Interview › Infrastructure as Code (Terraform, Ansible)
How do you handle host-specific differences across a mixed fleet?
Infrastructure as Code (Terraform, Ansible) · Advanced level
Answer
For a mixed fleet, I separate common logic from host-specific differences using groups, group_vars, host_vars, facts, OS-family conditionals, role defaults, and clearly named variables. I avoid copying playbooks per host because that creates drift and unreviewed snowflakes.
Technical explanation
OS-specific package names and service names belong in variables or vars files.
Facts can select the correct branch without duplicating entire roles.
Document intentional host exceptions so they do not become unmanaged snowflakes.
Prefer idempotent modules over shell so repeated runs are safe and change reporting is meaningful.
Separate reusable role logic from inventory-specific variables so the same automation works across environments.
Run lint, syntax checks, check mode where useful, and staged rollouts before production-wide changes.
Hands-on example
1. Add Ansible safety checks for: How do you handle host-specific differences across a mixed fleet?
2. CI commands:
ansible-playbook --syntax-check site.yml
ansible-lint .
yamllint .
ansible-playbook -i inventory/stage site.yml --check --diff
3. Avoid state: latest in production unless the rollout is explicitly an upgrade window. Prefer pinned versions or approved repositories:
- name: Install approved app version
ansible.builtin.package:
name: myapp-1.8.4
state: present
4. For mixed fleets, drive differences through group_vars, host_vars, and facts rather than copied playbooks.
5. Gate production runs behind review and record playbook version, inventory, operator, and output artifact.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More Infrastructure as Code (Terraform, Ansible) interview questions
- What is Infrastructure as Code, and what problems does it solve over click-ops?
- What is the difference between declarative and imperative IaC, and where do Terraform and Ansible fall?
- What is the difference between configuration management and provisioning?
- What is Terraform, and what is the core plan/apply workflow?
- What does terraform init do?
- What is the Terraform state file, and why is it critical?
- Why should state be stored remotely, and what backend would you use on AWS?
- What is state locking, and why does it matter for teams?