IP地址管理工具Netbox 安装指南[通俗易懂]-netbox2

IP地址管理工具Netbox 安装指南[通俗易懂]参考资料:https://netbox.readthedocs.io/en/latest/installation/服务器环境Ubuntu18.04版本Netbox安装指南1.安装PostgreSQL数据库软件包exporthttp_proxy=”http://xxx:xxx@172.31.187.10:8080″apt-getupdateapt-getinstall-ypostgresqllibpq-dev2.创建数据库sudo-u……

参考资料:https://netbox.readthedocs.io/en/latest/installation/

服务器环境CentOS 7.9版本

注：因本文格式所致，不要直接拷贝代码可能会提示错误

Netbox安装指南

Netbox安装指南

1.安装PostgreSQL数据库软件包

exporthttp_proxy=”http://xxx:xxx@172.31.187.10:8080″

备份源
sudo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
更改下载源
sudo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

————————————————————

旧方式(不用了)

yum update
yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
yum install -y postgresql96 postgresql96-server postgresql96-devel
/usr/pgsql-9.6/bin/postgresql96-setup initdb

———————————————————–

新方式

yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
yum install -y postgresql10
yum install -y postgresql10-server
/usr/pgsql-10/bin/postgresql-10-setup initdb
systemctl enable postgresql-10
systemctl start postgresql-10
su – postgres
psql

更改认证方式为md5
vi /var/lib/pgsql/9.6/data/pg_hba.conf

vim /var/lib/pgsql/10/data/pg_hba.conf

# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 md5

systemctl start postgresql-9.6
systemctl enable postgresql-9.6

systemctl restart postgresql-10.service

2.创建数据库

sudo -u postgres psql

postgres=#CREATEDATABASEnetbox;
postgres=#CREATEUSERnetboxWITHPASSWORD‘$chedu1e’;
postgres=#GRANTALLPRIVILEGESONDATABASEnetboxTOnetbox;
postgres=#\q

测试数据库是否成功链接

psql-Unetbox-W-h127.0.0.1 netbox
键入密码即可进入

安装redis
yum install -y http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum –enablerepo=remi install redis -y
systemctl enable redis
systemctl start redis

测试redis服务状态是否正常
redis-cli ping

3.安装python3

yum install -y gcc libxml2-devel libxslt-devel libffi-devel libpq-devel openssl-devel redhat-rpm-config
yum install -y zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gcc make
yum install -y libffi-devel
wget https://www.python.org/ftp/python/3.8.12/Python-3.8.12.tgz
tar -zxvf Python-3.8.12.tgz -C /opt/
cd /opt/Python-3.8.12/
./configure
make&&make install

查看python位置
which python
which python3

mv /usr/bin/python /usr/bin/python.bak
ln -s /usr/local/bin/python3 /usr/bin/python
python -V

which pip3
ln -s /usr/local/bin/pip3 /usr/bin/pip
pip -V

which python2
vim /usr/libexec/urlgrabber-ext-down
第一行修改成/usr/bin/python2

vim /usr/bin/yum
第一行修改成/usr/bin/python2

修改完毕后默认用python3去更新
yum update

4.下载安装包并解压到指定路径

wgethttps://github.com/netbox-community/netbox/archive/vX.Y.Z.tar.gz(红字为版本号)
tar-zxvfvX.Y.Z.tar.gz-C/opt

5.进入解压路径并创建软链接

cd/opt/
ln-snetbox-X.Y.Z/netbox

6.创建Netbox 组和Netbox用户

groupadd –system netbox
adduser –system –gid netbox netbox
chown –recursive netbox /opt/netbox/netbox/media/

进入路径并更新pip并安装Python依赖包

cd/opt/netbox

python3 -m venv /opt/netbox/venv
source venv/bin/activate
python -m pip install –upgrade pip -i https://pypi.douban.com/simple –trusted-host pypi.douban.com
pip3install-rrequirements.txt -i http://pypi.douban.com/simple –trusted-host pypi.douban.com

安装NAPALM(NetworkAutomationandProgrammabilityAbstractionLayerwithMultivendorsupport)

pip3installnapalm -i http://pypi.douban.com/simple –trusted-host pypi.douban.com
echo napalm >> local_requirements.txt


安装redis-server以及django

pip3 install django-storages -i http://pypi.douban.com/simple –trusted-host pypi.douban.com
echo django-storages >> local_requirements.txt


更新完毕后退出
deactivate

7.更改配置文件

cd/opt/netbox/netbox/netbox/
cpconfiguration_example.pyconfiguration.py



8.生成密钥并记录到configuration.py中

python3/opt/netbox/netbox/generate_secret_key.py

9.更改配置如下所示

vi/opt/netbox/netbox/netbox/configuration.py
——-

ALLOWED_HOSTS=[‘10.8.1.30‘]



#PostgreSQLdatabaseconfiguration.

DATABASE={

‘NAME’:‘netbox’,#Databasename
‘USER’:‘netbox‘,#PostgreSQLusername
‘PASSWORD’:‘$chedu1e‘,#PostgreSQLpassword
‘HOST’:‘localhost’,#Databaseserver
‘PORT’:”,#Databaseport(leaveblankfordefault)
}

REDIS = {

‘tasks’: {

‘HOST’: ‘localhost’,
‘PORT’: 6379,
‘PASSWORD’: ”,
‘DATABASE’: 0,
‘DEFAULT_TIMEOUT’: 300,
‘SSL’: False,
},
‘caching’: {

‘HOST’: ‘localhost’,
‘PORT’: 6379,
‘PASSWORD’: ”,
‘DATABASE’: 1,
‘DEFAULT_TIMEOUT’: 300,
‘SSL’: False,
}

SECRET_KEY=‘dQN(pfR4k1cmVb-aL9G*g7qojU2^vIrs5%ZeEPz=8D0TSKh$lt‘

修改升级文件脚本配置
vim /opt/netbox/upgrade.sh
PYTHON=”${PYTHON:-python}”
COMMAND=”pip install wheel -i https://pypi.douban.com/simple –trusted-host pypi.douban.com“
COMMAND=”pip install -r requirements.txt -i https://pypi.douban.com/simple –trusted-host pypi.douban.com“

10.试运行命令
source /opt/netbox/venv/bin/activate
cd/opt/netbox/netbox
数据库迁移
python3manage.pymigrate

创建超级用户
python3manage.pycreatesuperuser

sudo ln -s /opt/netbox/contrib/netbox-housekeeping.sh /etc/cron.daily/netbox-housekeeping

python3 manage.py runserver 0.0.0.0:8000 –insecure

收集静态信息
python3manage.pycollectstatic–no-input

退出venv
deactivate

放行防火墙信息
sudo firewall-cmd –add-service=http
sudo firewall-cmd –add-service=https
sudo firewall-cmd –runtime-to-permanent
setsebool -P httpd_can_network_connect 1

11.创建SSL证书
mkdir /etc/ssl/private
chmod 700 /etc/ssl/private
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/netbox.key -out /etc/ssl/certs/netbox.crt

Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:GuangDong
Locality Name (eg, city) []:Shenzhen
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Company
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:10.8.1.30
Email Address []:

建立Diffie-Hellman组
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

11.安装webnginx服务器

yuminstall-ynginx

创建配置文件

cp /opt/netbox/contrib/nginx.conf /etc/nginx/conf.d/netbox.conf

server {

listen 443 ssl;

# CHANGE THIS TO YOUR SERVER’S NAME
server_name 10.8.1.30;

ssl_certificate /etc/ssl/certs/netbox.crt;
ssl_certificate_key /etc/ssl/private/netbox.key;

client_max_body_size 25m;

location /static/ {

alias /opt/netbox/netbox/static/;
}

location / {

proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

server {

# Redirect HTTP traffic to HTTPS
listen 80;
server_name 10.8.1.30;
return 301 https://$host$request_uri;
}

启动nginx

systemctl restart nginx

12.安装高性能服务器网关接口Gunicorn

创建配置文件

cd /opt/netbox
cpcontrib/gunicorn_config.py /opt/netbox/gunicorn.py

13.安装守护进程管理工具

cp contrib/*.service /etc/systemd/system
systemctl daemon-reload
systemctl start netbox netbox-rq
systemctl enable netbox netbox-rq

setsebool -P httpd_can_network_connect 1

Netbox升级指南

1.下载最新版本的安装包

wgethttps://github.com/netbox-community/netbox/archive/vX.Y.Z.tar.gz
tar-zxvfvX.Y.Z.tar.gz-C/opt粉字为新安装包的版本号
cd/opt/
ln-sfnnetbox-x.y.z/netbox



2.将原设备的相关配置移植到新安装包中红字为现安装包的版本号
cpnetbox-2.8.6/netbox/netbox/configuration.pynetbox/netbox/netbox/configuration.py
cp netbox-2.8.6/gunicorn.py netbox/gunicorn.py

3.执行升级脚本

cd/opt /netbox

改写脚本命令，添加pip本地源加速

# Install necessary system packages
COMMAND=”pip3 install wheel -i http://pypi.douban.com/simple –trusted-host pypi.douban.com“
echo “Installing Python system packages ($COMMAND)…”
eval $COMMAND || exit 1

# Install required Python packages
COMMAND=”pip3 install -r requirements.txt -i http://pypi.douban.com/simple –trusted-host pypi.douban.com“
echo “Installing core dependencies ($COMMAND)…”
eval $COMMAND || exit 1

./upgrade.sh


4重启WSGI服务
systemctlrestartnetbox netbox-rq

异常处理参考连接Netbox Login failed after upgrade to version2.9.0 | thierolf.org

实用命令

lldp与cdp兼容

https://support.huawei.com/enterprise/en/doc/EDOC1000088753?section=j007

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/46sg/configuration/guide/Wrapper-46SG/swlldp.html



SDL-FW查询showintterse

MAC关系查询shmacaddaddHH.HH.HH(cisco)

shmac-addHH-HH-HH(huawei)

shmacaddaddH.H.H.H.H.H(ciscoSF220)