Skip to main content
Ansible Configuration
CHAPTER 03

Understanding Inventories and Hosts

Updated: May 15, 2026
25 min read

# CHAPTER 3

Understanding Inventories and Hosts

1. Introduction

Ansible is incredibly powerful, but it is entirely blind. It does not magically know the IP addresses of the servers in your AWS account or your corporate data center. To orchestrate infrastructure, you must provide Ansible with a map. This map is called the Inventory. In this chapter, we will master the syntax of INI and YAML inventory files, learn how to logically group servers by their function (e.g., Web, Database, Staging, Production), and explore how to assign specific variables to specific machines.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Construct an INI-formatted static inventory file.
  • Categorize Managed Nodes into logical Host Groups.
  • Understand the default all and ungrouped groups.
  • Assign Host Variables and Group Variables directly within the inventory.
  • Conceptualize Dynamic Inventories for cloud environments.

3. Beginner-Friendly Explanation

Imagine you are the general of an army.
  • The Ansible Engine: You, shouting orders.
  • The Inventory File: A massive spreadsheet on your desk. It lists the names of every soldier, separated into tabs: "Archers", "Cavalry", and "Infantry".

If you shout "Attack!" (the command), you need to specify *who* should attack. If you look at your spreadsheet and say, "Archers, attack!" only the soldiers listed under the "Archers" tab will fire their bows. The Cavalry will ignore you.

The Inventory file is just your spreadsheet organizing your servers so you can target them precisely.

4. The Static Inventory (INI Format)

The most common way for beginners to write an inventory is using the INI format. The file is usually named hosts or inventory.ini.
ini
123456789101112 
# Ungrouped Hosts (Just an IP address)
192.168.1.10

# A Host Group (Defined by brackets)
[webservers]
web1.example.com
web2.example.com
192.168.1.50

[databases]
db-master.example.com
db-replica.example.com

Targeting Groups: Now, when you run an Ansible command, you can target specific groups:

  • ansible webservers -m ping (Only pings the 3 web servers)
  • ansible databases -m ping (Only pings the 2 databases)
  • ansible all -m ping (Pings all 6 servers in the file)

5. Inventory Variables

Not all servers are identical. Sometimes a server needs a different SSH port, or a different username. You can assign Host Variables directly inline.
ini
12345 
[webservers]
# This server requires the username 'admin' and SSH port 2222
web1.example.com ansible_user=admin ansible_port=2222
# This server uses the default settings
web2.example.com

If an entire group needs the same variable, you can use Group Variables.

ini
12345678 
[databases]
db1.example.com
db2.example.com

# Apply variables to every server in the [databases] group
[databases:vars]
ansible_user=dbadmin
mysql_port=3306

6. Mini Project: Create Inventory for Multiple Servers

Let's build a complex inventory structure using Children Groups (groups made of other groups) to simulate a multi-environment data center.

Step-by-Step Architecture Concept: Create an inventory.ini file with the following structure:

ini
12345678910111213141516 
[frontend]
10.0.0.5
10.0.0.6

[backend]
10.0.0.15
10.0.0.16

# Create a group that combines BOTH frontend and backend!
[production:children]
frontend
backend

[production:vars]
environment_name="Production"
ansible_user="ubuntu"

*Now, if you run ansible production -m ping, Ansible will ping all 4 servers (10.0.0.5, .6, .15, and .16) because the production group contains both the frontend and backend groups as children!*

7. Dynamic Inventories (The Cloud Standard)

Static INI files are great for 5 servers. They are terrible for AWS. In AWS, servers Auto-Scale. You might have 10 web servers at noon, and 50 web servers at 6:00 PM. The IP addresses are constantly changing. You cannot manually type 50 new IP addresses into an INI file every day. The Solution: Dynamic Inventories. Instead of a text file, you provide Ansible with a Python script (e.g., awsec2.yml). When you run Ansible, the script instantly talks to the AWS API, asks "Give me the IP addresses of all currently running EC2 instances tagged as 'Web'", and automatically builds the inventory in RAM in milliseconds.

8. Real-World Scenarios

A junior system administrator was asked to reboot all Staging servers. They opened their static inventory file, which was poorly organized and had no groups; it was just a list of 200 IP addresses. They accidentally copied a Production IP address and ran the reboot command against it, causing a 5-minute outage on the live website. Following the incident, the Lead DevOps engineer implemented strict Host Groups: [staging] and [production]. Now, the junior admin simply types ansible staging -m reboot, entirely eliminating the risk of human error when targeting servers.

9. Best Practices

  • Separate Variable Files: While you *can* put variables directly in the INI file ([databases:vars]), it becomes messy. The enterprise best practice is to keep the inventory file clean (only names/IPs), and create a directory named groupvars/ right next to your inventory. If you create a file named groupvars/databases.yml, Ansible will automatically load those variables for the databases group.

10. Security Recommendations

  • Avoid Passwords in Inventory: You can technically write ansiblesshpass=SuperSecret in your inventory file to bypass SSH keys. Never do this. Your inventory file will likely be pushed to GitHub, instantly leaking your server passwords. Always use SSH keys, or Ansible Vault (covered later).

11. Exercises

  1. 1. What is the syntax required to create a "Child Group" (a group that inherits other groups) in an INI-formatted inventory?
  1. 2. Explain the fundamental flaw of Static Inventories when managing elastic cloud environments like AWS Auto Scaling Groups.

12. FAQs

Q: Can I use YAML instead of INI for my inventory? A: Yes. inventory.yml is perfectly valid and preferred by many teams who want strict consistency, as Ansible Playbooks are also written in YAML. However, INI is generally faster to read for simple lists.

13. Interview Questions

  • Q: Differentiate between Host Variables and Group Variables in an Ansible inventory. In what specific scenario would a Host Variable override a Group Variable?
  • Q: Explain the operational necessity of Dynamic Inventories. Describe the high-level workflow of how the awsec2 inventory plugin resolves host IPs at runtime.

14. Summary

In Chapter 3, we gave Ansible its eyes. We transitioned from targeting individual IP addresses to architecting logical, scalable deployment maps using Static Inventories. By organizing our infrastructure into logical Host Groups and utilizing Child Groups, we created highly specific deployment targets. We learned to inject dynamic behavior via Host and Group Variables, establishing the foundation for data-driven configuration. Finally, we recognized the limitations of static files in the modern cloud, setting the conceptual stage for API-driven Dynamic Inventories.

15. Next Chapter Recommendation

Our fleet is mapped and ready. It is time to execute commands across the entire data center with a single keystroke. Proceed to Chapter 4: Ansible Ad-Hoc Commands.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Installing and Configuring Ansible
Next Chapter Ansible Ad-Hoc Commands

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5