Introduction to Event-Driven Ansible

Instructions

1. Examine the automation resources in automation controller and Event-Driven Ansible (EDA) controller.

   1. Navigate to https://controller.lab.example.com and log in as admin using redhat as the password. If necessary, click the main menu icon at the upper left of the page to display the main menu.

   2. Go to Resources → Templates and then click the Back up Switch template. Note that this job template uses the backup_switch.yml playbook from the Switch Maintenance project. This project in automation controller uses the playbooks from the switch_maintenance project in GitLab.

   3. Go to Resources → Templates and then click the Update MOTD template. Note that this job template uses the update_motd.yml playbook from the Switch Maintenance project. Although not displayed on the Details page, the job template already has the Prompt on launch checkbox selected for the Variables field so that the job template can dynamically import the event as the ansible_eda variable.

   4. In a new browser tab, navigate to https://eda-controller.lab.example.com and log in as admin using redhat as the password. If necessary, click the main menu icon at the upper left of the page to display the main menu.

   5. Go to Rulebook Activations and then click the Switch maintenance rulebook activation. Note that this rulebook activation uses the switch_maintenance.yml rulebook from the Switch Maintenance project. This project in EDA controller uses the rulebooks from the switch_maintenance project in GitLab.

2. Create an outgoing webhook in Mattermost to trigger the Switch maintenance rulebook activation.

   1. In a new browser tab, navigate to http://mattermost.lab.example.com:8065 and log in as student using Stud3nt123 as the password. If necessary, click View in Browser.

   2. Click the main menu icon at the upper left of the page to display the main menu, and then click System Console.

   3. Go to ENVIRONMENT → Developer. In the Allow untrusted internal connections to field, enter eda-controller.lab.example.com and then click Save.

   4. Click Back to labexamplecom at the upper left of the page.

   5. Click the main menu icon at the upper left of the page to display the main menu, and then click Integrations. From the Integrations page, click the Outgoing Webhooks tile and then click Add Outgoing Webhook.

   6. Create the outgoing webhook with the following information. Make sure to place each trigger word on its own line.

      Key	Value
      Title	EDA controller
      Content Type	application/json
      Trigger words	backup-network update-motd
      Callback URL	http://eda-controller.lab.example.com:5000

      When finished, click Save, and then click Done.

   7. Click Back to Mattermost at the upper left of the page.

3. Send a message in Mattermost to trigger the Switch maintenance rulebook activation and examine the event data.

   1. On the Mattermost web browser tab, send the following message: backup-network.

   2. On the EDA controller web browser tab, go to Rulebook Activations and click the Switch maintenance rulebook activation. Click the History tab and click the name that has a status of running. You should see output similar to the following:

       'payload': {'channel_id': 'oqtr81eripb6igwgh37wunpoey',
                   'channel_name': 'town-square',
                   'file_ids': '',
                   'post_id': '7h9yycczntfp3px7u89r7xne1e',
                   'team_domain': 'labexamplecom',
                   'team_id': 'a35ke44b6bgd587nedo7agf93o',
                   'text': 'backup-network',
                   'timestamp': 1710778656711,
                   'token': 'x65gsatsa7ro3njtbhtg74hyyo',
                   'trigger_word': 'backup-network',
                   'user_id': 'wmp3kqkdii8zxk3r985mre9uor',
                   'user_name': 'student'}}

      The following are event keys worth examining:

      payload.text

      The entire message that was sent in Mattermost

      payload.trigger_word

      The trigger word that triggered the rulebook activation

      payload.channel_name

      The channel the message was sent in

      payload.user_name

      The username of the user that sent the message

4. Create rules in the switch_maintenance.yml rulebook to trigger the Back up Switch job template when the backup-network message is sent in Mattermost, and to trigger the Update MOTD job template when the update-motd message is sent in Mattermost.

   Note

   The ~/example-chat/switch_maintenance.yml file contains the correct updates. You can use that file for comparison or copy it to the ~/git-repos/switch_maintenance/rulebooks directory.

   1. In a new terminal window, change to the /home/student/git-repos/switch_maintenance directory. This directory is a clone of the git@git.lab.example.com:student/switch_maintenance Git repository.

      The Switch Maintenance projects in automation controller and EDA controller use playbooks and a rulebook in this repository.

      [student@workstation ~]$ cd ~/git-repos/switch_maintenance

   2. Use a text editor, such as VS Code, to add the Back up network devices rule to the rulebooks/switch_maintenance.yml rulebook. You can see that the existing ruleset uses the ansible.eda.webhook event source plug-in to listen for incoming events from the outgoing webhook in Mattermost on TCP port 5000.

      The single rule in the ruleset is triggered if the event.payload key exists in the event data.

      Add a new rule before the Print event data rule that runs the Back up Switch job template when the backup-network message is sent to the town-square channel in Mattermost:

      ---
      - name: Capture POST events from Mattermost
        hosts: all
        sources:
          - name: Match events posted to port 5000
            ansible.eda.webhook:
              host: 0.0.0.0
              port: 5000
      
        rules:
          # When the message "backup-network" is sent in the "town-square" channel,
          # run the "Back up Switch" job template
          - name: Back up network devices
            condition: >
              event.payload.channel_name == "town-square"
              and event.payload.trigger_word == "backup-network"
              and event.payload.user_name == "student"
            action:
              run_job_template:
                name: Back up Switch
                organization: Default
      
          - name: Print event data
            condition: event.payload is defined
            action:
              print_event:
                pretty: true

   3. Edit the Update MOTD rule to add the rulebooks/switch_maintenance.yml rulebook. Add the new rule after the Back up network devices rule and before the Print event data rule:

      ---
      - name: Capture POST events from Mattermost
        hosts: all
        sources:
          - name: Match events posted to port 5000
            ansible.eda.webhook:
              host: 0.0.0.0
              port: 5000
      
        rules:
          # When the message "backup-network" is sent in the "town-square" channel,
          # run the "Back up Switch" job template
          - name: Back up network devices
            condition: >
              event.payload.channel_name == "town-square"
              and event.payload.trigger_word == "backup-network"
              and event.payload.user_name == "student"
            action:
              run_job_template:
                name: Back up Switch
                organization: Default
      
          # When the message "update-motd" is sent in the "town-square" channel,
          # run the "Update MOTD" job template
          - name: Update MOTD
            condition: >
              event.payload.channel_name == "town-square"
              and event.payload.trigger_word == "update-motd"
              and event.payload.user_name == "student"
            action:
              run_job_template:
                name: Update MOTD
                organization: Default
      
          - name: Print event data
            condition: event.payload is defined
            action:
              print_event:
                pretty: true

      Note

      The ~/example-chat/switch_maintenance.yml file contains the correct updates. You can use that file for comparison or copy it to the ~/git-repos/switch_maintenance/rulebooks directory.

   4. Add and commit the local changes, and then push the changes to the remote Git repository:

      [student@workstation switch_maintenance]$ git commit -a -m 'Improve rulebook'
      [main 4443f12] Improve rulebook
      1 file changed, 24 insertions(+)
      [student@workstation switch_maintenance]$ git push
      ...output omitted...

   5. On the EDA controller web browser tab, go to Projects and then click the Sync project icon for the Switch Maintenance project. Wait until the project displays a status of Completed.

   6. Go to Rulebook Activations. Click the vertical ellipsis icon for the Switch maintenance rulebook activation and click Restart rulebook activation.

   7. Select the Yes, I confirm that I want to restart these 1 rulebook activations checkbox and click Restart rulebook activations.

   8. When the status changes to Success, click Close to close the Restart rulebook activations window.

5. Test the Back up network devices rule in the Switch maintenance rulebook activation.

   1. Inspect the backup_switch.yml playbook in the ~/git-repos/switch_maintenance/playbooks directory. Note that this playbook backs up network devices in the eos group, and then copies the backup files to the ~/example-chat directory on the workstation machine. This is the playbook that the Back up Switch job template uses in automation controller.

   2. On the Mattermost web browser tab, ensure that you are in the Town Square channel. Send the following message:

      backup-network

   3. On the EDA controller web browser tab, go to Rule Audit.

   4. You might have to wait a minute, but you should see a new Back up network devices rule in the rule audit list. Wait until the rule displays a status of Success.

   5. In the terminal window, verify that the backup file was copied to the ~/example-chat directory:

      [student@workstation switch_maintenance]$ ls ~/example-chat
      arista1.lab.example.com.backup.cfg  switch_maintenance.yml

6. Test the Update MOTD rule in the Switch maintenance rulebook activation.

   1. Inspect the update_motd.yml playbook in the ~/git-repos/switch_maintenance/playbooks directory. Note that this playbook updates the login banner of network devices in the eos group using the ansible_eda['event']['payload']['text'] variable. The playbook uses a replace filter to remove the update-motd string from the event.payload.text key.

      After the playbook updates the login banner on the network device, the playbook sends a confirmation message back to the Mattermost channel.

   2. On the Mattermost web browser tab, ensure that you are in the Town Square channel. Send the following message:

      update-motd This is an arista eos managed node

   3. On the EDA controller web browser tab, go to Rule Audit.

   4. You might have to wait a minute, but you should see a new Update MOTD rule in the rule audit list. Wait until the rule displays a status of Success.

   5. On the Mattermost web browser tab, the following message appears from the student BOT account:

      The MOTD for the 'arista1.lab.example.com' managed node has been set to: 'This is an arista eos managed node'.

   6. In a new terminal window, connect to the arista1 managed node to verify that the new login banner has been configured:

      [student@workstation ~]$ ssh arista1
      ...output omitted...
      This is an arista eos managed node
      ...output omitted...

   7. Disconnect from the arista1 managed node:

      arista1.lab.example.com>logout
      Connection to arista1 closed.
      [student@workstation ~]$