wikiv1:netbox_deploy_v2
Table of Contents
Netbox Deployment v2
Database PostgreSQL
# CREATE ROLE netbox LOGIN; # CREATE DATABASE netbox OWNER netbox; # \password netbox # \q
$ vim ${PGDATA}/pg_hba.conf [...] # Acesso netbox Kubernetes host netbox netbox 2804:694:4c00:4007::/64 scram-sha-256
$ pg_ctl reload
Database/Caching Redis
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install redis bitnami/redis --create-namespace -n netbox --set global.storageClass=nfs-client NAME: redis LAST DEPLOYED: Thu Feb 2 10:24:00 2023 NAMESPACE: netbox STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: CHART NAME: redis CHART VERSION: 17.6.0 APP VERSION: 7.0.8 ** Please be patient while the chart is being deployed ** Redis® can be accessed on the following DNS names from within your cluster: redis-master.netbox.svc.cluster.local for read/write operations (port 6379) redis-replicas.netbox.svc.cluster.local for read-only operations (port 6379) To get your password run: export REDIS_PASSWORD=$(kubectl get secret --namespace netbox redis -o jsonpath="{.data.redis-password}" | base64 -d) To connect to your Redis® server: 1. Run a Redis® pod that you can use as a client: kubectl run --namespace netbox redis-client --restart='Never' --env REDIS_PASSWORD=$REDIS_PASSWORD --image docker.io/bitnami/redis:7.0.8-debian-11-r0 --command -- sleep infinity Use the following command to attach to the pod: kubectl exec --tty -i redis-client \ --namespace netbox -- bash 2. Connect using the Redis® CLI: REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-master REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-replicas To connect to your database from outside the cluster execute the following commands: kubectl port-forward --namespace netbox svc/redis-master 6379:6379 & REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p 6379
$ kubectl get all -n netbox NAME READY STATUS RESTARTS AGE pod/redis-master-0 1/1 Running 0 2m43s pod/redis-replicas-0 1/1 Running 0 2m43s pod/redis-replicas-1 1/1 Running 0 2m7s pod/redis-replicas-2 1/1 Running 0 100s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/redis-headless ClusterIP None <none> 6379/TCP 2m44s service/redis-master ClusterIP 10.96.158.194 <none> 6379/TCP 2m43s service/redis-replicas ClusterIP 10.96.127.204 <none> 6379/TCP 2m44s NAME READY AGE statefulset.apps/redis-master 1/1 2m43s statefulset.apps/redis-replicas 3/3 2m43s
$ kubectl get pvc -n netbox NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE redis-data-redis-master-0 Bound pvc-588529fe-aae3-4e6b-ad97-d91fbd8db311 8Gi RWO nfs-client 3m23s redis-data-redis-replicas-0 Bound pvc-9def509a-8f50-4a42-aa78-1910afd96b06 8Gi RWO nfs-client 3m23s redis-data-redis-replicas-1 Bound pvc-30ff64b8-cfa2-4486-b127-0f4870dc542f 8Gi RWO nfs-client 2m47s redis-data-redis-replicas-2 Bound pvc-8df8310d-4a7e-4c9f-90f5-9132e9c0d488 8Gi RWO nfs-client 2m20s
$ kubectl get cm -n netbox NAME DATA AGE kube-root-ca.crt 1 3m57s redis-configuration 3 3m57s redis-health 6 3m57s redis-scripts 2 3m57s
$ kubectl get secret -n netbox NAME TYPE DATA AGE default-token-g7579 kubernetes.io/service-account-token 3 4m33s redis Opaque 1 4m33s redis-token-brk6n kubernetes.io/service-account-token 3 4m33s sh.helm.release.v1.redis.v1 helm.sh/release.v1 1 4m33s
Netbox
ConfigMap
- netbox-cm.yaml
apiVersion: v1 data: DB_HOST: pgsql.juntotelecom.com.br DB_NAME: netbox DB_PORT: "5432" DB_USER: netbox REDIS_HOST: redis-master REDIS_PORT: "6379" REDIS_SSL: "false" kind: ConfigMap metadata: annotations: meta.helm.sh/release-name: netbox meta.helm.sh/release-namespace: netbox labels: app.kubernetes.io/name: netbox name: netbox namespace: netbox
$ kubectl apply -f netbox-cm.yaml
- netbox-cm-config.yaml
apiVersion: v1 data: nginx.conf: |- daemon off; worker_processes 1; error_log /dev/stderr info; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; sendfile on; tcp_nopush on; keepalive_timeout 65; gzip on; server_tokens off; client_max_body_size 10M; upstream netbox { server localhost:8001 fail_timeout=0; } server { listen 8080; access_log off; location /static/ { alias /opt/netbox/netbox/static/; } location / { proxy_pass http://netbox; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"'; } } server { listen 8081; access_log off; location = /stub_status { stub_status; } } } kind: ConfigMap metadata: annotations: meta.helm.sh/release-name: netbox meta.helm.sh/release-namespace: netbox labels: app.kubernetes.io/name: netbox name: netbox-config-files namespace: netbox
$ kubectl apply -f netbox-cm-config.yaml
Secret
- netbox-secret.yaml
apiVersion: v1 data: SECRET_KEY: ZGgxczBSUHg4MG1LTVBjRXN2Ukx3eDllS1A4bHNZTzFiN01jdmwwdk94aFlBbEFzSjU= kind: Secret metadata: annotations: meta.helm.sh/release-name: netbox meta.helm.sh/release-namespace: netbox labels: app.kubernetes.io/name: netbox name: netbox namespace: netbox type: Opaque
$ kubectl apply -f netbox-secret.yaml
- netbox-secret-postgres.yaml
apiVersion: v1 data: postgres-password: aXd6dHlSIUppT0VPbGg1cQ== kind: Secret metadata: annotations: meta.helm.sh/release-name: netbox meta.helm.sh/release-namespace: netbox labels: app.kubernetes.io/name: postgresql name: netbox-postgresql namespace: netbox type: Opaque
$ kubectl apply -f netbox-secret-postgres.yaml
persistentVolumeClaim
- netbox-pvc.yaml
apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: meta.helm.sh/release-name: netbox meta.helm.sh/release-namespace: netbox labels: app.kubernetes.io/name: netbox name: netbox namespace: netbox spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: nfs-client
$ kubectl apply -f netbox-pvc.yaml
Deployment
- netbox-worker-deployment.yaml
apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "1" labels: app.kubernetes.io/name: netbox name: netbox-worker namespace: netbox spec: selector: matchLabels: app.kubernetes.io/name: netbox template: metadata: annotations: {} labels: app.kubernetes.io/name: netbox spec: containers: - command: - /opt/netbox/venv/bin/python3 - /opt/netbox/netbox/manage.py - rqworker env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: redis - name: DB_PASSWORD valueFrom: secretKeyRef: key: postgres-password name: netbox-postgresql envFrom: - configMapRef: name: netbox - secretRef: name: netbox image: netboxcommunity/netbox:v3.4.2 imagePullPolicy: Always name: netbox-worker resources: {} restartPolicy: Always securityContext: {}
- netbox-deployment.yaml
apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "1" labels: app.kubernetes.io/name: netbox name: netbox namespace: netbox spec: selector: matchLabels: app.kubernetes.io/name: netbox template: metadata: annotations: {} labels: app.kubernetes.io/name: netbox spec: containers: - env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: redis - name: DB_PASSWORD valueFrom: secretKeyRef: key: postgres-password name: netbox-postgresql envFrom: - configMapRef: name: netbox - secretRef: name: netbox image: netboxcommunity/netbox:v3.4.2 imagePullPolicy: Always name: netbox ports: - containerPort: 8080 name: http protocol: TCP resources: {} volumeMounts: - mountPath: /etc/netbox/media name: data restartPolicy: Always securityContext: {} volumes: - configMap: defaultMode: 420 name: netbox-config-files name: netbox-config-files - name: data persistentVolumeClaim: claimName: netbox
- netbox-housekeeping-deployment.yaml
apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "1" labels: app.kubernetes.io/name: netbox name: netbox-housekeeping namespace: netbox spec: selector: matchLabels: app.kubernetes.io/name: netbox template: metadata: annotations: {} labels: app.kubernetes.io/name: netbox spec: containers: - command: - /opt/netbox/housekeeping.sh env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: redis - name: DB_PASSWORD valueFrom: secretKeyRef: key: postgres-password name: netbox-postgresql envFrom: - configMapRef: name: netbox - secretRef: name: netbox image: netboxcommunity/netbox:v3.4.2 imagePullPolicy: Always name: netbox-housekeeping resources: {} restartPolicy: Always securityContext: {}
$ kubectl apply -f netbox-worker-deployment.yaml -f netbox-deployment.yaml -f netbox-housekeeping-deployment.yaml
Service
- netbox-svc.yaml
apiVersion: v1 kind: Service metadata: annotations: meta.helm.sh/release-name: netbox meta.helm.sh/release-namespace: netbox labels: app.kubernetes.io/name: netbox name: netbox namespace: netbox spec: ipFamilies: - IPv4 - IPv6 ipFamilyPolicy: PreferDualStack ports: - name: http port: 80 protocol: TCP targetPort: http selector: app.kubernetes.io/name: netbox sessionAffinity: None type: ClusterIP
$ kubectl apply -f netbox-svc.yaml
Ingress
- netbox-ingress.yaml
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: netbox namespace: netbox spec: ingressClassName: nginx rules: - host: netbox.juntotelecom.com.br http: paths: - backend: service: name: netbox port: number: 80 path: / pathType: Prefix
$ kubectl apply -f netbox-ingress.yaml
$ kubectl get all -n netbox NAME READY STATUS RESTARTS AGE pod/netbox-789fd8cb69-kmb78 1/1 Running 0 15m pod/netbox-housekeeping-84bb87786c-9bwxg 1/1 Running 0 15m pod/netbox-worker-5998c9f9c5-q4wvt 1/1 Running 0 15m pod/redis-master-0 1/1 Running 0 99m pod/redis-replicas-0 1/1 Running 0 99m pod/redis-replicas-1 1/1 Running 0 98m pod/redis-replicas-2 1/1 Running 0 98m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/netbox ClusterIP 10.96.234.47 <none> 80/TCP 5m16s service/redis-headless ClusterIP None <none> 6379/TCP 99m service/redis-master ClusterIP 10.96.158.194 <none> 6379/TCP 99m service/redis-replicas ClusterIP 10.96.127.204 <none> 6379/TCP 99m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/netbox 1/1 1 1 15m deployment.apps/netbox-housekeeping 1/1 1 1 15m deployment.apps/netbox-worker 1/1 1 1 15m NAME DESIRED CURRENT READY AGE replicaset.apps/netbox-789fd8cb69 1 1 1 15m replicaset.apps/netbox-housekeeping-84bb87786c 1 1 1 15m replicaset.apps/netbox-worker-5998c9f9c5 1 1 1 15m NAME READY AGE statefulset.apps/redis-master 1/1 99m statefulset.apps/redis-replicas 3/3 99m
wikiv1/netbox_deploy_v2.txt · Last modified: by 127.0.0.1