Hello and welcome to module 4 of the NetBox 'Zero-to-Hero' course. In Module 3: Adding the Kit, Eric (our awesome Network Engineer) added the devices that are going to be installed at the planned new Brisbane branch office, making use of a Postman collection of REST API calls to NetBox.
In this module Susan (the other member of the Network Engineering dream team) will populate NetBox with the IP addressing and VLAN data for the new Brisbane branch office. To do this Susan is using the Ansible Automation Platform and in particular the Ansible Galaxy Collection for NetBox
By the end of this module you will be able to:
- Describe how NetBox models IPAM (IP Address Management) Data
- Integrate NetBox with Ansible and run playbooks to populate the NetBox database
- Get started with a set of Ansible playbooks for NetBox that can be easily adapted and extended to suit your own requirements
From the Ansible website:
Ansible® is an open source IT automation tool that automates provisioning, configuration management, application deployment, orchestration, and many other manual IT processes.
Ansible Automation Platform is a single, flexible automation technology that can be used across diverse network devices and other IT domains, making it easy to automate entire network and IT processes.
Of course, you could add IPAM data manually via the Web Interface, but when you are dealing with a lot of data that can quickly become both tedious and error prone. Integrating NetBox with Ansible is quick and easy, and within a few minutes you can be running Ansible playbooks to Create, Read, Update and Delete (CRUD operations in computer programming terms) NetBox data programmatically via the REST API.
Also, as any Network Engineer / IT Pro looking to expand their skill set knows, Automation is becoming critical for managing modern networks, so by adding some Ansible knowledge to your armory, you will stay ahead of the game!
If you'd like to follow along with the examples used in this course, it's super easy to do, and you have a few options:
- Run NetBox as a container with NetBox Docker - This is the quickest way to get your own dedicated NetBox instance going and it only takes a few minutes to spin up on your laptop!
- Follow the official documentation and do a full installation all the NetBox components. These instructions have been tested on Ubuntu and CentOS Linux.
- Use the public demo instance of NetBox
The software versions used in the video for this module are:
NetBox v3.3.2
Python v3.8.9
ansible-core v2.13.4
ansible package v6.4.0
pynetbox v6.6.2
Ansible runs on Linux based systems, and is installed as a Python package. Follow these steps to set up Ansible on your own system - it takes less than 5 minutes!
From the NetBox documentation:
IP address management (IPAM) is one of NetBox's core features. It supports full parity for IP4 and IPv6, advanced VRF assignment, automatic hierarchy formation, and much more.
IPAM data is hierarchical in nature and NetBox reflects this:
Regional Internet Registries (RIRs), such as ARIN, RIPE, APNIC control the allocation of globally-routable address space. Internal IP address space (eg. RFC 1918) is also treated as an RIR within NetBox, and users can can create whatever RIRs they like.
Aggregates are assigned to RIRs, and typically, an aggregate will correspond to either an allocation of public (globally routable) IP space granted by a regional authority, or a private (internally-routable) designation.
Our fictional organization will be using RFC 1918 Private Address space for IPv4, which has the following Aggregates assigned to it:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
IP subnets are defined within an aggregate. Prefixes extend the hierarchy by nesting within one another. (For example, 192.168.123.0/24 will appear within 192.168.0.0/16.) Each prefix can be assigned a functional role as well as an operational status.
IP Range - these are are arbitrary ranges of individual IP addresses within a prefix, all sharing the same mask. Ranges are commonly affiliated with DHCP scopes, but can be used for any similar purpose.
Our fictional organization will be using a 'SuperNet' Prefix of 192.168.0.0/22 for the planned new office site in Brisbane, and this will be further divided into smaller, individual prefixes. When populating NetBox with this data the Ansible playbook will request the next available prefix based on prefix length requirements.
These are individual IP addresses along with their subnet mask, that are automatically arranged beneath their parent prefixes.
Roles define the function of a prefix or VLAN - for example you might define separate Voice and WiFi roles for your prefixes and VLANs. The following roles will be used by our fictional organization:
- Branch_Data
- Branch_Voice
- Branch_WiFi
- Guest_WiFi
- Network_Management
- Point_to_Point
VLAN groups can be used to organize your VLANs in a way that suits your organization, and their scope can be a particular region, site group, site, location, rack, cluster group, or cluster.
Our fictional organization will be using a VLAN group called Brisbane_VLANS which will be scoped to the site level. This means that any VLAN assigned from this group will be tied to devices and VM's within the scoped site.
Our fictional organization will be using the following IPAM data for the new site in Brisbane:
All prefixes assigned will be the next available, and allocated dynamically in NetBox from the 192.168.0.0/22 Supernet using an Ansible playbook.
VLAN Name | VLAN ID | VLAN Group | Role | Prefix Length |
---|---|---|---|---|
DATA | 10 | Brisbane_VLANS | Branch_Data | /25 |
VOICE | 20 | Brisbane_VLANS | Branch_Voice | /25 |
B_WIFI | 30 | Brisbane_VLANS | Branch_WiFi | /25 |
G_WIFI | 40 | Brisbane_VLANS | Guest_WiFi | /25 |
NETMAN | 50 | Brisbane_VLANS | Network_Management | /26 |
P2P | 60 | Brisbane_VLANS | Point_to_Point | /30 |
All IP addresses assigned will be the next available, and allocated dynamically from the corresponding Prefix using an Ansible playbook. The list of devices and interfaces to be assigned IP addresses is as follows:
Device | Interface | VLAN ID |
---|---|---|
AUBRI01-RTR-1 | GigabitEthernet0 | 50 |
AUBRI01-RTR-1 | GigabitEthernet0/0/0 | 60 |
AUBRI01-SW-1 | me0 | 50 |
AUBRI01-SW-1 | ge-0/0/0 | 60 |
AUBRI01-SW-1 | vlan.10 | 10 |
AUBRI01-SW-1 | vlan.20 | 20 |
AUBRI01-SW-1 | vlan.30 | 30 |
AUBRI01-SW-1 | vlan.40 | 40 |
AUBRI01-SW-1 | vlan.50 | 50 |
AUBRI01-SW-1 | vlan.60 | 60 |
AUBRI01-AP-1 | main | 50 |
AUBRI01-AP-2 | main | 50 |
AUBRI01-CON-1 | Ethernet | 50 |
OK, so that's the planning and design work done - now onto the demo! This video will step you through how to populate NetBox with the IPAM data using Ansible. As always the best way to understand the power of NetBox is to dive right in, so let's get started!
<iframe width="560" height="315" src="https://www.youtube.com/embed/XCwO6RGpBpI" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>In this module you have learned how NetBox Models IPAM data, how to integrate NetBox with Ansible, and in particular the collection of NetBox Ansible modules. If you have any questions on how to use Ansible with NetBox then there is a dedicated Slack channel #ansible on netdev-community.slack.com so don't hesitate to pop on over there and join in the discussion!
In Module 5: Making the Connections, Eric will add the cables and connections for the new Brisbane branch office network, using the web interface to bulk upload data from a CSV file.
If you have any questions as you go through the course then pop on over to the NetBox Zero to Hero channel on the NetDev Community Slack! If you aren't already a member then you can sign up for free here.
- Official NetBox Documentation
- NetBox Docker
- Ansible Galaxy Collection for NetBox
- NetBox Ansible Documentation
- NetBox Cloud is a hosted solution offered by NS1