Page History

The work bellow is based on the following git repository, providing netbox docker images: https://github.com/ninech/netbox-docker

The Netbox helm chart has been submitted in OOM, the code can be found here: https://github.com/onap/oom/tree/master/kubernetes/contrib/charts/netbox

This helm chart is comprised of three subcharts, being:

• netbox-app: provides the IPAM capability we're seeking for current selected use cases (vFW).
• netbox-nginx: reverse proxy exposing IPAM system in a secure fashion (using NodePort).
• netbox-postgress: backend database persisting the Netbox data. Currently a deployment, should be converted to statefull set using StorageClass.

Regarding the netbox-app, this charts come with possibility for customization. The folder tree structure is the following:

.
??? config
    ??? configuration				Those are configuration scripts coming from Netbox itself, they remained un-touched.
    ?   ??? configuration.py
    ?   ??? gunicorn_config.py
    ?   ??? ldap_config.py
    ??? initializers				Those YAML files are where we can added so pre-provisioning data, such as user or custom fields.
    ?   ??? custom_fields.yml
    ?   ??? groups.yml
    ?   ??? users.yml
    ??? provisioning				This defines the entrypoint of netbox-app deployment, that will provision prefix to support vFW use case.
    ?   ??? provision.sh
    ??? startup_scripts				Those scripts are provided by Netbox itself, they remained un-touched.
        ??? 00_users.py
        ??? 10_groups.py
        ??? 20_custom_fields.py

In order to test Netbox locally using this helm chart, here are the steps to follow:

git clone https://gerrit.onap.org/r/oom
cd oom/kubernetes
helm serve &
make contrib
helm install local/contrib --name netbox --namespace $NAMESPACE

This will result in installing the 3 charts, and run the job that will provisioned Netbox for us.

Ouput of the helm install should look like the following:

$ helm install local/contrib --name netbox --namespace onap-adetalhouet
NAME:   netbox

LAST DEPLOYED: Tue Aug 28 14:30:57 2018
NAMESPACE: onap-adetalhouet
STATUS: DEPLOYED

RESOURCES:
==> v1/ConfigMap
NAME                                        DATA  AGE
netbox-netbox-app-configuration-configmap   3     1s
netbox-netbox-app-initializers-configmap    3     1s
netbox-netbox-app-startupscripts-configmap  3     1s
netbox-netbox-app-provisioning-configmap    1     1s
netbox-netbox-nginx-config-configmap        1     1s
netbox-netbox-postgres-docker-entry-initd   0     1s

==> v1/PersistentVolumeClaim
NAME                    STATUS   VOLUME                                    CAPACITY  ACCESS MODES  STORAGECLASS  AGE
netbox-netbox-static    Pending  nfs-dev-sc                                1s
netbox-netbox-postgres  Bound    pvc-8193e062-aaf0-11e8-beaa-f40343575464  1Gi  RWX  nfs-dev-sc  1s

==> v1/Service
NAME             TYPE       CLUSTER-IP     EXTERNAL-IP  PORT(S)         AGE
netbox-app       ClusterIP  10.43.179.246  <none>       8001/TCP        1s
netbox-nginx     NodePort   10.43.136.76   <none>       8080:30269/TCP  1s
netbox-postgres  ClusterIP  10.43.64.155   <none>       5432/TCP        1s

==> v1beta1/Deployment
NAME                    DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
netbox-netbox-app       1        1        1           0          1s
netbox-netbox-nginx     1        1        1           0          1s
netbox-netbox-postgres  1        1        1           0          1s

==> v1/Job
NAME                            DESIRED  SUCCESSFUL  AGE
netbox-netbox-app-provisioning  1        0           1s

==> v1/Pod(related)
NAME                                    READY  STATUS   RESTARTS  AGE
netbox-netbox-app-f54cd84d5-g6xr2       0/1    Pending  0         1s
netbox-netbox-nginx-5d4f86ffcf-qlkhc    0/1    Pending  0         1s
netbox-netbox-postgres-76857df45-5jjm9  0/1    Pending  0         1s
netbox-netbox-app-provisioning-26stg    0/1    Pending  0         1s

==> v1/Secret
NAME                    TYPE    DATA  AGE
netbox-netbox-app-pass  Opaque  6     1s

These are the tables to create:

These are the tables we created:

mysql> show columns from IPAM_IP_ASSIGNEMENT;
+---------------------+--------------+------+-----+-------------------+----------------+
| Field               | Type         | Null | Key | Default           | Extra          |
+---------------------+--------------+------+-----+-------------------+----------------+
| ipam_ip_uuid        | int(11)      | NO   | PRI | NULL              | auto_increment |
| create_date         | datetime     | NO   |     | CURRENT_TIMESTAMP |                |
| service_instance_id | varchar(255) | YES  |     | NULL              |                |
| vf_module_id        | varchar(255) | YES  |     | NULL              |                |
| external_key        | varchar(255) | YES  |     | NULL              |                |
| prefix_id           | varchar(255) | YES  |     | NULL              |                |
| ip_address_id       | varchar(255) | YES  |     | NULL              |                |
| ip_address          | varchar(255) | YES  |     | NULL              |                |
| ip_address_type     | varchar(255) | YES  |     | NULL              |                |
| ip_status           | varchar(255) | YES  |     | NULL              |                |
| ip_response_json    | varchar(255) | YES  |     | NULL              |                |
+---------------------+--------------+------+-----+-------------------+----------------+
10 rows in set (0.00 sec)mysql> show columns from IPAM_IP_POOL;
+----------------+--------------+------+-----+-------------------+----------------+
| Field          | Type         | Null | Key | Default           | Extra          |
+----------------+--------------+------+-----+-------------------+----------------+
| ipam_pool_uuid | int(11)      | NO   | PRI | NULL              | auto_increment |
| create_date    | datetime     | NO   |     | CURRENT_TIMESTAMP |                |
| prefix_id      | int(2)       | YES  |     | NULL              |                |
| prefix         | varchar(255) | YES  |     | NULL              |                |
| address_family | int(1)       | YES  |     | NULL              |                |
| prefix_status  | varchar(255) | YES  |     | NULL              |                |
| description    | varchar(255) | YES  |     | NULL              |                |
+----------------+--------------+------+-----+-------------------+----------------+

This is the pool being hardcoded in the pool table to support vFW use case

mysql> select * from IPAM_IP_POOL;
+----------------+---------------------+-----------+-----------------+----------------+---------------+-------------+
| ipam_pool_uuid | create_date         | prefix_id | prefix          | address_family | prefix_status | description |
+----------------+---------------------+-----------+-----------------+----------------+---------------+-------------+
|              1 | 2018-08-17 20:15:12 |         3 | 10.0.0.0/8      |              4 | ACTIVE        | private     |
|              2 | 2018-08-17 20:19:29 |         2 | 192.168.10.0/24 |              4 | ACTIVE        | unprotected |
|              3 | 2018-08-17 20:20:08 |         1 | 192.168.20.0/24 |              4 | ACTIVE        | protected   |
+----------------+---------------------+-----------+-----------------+----------------+---------------+-------------+

Three main things are achived durig pre-provisioning:

• Create an admin onap user, as follow. This is part of the netbbox-app chart resources file: config/initializers/users.yml.

  Code Block
  onap: first_name: Steve last_name: McQueen email: steve.mcqueen@onap.org password: onap123$ api_token: onceuponatimeiplayedwithnetbox20180814 is_staff: true # whether user is admin or not, default = false is_active: true # whether user is active, default = true is_superuser: true # Whether user has all edit rights or not, default = false

• Create an custom_fields being client_key in order to uniquely identify the resource with a key generated by ONAP. This is part of the netbbox-app chart resources file: config/initializers/custom_fields.yml.

  Code Block

  external-key: description: "The external-key uniquely identify the resources to a service within ONAP." filterable: true label: ONAP external key on_objects: - ipam.models.IPAddress required: true type: text weight: 0 resource-name: description: "The resource-name of the element using this IP." filterable: true label: ONAP resource name on_objects: - ipam.models.IPAddress required: true type: text weight: 0

• The following script creating the prefixes and some objects within Netbox:

  Code Block

  #!/bin/bash # Create region echo "Create region: RegionOne" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "name": "RegionOne", "slug": "RegionOne" }' # Create tenant group echo "Create tenant group: ONAP group" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "name": "ONAP group", "slug": "onap-group" }' # Create tenant echo "Create tenant ONAP in ONAP group" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "name": "ONAP", "slug": "onap", "group": 1, "description": "ONAP tenant", "comments": "Tenant for ONAP demo use cases" }' # Create site echo "Create ONAP demo site: Montreal Lab" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "name": "Montreal Lab D3", "slug": "mtl-lab-d3", "region": 1, "tenant": 1, "facility": "Campus", "time_zone": "Canada/Atlantic", "description": "Site hosting the ONAP use cases", "physical_address": "1 Graham Bell", "shipping_address": "1 Graham Bell", "contact_name": "Alexis", "contact_phone": "0000000000", "contact_email": "adetalhouet89@gmail.com", "comments": "ONAP lab" }' # Create prefixes echo "Create Prefix for vFW protected network" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "prefix": "192.168.20.0/24", "site": 1, "tenant": 1, "is_pool": true, "description": "IP Pool for protected network - vFW use case" }' echo "Create Prefix for vFW unprotected network" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "prefix": "192.168.10.0/24", "site": 1, "tenant": 1, "is_pool": true, "description": "IP Pool for unprotected network - vFW use case" }' echo "Create Prefix for ONAP general purpose network" curl --silent -X POST \ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ -H 'Content-Type: application/json' \ -d '{ "prefix": "10.0.0.0/8", "site": 1, "tenant": 1, "is_pool": true, "description": "IP Pool for ONAP - general purpose" }'