Documentation
Kubernetes
Deploying netbox into Kubernetes

Deploying netbox into Kubernetes

Overview

Netbox provides a full IPAM and Asset Management platform. We will install this into our kubernetes cluster.

It requires redis for caching, postgres for database, and traefik for an ingress.

Setting up Postgres DB

On our standalone postgres database server, we will need to create a db and user for netbox.

CREATE USER netbox;
ALTER USER netbox WITH PASSWORD 'netbox-password';
GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;
ALTER DATABASE netbox OWNER TO netbox;
\connect netbox;
GRANT CREATE ON SCHEMA public TO netbox;#

Installing Netbox from the Helm Chart 

helm repo add bootc https://charts.boo.tc
helm repo update
helm show values bootc/netbox > netbox_values.yaml

Modify the netbox_values.yaml file to give access to external redis, external postgres, and also enable the ingress.

Make the following modifications:

netbox_values.yaml

...
superuser:
  name: blair
  email: blair.hoddinott@gmail.com
  password: <password>
  apiToken: 0123456789abcdef0123456789abcdef01234567
...
postgresql:
  ## Deploy PostgreSQL using bundled chart
  # To use an external database, set this to false and configure the settings
  # under externalDatabase
  enabled: false

  postgresqlUsername: netbox
  postgresqlDatabase: netbox

## External database settings
# These are used if postgresql.enabled is false, and are ignored otherwise
externalDatabase:
  host: wn-postgres-01.weepynet.com
  port: 5432
  database: netbox
  username: netbox
  password: "netbox-password"
  # existingSecretName: ""
  # existingSecretKey: postgresql-password

  # The following settings also apply when using the bundled PostgreSQL chart:
  sslMode: prefer
  connMaxAge: 300
  disableServerSideCursors: false
...
redis:
  ## Deploy Redis using bundled chart
  # To use an external Redis instance, set this to false and configure the
  # settings under *both* tasksRedis *and* cachingRedis
  enabled: false

tasksRedis:
  database: 0
  ssl: false
  insecureSkipTlsVerify: false

  # Used only when redis.enabled is false. host and port are not used if
  # sentinels are given.
  host: redis.weepynet.com
  port: 6379
  # sentinels: []
  #  - mysentinel:26379
  # sentinelService: netbox-redis
  # sentinelTimeout: 300
  # password: ""
  # existingSecretName: ""
  # existingSecretKey: redis-password

cachingRedis:
  database: 1
  ssl: false
  insecureSkipTlsVerify: false

  # Used only when redis.enabled is false. host and port are not used if
  # sentinels are given.
  host: redis.weepynet.com
  port: 6379
  # sentinels: []
  #  - mysentinel:26379
  # sentinelService: netbox-redis
  # sentinelTimeout: 300
  # password: ""
  # existingSecretName: ""
  # existingSecretKey: redis-password
...
ingress:
  enabled: true
  className: ""
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
    - host: netbox.weepynet.com
      paths:
...

Now we can install netbox

kubectl create ns netbox
helm install netbox -n netbox bootc/netbox -f netbox_values.yaml
Deploying External Secrets Operator into Kubernetes