: 'In favor of Ansible Become,
      which is a generic framework. See become_ask_pass.'}
  description: [This controls whether an Ansible playbook should prompt for a su password.]
  env:
  - {name: ANSIBLE_ASK_SU_PASS}
  ini:
  - {key: ask_su_pass, section: defaults}
  name: Ask for the su password
  type: boolean
DEFAULT_ASK_VAULT_PASS:
  default: false
  description: [This controls whether an Ansible playbook should prompt for a vault
      password.]
  env:
  - {name: ANSIBLE_ASK_VAULT_PASS}
  ini:
  - {key: ask_vault_pass, section: defaults}
  name: Ask for the vault password(s)
  type: boolean
DEFAULT_BECOME:
  default: false
  description: Toggles the use of privilege escalation, allowing you to 'become' another
    user after login.
  env:
  - {name: ANSIBLE_BECOME}
  ini:
  - {key: become, section: privilege_escalation}
  name: Enable privilege escalation (become)
  type: boolean
DEFAULT_BECOME_ASK_PASS:
  default: false
  description: Toggle to prompt for privilege escalation password.
  env:
  - {name: ANSIBLE_BECOME_ASK_PASS}
  ini:
  - {key: become_ask_pass, section: privilege_escalation}
  name: Ask for the privilege escalation (become) password
  type: boolean
DEFAULT_BECOME_EXE:
  default: null
  description: executable to use for privilege escalation, otherwise Ansible will
    depend on PATH
  env:
  - {name: ANSIBLE_BECOME_EXE}
  ini:
  - {key: become_exe, section: privilege_escalation}
  name: Choose 'become' executable
DEFAULT_BECOME_FLAGS:
  default: ''
  description: Flags to pass to the privilege escalation executable.
  env:
  - {name: ANSIBLE_BECOME_FLAGS}
  ini:
  - {key: become_flags, section: privilege_escalation}
  name: Set 'become' executable options
DEFAULT_BECOME_METHOD:
  default: sudo
  description: Privilege escalation method to use when `become` is enabled.
  env:
  - {name: ANSIBLE_BECOME_METHOD}
  ini:
  - {key: become_method, section: privilege_escalation}
  name: Choose privilege escalation method
DEFAULT_BECOME_USER:
  default: root
  description: The user your login/remote user 'becomes' when using privilege escalation,
    most systems will use 'root' when no user is specified.
  env:
  - {name: ANSIBLE_BECOME_USER}
  ini:
  - {key: become_user, section: privilege_escalation}
  name: Set the user you 'become' via privilege escalation
  yaml: {key: become.user}
DEFAULT_CACHE_PLUGIN_PATH:
  default: ~/.ansible/plugins/cache:/usr/share/ansible/plugins/cache
  description: Colon separated paths in which Ansible will search for Cache Plugins.
  env:
  - {name: ANSIBLE_CACHE_PLUGINS}
  ini:
  - {key: cache_plugins, section: defaults}
  name: Cache Plugins Path
  type: pathspec
DEFAULT_CALLABLE_WHITELIST:
  default: []
  description: Whitelist of callable methods to be made available to template evaluation
  env:
  - {name: ANSIBLE_CALLABLE_WHITELIST}
  ini:
  - {key: callable_whitelist, section: defaults}
  name: Template 'callable' whitelist
  type: list
DEFAULT_CALLBACK_PLUGIN_PATH:
  default: ~/.ansible/plugins/callback:/usr/share/ansible/plugins/callback
  description: Colon separated paths in which Ansible will search for Callback Plugins.
  env:
  - {name: ANSIBLE_CALLBACK_PLUGINS}
  ini:
  - {key: callback_plugins, section: defaults}
  name: Callback Plugins Path
  type: pathspec
  yaml: {key: plugins.callback.path}
DEFAULT_CALLBACK_WHITELIST:
  default: []
  description: ['List of whitelisted callbacks, not all callbacks need whitelisting,
      but many of those shipped with Ansible do as we don''t want them activated by
      default.']
  env:
  - {name: ANSIBLE_CALLBACK_WHITELIST}
  ini:
  - {key: callback_whitelist, section: defaults}
  name: Callback Whitelist
  type: list
  yaml: {key: plugins.callback.whitelist}
DEFAULT_CLICONF_PLUGIN_PATH:
  default: ~/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf
  description: Colon separated paths in which Ansible will search for Cliconf Plugins.
  env:
  - {name: ANSIBLE_CLICONF_PLUGINS}
  ini:
  - {key: cliconf_plugins, section: defaults}
  name: Cliconf Plugins Path
  type: pathspec
DEFAULT_CONNECTION_PLUGIN_PATH:
  default: ~/.ansible/plugins/connection:/usr/share/ansible/plugins/connection
  description: Colon separated paths in which Ansible will search for Connection Plugins.
  env:
  - {name: ANSIBLE_CONNECTION_PLUGINS}
  ini:
  - {key: connection_plugins, section: defaults}
  name: Connection Plugins Path
  type: pathspec
  yaml: {key: plugins.connection.path}
DEFAULT_DEBUG:
  default: false
  description: ['Toggles debug output in Ansible. This is *very* verbose and can hinder
      multiprocessing.  Debug output can also include secret information despite no_log
      settings being enabled, which means debug mode should not be used in production.']
  env:
  - {name: ANSIBLE_DEBUG}
  ini:
  - {key: debug, section: defaults}
  name: Debug mode
  type: boolean
DEFAULT_EXECUTABLE:
  default: /bin/sh
  description: ['This indicates the command to use to spawn a shell under for Ansible''s
      execution needs on a target. Users may need to change this in rare instances
      when shell usage is constrained, but in most cases it may be left as is.']
  env:
  - {name: ANSIBLE_EXECUTABLE}
  ini:
  - {key: executable, section: defaults}
  name: Target shell executable
DEFAULT_FACT_PATH:
  default: null
  description: [This option allows you to globally configure a custom path for 'local_facts'
      for the implied M(setup) task when using fact gathering., 'If not set, it will
      fallback to the default from the M(setup) module: ``/etc/ansible/facts.d``.',
    This does **not** affect  user defined tasks that use the M(setup) module.]
  env:
  - {name: ANSIBLE_FACT_PATH}
  ini:
  - {key: fact_path, section: defaults}
  name: local fact path
  type: path
  yaml: {key: facts.gathering.fact_path}
DEFAULT_FILTER_PLUGIN_PATH:
  default: ~/.ansible/plugins/filter:/usr/share/ansible/plugins/filter
  description: Colon separated paths in which Ansible will search for Jinja2 Filter
    Plugins.
  env:
  - {name: ANSIBLE_FILTER_PLUGINS}
  ini:
  - {key: filter_plugins, section: defaults}
  name: Jinja2 Filter Plugins Path
  type: pathspec
DEFAULT_FORCE_HANDLERS:
  default: false
  description: [This option controls if notified handlers run on a host even if a
      failure occurs on that host., 'When false, the handlers will not run if a failure
      has occurred on a host.', This can also be set per play or on the command line.
      See Handlers and Failure for more details.]
  env:
  - {name: ANSIBLE_FORCE_HANDLERS}
  ini:
  - {key: force_handlers, section: defaults}
  name: Force handlers to run after failure
  type: boolean
  version_added: 1.9.1
DEFAULT_FORKS:
  default: 5
  description: Maximum number of forks Ansible will use to execute tasks on target
    hosts.
  env:
  - {name: ANSIBLE_FORKS}
  ini:
  - {key: forks, section: defaults}
  name: Number of task forks
  type: integer
DEFAULT_GATHERING:
  choices: [smart, explicit, implicit]
  default: implicit
  description: [This setting controls the default policy of fact gathering (facts
      discovered about remote systems)., 'When ''implicit'' (the default), the cache
      plugin will be ignored and facts will be gathered per play unless ''gather_facts:
      False'' is set.', 'When ''explicit'' the inverse is true, facts will not be
      gathered unless directly requested in the play.', 'The ''smart'' value means
      each new host that has no facts discovered will be scanned, but if the same
      host is addressed in multiple plays it will not be contacted again in the playbook
      run.', This option can be useful for those wishing to save fact gathering time.
      Both 'smart' and 'explicit' will use the cache plugin.]
  env:
  - {name: ANSIBLE_GATHERING}
  ini:
  - {key: gathering, section: defaults}
  name: Gathering behaviour
  version_added: '1.6'
DEFAULT_GATHER_SUBSET:
  default: [all]
  description: [Set the `gather_subset` option for the M(setup) task in the implicit
      fact gathering. See the module documentation for specifics., It does **not**
      apply to user defined M(setup) tasks.]
  env:
  - {name: ANSIBLE_GATHER_SUBSET}
  ini:
  - {key: gather_subset, section: defaults}
  name: Gather facts subset
  type: list
  version_added: '2.1'
DEFAULT_GATHER_TIMEOUT:
  default: 10
  description: [Set the timeout in seconds for the implicit fact gathering., It does
      **not** apply to user defined M(setup) tasks.]
  env:
  - {name: ANSIBLE_GATHER_TIMEOUT}
  ini:
  - {key: gather_timeout, section: defaults}
  name: Gather facts timeout
  type: integer
  yaml: {key: defaults.gather_timeout}
DEFAULT_HANDLER_INCLUDES_STATIC:
  default: false
  deprecated: {alternatives: none as its already built into the decision between include_tasks
      and import_tasks, version: '2.12', why: include itself is deprecated and this
      setting will not matter in the future}
  description: ['Since 2.0 M(include) can be ''dynamic'', this setting (if True) forces
      that if the include appears in a ``handlers`` section to be ''static''.']
  env:
  - {name: ANSIBLE_HANDLER_INCLUDES_STATIC}
  ini:
  - {key: handler_includes_static, section: defaults}
  name: Make handler M(include) static
  type: boolean
DEFAULT_HASH_BEHAVIOUR:
  choices: [replace, merge]
  default: replace
  description: ['This setting controls how variables merge in Ansible. By default
      Ansible will override variables in specific precedence orders, as described
      in Variables. When a variable of higher precedence wins, it will replace the
      other value.', 'Some users prefer that variables that are hashes (aka ''dictionaries''
      in Python terms) are merged. This setting is called ''merge''. This is not the
      default behavior and it does not affect variables whose values are scalars (integers,
      strings) or arrays.  We generally recommend not using this setting unless you
      think you have an absolute need for it, and playbooks in the official examples
      repos do not use this setting', In version 2.0 a ``combine`` filter was added
      to allow doing this for a particular variable (described in Filters).]
  env:
  - {name: ANSIBLE_HASH_BEHAVIOUR}
  ini:
  - {key: hash_behaviour, section: defaults}
  name: Hash merge behaviour
  type: string
DEFAULT_HOST_LIST:
  default: /etc/ansible/hosts
  description: Comma separated list of Ansible inventory sources
  env:
  - {name: ANSIBLE_INVENTORY}
  expand_relative_paths: true
  ini:
  - {key: inventory, section: defaults}
  name: Inventory Source
  type: pathlist
  yaml: {key: defaults.inventory}
DEFAULT_HTTPAPI_PLUGIN_PATH:
  default: ~/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi
  description: Colon separated paths in which Ansible will search for HttpApi Plugins.
  env:
  - {name: ANSIBLE_HTTPAPI_PLUGINS}
  ini:
  - {key: httpapi_plugins, section: defaults}
  name: HttpApi Plugins Path
  type: pathspec
DEFAULT_INTERNAL_POLL_INTERVAL:
  default: 0.001
  description: ['This sets the interval (in seconds) of Ansible internal processes
      polling each other. Lower values improve performance with large playbooks at
      the expense of extra CPU load. Higher values are more suitable for Ansible usage
      in automation scenarios, when UI responsiveness is not required but CPU usage
      might be a concern.', The default corresponds to the value hardcoded in Ansible
      <= 2.1]
  env: []
  ini:
  - {key: internal_poll_interval, section: defaults}
  name: Internal poll interval
  type: float
  version_added: '2.2'
DEFAULT_INVENTORY_PLUGIN_PATH:
  default: ~/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory
  description: Colon separated paths in which Ansible will search for Inventory Plugins.
  env:
  - {name: ANSIBLE_INVENTORY_PLUGINS}
  ini:
  - {key: inventory_plugins, section: defaults}
  name: Inventory Plugins Path
  type: pathspec
DEFAULT_JINJA2_EXTENSIONS:
  default: []
  description: [This is a developer-specific feature that allows enabling additional
      Jinja2 extensions., 'See the Jinja2 documentation for details. If you do not
      know what these do, you probably don''t need to change this setting :)']
  env:
  - {name: ANSIBLE_JINJA2_EXTENSIONS}
  ini:
  - {key: jinja2_extensions, section: defaults}
  name: Enabled Jinja2 extensions
DEFAULT_JINJA2_NATIVE:
  default: false
  description: This option preserves variable types during template operations. This
    requires Jinja2 >= 2.10.
  env:
  - {name: ANSIBLE_JINJA2_NATIVE}
  ini:
  - {key: jinja2_native, section: defaults}
  name: Use Jinja2's NativeEnvironment for templating
  type: boolean
  version_added: 2.7
  yaml: {key: jinja2_native}
DEFAULT_KEEP_REMOTE_FILES:
  default: false
  description: [Enables/disables the cleaning up of the temporary files Ansible used
      to execute the tasks on the remote., If this option is enabled it will disable
      ``ANSIBLE_PIPELINING``.]
  env:
  - {name: ANSIBLE_KEEP_REMOTE_FILES}
  ini:
  - {key: keep_remote_files, section: defaults}
  name: Keep remote files
  type: boolean
DEFAULT_LIBVIRT_LXC_NOSECLABEL:
  default: false
  description: [This setting causes libvirt to connect to lxc containers by passing
      --noseclabel to virsh. This is necessary when running on systems which do not
      have SELinux.]
  env:
  - deprecated: {alternatives: the "ANSIBLE_LIBVIRT_LXC_NOSECLABEL" environment variable,
      version: '2.12', why: environment variables without "ANSIBLE_" prefix are deprecated}
    name: LIBVIRT_LXC_NOSECLABEL
  - {name: ANSIBLE_LIBVIRT_LXC_NOSECLABEL}
  ini:
  - {key: libvirt_lxc_noseclabel, section: selinux}
  name: No security label on Lxc
  type: boolean
  version_added: '2.1'
DEFAULT_LOAD_CALLBACK_PLUGINS:
  default: false
  description: ['Controls whether callback plugins are loaded when running /usr/bin/ansible.
      This may be used to log activity from the command line, send notifications,
      and so on. Callback plugins are always loaded for ``ansible-playbook``.']
  env:
  - {name: ANSIBLE_LOAD_CALLBACK_PLUGINS}
  ini:
  - {key: bin_ansible_callbacks, section: defaults}
  name: Load callbacks for adhoc
  type: boolean
  version_added: '1.8'
DEFAULT_LOCAL_TMP:
  default: ~/.ansible/tmp
  description: Temporary directory for Ansible to use on the controller.
  env:
  - {name: ANSIBLE_LOCAL_TEMP}
  ini:
  - {key: local_tmp, section: defaults}
  name: Controller temporary directory
  type: tmppath
DEFAULT_LOG_FILTER:
  default: []
  description: List of logger names to filter out of the log file
  env:
  - {name: ANSIBLE_LOG_FILTER}
  ini:
  - {key: log_filter, section: defaults}
  name: Name filters for python logger
  type: list
DEFAULT_LOG_PATH:
  default: null
  description: File to which Ansible will log on the controller. When empty logging
    is disabled.
  env:
  - {name: ANSIBLE_LOG_PATH}
  ini:
  - {key: log_path, section: defaults}
  name: Ansible log file path
  type: path
DEFAULT_LOOKUP_PLUGIN_PATH:
  default: ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup
  description: Colon separated paths in which Ansible will search for Lookup Plugins.
  env:
  - {name: ANSIBLE_LOOKUP_PLUGINS}
  ini:
  - {key: lookup_plugins, section: defaults}
  name: Lookup Plugins Path
  type: pathspec
  yaml: {key: defaults.lookup_plugins}
DEFAULT_MANAGED_STR:
  default: Ansible managed
  description: Sets the macro for the 'ansible_managed' variable available for M(template)
    and M(win_template) modules.  This is only relevant for those two modules.
  env: []
  ini:
  - {key: ansible_managed, section: defaults}
  name: Ansible managed
  yaml: {key: defaults.ansible_managed}
DEFAULT_MODULE_ARGS:
  default: ''
  description: [This sets the default arguments to pass to the ``ansible`` adhoc binary
      if no ``-a`` is specified.]
  env:
  - {name: ANSIBLE_MODULE_ARGS}
  ini:
  - {key: module_args, section: defaults}
  name: Adhoc default arguments
DEFAULT_MODULE_COMPRESSION:
  default: ZIP_DEFLATED
  description: Compression scheme to use when transferring Python modules to the target.
  env: []
  ini:
  - {key: module_compression, section: defaults}
  name: Python module compression
DEFAULT_MODULE_LANG:
  default: '{{ CONTROLLER_LANG }}'
  deprecated: {version: '2.9', why: Modules are coded to set their own locale if needed
      for screenscraping}
  description: [Language locale setting to use for modules when they execute on the
      target., If empty it tries to set itself to the LANG environment variable on
      the controller., This is only used if DEFAULT_MODULE_SET_LOCALE is set to true]
  env:
  - {name: ANSIBLE_MODULE_LANG}
  ini:
  - {key: module_lang, section: defaults}
  name: Target language environment
DEFAULT_MODULE_NAME:
  default: command
  description: Module to use with the ``ansible`` AdHoc command, if none is specified
    via ``-m``.
  env: []
  ini:
  - {key: module_name, section: defaults}
  name: Default adhoc module
DEFAULT_MODULE_PATH:
  default: ~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
  description: Colon separated paths in which Ansible will search for Modules.
  env:
  - {name: ANSIBLE_LIBRARY}
  ini:
  - {key: library, section: defaults}
  name: Modules Path
  type: pathspec
DEFAULT_MODULE_SET_LOCALE:
  default: false
  deprecated: {version: '2.9', why: Modules are coded to set their own locale if needed
      for screenscraping}
  description: [Controls if we set locale for modules when executing on the target.]
  env:
  - {name: ANSIBLE_MODULE_SET_LOCALE}
  ini:
  - {key: module_set_locale, section: defaults}
  name: Target locale
  type: boolean
DEFAULT_MODULE_UTILS_PATH:
  default: ~/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
  description: Colon separated paths in which Ansible will search for Module utils
    files, which are shared by modules.
  env:
  - {name: ANSIBLE_MODULE_UTILS}
  ini:
  - {key: module_utils, section: defaults}
  name: Module Utils Path
  type: pathspec
DEFAULT_NETCONF_PLUGIN_PATH:
  default: ~/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf
  description: Colon separated paths in which Ansible will search for Netconf Plugins.
  env:
  - {name: ANSIBLE_NETCONF_PLUGINS}
  ini:
  - {key: netconf_plugins, section: defaults}
  name: Netconf Plugins Path
  type: pathspec
DEFAULT_NO_LOG:
  default: false
  description: Toggle Ansible's display and logging of task details, mainly used to
    avoid security disclosures.
  env:
  - {name: ANSIBLE_NO_LOG}
  ini:
  - {key: no_log, section: defaults}
  name: No log
  type: boolean
DEFAULT_NO_TARGET_SYSLOG:
  default: false
  description: Toggle Ansible logging to syslog on the target when it executes tasks.
  env:
  - {name: ANSIBLE_NO_TARGET_SYSLOG}
  ini:
  - {key: no_target_syslog, section: defaults}
  name: No syslog on target
  type: boolean
  yaml: {key: defaults.no_target_syslog}
DEFAULT_NULL_REPRESENTATION:
  default: null
  description: What templating should return as a 'null' value. When not set it will
    let Jinja2 decide.
  env:
  - {name: ANSIBLE_NULL_REPRESENTATION}
  ini:
  - {key: null_representation, section: defaults}
  name: Represent a null
  type: none
DEFAULT_POLL_INTERVAL:
  default: 15
  description: ['For asynchronous tasks in Ansible (covered in Asynchronous Actions
      and Polling), this is how often to check back on the status of those tasks when
      an explicit poll interval is not supplied. The default is a reasonably moderate
      15 seconds which is a tradeoff between checking in frequently and providing
      a quick turnaround when something may have completed.']
  env:
  - {name: ANSIBLE_POLL_INTERVAL}
  ini:
  - {key: poll_interval, section: defaults}
  name: Async poll interval
  type: integer
DEFAULT_PRIVATE_KEY_FILE:
  default: null
  description: ['Option for connections using a certificate or key file to authenticate,
      rather than an agent or passwords, you can set the default value here to avoid
      re-specifying --private-key with every invocation.']
  env:
  - {name: ANSIBLE_PRIVATE_KEY_FILE}
  ini:
  - {key: private_key_file, section: defaults}
  name: Private key file
  type: path
DEFAULT_PRIVATE_ROLE_VARS:
  default: false
  description: [Makes role variables inaccessible from other roles., This was introduced
      as a way to reset role variables to default values if a role is used more than
      once in a playbook.]
  env:
  - {name: ANSIBLE_PRIVATE_ROLE_VARS}
  ini:
  - {key: private_role_vars, section: defaults}
  name: Private role variables
  type: boolean
  yaml: {key: defaults.private_role_vars}
DEFAULT_REMOTE_PORT:
  default: null
  description: Port to use in remote connections, when blank it will use the connection
    plugin default.
  env:
  - {name: ANSIBLE_REMOTE_PORT}
  ini:
  - {key: remote_port, section: defaults}
  name: Remote port
  type: integer
  yaml: {key: defaults.remote_port}
DEFAULT_REMOTE_USER:
  default: null
  description: [Sets the login user for the target machines, 'When blank it uses the
      connection plugin''s default, normally the user currently executing Ansible.']
  env:
  - {name: ANSIBLE_REMOTE_USER}
  ini:
  - {key: remote_user, section: defaults}
  name: Login/Remote User
DEFAULT_ROLES_PATH:
  default: ~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
  description: Colon separated paths in which Ansible will search for Roles.
  env:
  - {name: ANSIBLE_ROLES_PATH}
  expand_relative_paths: true
  ini:
  - {key: roles_path, section: defaults}
  name: Roles path
  type: pathspec
  yaml: {key: defaults.roles_path}
DEFAULT_SCP_IF_SSH:
  default: smart
  description: [Preferred method to use when transferring files over ssh., 'When set
      to smart, Ansible will try them until one succeeds or they all fail.', 'If set
      to True, it will force ''scp'', if False it will use ''sftp''.']
  env:
  - {name: ANSIBLE_SCP_IF_SSH}
  ini:
  - {key: scp_if_ssh, section: ssh_connection}
DEFAULT_SELINUX_SPECIAL_FS:
  default: fuse, nfs, vboxsf, ramfs, 9p
  description: ['Some filesystems do not support safe operations and/or return inconsistent
      errors, this setting makes Ansible ''tolerate'' those in the list w/o causing
      fatal errors.', Data corruption may occur and writes are not always verified
      when a filesystem is in the list.]
  env: []
  ini:
  - {key: special_context_filesystems, section: selinux}
  name: Problematic file systems
  type: list
DEFAULT_SFTP_BATCH_MODE:
  default: true
  description: 'TODO: write it'
  env:
  - {name: ANSIBLE_SFTP_BATCH_MODE}
  ini:
  - {key: sftp_batch_mode, section: ssh_connection}
  type: boolean
  yaml: {key: ssh_connection.sftp_batch_mode}
DEFAULT_SQUASH_ACTIONS:
  default: apk, apt, dnf, homebrew, openbsd_pkg, pacman, pip, pkgng, yum, zypper
  deprecated: {alternatives: a list directly with the module argument, version: '2.11',
    why: Loop squashing is deprecated and this configuration will no longer be used}
  description: ['Ansible can optimise actions that call modules that support list
      parameters when using ``with_`` looping. Instead of calling the module once
      for each item, the module is called once with the full list.', 'The default
      value for this setting is only for certain package managers, but it can be used
      for any module.', 'Currently, this is only supported for modules that have a
      name or pkg parameter, and only when the item is the only thing being passed
      to the parameter.']
  env:
  - {name: ANSIBLE_SQUASH_ACTIONS}
  ini:
  - {key: squash_actions, section: defaults}
  name: Squashable actions
  type: list
  version_added: '2.0'
DEFAULT_SSH_TRANSFER_METHOD:
  default: null
  description: unused?
  env:
  - {name: ANSIBLE_SSH_TRANSFER_METHOD}
  ini:
  - {key: transfer_method, section: ssh_connection}
DEFAULT_STDOUT_CALLBACK:
  default: default
  description: ['Set the main callback used to display Ansible output, you can only
      have one at a time.', 'You can have many other callbacks, but just one can be
      in charge of stdout.']
  env:
  - {name: ANSIBLE_STDOUT_CALLBACK}
  ini:
  - {key: stdout_callback, section: defaults}
  name: Main display callback plugin
DEFAULT_STRATEGY:
  default: linear
  description: Set the default strategy used for plays.
  env:
  - {name: ANSIBLE_STRATEGY}
  ini:
  - {key: strategy, section: defaults}
  name: Implied strategy
  version_added: '2.3'
DEFAULT_STRATEGY_PLUGIN_PATH:
  default: ~/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy
  description: Colon separated paths in which Ansible will search for Strategy Plugins.
  env:
  - {name: ANSIBLE_STRATEGY_PLUGINS}
  ini:
  - {key: strategy_plugins, section: defaults}
  name: Strategy Plugins Path
  type: pathspec
DEFAULT_SU:
  default: false
  description: Toggle the use of "su" for tasks.
  env:
  - {name: ANSIBLE_SU}
  ini:
  - {key: su, section: defaults}
  type: boolean
  yaml: {key: defaults.su}
DEFAULT_SU_EXE:
  default: su
  deprecated: {alternatives: become, version: '2.9', why: 'In favor of Ansible Become,
      which is a generic framework. See become_exe.'}
  description: specify an "su" executable, otherwise it relies on PATH.
  env:
  - {name: ANSIBLE_SU_EXE}
  ini:
  - {key: su_exe, section: defaults}
  name: su executable
DEFAULT_SU_FLAGS:
  default: ''
  deprecated: {alternatives: become, version: '2.9', why: 'In favor of Ansible Become,
      which is a generic framework. See become_flags.'}
  description: Flags to pass to su
  env:
  - {name: ANSIBLE_SU_FLAGS}
  ini:
  - {key: su_flags, section: defaults}
  name: su flags
DEFAULT_SU_USER:
  default: null
  deprecated: {alternatives: become, version: '2.9', why: 'In favor of Ansible Become,
      which is a generic framework. See become_user.'}
  description: User you become when using "su", leaving it blank will use the default
    configured on the target (normally root)
  env:
  - {name: ANSIBLE_SU_USER}
  ini:
  - {key: su_user, section: defaults}
  name: su user
DEFAULT_SYSLOG_FACILITY:
  default: LOG_USER
  description: Syslog facility to use when Ansible logs to the remote target
  env:
  - {name: ANSIBLE_SYSLOG_FACILITY}
  ini:
  - {key: syslog_facility, section: defaults}
  name: syslog facility
DEFAULT_TASK_INCLUDES_STATIC:
  default: false
  deprecated: {alternatives: 'None, as its already built into the decision between
      include_tasks and import_tasks', version: '2.12', why: include itself is deprecated
      and this setting will not matter in the future}
  description: ['The `include` tasks can be static or dynamic, this toggles the default
      expected behaviour if autodetection fails and it is not explicitly set in task.']
  env:
  - {name: ANSIBLE_TASK_INCLUDES_STATIC}
  ini:
  - {key: task_includes_static, section: defaults}
  name: Task include static
  type: boolean
  version_added: '2.1'
DEFAULT_TERMINAL_PLUGIN_PATH:
  default: ~/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal
  description: Colon separated paths in which Ansible will search for Terminal Plugins.
  env:
  - {name: ANSIBLE_TERMINAL_PLUGINS}
  ini:
  - {key: terminal_plugins, section: defaults}
  name: Terminal Plugins Path
  type: pathspec
DEFAULT_TEST_PLUGIN_PATH:
  default: ~/.ansible/plugins/test:/usr/share/ansible/plugins/test
  description: Colon separated paths in which Ansible will search for Jinja2 Test
    Plugins.
  env:
  - {name: ANSIBLE_TEST_PLUGINS}
  ini:
  - {key: test_plugins, section: defaults}
  name: Jinja2 Test Plugins Path
  type: pathspec
DEFAULT_TIMEOUT:
  default: 10
  description: This is the default timeout for connection plugins to use.
  env:
  - {name: ANSIBLE_TIMEOUT}
  ini:
  - {key: timeout, section: defaults}
  name: Connection timeout
  type: integer
DEFAULT_TRANSPORT:
  default: smart
  description: Default connection plugin to use, the 'smart' option will toggle between
    'ssh' and 'paramiko' depending on controller OS and ssh versions
  env:
  - {name: ANSIBLE_TRANSPORT}
  ini:
  - {key: transport, section: defaults}
  name: Connection plugin
DEFAULT_UNDEFINED_VAR_BEHAVIOR:
  default: true
  description: ['When True, this causes ansible templating to fail steps that reference
      variable names that are likely typoed.', 'Otherwise, any ''{{ template_expression
      }}'' that contains undefined variables will be rendered in a template or ansible
      action line exactly as written.']
  env:
  - {name: ANSIBLE_ERROR_ON_UNDEFINED_VARS}
  ini:
  - {key: error_on_undefined_vars, section: defaults}
  name: Jinja2 fail on undefined
  type: boolean
  version_added: '1.3'
DEFAULT_VARS_PLUGIN_PATH:
  default: ~/.ansible/plugins/vars:/usr/share/ansible/plugins/vars
  description: Colon separated paths in which Ansible will search for Vars Plugins.
  env:
  - {name: ANSIBLE_VARS_PLUGINS}
  ini:
  - {key: vars_plugins, section: defaults}
  name: Vars Plugins Path
  type: pathspec
DEFAULT_VAULT_ENCRYPT_IDENTITY:
  default: null
  description: The vault_id to use for encrypting by default. If multiple vault_ids
    are provided, this specifies which to use for encryption. The --encrypt-vault-id
    cli option overrides the configured value.
  env:
  - {name: ANSIBLE_VAULT_ENCRYPT_IDENTITY}
  ini:
  - {key: vault_encrypt_identity, section: defaults}
  name: Vault id to use for encryption
  yaml: {key: defaults.vault_encrypt_identity}
DEFAULT_VAULT_IDENTITY:
  default: default
  description: The label to use for the default vault id label in cases where a vault
    id label is not provided
  env:
  - {name: ANSIBLE_VAULT_IDENTITY}
  ini:
  - {key: vault_identity, section: defaults}
  name: Vault id label
  yaml: {key: defaults.vault_identity}
DEFAULT_VAULT_IDENTITY_LIST:
  default: []
  description: A list of vault-ids to use by default. Equivalent to multiple --vault-id
    args. Vault-ids are tried in order.
  env:
  - {name: ANSIBLE_VAULT_IDENTITY_LIST}
  ini:
  - {key: vault_identity_list, section: defaults}
  name: Default vault ids
  type: list
  yaml: {key: defaults.vault_identity_list}
DEFAULT_VAULT_ID_MATCH:
  default: false
  description: If true, decrypting vaults with a vault id will only try the password
    from the matching vault-id
  env:
  - {name: ANSIBLE_VAULT_ID_MATCH}
  ini:
  - {key: vault_id_match, section: defaults}
  name: Force vault id match
  yaml: {key: defaults.vault_id_match}
DEFAULT_VAULT_PASSWORD_FILE:
  default: null
  description: The vault password file to use. Equivalent to --vault-password-file
    or --vault-id
  env:
  - {name: ANSIBLE_VAULT_PASSWORD_FILE}
  ini:
  - {key: vault_password_file, section: defaults}
  name: Vault password file
  type: path
  yaml: {key: defaults.vault_password_file}
DEFAULT_VERBOSITY:
  default: 0
  description: Sets the default verbosity, equivalent to the number of ``-v`` passed
    in the command line.
  env:
  - {name: ANSIBLE_VERBOSITY}
  ini:
  - {key: verbosity, section: defaults}
  name: Verbosity
  type: integer
DEPRECATION_WARNINGS:
  default: true
  description: Toggle to control the showing of deprecation warnings
  env:
  - {name: ANSIBLE_DEPRECATION_WARNINGS}
  ini:
  - {key: deprecation_warnings, section: defaults}
  name: Deprecation messages
  type: boolean
DIFF_ALWAYS:
  default: false
  description: Configuration toggle to tell modules to show differences when in 'changed'
    status, equivalent to ``--diff``.
  env:
  - {name: ANSIBLE_DIFF_ALWAYS}
  ini:
  - {key: always, section: diff}
  name: Show differences
  type: bool
DIFF_CONTEXT:
  default: 3
  description: How many lines of context to show when displaying the differences between
    files.
  env:
  - {name: ANSIBLE_DIFF_CONTEXT}
  ini:
  - {key: context, section: diff}
  name: Difference context
  type: integer
DISPLAY_ARGS_TO_STDOUT:
  default: false
  description: ['Normally ``ansible-playbook`` will print a header for each task that
      is run. These headers will contain the name: field from the task if you specified
      one. If you didn''t then ``ansible-playbook`` uses the task''s action to help
      you tell which task is presently running. Sometimes you run many of the same
      action and so you want more information about the task to differentiate it from
      others of the same action. If you set this variable to True in the config then
      ``ansible-playbook`` will also include the task''s arguments in the header.',
    This setting defaults to False because there is a chance that you have sensitive
      values in your parameters and you do not want those to be printed., 'If you
      set this to True you should be sure that you have secured your environment''s
      stdout (no one can shoulder surf your screen and you aren''t saving stdout to
      an insecure file) or made sure that all of your playbooks explicitly added the
      ``no_log: True`` parameter to tasks which have sensitive values See How do I
      keep secret data in my playbook? for more information.']
  env:
  - {name: ANSIBLE_DISPLAY_ARGS_TO_STDOUT}
  ini:
  - {key: display_args_to_stdout, section: defaults}
  name: Show task arguments
  type: boolean
  version_added: '2.1'
DISPLAY_SKIPPED_HOSTS:
  default: true
  description: Toggle to control displaying skipped task/host entries in a task in
    the default callback
  env:
  - deprecated: {alternatives: the "ANSIBLE_DISPLAY_SKIPPED_HOSTS" environment variable,
      version: '2.12', why: environment variables without "ANSIBLE_" prefix are deprecated}
    name: DISPLAY_SKIPPED_HOSTS
  - {name: ANSIBLE_DISPLAY_SKIPPED_HOSTS}
  ini:
  - {key: display_skipped_hosts, section: defaults}
  name: Show skipped results
  type: boolean
DOCSITE_ROOT_URL:
  default: https://docs.ansible.com/ansible/
  description: Root docsite URL used to generate docs URLs in warning/error text;
    must be an absolute URL with valid scheme and trailing slash.
  ini:
  - {key: docsite_root_url, section: defaults}
  name: Root docsite URL
  version_added: '2.8'
DOC_FRAGMENT_PLUGIN_PATH:
  default: ~/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments
  description: Colon separated paths in which Ansible will search for Documentation
    Fragments Plugins.
  env:
  - {name: ANSIBLE_DOC_FRAGMENT_PLUGINS}
  ini:
  - {key: doc_fragment_plugins, section: defaults}
  name: documentation fragment plugins path
  type: pathspec
ENABLE_TASK_DEBUGGER:
  default: false
  description: ['Whether or not to enable the task debugger, this previously was done
      as a strategy plugin.', Now all strategy plugins can inherit this behavior.
      The debugger defaults to activating when, a task is failed on unreachable. Use
      the debugger keyword for more flexibility.]
  env:
  - {name: ANSIBLE_ENABLE_TASK_DEBUGGER}
  ini:
  - {key: enable_task_debugger, section: defaults}
  name: Whether to enable the task debugger
  type: boolean
  version_added: '2.5'
ERROR_ON_MISSING_HANDLER:
  default: true
  description: Toggle to allow missing handlers to become a warning instead of an
    error when notifying.
  env:
  - {name: ANSIBLE_ERROR_ON_MISSING_HANDLER}
  ini:
  - {key: error_on_missing_handler, section: defaults}
  name: Missing handler error
  type: boolean
FACTS_MODULES:
  default: [smart]
  description: Which modules to run during a play's fact gathering stage, using the
    default of 'smart' will try to figure it out based on connection type.
  env:
  - {name: ANSIBLE_FACTS_MODULES}
  ini:
  - {key: facts_modules, section: defaults}
  name: Gather Facts Modules
  type: list
  vars:
  - {name: ansible_facts_modules}
GALAXY_IGNORE_CERTS:
  default: false
  description: ['If set to yes, ansible-galaxy will not validate TLS certificates.
      This can be useful for testing against a server with a self-signed certificate.']
  env:
  - {name: ANSIBLE_GALAXY_IGNORE}
  ini:
  - {key: ignore_certs, section: galaxy}
  name: Galaxy validate certs
  type: boolean
GALAXY_ROLE_SKELETON:
  default: null
  description: Role skeleton directory to use as a template for the ``init`` action
    in ``ansible-galaxy``, same as ``--role-skeleton``.
  env:
  - {name: ANSIBLE_GALAXY_ROLE_SKELETON}
  ini:
  - {key: role_skeleton, section: galaxy}
  name: Galaxy skeleton direcotry
  type: path
GALAXY_ROLE_SKELETON_IGNORE:
  default: [^.git$, ^.*/.git_keep$]
  description: patterns of files to ignore inside a galaxy role skeleton directory
  env:
  - {name: ANSIBLE_GALAXY_ROLE_SKELETON_IGNORE}
  ini:
  - {key: role_skeleton_ignore, section: galaxy}
  name: Galaxy skeleton ignore
  type: list
GALAXY_SERVER:
  default: https://galaxy.ansible.com
  description: URL to prepend when roles don't specify the full URI, assume they are
    referencing this server as the source.
  env:
  - {name: ANSIBLE_GALAXY_SERVER}
  ini:
  - {key: server, section: galaxy}
  yaml: {key: galaxy.server}
GALAXY_TOKEN:
  default: null
  description: GitHub personal access token
  env:
  - {name: ANSIBLE_GALAXY_TOKEN}
  ini:
  - {key: token, section: galaxy}
  yaml: {key: galaxy.token}
HOST_KEY_CHECKING:
  default: true
  description: Set this to "False" if you want to avoid host key checking by the underlying
    tools Ansible uses to connect to the host
  env:
  - {name: ANSIBLE_HOST_KEY_CHECKING}
  ini:
  - {key: host_key_checking, section: defaults}
  name: Check host keys
  type: boolean
HOST_PATTERN_MISMATCH:
  choices: [warning, error, ignore]
  default: warning
  description: This setting changes the behaviour of mismatched host patterns, it
    allows you to force a fatal error, a warning or just ignore it
  env:
  - {name: ANSIBLE_HOST_PATTERN_MISMATCH}
  ini:
  - {key: host_pattern_mismatch, section: inventory}
  name: Control host pattern mismatch behaviour
  version_added: '2.8'
INJECT_FACTS_AS_VARS:
  default: true
  description: ['Facts are available inside the `ansible_facts` variable, this setting
      also pushes them as their own vars in the main namespace.', 'Unlike inside the
      `ansible_facts` dictionary, these will have an `ansible_` prefix.']
  env:
  - {name: ANSIBLE_INJECT_FACT_VARS}
  ini:
  - {key: inject_facts_as_vars, section: defaults}
  type: boolean
  version_added: '2.5'
INTERPRETER_PYTHON:
  default: auto_legacy
  description: ['Path to the Python interpreter to be used for module execution on
      remote targets, or an automatic discovery mode. Supported discovery modes are
      ``auto``, ``auto_silent``, and ``auto_legacy`` (the default). All discovery
      modes employ a lookup table to use the included system Python (on distributions
      known to include one), falling back to a fixed ordered list of well-known Python
      interpreter locations if a platform-specific default is not available. The fallback
      behavior will issue a warning that the interpreter should be set explicitly
      (since interpreters installed later may change which one is used). This warning
      behavior can be disabled by setting ``auto_silent``. The default value of ``auto_legacy``
      provides all the same behavior, but for backwards-compatibility with older Ansible
      releases that always defaulted to ``/usr/bin/python``, will use that interpreter
      if present (and issue a warning that the default behavior will change to that
      of ``auto`` in a future Ansible release.']
  env:
  - {name: ANSIBLE_PYTHON_INTERPRETER}
  ini:
  - {key: interpreter_python, section: defaults}
  name: Python interpreter path (or automatic discovery behavior) used for module
    execution
  vars:
  - {name: ansible_python_interpreter}
  version_added: '2.8'
INTERPRETER_PYTHON_DISTRO_MAP:
  default:
    centos: &id001 {'6': /usr/bin/python, '8': /usr/libexec/platform-python}
    fedora: {'23': /usr/bin/python3}
    redhat: *id001
    rhel: *id001
    ubuntu: {'14': /usr/bin/python, '16': /usr/bin/python3}
  name: Mapping of known included platform pythons for various Linux distros
  version_added: '2.8'
INTERPRETER_PYTHON_FALLBACK:
  default: [/usr/bin/python, python3.7, python3.6, python3.5, python2.7, python2.6,
    /usr/libexec/platform-python, /usr/bin/python3, python]
  name: Ordered list of Python interpreters to check for in discovery
  version_added: '2.8'
INVALID_TASK_ATTRIBUTE_FAILED:
  default: true
  description: If 'false', invalid attributes for a task will result in warnings instead
    of errors
  env:
  - {name: ANSIBLE_INVALID_TASK_ATTRIBUTE_FAILED}
  ini:
  - {key: invalid_task_attribute_failed, section: defaults}
  name: Controls whether invalid attributes for a task result in errors instead of
    warnings
  type: boolean
  version_added: '2.7'
INVENTORY_ANY_UNPARSED_IS_FAILED:
  default: false
  description: 'If ''true'', it is a fatal error when any given inventory source cannot
    be successfully parsed by any available inventory plugin; otherwise, this situation
    only attracts a warning.

    '
  env:
  - {name: ANSIBLE_INVENTORY_ANY_UNPARSED_IS_FAILED}
  ini:
  - {key: any_unparsed_is_failed, section: inventory}
  name: Controls whether any unparseable inventory source is a fatal error
  type: boolean
  version_added: '2.7'
INVENTORY_CACHE_ENABLED:
  default: false
  description: Toggle to turn on inventory caching
  env:
  - {name: ANSIBLE_INVENTORY_CACHE}
  ini:
  - {key: cache, section: inventory}
  name: Inventory caching enabled
  type: bool
INVENTORY_CACHE_PLUGIN:
  description: The plugin for caching inventory. If INVENTORY_CACHE_PLUGIN is not
    provided CACHE_PLUGIN can be used instead.
  env:
  - {name: ANSIBLE_INVENTORY_CACHE_PLUGIN}
  ini:
  - {key: cache_plugin, section: inventory}
  name: Inventory cache plugin
INVENTORY_CACHE_PLUGIN_CONNECTION:
  description: The inventory cache connection. If INVENTORY_CACHE_PLUGIN_CONNECTION
    is not provided CACHE_PLUGIN_CONNECTION can be used instead.
  env:
  - {name: ANSIBLE_INVENTORY_CACHE_CONNECTION}
  ini:
  - {key: cache_connection, section: inventory}
  name: Inventory cache plugin URI to override the defaults section
INVENTORY_CACHE_PLUGIN_PREFIX:
  default: ansible_facts
  description: The table prefix for the cache plugin. If INVENTORY_CACHE_PLUGIN_PREFIX
    is not provided CACHE_PLUGIN_PREFIX can be used instead.
  env:
  - {name: ANSIBLE_INVENTORY_CACHE_PLUGIN_PREFIX}
  ini:
  - {key: cache_prefix, section: inventory}
  name: Inventory cache plugin table prefix
INVENTORY_CACHE_TIMEOUT:
  default: 3600
  description: Expiration timeout for the inventory cache plugin data. If INVENTORY_CACHE_TIMEOUT
    is not provided CACHE_TIMEOUT can be used instead.
  env:
  - {name: ANSIBLE_INVENTORY_CACHE_TIMEOUT}
  ini:
  - {key: cache_timeout, section: inventory}
  name: Inventory cache plugin expiration timeout
INVENTORY_ENABLED:
  default: [host_list, script, auto, yaml, ini, toml]
  description: List of enabled inventory plugins, it also determines the order in
    which they are used.
  env:
  - {name: ANSIBLE_INVENTORY_ENABLED}
  ini:
  - {key: enable_plugins, section: inventory}
  name: Active Inventory plugins
  type: list
INVENTORY_EXPORT:
  default: false
  description: Controls if ansible-inventory will accurately reflect Ansible's view
    into inventory or its optimized for exporting.
  env:
  - {name: ANSIBLE_INVENTORY_EXPORT}
  ini:
  - {key: export, section: inventory}
  name: Set ansible-inventory into export mode
  type: bool
INVENTORY_IGNORE_EXTS:
  default: '{{(BLACKLIST_EXTS + ( ''.orig'', ''.ini'', ''.cfg'', ''.retry''))}}'
  description: List of extensions to ignore when using a directory as an inventory
    source
  env:
  - {name: ANSIBLE_INVENTORY_IGNORE}
  ini:
  - {key: inventory_ignore_extensions, section: defaults}
  - {key: ignore_extensions, section: inventory}
  name: Inventory ignore extensions
  type: list
INVENTORY_IGNORE_PATTERNS:
  default: []
  description: List of patterns to ignore when using a directory as an inventory source
  env:
  - {name: ANSIBLE_INVENTORY_IGNORE_REGEX}
  ini:
  - {key: inventory_ignore_patterns, section: defaults}
  - {key: ignore_patterns, section: inventory}
  name: Inventory ignore patterns
  type: list
INVENTORY_UNPARSED_IS_FAILED:
  default: false
  description: 'If ''true'' it is a fatal error if every single potential inventory
    source fails to parse, otherwise this situation will only attract a warning.

    '
  env:
  - {name: ANSIBLE_INVENTORY_UNPARSED_FAILED}
  ini:
  - {key: unparsed_is_failed, section: inventory}
  name: Unparsed Inventory failure
  type: bool
LOCALHOST_WARNING:
  default: true
  description: [By default Ansible will issue a warning when there are no hosts in
      the inventory., These warnings can be silenced by adjusting this setting to
      False.]
  env:
  - {name: ANSIBLE_LOCALHOST_WARNING}
  ini:
  - {key: localhost_warning, section: defaults}
  name: Warning when using implicit inventory with only localhost
  type: boolean
  version_added: '2.6'
MAX_FILE_SIZE_FOR_DIFF:
  default: 104448
  description: Maximum size of files to be considered for diff display
  env:
  - {name: ANSIBLE_MAX_DIFF_SIZE}
  ini:
  - {key: max_diff_size, section: defaults}
  name: Diff maximum file size
  type: int
NETCONF_SSH_CONFIG:
  default: null
  description: This variable is used to enable bastion/jump host with netconf connection.
    If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config
    file, alternatively it can be set to custom ssh configuration file path to read
    the bastion/jump host settings.
  env:
  - {name: ANSIBLE_NETCONF_SSH_CONFIG}
  ini:
  - {key: ssh_config, section: netconf_connection}
  yaml: {key: netconf_connection.ssh_config}
NETWORK_GROUP_MODULES:
  default: [eos, nxos, ios, iosxr, junos, enos, ce, vyos, sros, dellos9, dellos10,
    dellos6, asa, aruba, aireos, bigip, ironware, onyx, netconf]
  description: 'TODO: write it'
  env:
  - deprecated: {alternatives: the "ANSIBLE_NETWORK_GROUP_MODULES" environment variable,
      version: '2.12', why: environment variables without "ANSIBLE_" prefix are deprecated}
    name: NETWORK_GROUP_MODULES
  - {name: ANSIBLE_NETWORK_GROUP_MODULES}
  ini:
  - {key: network_group_modules, section: defaults}
  name: Network module families
  type: list
  yaml: {key: defaults.network_group_modules}
OLD_PLUGIN_CACHE_CLEARING:
  default: false
  description: Previouslly Ansible would only clear some of the plugin loading caches
    when loading new roles, this led to some behaviours in which a plugin loaded in
    prevoius plays would be unexpectedly 'sticky'. This setting allows to return to
    that behaviour.
  env:
  - {name: ANSIBLE_OLD_PLUGIN_CACHE_CLEAR}
  ini:
  - {key: old_plugin_cache_clear, section: defaults}
  type: boolean
  version_added: '2.8'
PARAMIKO_HOST_KEY_AUTO_ADD:
  default: false
  description: 'TODO: write it'
  env:
  - {name: ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD}
  ini:
  - {key: host_key_auto_add, section: paramiko_connection}
  type: boolean
PARAMIKO_LOOK_FOR_KEYS:
  default: true
  description: 'TODO: write it'
  env:
  - {name: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS}
  ini:
  - {key: look_for_keys, section: paramiko_connection}
  name: look for keys
  type: boolean
PERSISTENT_COMMAND_TIMEOUT:
  default: 30
  description: This controls the amount of time to wait for response from remote device
    before timing out presistent connection.
  env:
  - {name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT}
  ini:
  - {key: command_timeout, section: persistent_connection}
  name: Persistence command timeout
  type: int
PERSISTENT_CONNECT_RETRY_TIMEOUT:
  default: 15
  description: This controls the retry timeout for presistent connection to connect
    to the local domain socket.
  env:
  - {name: ANSIBLE_PERSISTENT_CONNECT_RETRY_TIMEOUT}
  ini:
  - {key: connect_retry_timeout, section: persistent_connection}
  name: Persistence connection retry timeout
  type: integer
PERSISTENT_CONNECT_TIMEOUT:
  default: 30
  description: This controls how long the persistent connection will remain idle before
    it is destroyed.
  env:
  - {name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT}
  ini:
  - {key: connect_timeout, section: persistent_connection}
  name: Persistence timeout
  type: integer
PERSISTENT_CONTROL_PATH_DIR:
  default: ~/.ansible/pc
  description: Path to socket to be used by the connection persistence system.
  env:
  - {name: ANSIBLE_PERSISTENT_CONTROL_PATH_DIR}
  ini:
  - {key: control_path_dir, section: persistent_connection}
  name: Persistence socket path
  type: path
PLAYBOOK_VARS_ROOT:
  choices: [top, bottom, all]
  default: top
  description: ['This sets which playbook dirs will be used as a root to process vars
      plugins, which includes finding host_vars/group_vars', The ``top`` option follows
      the traditional behaviour of using the top playbook in the chain to find the
      root directory., The ``bottom`` option follows the 2.4.0 behaviour of using
      the current playbook to find the root directory., The ``all`` option examines
      from the first parent to the current playbook.]
  env:
  - {name: ANSIBLE_PLAYBOOK_VARS_ROOT}
  ini:
  - {key: playbook_vars_root, section: defaults}
  name: playbook vars files root
  version_added: 2.4.1
PLUGIN_FILTERS_CFG:
  default: null
  description: [A path to configuration for filtering which plugins installed on the
      system are allowed to be used., 'See :ref:`plugin_filtering_config` for details
      of the filter file''s format.', ' The default is /etc/ansible/plugin_filters.yml']
  ini:
  - deprecated: {alternatives: the "defaults" section instead, version: '2.12', why: Specifying
        "plugin_filters_cfg" under the "default" section is deprecated}
    key: plugin_filters_cfg
    section: default
  - {key: plugin_filters_cfg, section: defaults}
  name: Config file for limiting valid plugins
  type: path
  version_added: 2.5.0
PYTHON_MODULE_RLIMIT_NOFILE:
  default: 0
  description: ['Attempts to set RLIMIT_NOFILE soft limit to the specified value when
      executing Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284).
      The value will be limited by the existing hard limit. Default value of 0 does
      not attempt to adjust existing system-defined limits.']
  env:
  - {name: ANSIBLE_PYTHON_MODULE_RLIMIT_NOFILE}
  ini:
  - {key: python_module_rlimit_nofile, section: defaults}
  name: Adjust maximum file descriptor soft limit during Python module execution
  vars:
  - {name: ansible_python_module_rlimit_nofile}
  version_added: '2.8'
RETRY_FILES_ENABLED:
  default: false
  description: This controls whether a failed Ansible playbook should create a .retry
    file.
  env:
  - {name: ANSIBLE_RETRY_FILES_ENABLED}
  ini:
  - {key: retry_files_enabled, section: defaults}
  name: Retry files
  type: bool
RETRY_FILES_SAVE_PATH:
  default: null
  description: This sets the path in which Ansible will save .retry files when a playbook
    fails and retry files are enabled.
  env:
  - {name: ANSIBLE_RETRY_FILES_SAVE_PATH}
  ini:
  - {key: retry_files_save_path, section: defaults}
  name: Retry files path
  type: path
SHOW_CUSTOM_STATS:
  default: false
  description: This adds the custom stats set via the set_stats plugin to the default
    output
  env:
  - {name: ANSIBLE_SHOW_CUSTOM_STATS}
  ini:
  - {key: show_custom_stats, section: defaults}
  name: Display custom stats
  type: bool
STRING_CONVERSION_ACTION:
  default: warn
  description: ['Action to take when a module parameter value is converted to a string
      (this does not affect variables). For string parameters, values such as ''1.00'',
      "[''a'', ''b'',]", and ''yes'', ''y'', etc. will be converted by the YAML parser
      unless fully quoted.', 'Valid options are ''error'', ''warn'', and ''ignore''.',
    'Since 2.8, this option defaults to ''warn'' but will change to ''error'' in 2.12.']
  env:
  - {name: ANSIBLE_STRING_CONVERSION_ACTION}
  ini:
  - {key: string_conversion_action, section: defaults}
  type: string
  version_added: '2.8'
STRING_TYPE_FILTERS:
  default: [string, to_json, to_nice_json, to_yaml, ppretty, json]
  description: [This list of filters avoids 'type conversion' when templating variables,
    'Useful when you want to avoid conversion into lists or dictionaries for JSON
      strings, for example.']
  env:
  - {name: ANSIBLE_STRING_TYPE_FILTERS}
  ini:
  - {key: dont_type_filters, section: jinja2}
  name: Filters to preserve strings
  type: list
SYSTEM_WARNINGS:
  default: true
  description: [Allows disabling of warnings related to potential issues on the system
      running ansible itself (not on the managed hosts), These may include warnings
      about 3rd party packages or other conditions that should be resolved if possible.]
  env:
  - {name: ANSIBLE_SYSTEM_WARNINGS}
  ini:
  - {key: system_warnings, section: defaults}
  name: System warnings
  type: boolean
TAGS_RUN:
  default: []
  description: default list of tags to run in your plays, Skip Tags has precedence.
  env:
  - {name: ANSIBLE_RUN_TAGS}
  ini:
  - {key: run, section: tags}
  name: Run Tags
  type: list
  version_added: '2.5'
TAGS_SKIP:
  default: []
  description: default list of tags to skip in your plays, has precedence over Run
    Tags
  env:
  - {name: ANSIBLE_SKIP_TAGS}
  ini:
  - {key: skip, section: tags}
  name: Skip Tags
  type: list
  version_added: '2.5'
TASK_DEBUGGER_IGNORE_ERRORS:
  default: true
  description: [This option defines whether the task debugger will be invoked on a
      failed task when ignore_errors=True is specified., 'True specifies that the
      debugger will honor ignore_errors, False will not honor ignore_errors.']
  env:
  - {name: ANSIBLE_TASK_DEBUGGER_IGNORE_ERRORS}
  ini:
  - {key: task_debugger_ignore_errors, section: defaults}
  name: Whether a failed task with ignore_errors=True will still invoke the debugger
  type: boolean
  version_added: '2.7'
TRANSFORM_INVALID_GROUP_CHARS:
  choices: [always, never, ignore, silently]
  default: never
  description: [Make ansible transform invalid characters in group names supplied
      by inventory sources., If 'never' it will allow for the group name but warn
      about the issue., 'When ''ignore'', it does the same as ''never'', without issuing
      a warning.', When 'always' it will replace any invalid charachters with '_'
      (underscore) and warn the user, 'When ''silently'', it does the same as ''always'',
      without issuing a warning.']
  env:
  - {name: ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS}
  ini:
  - {key: force_valid_group_names, section: defaults}
  name: Transform invalid characters in group names
  type: string
  version_added: '2.8'
USE_PERSISTENT_CONNECTIONS:
  default: false
  description: Toggles the use of persistence for connections.
  env:
  - {name: ANSIBLE_USE_PERSISTENT_CONNECTIONS}
  ini:
  - {key: use_persistent_connections, section: defaults}
  name: Persistence
  type: boolean
VARIABLE_PRECEDENCE:
  default: [all_inventory, groups_inventory, all_plugins_inventory, all_plugins_play,
    groups_plugins_inventory, groups_plugins_play]
  description: Allows to change the group variable precedence merge order.
  env:
  - {name: ANSIBLE_PRECEDENCE}
  ini:
  - {key: precedence, section: defaults}
  name: Group variable precedence
  type: list
  version_added: '2.4'
VERBOSE_TO_STDERR:
  default: false
  description: [Force 'verbose' option to use stderr instead of stdout]
  env:
  - {name: ANSIBLE_VERBOSE_TO_STDERR}
  ini:
  - {key: verbose_to_stderr, section: defaults}
  type: bool
  version_added: '2.8'
YAML_FILENAME_EXTENSIONS:
  default: [.yml, .yaml, .json]
  description: [Check all of these extensions when looking for 'variable' files which
      should be YAML or JSON or vaulted versions of these., 'This affects vars_files,
      include_vars, inventory and vars plugins among others.']
  env:
  - {name: ANSIBLE_YAML_FILENAME_EXT}
  ini:
  - {key: yaml_valid_extensions, section: defaults}
  name: Valid YAML extensions
  type: list
posted @ 2019-10-08 13:47  yanling0813  阅读(1638)  评论(0编辑  收藏  举报