StackStorm with Ansible and Syslog
StackStorm differs from other automation tools in the sense that it was not designed for endpoint configuration or communication, but in conjunction with tools like Ansible, StackStorm becomes a catalyst for creating efficient and intelligent workflows. In this example we'll show how easy it is to execute an Ansible playbook in the event of an interface link coming up on an AOS-CX switch.
Requirements
- AOS-CX Switch
- latest release version
- Ansible Engine
- If you're new to using Ansible it's recommended to walk through Getting Started with Ansible.
- StackStorm
- Have the following packs installed:
- aoscx
- core
- should already be installed
- verify with
st2 pack list
- Syslog server
- following syslog install instructions for your Linux distribution
Syslog Server Configuration
In this workflow StackStorm is reading a syslog message file and based on matching on a text pattern that we set in StackStorm, an Ansible playbook will be executed. It's best practice to have our switch syslog messages being sent to a specific file so we know exactly what file to look for and it's not being overloaded with other messages. For CentOS 8 machines, after installing the rsyslog server for your add the following to your rsyslog configuration file /etc/rsyslog.conf:
if $fromhost-ip startswith '10.100' then /var/log/switch-log.log
Ansible Playbook and Inventory
In this workflow we're using Ansible and the AOS-CX Collection. For the inventory file, ensure it's specifying any required variables for the AOS-CX collection as well as any additional variables you desire for your workflow. In this example we're keeping it simple by configuring a VLAN on the switch, so we include the variable uplink_vlan to be later used in the playbook:
all:
hosts:
8320-CX-188:
ansible_host: 10.100.206.188
ansible_user: admin
ansible_password: password
ansible_connection: httpapi # REST API connection method
ansible_network_os: arubanetworks.aoscx.aoscx
ansible_httpapi_validate_certs: False
ansible_httpapi_use_ssl: True
ansible_acx_no_proxy: True
uplink_vlan: 200 # To be used by playbook
Next define the playbook, in this case we're using the aoscx_vlan module to configure a VLAN on the switch:
---
- hosts: all
collections:
- arubanetworks.aoscx
tasks:
- name: Create VLAN on CX Switch
aoscx_vlan:
vlan_id: "{{uplink_vlan}}"
description: Uplink_VLAN
Define the StackStorm Rule and Trigger
Now that we have our Syslog server and Ansible set up, it's time to define our StackStorm rule and trigger that will execute the playbook upon a matched condition. We use regular expression to match on a specific syslog message regarding if an interface Link comes up, then for our action we use the core.remote action which allows us to SSH into our Ansible Tower machine and execute a tower-cli command to run an Ansible playbook.
Here's an example of the syslog message AOS-CX sends when an interface link is up:
2020-08-23T18:48:37.102022-07:00 8320-CX-188 intfd[1840] Event|403|LOG_INFO|||Link status for interface 1/1/30 is up
---
name: link_up_rule
pack: "aoscx"
description: Executes and Ansible playbook when a syslog message from AOS-CX is received that an interface link is up.
enabled: true
trigger:
parameters:
file_path: /var/log/switch-log.log
type: linux.file_watch.line
criteria:
trigger.line:
pattern: 'intfd.*Link.*interface\s\d+\/\d+\/\d+\sis\sup'
type: "iregex"
action:
ref: "core.remote"
parameters:
cmd: "ansible-playbook /home/admin/configure_vlan.yml -i /home/admin/cx_hosts.yml"
hosts: "10.100.192.3" # IP address of Ansible control machine
username: "admin" # SSH Login username of Ansible control machine
password: "password" # SSH Login password of Ansible control machine
Updated 4 months ago