NetBox#

Overview#

The NetBox app enables users to integrate/synchronize various resources between NetBox and EDA by providing the following resource types:

• Instance: Defines the target NetBox instance to interact with.
• Allocation: Specifies the type of EDA allocation to create based on Netbox Prefixes.

Note: Both CRs must be created in the same namespace (excluding eda-system).

NetBox Configuration#

To enable NetBox to send updates to the EDA app:

Create a Webhook in NetBox#

• Name: Any meaningful identifier
• URL: https://${EDA_ADDR}:${EDA_PORT}/core/httpproxy/v1/netbox/webhook/${INSTANCE_NAMESPACE}/${INSTANCE_NAME}
• Method: POST
• Secret: Choose a signature secret string. This will be configured in the Instance CR later on.

Leave all other settings as default.

Create an Event Rule#

• Name: Choose a relevant name
• Objects: Include IPAM IPAddresses and IPAM Prefixes
• Enabled: Yes

• Event Types:

  • Object Created
  • Object Updated
  • Object Deleted

• Action:

  • Type: Webhook
  • Webhook: Select the one created above

Generate a NetBox API Token#

The token should have at a minimum the permissions to create, update, and delete the following resources:

• IPAM.IPAddresses
• IPAM.Prefixes
• Customizations.Tags
• Customizations.CustomFields

Configure Global VRF Setting#

Set the following environment variable in NetBox to allow duplicate prefixes across VRFs:

ENFORCE_GLOBAL_UNIQUE=false

As per NetBox documentation, this is required if you're working with overlapping prefixes.

EDA Configuration#

Installation#

Netbox app can be installed using EDA Store or by running the app-installer workflow with kubectl:

apiVersion: core.eda.nokia.com/v1
kind: Workflow
metadata:
  name: netbox-install
  namespace: eda-system
spec:
  type: app-installer
  input:
    operation: install
    apps:
      - app: netbox
        catalog: eda-catalog-builtin-apps
        vendor: nokia
        version:
          type: semver
          value: v1.0.0

cat << 'EOF' | kubectl apply -f -
apiVersion: core.eda.nokia.com/v1
kind: Workflow
metadata:
  name: netbox-install
  namespace: eda-system
spec:
  type: app-installer
  input:
    operation: install
    apps:
      - app: netbox
        catalog: eda-catalog-builtin-apps
        vendor: nokia
        version:
          type: semver
          value: v1.0.0

EOF

Instance Custom Resource#

Defines connection details to the NetBox instance:

apiVersion: netbox.eda.nokia.com/v1alpha1
kind: Instance
metadata:
  name: netbox1
  namespace: eda
spec:
  # Name of a secret containing the base64-encoded API token under key `apiToken`
  apiToken: netbox-api-token
  url: http://${NETBOX_ADDR}:${NETBOX_PORT}

cat << 'EOF' | kubectl apply -f -
apiVersion: netbox.eda.nokia.com/v1alpha1
kind: Instance
metadata:
  name: netbox1
  namespace: eda
spec:
  # Name of a secret containing the base64-encoded API token under key `apiToken`
  apiToken: netbox-api-token
  url: http://${NETBOX_ADDR}:${NETBOX_PORT}

EOF

After creation, check the status of the Instance CR to verify successful connection.

Allocation Custom Resource#

Defines what allocation to create, based on NetBox tags:

apiVersion: netbox.eda.nokia.com/v1alpha1
kind: Allocation
metadata:
  name: ippool1
  namespace: eda
spec:
  enabled: true
  instance: netbox1  # <-- Reference to the Instance CR above
  tags:
    - eda-pool       # <-- Must match tags on NetBox prefixes
  type: ip-in-subnet # <-- One of: ip-address, subnet, ip-in-subnet

cat << 'EOF' | kubectl apply -f -
apiVersion: netbox.eda.nokia.com/v1alpha1
kind: Allocation
metadata:
  name: ippool1
  namespace: eda
spec:
  enabled: true
  instance: netbox1  # <-- Reference to the Instance CR above
  tags:
    - eda-pool       # <-- Must match tags on NetBox prefixes
  type: ip-in-subnet # <-- One of: ip-address, subnet, ip-in-subnet
EOF