调试ansible跟踪以查找python云堆栈模块中的可能错误

时间:2018-10-10 12:57:59

标签: python python-3.x python-2.7 ansible apache-cloudstack

为Ansible任务上载ssh密钥考虑以下问题:

  File "/home/foo/.ansible/tmp/ansible-tmp-1539175437.69-201636907966313/AnsiballZ_cs_sshkeypair.py", line 113, in <module>
    _ansiballz_main()
  File "/home/foo/.ansible/tmp/ansible-tmp-1539175437.69-201636907966313/AnsiballZ_cs_sshkeypair.py", line 105, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/home/foo/.ansible/tmp/ansible-tmp-1539175437.69-201636907966313/AnsiballZ_cs_sshkeypair.py", line 48, in invoke_module
    imp.load_module('__main__', mod, module, MOD_DESC)
  File "/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py", line 267, in <module>
  File "/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py", line 258, in main
  File "/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py", line 133, in register_ssh_key
  File "/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py", line 211, in get_ssh_key
  File "/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py", line 227, in _get_ssh_fingerprint
  File "/usr/local/lib/python2.7/dist-packages/sshpubkeys/keys.py", line 157, in hash_md5
    fp_plain = hashlib.md5(self._decoded_key).hexdigest()
TypeError: md5() argument 1 must be string or buffer, not None

fatal: [localhost]: FAILED! => {
    "changed": false, 
    "module_stderr": "Traceback (most recent call last):\n  File \"/home/foo/.ansible/tmp/ansible-tmp-1539175437.69-201636907966313/AnsiballZ_cs_sshkeypair.py\", line 113, in <module>\n    _ansiballz_main()\n  File \"/home/foo/.ansible/tmp/ansible-tmp-1539175437.69-201636907966313/AnsiballZ_cs_sshkeypair.py\", line 105, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/foo/.ansible/tmp/ansible-tmp-1539175437.69-201636907966313/AnsiballZ_cs_sshkeypair.py\", line 48, in invoke_module\n    imp.load_module('__main__', mod, module, MOD_DESC)\n  File \"/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py\", line 267, in <module>\n  File \"/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py\", line 258, in main\n  File \"/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py\", line 133, in register_ssh_key\n  File \"/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py\", line 211, in get_ssh_key\n  File \"/tmp/ansible_cs_sshkeypair_payload_Jb1ZG5/__main__.py\", line 227, in _get_ssh_fingerprint\n  File \"/usr/local/lib/python2.7/dist-packages/sshpubkeys/keys.py\", line 157, in hash_md5\n    fp_plain = hashlib.md5(self._decoded_key).hexdigest()\nTypeError: md5() argument 1 must be string or buffer, not None\n", 
    "module_stdout": "", 
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", 
    "rc": 1
}

尽管存在ssh密钥,但这似乎是一个错误,因为md5()参数可能丢失了。

无法以这种形式准确地将其识别为已知问题。

Python 2.x和3.x都会出现此问题。 (以下适用于Ubuntu 16.04 / 18.04 LTS的Dockerfile)。

Ubuntu 16.04 LTS,Python 2 

FROM ubuntu:16.04

ENV WORKDIR /work
WORKDIR $WORKDIR
COPY . $WORKDIR/example/


RUN mv example/.ssh/ ~/ && ls -alh ~/.ssh/ && \
    apt-get -y update && apt-get -y install software-properties-common && apt-add-repository ppa:ansible/ansible && \
    apt-get -y update && \
    apt-get -y install python-pip && pip install ansible cs sshpubkeys && \
    echo "List installed Python packages:" && pip list && python --version && ansible --version

Ubuntu 18.04 LTS,Python 3 

FROM ubuntu:18.04

ENV WORKDIR /work
WORKDIR $WORKDIR
COPY . $WORKDIR/example/


RUN mv example/.ssh/ ~/ && ls -alh ~/.ssh/ && \
    apt-get -y update && apt-get -y install software-properties-common && apt-add-repository ppa:ansible/ansible && \
    apt-get -y update && \
    apt-get -y install python3-pip && pip3 install ansible cs sshpubkeys && \
    echo "List installed Python packages:" && pip3 list && python3 --version && ansible --version

似乎系统删除了临时生成的Python脚本。是否可以保留它们进行调试?

旁注:example/.ssh/包含目标系统未知的新鲜SSH公开密钥。

一个假设:虽然最终的动态文件名为AnsiballZ_cs_sshkeypair.py,但它是否来自Python cs(Apache Cloud Stack绑定)模块?

1 个答案:

答案 0 :(得分:1)

默认情况下,临时脚本将被删除,因为它们基本上只是从Ansible主机传输的模块文件(包装到Ansiballz中)的副本。在那种情况下,我猜想远程主机与Ansible主机相同,但是没关系,因为概念是相同的。 ansiballz包装的模块的命名方案与您假设的一样。

但是实际上您可以通过将ANSIBLE_KEEP_REMOTE_FILES=1放在您的剧本调用上来覆盖自动删除,如下所示:

ANSIBLE_KEEP_REMOTE_FILES=1 ansible-playbook <playbookname>.yml -vvv

这样,保留了ansiballz * .py,但是模块本身作为某种base64字符串传递。我认为这不会有太大帮助。

为了进行进一步的调试,我建议您从github克隆Ansible存储库,然后再做(最好在额外的venv中)

source /path/to/dev/Ansible/hacking/env-setup

设置开发环境。然后,您可以使用Python解释器直接调用该模块,并使用pdb之类的工具。我建议您以以下格式准备一个json文件。

{"ANSIBLE_MODULE_ARGS": { "key1": "value1", "key2"... }}

然后您应该能够像这样调用模块:

python <module-name-plus-path> <json-file-plus-path>

希望对您有帮助!

编辑:我忘记了一件事。签出Ansible dev documentation。如果您真的想深入研究此问题,将对您有很大帮助。

相关问题
最新问题