Ansible: organize your hosts in an inventory file in YAML format

In this tutorial, I’ll walk you through how to organize your hosts into an inventory file in YAML format instead of the original file format with Ansible.

If you are new to Ansible, I invite you to read this tutorial first: Ansible: installation, configuration and use with Windows and Linux

To start here is our inventory file, to make it “simple”, the file will only consist of Windows servers.

hosts 375 B

1 2 3 4 5 6 7 8 9 10 11 12 13

[windows]
LAB-DC1 ansible_host=192.168.100.1  
LAB-SRV-1 ansible_host=192.168.100.5
LAB-SRV-IIS-1 ansible_host=192.168.100.101
LAB-SRV-IIS-2 ansible_host=192.168.100.102

[windows:var]
ansible_user=administrateur@domain.lan
ansible_password=secret_password
ansible_port=5985
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
ansible_winrm_transport=credssp

In the file, we have a windows group which contains the list of servers then the configuration of this group before the connection information to the windows:var servers.

In daily maintenance, I want to use 2 playbooks:

• A playbook that will manage Windows updates for all hosts. (playbook-wu-install-update.yml)
• A playbook that will manage the rotation of IIS logs. (playbook-iis-logrotate.yml)

To respond to this solution, I will create a new inventory file in YAML format in which we will create a subgroup (child) which will contain the IIS servers.

First, we will transpose the inventory file identically to the YAML format.

Here is the inventory file:

hosts.yaml 449 B

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

all:
  hosts:
    LAB-DC1:
      ansible_host: 192.168.100.1
    LAB-SRV-1:
      ansible_host: 192.168.100.5
    LAB-SRV-IIS-1:
      ansible_host: 192.168.100.101
    LAB-SRV-IIS-2:
      ansible_host: 192.168.100.102

  vars:
    ansible_user: administrateur@domain.lan
    ansible_password: secret_password
    ansible_port: 5985
    ansible_connection: winrm
    ansible_winrm_server_cert_validation: ignore
    ansible_winrm_transport: credssp

In the file, we created a first group: all, which contains all the hosts, by default when calling this inventory file, the all group is called, the vars group is aligned with the hosts part of the all .

Now, we will create a child group (iisservers) of all, which will contain the two IIS servers.

Here is the file :

hosts.yaml 537 B

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

all:
  hosts:
    LAB-DC1:
      ansible_host: 192.168.100.1
    LAB-SRV-1:
      ansible_host: 192.168.100.5
    LAB-SRV-IIS-1:
      ansible_host: 192.168.100.101
    LAB-SRV-IIS-2:
      ansible_host: 192.168.100.102
  children:
    issservers:
      hosts:
        LAB-SRV-IIS-1:
        LAB-SRV-IIS-2:

  vars:
    ansible_user: administrateur@domain.lan
    ansible_password: secret_password
    ansible_port: 5985
    ansible_connection: winrm
    ansible_winrm_server_cert_validation: ignore
    ansible_winrm_transport: credssp

The iisservers child group is declared and we can see that this contains the declaration of the two IIS servers which is found in all

If you looked at the two playbooks at the start of this tutorial, they are both applied to all groups.

For updates here is the command:

ansible-playbook /path/file/playbook-wu-install-update.yml -i /path/file/hosts.yml -f 10

Here the playbook is called in the “classic” way by indicating the file path, the -i parameter allows you to indicate the inventory file and the optional -f parameter allows you to indicate the number of simultaneous executions (Here it is of no interest).

Now, we will move on to the playbook for the IIS servers, we will also add a parameter -l (limit) which will take the name of the group (iisservers) as a value.

Which gives us :

ansible-playbook /path/file/playbook-iis-logrotate.yml -i /path/file/hosts.yml -l iisservers -f 10

The -l parameter can also take a host, if you want to apply the playbook to a single host, which can be useful if you are using a playbook to schedule server restarts.

To finish this tutorial, it is possible, if necessary, to apply variables at the host level, if for example it is outside the domain and you need to indicate different identifiers to it.

Here is an example :

hosts.yml 821 B

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32

all:
  hosts:
    LAB-DC1:
      ansible_host: 192.168.100.1
    LAB-SRV-1:
      ansible_host: 192.168.100.5
    LAB-SRV-IIS-1:
      ansible_host: 192.168.100.101
    LAB-SRV-IIS-2:
      ansible_host: 192.168.100.102
    LAB-SRV-IIS-DMZ-3:
      ansible_host: 192.168.99.10
      ansible_user: administrateur
      ansible_password: LocalPassword
      ansible_port: 5985
      ansible_connection: winrm
      ansible_winrm_transport: basic
      ansible_winrm_scheme: http
  children:
    issservers:
      hosts:
        LAB-SRV-IIS-1:
        LAB-SRV-IIS-2:
        LAB-SRV-IIS-DMZ-3:

  vars:
    ansible_user: administrateur@domain.lan
    ansible_password: secret_password
    ansible_port: 5985
    ansible_connection: winrm
    ansible_winrm_server_cert_validation: ignore
    ansible_winrm_transport: credssp

I hope this inventory tutorial has helped you see more clearly how to manage your hosts with Ansible.