From df9bc3886a48f0d396c192167b3eb9f8afe311af Mon Sep 17 00:00:00 2001
From: Brandon Wulf <brandon@webwulf.net>
Date: Wed, 11 Apr 2018 13:43:23 -0700
Subject: [PATCH 1/2] Adding a basic kubernetes example.
---
README.md | 20 +++++++
kubernetes/netbox.yaml | 115 +++++++++++++++++++++++++++++++++++++++
kubernetes/nginx.yaml | 99 +++++++++++++++++++++++++++++++++
kubernetes/postgres.yaml | 67 +++++++++++++++++++++++
4 files changed, 301 insertions(+)
create mode 100644 kubernetes/netbox.yaml
create mode 100644 kubernetes/nginx.yaml
create mode 100644 kubernetes/postgres.yaml
diff --git a/README.md b/README.md
index fcb86a1..f5bffdc 100644
--- a/README.md
+++ b/README.md
@@ -108,6 +108,26 @@ Please also consider [the advice about running NetBox in production](#production
[k8s-secrets]: https://kubernetes.io/docs/concepts/configuration/secret/
[k8s-config]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/
+#### Example Kubernetes Deployment
+
+Check out the project:
+```
+git clone https://github.com/ninech/netbox-docker.git
+cd netbox-docker/kubernetes
+```
+
+Fill in the configuration parameters:
+ * In `netbox.yaml`,
+ * Set environment variables in the `netbox-netbox-env` ConfigMap and the `netbox-netbox-secrets` Secret. Secrets must be base64 encoded first (see the inline comments).
+ * Change the `DB_HOST` environment parameter to be the DNS name (from inside the cluster) for the postgres db. This probably just involves adding the namespace.
+ * Set the `storageClassName` if required in your cluster.
+ * In `postgres,yaml`, set the `POSTGRES_PASSWORD` to match `netbox.yaml`.
+
+Deploy to kubernetes:
+```
+kubectl apply -f .
+```
+
### NAPALM Configuration
Since v2.1.0 NAPALM has been tightly integrated into NetBox.
diff --git a/kubernetes/netbox.yaml b/kubernetes/netbox.yaml
new file mode 100644
index 0000000..a1cb708
--- /dev/null
+++ b/kubernetes/netbox.yaml
@@ -0,0 +1,115 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: netbox-netbox-env
+data:
+ ALLOWED_HOSTS: '*'
+ DB_HOST: netbox-postgres.default.svc.cluster.local # default should be changed to deploymenent namespace
+ DB_NAME: netbox
+ DB_USER: netbox
+ EMAIL_FROM: netbox@bar.com
+ EMAIL_PORT: "25"
+ EMAIL_SERVER: localhost
+ EMAIL_TIMEOUT: "10"
+ EMAIL_USERNAME: foo
+ NETBOX_USERNAME: guest
+ SUPERUSER_EMAIL: admin@example.com
+ SUPERUSER_NAME: admin
+ NAPALM_USERNAME: rancid
+ NAPALM_TIMEOUT: '30'
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: netbox-netbox-secrets
+type: Opaque
+data:
+ SUPERUSER_PASSWORD: YWRtaW4= # echo -n 'admin' | base64
+ SUPERUSER_API_TOKEN: MDEyZWU4NzY4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWYwMTIzNDU2Nw== # echo -n '012ee87689abcdef0123456789abcdef01234567' | base64
+ DB_PASSWORD: SjVickhyb2RqZHU0aWYwSw== # echo -n 'J5brHrodjdu4if0K' | base64
+ SECRET_KEY: cjhPd0QkJWohRkdjaQ== # echo -n 'r8OwD$%j!FGci' | base64
+ EMAIL_PASSWORD: YWRtaW4= # echo -n 'admin' | base64
+ NETBOX_PASSWORD: YWRtaW4= # echo -n 'admin' | base64
+ NAPALM_PASSWORD: YWRtaW4= # echo -n 'admin' | base64
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: netbox-static-files
+ labels:
+ pvcname: netbox-static-files
+spec:
+ accessModes:
+ - ReadWriteMany
+# storageClassName: gluster-storage # May neet to be removed/changed
+ resources:
+ requests:
+ storage: 100Mi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: netbox
+ labels:
+ backend: netbox
+ app: netbox
+spec:
+ replicas: 1
+ revisionHistoryLimit: 2
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 50%
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ backend: netbox
+ app: netbox
+ template:
+ metadata:
+ labels:
+ backend: netbox
+ app: netbox
+ spec:
+ containers:
+ - name: netbox
+ image: ninech/netbox:latest-ldap
+ ports:
+ - containerPort: 8001
+ envFrom:
+ - secretRef:
+ name: netbox-netbox-secrets
+ - configMapRef:
+ name: netbox-netbox-env
+ volumeMounts:
+ - name: netbox-nginx-config
+ mountPath: /etc/netbox-nginx/
+ - name: netbox-static-files
+ mountPath: /opt/netbox/netbox/static
+ restartPolicy: Always
+ dnsPolicy: ClusterFirst
+ volumes:
+ - name: netbox-nginx-config
+ configMap:
+ name: netbox-nginx-conf
+ - name: netbox-static-files
+ persistentVolumeClaim:
+ claimName: netbox-static-files
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: netbox
+ labels:
+ backend: netbox
+ app: netbox
+spec:
+ ports:
+ - name: nbox
+ port: 8001
+ targetPort: 8001
+ selector:
+ app: netbox
+ backend: netbox
diff --git a/kubernetes/nginx.yaml b/kubernetes/nginx.yaml
new file mode 100644
index 0000000..6c4dd48
--- /dev/null
+++ b/kubernetes/nginx.yaml
@@ -0,0 +1,99 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: netbox-nginx-conf
+data:
+ nginx.conf: |
+ worker_processes 1;
+ events {
+ worker_connections 1024;
+ }
+ http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+ sendfile on;
+ tcp_nopush on;
+ keepalive_timeout 65;
+ gzip on;
+ server_tokens off;
+ server {
+ listen 80;
+ server_name localhost;
+ access_log off;
+ location /static/ {
+ alias /opt/netbox/netbox/static/;
+ }
+ location / {
+ # default should be changed to deploymenent namespace
+ proxy_pass http://netbox.dev.svc.cluster.local:8001;
+ proxy_set_header X-Forwarded-Host $http_host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
+ }
+ }
+ }
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: netbox-nginx
+ labels:
+ frontend: nginx
+ app: netbox
+spec:
+ replicas: 1
+ revisionHistoryLimit: 2
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 50%
+ maxUnavailable: 0
+ selector:
+ matchLabels:
+ frontend: nginx
+ app: netbox
+ template:
+ metadata:
+ labels:
+ frontend: nginx
+ app: netbox
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:1.12-alpine
+ ports:
+ - containerPort: 80
+ command: ["nginx"]
+ args: ["-c", "/etc/netbox-nginx/nginx.conf","-g", "daemon off;"]
+ volumeMounts:
+ - name: netbox-static-files
+ mountPath: /opt/netbox/netbox/static
+ - name: netbox-nginx-config
+ mountPath: /etc/netbox-nginx
+ restartPolicy: Always
+ volumes:
+ - name: netbox-static-files
+ persistentVolumeClaim:
+ claimName: netbox-static-files
+ - name: netbox-nginx-config
+ configMap:
+ name: netbox-nginx-conf
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: netbox-nginx
+ labels:
+ frontend: nginx
+ app: netbox
+spec:
+ type: ClusterIP
+ ports:
+ - name: "80"
+ port: 80
+ targetPort: 80
+ selector:
+ frontend: nginx
diff --git a/kubernetes/postgres.yaml b/kubernetes/postgres.yaml
new file mode 100644
index 0000000..6e63769
--- /dev/null
+++ b/kubernetes/postgres.yaml
@@ -0,0 +1,67 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: netbox-postgres-env
+data:
+ POSTGRES_DB: netbox
+ POSTGRES_USER: netbox
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: netbox-postgres-secrets
+type: Opaque
+data:
+ POSTGRES_PASSWORD: SjVickhyb2RqZHU0aWYwSw== # echo -n 'J5brHrodjdu4if0K' | base64
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: netbox-postgres
+ labels:
+ backend: postgres
+ app: netbox
+spec:
+ replicas: 1
+ revisionHistoryLimit: 2
+ strategy:
+ type: Recreate
+ selector:
+ matchLabels:
+ backend: postgres
+ app: netbox
+ template:
+ metadata:
+ labels:
+ backend: postgres
+ app: netbox
+ spec:
+ restartPolicy: Always
+ containers:
+ - image: postgres:9.6-alpine
+ name: postgres
+ ports:
+ - containerPort: 5432
+ envFrom:
+ - secretRef:
+ name: netbox-postgres-secrets
+ - configMapRef:
+ name: netbox-postgres-env
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: netbox-postgres
+ labels:
+ backend: postgres
+ app: netbox
+spec:
+ clusterIP: None
+ ports:
+ - name: headless
+ port: 5432
+ targetPort: 5432
+ selector:
+ backend: postgres
+ app: netbox
From 28d13762f205e9dce0f40b4b2848c7a9b97f8fd9 Mon Sep 17 00:00:00 2001
From: Brandon Wulf <brandon@webwulf.net>
Date: Wed, 11 Apr 2018 13:48:32 -0700
Subject: [PATCH 2/2] Adding connection info.
---
README.md | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/README.md b/README.md
index f5bffdc..6328ef3 100644
--- a/README.md
+++ b/README.md
@@ -128,6 +128,13 @@ Deploy to kubernetes:
kubectl apply -f .
```
+Connect to the web gui:
+```
+kubectl proxy
+```
+http://localhost:8001/api/v1/namespaces/default/services/netbox-nginx:80/proxy/
+
+
### NAPALM Configuration
Since v2.1.0 NAPALM has been tightly integrated into NetBox.