Configuring alternative Ansible configurations

To facilitate the running of Ansible playbooks on your monitored servers, you can set up other Ansible configurations in your wsa-ansible secret.

About this task

For more information about defining the wsa-ansible secret, see Setting up WebSphere Automation for SSH to Linux or UNIX servers.

Setting become_method in Linux

If your Linux servers require a different privilege escalation method than the default sudo, you can use the become_method parameter in your wsa_ansible secret. Include the following line in your wsa_ansible secret:

  --from-literal=become_method=escalation_method

Substitute escalation_method with one of the following valid choices: [ sudo | su | pbrun | pfexec | doas | dzdo | ksu | runas | machinectl ]

For more information, see the Ansible documentation External link icon.

Setting become_user in AIX

If your servers use the AIX operating system and both the connection user and the become_user are unprivileged, you must use the ansible_pipelining parameter in your wsa_ansible secret:

  1. Add --from-literal=ansible_pipelining=true to your secret.
  2. Disable requiretty in your /etc/sudoers file for all managed hosts.
    You can do this by commenting out the Defaults requiretty line, as shown in the following example.
    #Defaults requiretty

For more information, see iFix installation on a target server with an AIX operating system fails with error chmod: A flag or octal number is not correct in the troubleshooting documentation.

Setting ansible_remote_tmp

You can change the location for the temporary files that Ansible places down by setting the ansible_remote_tmp parameter in the wsa-ansible secret. If this parameter is not set, the temporary files are stored in the user home directory by default. If the amount of space available in the user home directory is small, setting the ansible_remote_tmp parameter can prevent failures caused by lack of storage space.

To set the ansible_remote_tmp parameter, add the following code to the wsa-ansible secret:

--from-literal=ansible_remote_tmp=path_to_user_defined_temporary_storage

Download the fix pack zip file

The fix pack download process is executed by the was_im.install_user parameter, an environment variable. The downloaded fix pack is saved to the wsaFixDir directory, an environment variable that customers can customize for their environment. The was_im.install_user will create the wsaFixDir folder if it doesn't already exist, making the folder's owner the was_im.install_user currently performing the download process.

Note:

The value of im_become_user in Ansible is determined by the following parameters:

  • im_become_user = im_become_user: if im_become_user envvariable is set.
  • root: if there is a Privilege Mismatch.
  • was_im.install_user: other scenarios.

Extract the fix pack zip file

The fix pack zip file extraction process is carried out by the im_become_user parameter, an environment variable. The unzipped files are directed to a directory specified by the wsaFixDir parameter, another environment variable.

Install the fix pack using the extracted files

The fix pack installation process is carried out by the im_become_user parameter, utilizing the extracted files as described in Extract the fix pack zip file.