Skip to content

HOWTO: Deploy NetBox as the Authoritative Platform Record

Purpose: Deploy and configure NetBox as the live HybridOps source of truth using the bootstrap module, with initial data seeding and integration wiring.

Difficulty: Intermediate

Track: Platform Services

Overview

NetBox is not just a documentation tool in HybridOps: it is the live source of truth that all automation consumes. This HOWTO covers the deployment-day operation: provisioning NetBox, seeding the canonical data model, and confirming that the inventory export pipeline can query it. Day-2 operations are covered by the NetBox Lifecycle module.

1. Module Overview

  • Module ID: platform/onprem/bootstrap-netbox@v1.
  • Components: NetBox application, PostgreSQL backend, Redis, reverse proxy.
  • Idempotency: safe to re-run for config drift correction.

2. Prerequisites

  • VM provisioned in management VLAN with a static IP from IPAM.
  • PostgreSQL instance available (standalone or shared with other services).
  • DNS entry or /etc/hosts entry for the NetBox hostname.

3. Module Inputs

  • NetBox version.
  • Database connection details.
  • Redis connection details.
  • Admin user bootstrap credentials (secret reference).
  • Site and tenant seed data path.

4. Seeding the Initial Data Model

  • Sites and tenants aligned with ADR-0002.
  • VLAN definitions from ADR-0101.
  • Prefix allocations and gateway IPs.
  • Device roles and platform definitions.

5. API Token Provisioning

  • Creating a read-only automation token.
  • Binding token permissions to required object types.
  • Storing the token in the secrets manager.

6. Inventory Export Wiring

  • Running make inventory.netbox-export post-deployment.
  • Validating Ansible and Nornir inventory output.
  • CI/CD freshness check configuration.

References

License: MIT-0 for code, CC-BY-4.0 for documentation unless otherwise stated.