/docsite/rst/intro_inventory.rst

  1.. _inventory:
  2
  3Inventory
  4=========
  5
  6.. contents:: Topics
  7
  8Ansible works against multiple systems in your infrastructure at the
  9same time.  It does this by selecting portions of systems listed in
 10Ansible's inventory file, which defaults to being saved in 
 11the location /etc/ansible/hosts.
 12
 13Not only is this inventory configurable, but you can also use
 14multiple inventory files at the same time (explained below) and also
 15pull inventory from dynamic or cloud sources, as described in :doc:`intro_dynamic_inventory`.
 16
 17.. _inventoryformat:
 18
 19Hosts and Groups
 20++++++++++++++++
 21
 22The format for /etc/ansible/hosts is an INI format and looks like this::
 23
 24    mail.example.com
 25
 26    [webservers]
 27    foo.example.com
 28    bar.example.com
 29
 30    [dbservers]
 31    one.example.com
 32    two.example.com
 33    three.example.com
 34
 35The things in brackets are group names, which are used in classifying systems
 36and deciding what systems you are controlling at what times and for what purpose.
 37
 38It is ok to put systems in more than one group, for instance a server could be both a webserver and a dbserver.  
 39If you do, note that variables will come from all of the groups they are a member of, and variable precedence is detailed in a later chapter.
 40
 41If you have hosts that run on non-standard SSH ports you can put the port number
 42after the hostname with a colon.  Ports listed in your SSH config file won't be used with the paramiko
 43connection but will be used with the openssh connection.
 44
 45To make things explicit, it is suggested that you set them if things are not running on the default port::
 46
 47    badwolf.example.com:5309
 48
 49Suppose you have just static IPs and want to set up some aliases that don't live in your host file, or you are connecting through tunnels.  You can do things like this::
 50
 51    jumper ansible_ssh_port=5555 ansible_ssh_host=192.168.1.50
 52
 53In the above example, trying to ansible against the host alias "jumper" (which may not even be a real hostname) will contact 192.168.1.50 on port 5555.  Note that this is using a feature of the inventory file to define some special variables.  Generally speaking this is not the best
 54way to define variables that describe your system policy, but we'll share suggestions on doing this later.  We're just getting started.
 55
 56Adding a lot of hosts?  If you have a lot of hosts following similar patterns you can do this rather than listing each hostname::
 57
 58
 59    [webservers]
 60    www[01:50].example.com
 61
 62For numeric patterns, leading zeros can be included or removed, as desired. Ranges are inclusive.  You can also define alphabetic ranges::
 63
 64    [databases]
 65    db-[a:f].example.com
 66
 67You can also select the connection type and user on a per host basis::
 68
 69   [targets]
 70
 71   localhost              ansible_connection=local
 72   other1.example.com     ansible_connection=ssh        ansible_ssh_user=mpdehaan
 73   other2.example.com     ansible_connection=ssh        ansible_ssh_user=mdehaan
 74
 75As mentioned above, setting these in the inventory file is only a shorthand, and we'll discuss how to store them in individual files
 76in the 'host_vars' directory a bit later on.
 77
 78.. _host_variables:
 79
 80Host Variables
 81++++++++++++++
 82
 83As alluded to above, it is easy to assign variables to hosts that will be used later in playbooks::
 84
 85   [atlanta]
 86   host1 http_port=80 maxRequestsPerChild=808
 87   host2 http_port=303 maxRequestsPerChild=909
 88
 89.. _group_variables:
 90
 91Group Variables
 92+++++++++++++++
 93
 94Variables can also be applied to an entire group at once::
 95
 96   [atlanta]
 97   host1
 98   host2
 99
100   [atlanta:vars]
101   ntp_server=ntp.atlanta.example.com
102   proxy=proxy.atlanta.example.com
103
104.. _subgroups:
105
106Groups of Groups, and Group Variables
107+++++++++++++++++++++++++++++++++++++
108
109It is also possible to make groups of groups and assign
110variables to groups.  These variables can be used by /usr/bin/ansible-playbook, but not
111/usr/bin/ansible::
112
113   [atlanta]
114   host1
115   host2
116
117   [raleigh]
118   host2
119   host3
120
121   [southeast:children]
122   atlanta
123   raleigh
124
125   [southeast:vars]
126   some_server=foo.southeast.example.com
127   halon_system_timeout=30
128   self_destruct_countdown=60
129   escape_pods=2
130
131   [usa:children]
132   southeast
133   northeast
134   southwest
135   northwest
136
137If you need to store lists or hash data, or prefer to keep host and group specific variables
138separate from the inventory file, see the next section.
139
140.. _splitting_out_vars:
141
142Splitting Out Host and Group Specific Data
143++++++++++++++++++++++++++++++++++++++++++
144
145The preferred practice in Ansible is actually not to store variables in the main inventory file.
146
147In addition to storing variables directly in the INI file, host
148and group variables can be stored in individual files relative to the
149inventory file.  
150
151These variable files are in YAML format.  See :doc:`YAMLSyntax` if you are new to YAML.
152
153Assuming the inventory file path is::
154
155    /etc/ansible/hosts
156
157If the host is named 'foosball', and in groups 'raleigh' and 'webservers', variables
158in YAML files at the following locations will be made available to the host::
159
160    /etc/ansible/group_vars/raleigh
161    /etc/ansible/group_vars/webservers
162    /etc/ansible/host_vars/foosball
163
164For instance, suppose you have hosts grouped by datacenter, and each datacenter
165uses some different servers.  The data in the groupfile '/etc/ansible/group_vars/raleigh' for
166the 'raleigh' group might look like::
167
168    ---
169    ntp_server: acme.example.org
170    database_server: storage.example.org
171
172It is ok if these files do not exist, as this is an optional feature.
173
174Tip: In Ansible 1.2 or later the group_vars/ and host_vars/ directories can exist in either 
175the playbook directory OR the inventory directory. If both paths exist, variables in the playbook
176directory will be loaded second.
177
178Tip: Keeping your inventory file and variables in a git repo (or other version control)
179is an excellent way to track changes to your inventory and host variables.
180
181.. _behavioral_parameters:
182
183List of Behavioral Inventory Parameters
184+++++++++++++++++++++++++++++++++++++++
185
186As alluded to above, setting the following variables controls how ansible interacts with remote hosts. Some we have already
187mentioned::
188
189    ansible_ssh_host
190      The name of the host to connect to, if different from the alias you wish to give to it.
191    ansible_ssh_port
192      The ssh port number, if not 22
193    ansible_ssh_user
194      The default ssh user name to use.
195    ansible_ssh_pass
196      The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys)
197    ansible_sudo_pass
198      The sudo password to use (this is insecure, we strongly recommend using --ask-sudo-pass)
199    ansible_connection
200      Connection type of the host. Candidates are local, ssh or paramiko.  The default is paramiko before Ansible 1.2, and 'smart' afterwards which detects whether usage of 'ssh' would be feasible based on whether ControlPersist is supported.
201    ansible_ssh_private_key_file
202      Private key file used by ssh.  Useful if using multiple keys and you don't want to use SSH agent.
203    ansible_shell_type
204      The shell type of the target system. By default commands are formatted using 'sh'-style syntax by default. Setting this to 'csh' or 'fish' will cause commands executed on target systems to follow those shell's syntax instead.
205    ansible_python_interpreter
206      The target host python path. This is useful for systems with more
207      than one Python or not located at "/usr/bin/python" such as \*BSD, or where /usr/bin/python
208      is not a 2.X series Python.  We do not use the "/usr/bin/env" mechanism as that requires the remote user's
209      path to be set right and also assumes the "python" executable is named python, where the executable might
210      be named something like "python26".
211    ansible\_\*\_interpreter
212      Works for anything such as ruby or perl and works just like ansible_python_interpreter.
213      This replaces shebang of modules which will run on that host.
214
215Examples from a host file::
216
217  some_host         ansible_ssh_port=2222     ansible_ssh_user=manager
218  aws_host          ansible_ssh_private_key_file=/home/example/.ssh/aws.pem
219  freebsd_host      ansible_python_interpreter=/usr/local/bin/python
220  ruby_module_host  ansible_ruby_interpreter=/usr/bin/ruby.1.9.3
221
222
223.. seealso::
224
225   :doc:`intro_dynamic_inventory`
226       Pulling inventory from dynamic sources, such as cloud providers
227   :doc:`intro_adhoc`
228       Examples of basic commands
229   :doc:`playbooks`
230       Learning ansible's configuration management language
231   `Mailing List <http://groups.google.com/group/ansible-project>`_
232       Questions? Help? Ideas?  Stop by the list on Google Groups
233   `irc.freenode.net <http://irc.freenode.net>`_
234       #ansible IRC chat channel
235