1

I'm dry running an Ansible role. Part of the role is to deploy a big configuration template (that has a lot Ansible variables that get substituted in the deployment process) on a remote machine. A dry run tells me that the remote configuration file has been modified. Since the file is too big to manually go line over line, how could I debug which parts (lines) have been modified? Thanks!

The template is deployed the following way:

- name: "Make changes to the configuration file"
  template:
    src: "config.j2"
    dest: "{{config_directory}}/config"
    owner: "{{ service_user }}"
    group: "{{ service_group }}"
    mode: 0640
  notify: restart service
theo
  • 25
  • 8

2 Answers2

4

You can use --check for the dry run if not already use and --diff for seeing what could change when --check enabled

Meoffrey
  • 81
  • 2
1

Deploy to your test system first. (If you don't have a test system, that's a bigger problem.)

Deploy the template to some file and use a diff utility against the original. Several ways to do this: create some differently named new file name and diff config config.new or use a (temporary) revision control repo and do a git diff.

Further, the list of changes expected should be known. Go through the version control commits of your playbook review the changes. If you pull values from other systems, that's a bit trickier, but there may be queries you can do to get old and new values.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34
  • Sure, deploying to a test env is an idea that could work, thanks. However I was hoping for something different - is there a sort of debug switch / function that would ie. display the template config file after the variables are substituted? That would work for me. – theo Apr 19 '19 at 13:18