如何在 Debian 11/Debian 10 上安装 NetBox IPAM |
NetBox 是一个开源 IPAM/DCIM Web 应用程序,用于管理和记录计算机网络以及管理 IP 地址。它最初是由 DigitalOcean 的网络工程团队构思的。该工具是用 Django Python 框架编写的,并依赖 PostgreSQL 数据库进行数据存储。
NetBox 构建块:
- IP 地址管理 (IPAM) – IP 网络和地址、VRF 和 VLAN
- 设备架-按组和地点组织
- 设备 – 设备类型及其安装位置
- 连接 – 设备之间的网络、控制台和电源连接
- 虚拟化 – 虚拟机和集群
- 数据电路 – 长途通信电路和提供商
- Secrets – 敏感凭证的加密存储
如果您有兴趣在其他系统上部署 Netbox,请查看:
- 如何使用 Apache 和 Supervisord 在 CentOS 7 上安装 NetBox
以下是在 Debian Linux 上安装 Install NetBox 的步骤。
第1步:安装所需的依赖项
首先安装运行 NetBox 所需的所有依赖应用程序:
sudo apt update
sudo apt -y install -y git gcc nginx redis supervisor python3 python3-dev python3-pip python3-setuptools build-essential libxml2-dev libxslt1-dev libffi-dev graphviz libpq-dev libssl-dev zlib1g-dev vim步骤 2:安装并配置 PostgreSQL
NetBox 使用 PostgreSQL 数据库服务器来存储其数据。因此在 Debian 10 上安装 PostgreSQL 服务器:
sudo apt update
sudo apt -y install postgresql-contrib postgresql-*-ip4r为 NetBox 创建数据库和用户。
$ sudo -u postgres psql
CREATE DATABASE netbox;
CREATE USER netbox WITH PASSWORD 'StrongPassword';
GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;
\q确认您可以以 netbox 用户身份登录数据库。
$ psql -U netbox -h localhost -W
Password:
psql (13.10 (Debian 13.10-0+deb11u1))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.
netbox=> \q步骤 3:安装并配置 Netbox
更改为 /opt/ 目录并克隆项目代码。
cd /opt/
sudo git clone -b master https://github.com/digitalocean/netbox.git从提供的示例文件创建配置文件。
cd netbox/netbox/netbox/
sudo cp configuration_example.py configuration.py编辑配置文件并设置允许的主机和数据库登录详细信息:
$ sudo vim configuration.py
....
ALLOWED_HOSTS = ['localhost']
....
DATABASE = {
'NAME': 'netbox', # Database name
'USER': 'netbox', # PostgreSQL username
'PASSWORD': 'StrongPassword', # PostgreSQL password
'HOST': 'localhost', # Database server
'PORT': '', # Database port (leave blank for default)
'CONN_MAX_AGE': 300, # Max database connection age
}生成 Django 密钥:
cd ../
sudo ./generate_secret_key.py然后在文件 /opt/netbox/netbox/netbox/configuration.py 上设置密钥
例子 :
$ sudo vim /opt/netbox/netbox/netbox/configuration.py
SECRET_KEY = 'L2lyoE^*DN)6w3PK_d$-pe5ZS@XmMQ4J9g!cvF1V=n0juWiATR'安装 Netbox 依赖项:
sudo pip3 install -r /opt/netbox/requirements.txt迁移数据库数据:
cd /opt/netbox/netbox/
sudo python3 manage.py migrate数据库迁移的示例输出。
Operations to perform:
Apply all migrations: admin, auth, circuits, contenttypes, dcim, extras, ipam, secrets, sessions, taggit, tenancy, users, virtualization
Running migrations:
Applying contenttypes.0001_initial... OK
Applying auth.0001_initial... OK
Applying admin.0001_initial... OK
Applying admin.0002_logentry_remove_auto_add... OK
Applying admin.0003_logentry_add_action_flag_choices... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying auth.0002_alter_permission_name_max_length... OK
Applying auth.0003_alter_user_email_max_length... OK
Applying auth.0004_alter_user_username_opts... OK
Applying auth.0005_alter_user_last_login_null... OK
Applying auth.0006_require_contenttypes_0002... OK
Applying auth.0007_alter_validators_add_error_messages... OK
Applying auth.0008_alter_user_username_max_length... OK
Applying auth.0009_alter_user_last_name_max_length... OK
Applying auth.0010_alter_group_name_max_length... OK
Applying auth.0011_update_proxy_permissions... OK
Applying taggit.0001_initial... OK
Applying taggit.0002_auto_20150616_2121... OK
Applying tenancy.0001_initial_squashed_0005_change_logging... OK
Applying dcim.0001_initial... OK
Applying ipam.0001_initial... OK
Applying dcim.0002_auto_20160622_1821... OK
Applying extras.0001_initial_squashed_0013_objectchange... OK
Applying ipam.0002_vrf_add_enforce_unique... OK
Applying dcim.0003_auto_20160628_1721_squashed_0010_devicebay_installed_device_set_null... OK
Applying ipam.0003_ipam_add_vlangroups_squashed_0011_rir_add_is_private... OK
Applying dcim.0011_devicetype_part_number_squashed_0022_color_names_to_rgb... OK
Applying ipam.0012_services_squashed_0018_remove_service_uniqueness_constraint... OK
Applying dcim.0023_devicetype_comments_squashed_0043_device_component_name_lengths... OK
Applying virtualization.0001_virtualization... OK
Applying ipam.0019_virtualization_squashed_0020_ipaddress_add_role_carp... OK
Applying dcim.0044_virtualization_squashed_0061_platform_napalm_args... OK
Applying extras.0014_configcontexts_squashed_0019_tag_taggeditem... OK
Applying dcim.0062_interface_mtu_squashed_0065_front_rear_ports... OK
Applying circuits.0001_initial_squashed_0006_terminations... OK
Applying dcim.0066_cables...
Adding console connections... 0 cables created
Adding power connections... 0 cables created
Adding interface connections... 0 cables created
OK
Applying circuits.0007_circuit_add_description_squashed_0017_circuittype_description...
Adding circuit terminations... 0 cables created
OK
Applying tenancy.0006_custom_tag_models... OK
Applying virtualization.0002_virtualmachine_add_status_squashed_0009_custom_tag_models... OK
Applying secrets.0001_initial_squashed_0006_custom_tag_models... OK
Applying ipam.0021_vrf_ordering_squashed_0025_custom_tag_models... OK
Applying dcim.0067_device_type_remove_qualifiers_squashed_0070_custom_tag_models... OK
Applying extras.0020_tag_data_squashed_0021_add_color_comments_changelog_to_tag... OK
Applying dcim.0071_device_components_add_description_squashed_0088_powerfeed_available_power...
Updating cable device terminations...
OK
Applying dcim.0089_deterministic_ordering... OK
Applying dcim.0090_cable_termination_models... OK
Applying extras.0022_custom_links_squashed_0034_configcontext_tags... OK
Applying extras.0035_deterministic_ordering... OK
Applying extras.0036_contenttype_filters_to_q_objects... OK
Applying ipam.0026_prefix_ordering_vrf_nulls_first_squashed_0032_role_description... OK
Applying ipam.0033_deterministic_ordering... OK
Applying secrets.0007_secretrole_description... OK
Applying sessions.0001_initial... OK
Applying taggit.0003_taggeditem_add_unique_index... OK
Applying users.0001_api_tokens_squashed_0003_token_permissions... OK
Applying virtualization.0010_cluster_add_tenant_squashed_0012_vm_name_nonunique... OK
Applying virtualization.0013_deterministic_ordering... OK创建管理员用户:
$ sudo python3 manage.py createsuperuser
Username (leave blank to use 'root'): admin
Email address: [email
Password: <Enter Password>
Password (again): <Re-enter Password>
Superuser created successfully.移动静态文件
$ cd /opt/netbox/netbox
$ sudo python3 manage.py collectstatic
280 static files copied to '/opt/netbox/netbox/static'.第四步:安装并配置gunicorn
使用pip3安装gunicorn:
$ sudo pip3 install gunicorn
Requirement already satisfied: gunicorn in /usr/local/lib/python3.9/dist-packages (20.1.0)
Requirement already satisfied: setuptools>=3.0 in /usr/lib/python3/dist-packages (from gunicorn) (52.0.0)为 Netbox 配置 Gunicorn:
cat <<EOF | sudo tee /opt/netbox/gunicorn_config.py
command = '/usr/local/bin/gunicorn'
pythonpath = '/opt/netbox/netbox'
bind = 'localhost:8085'
workers = 3
user = 'www-data'
EOF第5步:配置supervisord
创建supervisord配置文件:
cat <<EOF | sudo tee /etc/supervisor/conf.d/netbox.conf
[program:netbox]
command = gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
directory = /opt/netbox/netbox/
user = www-data
EOF重新启动并启用supervisord 服务以在引导时启动。
sudo systemctl restart supervisor.service
sudo systemctl enable supervisor.service状态应显示正在运行并带有 netbox 输出:
$ systemctl status supervisor
● supervisor.service - Supervisor process control system for UNIX
Loaded: loaded (/lib/systemd/system/supervisor.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-05-02 23:17:36 UTC; 6s ago
Docs: http://supervisord.org
Main PID: 15436 (supervisord)
Tasks: 5 (limit: 4553)
Memory: 272.2M
CPU: 4.089s
CGroup: /system.slice/supervisor.service
├─15436 /usr/bin/python3 /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf
├─15521 /usr/bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
├─15522 /usr/bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
├─15523 /usr/bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
└─15524 /usr/bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
May 02 23:17:36 debian11 systemd[1]: Started Supervisor process control system for UNIX.
May 02 23:17:36 debian11 supervisord[15436]: 2023-05-02 23:17:36,805 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend t>
May 02 23:17:36 debian11 supervisord[15436]: 2023-05-02 23:17:36,805 INFO Included extra file "/etc/supervisor/conf.d/netbox.conf" during parsing
May 02 23:17:36 debian11 supervisord[15436]: 2023-05-02 23:17:36,808 INFO RPC interface 'supervisor' initialized
May 02 23:17:36 debian11 supervisord[15436]: 2023-05-02 23:17:36,808 CRIT Server 'unix_http_server' running without any HTTP authentication checking
May 02 23:17:36 debian11 supervisord[15436]: 2023-05-02 23:17:36,808 INFO supervisord started with pid 15436
May 02 23:17:37 debian11 supervisord[15436]: 2023-05-02 23:17:37,813 INFO spawned: 'netbox' with pid 15521
May 02 23:17:39 debian11 supervisord[15436]: 2023-05-02 23:17:39,140 INFO success: netbox entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)第 6 步:配置 Nginx Web 服务器
让我们配置 Nginx Web 服务器来帮助我们通过域名访问 Netbox,而不是指定 IP 地址和端口。
为 Netbox 创建新的 Nginx 配置文件。
sudo vim /etc/nginx/conf.d/netbox.conf有以下数据。
server {
listen 80;
server_name netbox.example.com;
client_max_body_size 25m;
location /static/ {
alias /opt/netbox/netbox/static/;
}
location / {
proxy_pass http://localhost:8085;
}
}检查 Nginx 配置语法并重新启动其服务
$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful如果OK,重启Nginx服务
sudo systemctl restart nginx第 7 步:访问 Netbox Web UI
打开默认的 Web 浏览器并打开 Netbox 服务器主机名。要进行更改,请使用之前创建的管理员用户登录。
就是这样!...您有 NetBox 仪表板。
享受使用 Netbox 记录您的网络基础设施的乐趣。访问 NetBox 文档以了解有关这款出色产品的更多信息。
您还可以检查:
- 在 Debian 上安装和配置 phpIPAM
- 如何在 Ubuntu 上安装 RackTables