The code in this repository has been migrated to the Nautobot ChatOps Repository as an integration - read more about it in the ChatOps Docs! As of July 2023 this repository has been FROZEN - all development / issues / discussions for this integration are in the Nautobot ChatOps Repository going forward.
The Nautobot Cisco ACI Chatops Plugin extends the Nautobot Chatops framework to interact with a Cisco APIC (Application Policy Infrastructure Controller) using commands in Slack, Webex, Microsoft Teams, and Mattermost.
The plugin is available as a Python package in pypi and can be installed with pip:
pip install nautobot-plugin-chatops-aci
Once installed, the plugin needs to be enabled in your nautobot_config.py
:
# In your nautobot_config.py
PLUGINS = ["nautobot_chatops", "nautobot_plugin_chatops_aci"]
In addition, add the below PLUGINS_CONFIG
section to nautobot_config.py
.
It is only necessary to add the sections from the below snippet for the chat platform you will be using (Slack, Webex, etc.).
# Also in nautobot_config.py
PLUGINS_CONFIG = {
"nautobot_chatops": {
# Slack
"enable_slack": os.environ.get("ENABLE_SLACK", False),
"slack_api_token": os.environ.get("SLACK_API_TOKEN"),
"slack_signing_secret": os.environ.get("SLACK_SIGNING_SECRET"),
"slack_slash_command_prefix": os.environ.get("SLACK_SLASH_COMMAND_PREFIX", "/"),
# Webex
"enable_webex": os.environ.get("ENABLE_WEBEX", False),
"webex_token": os.environ.get("WEBEX_TOKEN"),
"webex_signing_secret": os.environ.get("WEBEX_SIGNING_SECRET"),
# Mattermost
"enable_mattermost": os.environ.get("ENABLE_MATTERMOST", False),
"mattermost_api_token": os.environ.get("MATTERMOST_API_TOKEN"),
"mattermost_url": os.environ.get("MATTERMOST_URL"),
# MS Teams
"enable_ms_teams": os.environ.get("ENABLE_MS_TEAMS", False),
"microsoft_app_id": os.environ.get("MICROSOFT_APP_ID"),
"microsoft_app_password": os.environ.get("MICROSOFT_APP_PASSWORD"),
},
"nautobot_chatops_aci": {"aci_creds": {x: os.environ[x] for x in os.environ if "APIC" in x}},
}
The aci_creds
setting above creates a Python dictionary which imports any environment variables prefixed with APIC
. The following environment variables are needed to define each APIC hostname and credentials:
export APIC_USERNAME_NTCAPIC="{{ APIC username }}"
export APIC_PASSWORD_NTCAPIC="{{ APIC password }}"
export APIC_URI_NTCAPIC="{{ https://apic_hostname }}"
export APIC_VERIFY_NTCAPIC="{{ Check SSL certificate (True or False) }}"
The text NTCAPIC
in the above variable names can be replaced with an identifier of your choosing. It will show up in the APIC selection dialogue when executing commands as shown below.
With this syntax, it is possible to support multiple APICs. For example, to add another APIC to the selection list we could specify a second set of credentials:
export APIC_USERNAME_DEVNET="{{ APIC username }}"
export APIC_PASSWORD_DEVNET="{{ APIC password }}"
export APIC_URI_DEVNET="{{ https://apic_hostname }}"
export APIC_VERIFY_DEVNET="{{ Check SSL certificate (True or False) }}"
When executing chat commands, we would then be presented with a selection dialog containing both ntcapic
and devnet
.
In addition, the following environment variables are required for the chat platform in use. The Platform-specific Setup document describes how to retrieve the tokens and secrets for each chat platform that will need to be used in the environment variables.
It is only necessary to create the environment variables shown below for the chat platform you will be using. To make the environment variables persistent, add them to the ~/.bash_profile for the user running Nautobot.
# Slack
export ENABLE_SLACK="true"
export SLACK_API_TOKEN="foobar"
export SLACK_SIGNING_SECRET="foobar"
# Webex
export ENABLE_WEBEX="true"
export WEBEX_TOKEN="foobar"
export WEBEX_SIGNING_SECRET="foobar"
# Mattermost
export ENABLE_MATTERMOST="false"
export MATTERMOST_API_TOKEN="foobar"
export MATTERMOST_URL="foobar"
# Microsoft Teams
export ENABLE_MS_TEAMS="false"
export MICROSOFT_APP_ID="foobar"
export MICROSOFT_APP_PASSWORD="foobar"
When deploying as Docker containers, all of the above environment variables should be defined in the file
development/creds.env
. An example credentials filecreds.env.example
is available in thedevelopment
folder.
Add a top level command named aci
to the platform you are using. See the Platform-specific Setup section of the Nautobot Chatops Installation Guide for instructions specific to Slack, Microsoft Teams, WebEx, and Mattermost.
The following commands are available:
Command | Description |
---|---|
get-tenants [apic] | Display tenants configured in Cisco ACI. |
get-aps [apic] [tenant] | Display Application Profiles configured in Cisco ACI. |
get-epgs [apic] [tenant] [ap] | Display Endpoint Groups (EPGs) configured in Cisco ACI. |
get-epg-details [apic] [tenant] [ap] [epg] | Display details for an Endpoint Group in Cisco ACI. |
get-vrfs [apic] [tenant] | Display vrfs configured in Cisco ACI. |
get-bds [apic] [tenant] | Display Bridge Domains configured in Cisco ACI. |
get-pending-nodes [apic] | Display unregistered nodes in Cisco ACI. |
get-nodes [apic] | Display fabric nodes in Cisco ACI. |
get-controllers [apic] | Display APIC controllers in Cisco ACI. |
get-interfaces [apic] [pod-id] [node-id] [state] | Display interfaces on a specified node in Cisco ACI. |
register-node [apic] [serial-nbr] [node-id] [name] | Register a new fabric node in Cisco ACI. |
|
Pull requests are welcomed and automatically built and tested against multiple version of Python and multiple version of Nautobot through TravisCI.
The project is packaged with a light development environment based on docker-compose
to help with the local development of the project and to run the tests within TravisCI.
The project is following Network to Code software development guideline and is leveraging:
- Black, Pylint, Bandit and pydocstyle for Python linting and formatting.
- Django unit test to ensure the plugin is working properly.
The development environment can be used in 2 ways. First, with a local poetry environment if you wish to develop outside of Docker. Second, inside of a docker container.
The PyInvoke library is used to provide some helper commands based on the environment. There are a few configuration parameters which can be passed to PyInvoke to override the default configuration:
nautobot_ver
: the version of Nautobot to use as a base for any built docker containers (default: latest)project_name
: the default docker compose project name (default: nautobot-plugin-chatops-aci)python_ver
: the version of Python to use as a base for any built docker containers (default: 3.6)local
: a boolean flag indicating if invoke tasks should be run on the host or inside the docker containers (default: False, commands will be run in docker containers)compose_dir
: the full path to a directory containing the project compose filescompose_files
: a list of compose files applied in order (see Multiple Compose files for more information)
Using PyInvoke these configuration options can be overridden using several methods. Perhaps the simplest is simply setting an environment variable INVOKE_NAUTOBOT-PLUGIN-CHATOPS-ACI_VARIABLE_NAME
where VARIABLE_NAME
is the variable you are trying to override. The only exception is compose_files
, because it is a list it must be overridden in a yaml file. There is an example invoke.yml
in this directory which can be used as a starting point.
- Copy
development/creds.env.example
todevelopment/creds.env
(This file will be ignored by git and docker) - Uncomment the
POSTGRES_HOST
,REDIS_HOST
, andNAUTOBOT_ROOT
variables indevelopment/creds.env
- Create an invoke.yml with the following contents at the root of the repo:
---
nautobot_plugin_chatops_aci:
local: true
compose_files:
- "docker-compose.requirements.yml"
- Run the following commands:
poetry shell
poetry install
export $(cat development/dev.env | xargs)
export $(cat development/creds.env | xargs)
- You can now run nautobot-server commands as you would from the Nautobot documentation for example to start the development server:
nautobot-server runserver 0.0.0.0:8080 --insecure
Nautobot server can now be accessed at http://localhost:8080.
This project is managed by Python Poetry and has a few requirements to setup your development environment:
- Install Poetry, see the Poetry Documentation for your operating system.
- Install Docker, see the Docker documentation for your operating system.
Once you have Poetry and Docker installed you can run the following commands to install all other development dependencies in an isolated python virtual environment:
poetry shell
poetry install
invoke start
Nautobot server can now be accessed at http://localhost:8080.
The project is coming with a CLI helper based on invoke to help setup the development environment. The commands are listed below in 3 categories dev environment
, utility
and testing
.
Each command can be executed with invoke <command>
. Environment variables INVOKE_NAUTOBOT-PLUGIN-CHATOPS-ACI_PYTHON_VER
and INVOKE_NAUTOBOT-PLUGIN-CHATOPS-ACI_NAUTOBOT_VER
may be specified to override the default versions. Each command also has its own help invoke <command> --help
build Build all docker images.
debug Start Nautobot and its dependencies in debug mode.
destroy Destroy all containers and volumes.
restart Restart Nautobot and its dependencies.
start Start Nautobot and its dependencies in detached mode.
stop Stop Nautobot and its dependencies.
cli Launch a bash shell inside the running Nautobot container.
create-user Create a new user in django (default: admin), will prompt for password.
makemigrations Run Make Migration in Django.
nbshell Launch a nbshell session.
bandit Run bandit to validate basic static code security analysis.
black Run black to check that Python files adhere to its style standards.
flake8 This will run flake8 for the specified name and Python version.
pydocstyle Run pydocstyle to validate docstring formatting adheres to NTC defined standards.
pylint Run pylint code analysis.
tests Run all tests for this plugin.
unittest Run Django unit tests for the plugin.
For any questions or comments, please check the FAQ first and feel free to swing by the Network to Code slack channel (channel #networktocode). Sign up here