Debugging ansible modules

Debugging custom Ansible modules

Who am I
Alex Leonhardt
Ansible user for ~2-3 months,
previously Puppet and some SaltStack
Ops guy for a very long time
Twitter: @alex_leonhardt

Elsevier
"Elsevier is an information solutions company with roots in publishing scientific, medical, and technical literature"
Publisher of scientific, medical and technical literature
ScienceDirect.com, part of Elsevier
AWS, Ansible, Packer
Python / BASH + GoCD for operations/automation
Microservice architecutre (mostly Java)
Know any/all of above? We're hiring!

Debugging Ansible modules
Ansible makes debugging somewhat problematic, expects valid json for
any output.
print('x has value: {0}').format(x) won't ever make it to the console.
So how do we check the state of a variable, e.g. when looping over a list?

Be verbose, be very verbose
-vvv

Using AWS (who isn't) ?
~/.boto
Boto has a debug setting, use it!

Boto debug
HTTP POST output
Caution! Credentials are shown in clear text

Custom module
ec2_describe.py

Custom module
list ec2 instance ids
but 'print' won't work >:(

Some output
not great, but something

at least we now know the correct class
Some more output
to check for attributes, etc.

IDEs really help to find the correct
VIM vs IDE vs (other)
class(es) quickly, but use whatever you like

Fixed code
and the correct method used
... this time ;)

But wait...
... what about print("hello world: {0}").format(x) ?

Use python logging
" p r i n t "

Use python logging
Setup logging in the main() function
CAUTION!
Thiswillalsoprintbotodebugoutputincludingyourplain-textkeys!

Finally.. we get some output!

Bonus points - more boto debug!

Use 'q'
"Quick-and-dirty debugging output for tired programmers"
Install it with pip install q( )
Output is sent to $TMPDIR/q
Use for normal output (replace 'print' with 'q')
Use as a decorator (@q)
https://pypi.python.org/pypi/q

A q(uick) example
Output
Decorator

A q(uick) example (output)
Output

A q(uick) example (output)
Decorator

check out the temporary directory:
Mooaaarr debugging!
tell ansible to not clean-up after itself:
$exportANSIBLE_KEEP_REMOTE_FILES=1
$play-Mmodules/-iinventorymyplay_describe.yml-vvv
(in our case locally as we dont run against remote hosts)
$cd ~/.ansible/tmp/ansible-tmp-1434809169.56-151563844546363
$ls-l
-rw-r--r-- 1ale staff 7265520Jun15:06ec2_describe

Mooaaarr debugging!
ec2_describe
[...]
state=module.params.get('state')
ifstate=='describe':
    i_list,changed=get_instance_list(module,ec2)
else:
    changed=False
    i_list='Failed'
module.exit_json(changed=changed,instances=i_list)
#importmodulesnippets
#ThiscodeispartofAnsible,butisanindependentcomponent.
#Thisparticularfilesnippet,andthisfilesnippetonly,isBSDlicensed.
[...]
#==BEGINDYNAMICALLYINSERTEDCODE==
ANSIBLE_VERSION='1.9.1'
MODULE_ARGS='region=eu-west-1'
MODULE_COMPLEX_ARGS='{"region":"eu-west-1"}'

Use pdb (python debugger)
... to step through the code.
~/.ansible/tmp/ansible-tmp-1434809169.56-151563844546363$ python-mpdbec2_describe

Cleanup after yourself
Leaving debug logs around is dangerous, so don't forget!
rm-vf/tmp/ansible_debug.log$TMPDIR/q

Links / Resources
https://docs.python.org/2/library/logging.html
https://pypi.python.org/pypi/q
https://docs.python.org/2/library/pdb.html
http://docs.ansible.com/ec2_module.html
http://docs.ansible.com/developing_modules.html#testing-modules

Debugging ansible modules

More Related Content

What's hot

Viewers also liked

Recently uploaded

Debugging ansible modules