cloud.aws_troubleshooting Validated Content Collection

This repository hosts the cloud.aws_troubleshooting Ansible Collection.

Description

The cloud.aws_troubleshooting validated content collection in Ansible is designed to help users efficiently diagnose and resolve issues within their AWS environments. This collection includes a variety of Ansible roles and playbooks specifically tailored for troubleshooting common problems encountered in AWS infrastructure.

Requirements

The amazon.aws and community.aws collections MUST be installed in order for this collection to work.

Ansible version compatibility

This collection has been tested against following Ansible versions: >=2.15.0.

Included content

Click on the name of a role to view that content's documentation:

Roles

Name	Description
cloud.aws_troubleshooting.aws_setup_credentials	A role to define credentials for aws modules.
cloud.aws_troubleshooting.connectivity_troubleshooter	A role to troubleshoot connectivity issues between the following: a) AWS resources within an Amazon Virtual Private Cloud (Amazon VPC); b) AWS resources in different Amazon VPCs within the same AWS Region that are connected using VPC peering; c) AWS resources in an Amazon VPC and an internet resource using an internet gateway; d) AWS resources in an Amazon VPC and an internet resource using a network address translation (NAT) gateway.
cloud.aws_troubleshooting.connectivity_troubleshooter_igw	A role to troubleshoot connectivity issues between AWS resources in an Amazon VPC and an internet resource using an internet gateway.
cloud.aws_troubleshooting.connectivity_troubleshooter_local	A role to troubleshoot connectivity issues between AWS resources within an Amazon Virtual Private Cloud (Amazon VPC).
cloud.aws_troubleshooting.connectivity_troubleshooter_nat	A role to troubleshoot connectivity issues between AWS resources in an Amazon VPC and an internet resource using a network address translation (NAT) gateway.
cloud.aws_troubleshooting.connectivity_troubleshooter_peering	A role to troubleshoot connectivity issues between AWS resources in different Amazon VPCs within the same AWS Region that are connected using VPC peering.
cloud.aws_troubleshooting.connectivity_troubleshooter_validate	A role to validate input parameters for troubleshoot_connectivity_* roles and return connection next hop.
cloud.aws_troubleshooting.troubleshoot_rds_connectivity	A role to troubleshoot RDS connectivity from an EC2 instance.

Installation

To consume this Validated Content from Automation Hub, please ensure that you add the following lines to your ansible.cfg file.

[galaxy]
server_list = automation_hub

[galaxy_server.automation_hub]
url=https://cloud.redhat.com/api/automation-hub/
auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
token=<SuperSecretToken>

The token can be obtained from the Automation Hub Web UI.

Once the above steps are done, you can run the following command to install the collection.

ansible-galaxy collection install cloud.aws_troubleshooting

Use cases

Once installed, you can reference the cloud.aws_troubleshooting collection content by its fully qualified collection name (FQCN), for example:

  # Troubleshoot when ec2 instance cannot connect to rds instance
  - hosts: all
    tasks:
       - name: Validate that role is also failing
         block:
           - name: Include role cloud.aws_troubleshooting.troubleshoot_rds_connectivity
             ansible.builtin.include_role:
               name: cloud.aws_troubleshooting.troubleshoot_rds_connectivity
             vars:
               troubleshoot_rds_connectivity_db_instance_id: "{{ rds_identifier }}"
               troubleshoot_rds_connectivity_ec2_instance_id: "{{ ec2_instance_id }}"
         rescue:
           - name: Set role failure info
             ansible.builtin.set_fact:
               role_failure_action: "{{ ansible_failed_task.action }}"
               role_failure_msg: "{{ ansible_failed_result.msg }}"

  # Troubleshoot AWS resource connectivity
  - hosts: all
    tasks:
       - name: Include 'cloud.aws_troubleshooting.connectivity_troubleshooter' role
        ansible.builtin.include_role:
          name: cloud.aws_troubleshooting.connectivity_troubleshooter
        vars:
          connectivity_troubleshooter_destination_ip: "{{ ip_instance_2 }}"
          connectivity_troubleshooter_destination_port: 80
          connectivity_troubleshooter_source_ip: "{{ ip_instance_1 }}"

Contributing to this collection

We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against this collection repository. See CONTRIBUTING.md for more details.

Testing

The project uses ansible-lint and black. Assuming this repository is checked out in the proper structure, e.g. collections_root/ansible_collections/cloud/aws_troubleshooting/, run:

  tox -e linters

Sanity and unit tests are run as normal:

  ansible-test sanity

If you want to run cloud integration tests, ensure you log in to the cloud:

# using the "default" profile on AWS
  aws configure set aws_access_key_id     my-access-key
  aws configure set aws_secret_access_key my-secret-key
  aws configure set region                eu-north-1

  ansible-test integration [target]

This collection is tested using GitHub Actions. To know more about CI, refer to CI.md.

Support

For the latest supported versions, refer to the release notes below.

If you encounter issues or have questions, you can submit a support request through the following channels:

• GitHub Issues: Report bugs, request features, or ask questions by opening an issue in the GitHub repository.
• Ansible Community: Engage with the Ansible community on the Ansible Project Mailing List or Ansible Forum.

Release Notes

See the raw generated changelog.

Related Information

• Ansible User guide.
• Ansible Rulebook documentation.
• Ansible Community code of conduct

License

GNU General Public License v3.0 or later See LICENSE to see the full text.