Differences

This shows you the differences between two versions of the page.

--- netbox_deploy_v1 [2025/07/26 17:09] – - Imported by DokuWiki Advanced Plugin wikiadm
+++ netbox_deploy_v1 [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
@@ Line 1: / Line 1: @@
-====== Netbox Deployment v1 ======
-===== PostgreSQL =====
-<file bash>
-$ helm repo add bitnami https://charts.bitnami.com/bitnami
-</file>
-<file bash>
-$ helm show values bitnami/postgresql > postgresql-values.yaml
-</file>
-<file bash>
-$ vim postgresql-values.yaml
-[...]
-global:
-[...]
-   storageClass: "nfs-client"
-[...]
-auth:
-   ## @param auth.enablePostgresUser Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user
-[...]
-   username: "netbox"
-   ## @param auth.password Password for the custom user to create. Ignored if `auth.existingSecret` with key `password` is provided
-[...]
-   database: "netbox"
-   ## @param auth.replicationUsername Name of the replication user
-[...]
-</file>
-<file bash>
-$ kubectl create ns netbox-community
-</file>
-<file bash>
-$ helm install netbox-postgresql --namespace netbox-community bitnami/postgresql -f postgresql-values.yaml
-NAME: netbox-postgresql
-LAST DEPLOYED: Wed Feb  1 10:23:36 2023
-NAMESPACE: netbox-community
-STATUS: deployed
-REVISION: 1
-TEST SUITE: None
-NOTES:
-CHART NAME: postgresql
-CHART VERSION: 12.1.10
-APP VERSION: 15.1.0
-** Please be patient while the chart is being deployed **
-PostgreSQL can be accessed via port 5432 on the following DNS names from within your cluster:
-    netbox-postgresql.netbox-community.svc.cluster.local - Read/Write connection
-To get the password for "postgres" run:
-    export POSTGRES_ADMIN_PASSWORD=$(kubectl get secret --namespace netbox-community netbox-postgresql -o jsonpath="{.data.postgres-password}" | base64 -d)
-To get the password for "netbox" run:
-    export POSTGRES_PASSWORD=$(kubectl get secret --namespace netbox-community netbox-postgresql -o jsonpath="{.data.password}" | base64 -d)
-To connect to your database run the following command:
-    kubectl run netbox-postgresql-client --rm --tty -i --restart='Never' --namespace netbox-community --image docker.io/bitnami/postgresql:15.1.0-debian-11-r20 --env="PGPASSWORD=$POSTGRES_PASSWORD" \
-      --command -- psql --host netbox-postgresql -U netbox -d netbox -p 5432
-    > NOTE: If you access the container using bash, make sure that you execute "/opt/bitnami/scripts/postgresql/entrypoint.sh /bin/bash" in order to avoid the error "psql: local user with ID 1001} does not exist"
-To connect to your database from outside the cluster execute the following commands:
-    kubectl port-forward --namespace netbox-community svc/netbox-postgresql 5432:5432 &
-    PGPASSWORD="$POSTGRES_PASSWORD" psql --host 127.0.0.1 -U netbox -d netbox -p 5432
-WARNING: The configured password will be ignored on new installation in case when previous Posgresql release was deleted through the helm command. In that case, old PVC will have an old password, and setting it through helm won't take effect. Deleting persistent volumes (PVs) will solve the issue.
-</file>
-<file bash>
-$ kubectl get all -n netbox-community
-NAME                      READY   STATUS    RESTARTS   AGE
-pod/netbox-postgresql-0   1/1     Running   0          69s
-NAME                           TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
-service/netbox-postgresql      ClusterIP   10.96.33.75   <none>        5432/TCP   69s
-service/netbox-postgresql-hl   ClusterIP   None          <none>        5432/TCP   69s
-NAME                                 READY   AGE
-statefulset.apps/netbox-postgresql   1/1     69s
-</file>
-===== Redis =====
-<file bash>
-$ helm show values bitnami/redis > redis-values.yaml
-</file>
-<file bash>
-$ vim redis-values.yaml
-[...]
-global:
-[...]
-   storageClass: "nfs-client"
-[...]
-</file>
-<file bash>
-$ helm install netbox-redis --namespace netbox-community bitnami/redis -f redis-values.yaml
-NAME: netbox-redis
-LAST DEPLOYED: Wed Feb  1 10:32:32 2023
-NAMESPACE: netbox-community
-STATUS: deployed
-REVISION: 1
-TEST SUITE: None
-NOTES:
-CHART NAME: redis
-CHART VERSION: 17.6.0
-APP VERSION: 7.0.8
-** Please be patient while the chart is being deployed **
-Redis&reg; can be accessed on the following DNS names from within your cluster:
-    netbox-redis-master.netbox-community.svc.cluster.local for read/write operations (port 6379)
-    netbox-redis-replicas.netbox-community.svc.cluster.local for read-only operations (port 6379)
-To get your password run:
-    export REDIS_PASSWORD=$(kubectl get secret --namespace netbox-community netbox-redis -o jsonpath="{.data.redis-password}" | base64 -d)
-To connect to your Redis&reg; server:
-. Run a Redis&reg; pod that you can use as a client:
-   kubectl run --namespace netbox-community redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:7.0.8-debian-11-r0 --command -- sleep infinity
-   Use the following command to attach to the pod:
-   kubectl exec --tty -i redis-client \
-   --namespace netbox-community -- bash
-. Connect using the Redis&reg; CLI:
-   REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h netbox-redis-master
-   REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h netbox-redis-replicas
-To connect to your database from outside the cluster execute the following commands:
-    kubectl port-forward --namespace netbox-community svc/netbox-redis-master 6379:6379 &
-    REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p 6379
-</file>
-<file bash>
-$ kubectl get all -n netbox-community
-NAME                          READY   STATUS    RESTARTS   AGE
-pod/netbox-postgresql-0       1/1     Running   0          10m
-pod/netbox-redis-master-0     1/1     Running   0          116s
-pod/netbox-redis-replicas-0   1/1     Running   0          116s
-pod/netbox-redis-replicas-1   1/1     Running   0          74s
-pod/netbox-redis-replicas-2   1/1     Running   0          37s
-NAME                            TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
-service/netbox-postgresql       ClusterIP   10.96.33.75     <none>        5432/TCP   10m
-service/netbox-postgresql-hl    ClusterIP   None            <none>        5432/TCP   10m
-service/netbox-redis-headless   ClusterIP   None            <none>        6379/TCP   116s
-service/netbox-redis-master     ClusterIP   10.96.247.236   <none>        6379/TCP   116s
-service/netbox-redis-replicas   ClusterIP   10.96.85.97     <none>        6379/TCP   116s
-NAME                                     READY   AGE
-statefulset.apps/netbox-postgresql       1/1     10m
-statefulset.apps/netbox-redis-master     1/1     116s
-statefulset.apps/netbox-redis-replicas   3/3     116s
-</file>
-===== Netbox =====
-<file yaml netbox-configmap.yaml>
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: netbox-configmap
-  namespace: netbox-community
-data:
-  ALLOWED_HOSTS: '*'
-  CHANGELOG_RETENTION: "90"
-  DB_HOST: netbox-postgresql
-  DB_NAME: netbox
-  DB_USER: netbox
-  EMAIL_FROM: netbox@bar.com
-  EMAIL_PORT: "25"
-  EMAIL_SERVER: localhost
-  EMAIL_TIMEOUT: "10"
-  EMAIL_USERNAME: foo
-  EXEMPT_VIEW_PERMISSIONS: ''
-  LOGIN_REQUIRED: "true"
-  MEDIA_ROOT: /opt/netbox/netbox/media
-  METRICS_ENABLED: "true"
-  NETBOX_USERNAME: guest
-  REDIS_HOST: netbox-redis-master
-  REDIS_CACHE_HOST: netbox-redis-master
-  REDIS_PORT: "6379"
-  REDIS_CACHE_PORT: "6379"
-  REDIS_DATABASE: "0"
-  REDIS_CACHE_DATABASE: "1"
-  SUPERUSER_EMAIL: admin@example.com
-  SUPERUSER_NAME: admin
-  MAINTENANCE_MODE: 'False'
-  DEBUG: 'False'
-</file>
-<file bash>
-$ kubectl apply -f netbox-configmap.yaml
-</file>
-<file yaml netbox-secrets.yaml>
-apiVersion: v1
-kind: Secret
-metadata:
-  name: netbox-secret
-  namespace: netbox-community
-type: Opaque
-data:
-  email_password: dGVzdAo=
-  napalm_password: Cg==
-  secret_key: ISQ5cW1VQDlxaXhQRTZRbiptZnc5NHRPb2xKZGtFYSNlOEY0NTZlMTdOdmlCNXFsbms=
-  superuser_password: c3VwZXJwYXNzd29yZA==
-  superuser_api_token: NDhjN2JhOTItMGY4Mi00NDNhLThjZjMtOTgxNTU5ZmYzMmNm
-</file>
-<file bash>
-$ kubectl apply -f netbox-secrets.yaml
-</file>
-<file yaml netbox-startup-configmap.yaml>
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: startup-configmap
-  namespace: netbox-community
-data:
-  start-rqworker.sh: |
-    /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py rqworker &>/dev/null &disown;
-  nginx-caching-fix.sh: |
-    chown unit:root -R /opt/unit/tmp/
-</file>
-<file bash>
-$ kubectl apply -f netbox-startup-configmap.yaml
-</file>
-<file yaml netbox-media-pvc.yaml>
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: netbox-media-pvc
-  namespace: netbox-community
-  labels:
-    name: netbox-media-pvc
-spec:
-  accessModes:
-  - ReadWriteMany
-  resources:
-    requests:
-      storage: 1Gi
-  storageClassName: nfs-client
-</file>
-<file bash>
-$ kubectl apply -f netbox-media-pvc.yaml
-</file>
-<file yaml netbox-deployment.yaml>
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: netbox
-  namespace: netbox-community
-  labels:
-    k8s-app: netbox
-spec:
-  replicas: 3
-  selector:
-    matchLabels:
-      k8s-app: netbox
-  template:
-    metadata:
-      labels:
-        k8s-app: netbox
-    spec:
-      containers:
-      # NetBox container using the netbox-docker image: https://github.com/netbox-community/netbox-docker
-      - name: netbox
-        image: netboxcommunity/netbox:latest-ldap
-        ports:
-        - name: http
-          containerPort: 8080
-        readinessProbe: # will mark the pod as ready once the initialization script is completed and will probe every 20 seconds
-          httpGet:
-            path: /
-            port: http
-          initialDelaySeconds: 5
-          periodSeconds: 20
-        envFrom:
-          - configMapRef:
-              name: netbox-configmap
-        lifecycle: # Will run the post-startup scripts detailed in netbox-startup-configmap.yaml
-          postStart:
-            exec:
-              command:
-                - /bin/sh
-                - -c
-                - >
-                  bash /home/start-rqworker.sh &&
-                  bash /home/nginx-caching-fix.sh
-        volumeMounts:
-        - name: db-password
-          mountPath: /run/secrets/db_password
-          subPath: db_password
-          readOnly: true
-        - name: email-password
-          mountPath: /run/secrets/email_password
-          subPath: email_password
-          readOnly: true
-        - name: napalm-password
-          mountPath: /run/secrets/napalm_password
-          subPath: napalm_password
-          readOnly: true
-        - name: redis-password
-          mountPath: /run/secrets/redis_password
-          subPath: redis_password
-        - name: secret-key
-          mountPath: /run/secrets/secret_key
-          subPath: secret_key
-          readOnly: true
-        - name: superuser-api-token
-          mountPath: /run/secrets/superuser_api_token
-          subPath: superuser_api_token
-        - name: superuser-password
-          mountPath: /run/secrets/superuser_password
-          subPath: superuser_password
-          readOnly: true
-        # Persistent Volume paths
-        - name: netbox-media-files # Allows for multiple replicas of the netbox pod to be available
-          mountPath: /opt/netbox/netbox/media
-        - mountPath: /home/start-rqworker.sh
-          name: start-rqworker
-          subPath: start-rqworker.sh
-        - mountPath: /home/nginx-caching-fix.sh
-          name: nginx-caching-fix
-          subPath: nginx-caching-fix.sh
-      restartPolicy: Always
-      volumes:
-      # Reference to configmaps and PVs
-      - name: netbox-media-files
-        persistentVolumeClaim:
-          claimName: netbox-media-pvc
-          readOnly: false
-      - name: start-rqworker
-        configMap:
-          name: startup-configmap
-          items:
-          - key: "start-rqworker.sh"
-            path: "start-rqworker.sh"
-      - name: nginx-caching-fix
-        configMap:
-          name: startup-configmap
-          items:
-          - key: "nginx-caching-fix.sh"
-            path: "nginx-caching-fix.sh"
-      # Populate via secret
-      - name: db-password
-        secret:
-          secretName: netbox-postgresql
-          items:
-          - key: password
-            path: db_password
-      - name: email-password
-        secret:
-          secretName: netbox-secret
-          items:
-          - key: email_password
-            path: email_password
-      - name: napalm-password
-        secret:
-          secretName: netbox-secret
-          items:
-          - key: napalm_password
-            path: napalm_password
-      - name: redis-password
-        secret:
-          secretName: netbox-redis
-          items:
-          - key: redis-password
-            path: redis_password
-      - name: secret-key
-        secret:
-          secretName: netbox-secret
-          items:
-          - key: secret_key
-            path: secret_key
-      - name: superuser-password
-        secret:
-          secretName: netbox-secret
-          items:
-          - key: superuser_password
-            path: superuser_password
-      - name: superuser-api-token
-        secret:
-          secretName: netbox-secret
-          items:
-          - key: superuser_api_token
-            path: superuser_api_token
-</file>
-<file bash>
-$ kubectl apply -f netbox-deployment.yaml
-</file>
-<file yaml netbox-service.yaml>
-apiVersion: v1
-kind: Service
-metadata:
-  name: netbox
-  namespace: netbox-community
-  labels:
-    k8s-app: netbox
-spec:
-  ports:
-  - port: 80
-    targetPort: http
-  selector:
-    k8s-app: netbox
-</file>
-<file bash>
-$ kubectl apply -f netbox-service.yaml
-</file>