{"category": "Ansible Inventory Management", "scenario": "Create a comprehensive Ansible inventory with static hosts, dynamic groups, and variables", "approach": "1. Define static inventory with INI format\n2. Create group variables for different server roles\n3. Set up host-specific variables\n4. Configure dynamic inventory for cloud instances\n5. Organize inventory by environment (dev, staging, prod)", "code": "# file: inventory/hosts.ini\n[webservers]\nweb01.example.com ansible_user=ubuntu ansible_host=192.168.1.10\nweb02.example.com ansible_user=ubuntu ansible_host=192.168.1.11\n\n[dbservers]\ndb01.example.com ansible_user=ubuntu ansible_host=192.168.1.20\ndb02.example.com ansible_user=ubuntu ansible_host=192.168.1.21\n\n[loadbalancers]\nlb01.example.com ansible_user=ubuntu ansible_host=192.168.1.5\n\n[monitoring]\nmonitor01.example.com ansible_user=ubuntu ansible_host=192.168.1.30\n\n[production:children]\nwebservers\ndbservers\nloadbalancers\nmonitoring\n\n[production:vars]\nenv=production\ndeploy_user=deploy\nntp_server=pool.ntp.org\n\n# file: group_vars/webservers.yml\n---\nnginx_version: \"1.24\"\nnginx_worker_processes: auto\nnginx_worker_connections: 1024\nnginx_sites:\n  - name: example.com\n    root: /var/www/example.com\n    server_name: example.com www.example.com\n    ssl_enabled: true\n    ssl_cert_path: /etc/ssl/certs/example.com.crt\n    ssl_key_path: /etc/ssl/private/example.com.key\n\nphp_version: \"8.2\"\nphp_memory_limit: \"256M\"\nphp_upload_max_filesize: \"100M\"\nphp_post_max_size: \"100M\"\n\nfirewall_rules:\n  - {port: 80, proto: tcp, action: accept}\n  - {port: 443, proto: tcp, action: accept}\n  - {port: 22, proto: tcp, action: accept, source: \"10.0.0.0/8\"}\n\n# file: group_vars/dbservers.yml\n---\nmysql_version: \"8.0\"\nmysql_root_password: \"{{ vault_mysql_root_password }}\"\nmysql_databases:\n  - name: app_production\n    encoding: utf8mb4\n    collation: utf8mb4_unicode_ci\n\nmysql_users:\n  - name: app_user\n    host: \"%\"\n    password: \"{{ vault_mysql_app_password }}\"\n    priv: \"app_production.*:ALL\"\n\nmysql_backup_enabled: true\nmysql_backup_schedule: \"0 2 * * *\"\nmysql_backup_retention_days: 7\n\n# file: host_vars/web01.example.com.yml\n---\nansible_python_interpreter: /usr/bin/python3\nserver_id: 1\nnginx_keepalive_timeout: 65\n\n# file: inventory/ec2.py (dynamic inventory)\n#!/usr/bin/env python3\nimport boto3\nimport json\nfrom ansible.module_utils.basic import AnsibleModule\n\ndef get_ec2_instances():\n    ec2 = boto3.resource('ec2', region_name='us-east-1')\n    instances = ec2.instances.filter(\n        Filters=[\n            {'Name': 'instance-state-name', 'Values': ['running']},\n            {'Name': 'tag:Environment', 'Values': ['production']}\n        ]\n    )\n    \n    inventory = {\n        '_meta': {'hostvars': {}},\n        'webservers': {'hosts': []},\n        'dbservers': {'hosts': []},\n        'all': {'hosts': []}\n    }\n    \n    for instance in instances:\n        hostname = instance.public_ip_address\n        tags = {tag['Key']: tag['Value'] for tag in instance.tags}\n        \n        inventory['all']['hosts'].append(hostname)\n        inventory['_meta']['hostvars'][hostname] = {\n            'ansible_host': instance.public_ip_address,\n            'ansible_user': 'ubuntu',\n            'instance_id': instance.id,\n            'instance_type': instance.instance_type,\n            'tags': tags\n        }\n        \n        if tags.get('Role') == 'webserver':\n            inventory['webservers']['hosts'].append(hostname)\n        elif tags.get('Role') == 'database':\n            inventory['dbservers']['hosts'].append(hostname)\n    \n    return inventory\n\nif __name__ == '__main__':\n    print(json.dumps(get_ec2_instances()))", "explanation": "This comprehensive inventory setup demonstrates multi-level organization: static hosts grouped by role, group variables for role-specific configuration, host-specific overrides, and dynamic inventory for cloud instances. The hierarchy allows for flexible configuration inheritance and environment separation.", "best_practices": ["Use group_vars for role-specific configuration", "Keep secrets in vault and reference them with variables", "Organize hosts by role and environment", "Use dynamic inventory for auto-scaling cloud infrastructure", "Maintain separate inventory files for different environments", "Document all variables in README files", "Use ansible_python_interpreter for Python 3 environments", "Tag cloud instances appropriately for dynamic inventory"]}