We're not even a year old yet as a company, and we know that it's currently not easy to find details on netbox.dev, and we're in the middle of a project to address that. In the meantime, I hope you'll check out the resources hosted on https://netboxlabs.com.
There's also a slack workspace at https://netdev-community.slack.com/ where you can interact with me and my colleagues. I'm @Jeff Gehlbach.
Feedback: the pricing is completely whacked, IMHO. I got excited that I could move to someone else supporting Netbox instead of my team, however due to the number of devices I have, I would have to use the middle license tier -- that's listed as $20,000/yr. This isn't a $20,000/yr problem to me, it would be impossible to justify this to my management, sadly.
Just my feedback on your pricing. Netbox itself, the code and the absolutely stunning dev velocity is inspiring, but unless pricing were drastically lower I couldn't go for it. Would otherwise love to support.
And yeah, the pricing for NetBox Cloud isn't a fit for every use case. That product isn't the only thing we've got cooking; stay tuned :)
In prior roles I've seen NetBox explicitly vetoed in favor of technically inferior solutions because there was no available support contract at the time. Also, Sunbird has fancy 3D rack renders, and that's management catnip.
Some background on our usecase, tldr at the bottom. We effectively just need basic documentation. Which port on which patchpanel does this drop go to? Which network port is that connected to? What vlan should be assigned to it? Which router manages that vlan? What network range is on that vlan if any? What IP address should this device be assigned?
I've always found it just a bit difficult to setup things correctly, partly because everything feels slow. To put it into perspective, I was eventually running netbox on a VPS with 2 Genoa cores and 4 gigs of ram and even then some queries would be slow and page loads felt sluggish. Ping to the DC is sub 1ms on that. To need to provide that much horsepower for a DB with an interface just seemed like overkill to management.
Our usecase was great in earlier versions of netbox, the worst performance degradation came around when the graphql API got pushed and newer versions haven't improved it.
As I said, don't take it as a negative, netbox is a good product and to be fair I have never submitted an issue for this nor have I made an attempt to dig into the code to fix it (you can happily blame Django for that). Internally we see netbox as something we probably didn't put enough effort into doing correctly but at the same time the performance issues are a dealbreaker.
There are also reports you can write to catch any data issues.
Given the repeated asks on the GitHub issues, I’m confident I’m not alone in that belief.
Infoblox doesn’t tell me to write a terraform script to update AD/dns and vice versa, they built it into the product.
Netbox has a lot of great features for documenting your infrastructure even if you don't use IPAM - which Infoblox does not do at all.
I agree, the only place it has ever worked for me was in a team of 6 with a fixed deadline and liquidated damages for being late, and the source of truth was a binder with all of the drawings. What is highlighted is true, what is not highlighted is yet to be checked. Be careful precisely what you highlight (cable tag, terminal number, relay contacts, etc) or you are throwing the team and company Under the bus.
Doesn’t scale but works great for getting shit done correctly with no fuss.
This was my main problem with NetBox as well.
>NetBox is the leading solution for modeling and documenting modern networks. By combining the traditional disciplines of IP address management (IPAM) and datacenter infrastructure management (DCIM) with powerful APIs and extensions, NetBox provides the ideal "source of truth" to power network automation.
We use it as a front end for managing physical datacenters with a host of services that take or store their state in netbox.
Services check boot targets, hosttypes, connected switch and power ports, the service and role a host will or does provide, lifecycle tracking, etc . . .
And, we can give it to our physical datacenter techs and they just set the fields and boot the host.
It's a really nice way to manage a front end, because netbox handles things like ldap and UI and we just write services that make the datacenter look like netbox.
Hence, a source of truth. The mysterious machinations of the modern datagram hailstorm quantified and exposed.
There is a demo instance here: https://demo.netbox.dev/
I mean, if MyVM has today IP: 10.10.10.200, and tomorrow somebody change that IP,
* should I expect Netbox to change the IP assigned to MyVM?
Does Netbox do some kind of auto-discovery? or that's not its role?
Can Netbox ping my VM to know if they are UP, or that's not its role?
The change to the VM’s IP should be done through an auditable change process (like a pull request). If the VM doesn’t match the source of truth, the VM is wrong, not the source of truth.
That PR process would also update your telegraf plugins to ensure that the new IP is being monitored etc.
Net is won’t change the process, your automation (an ansible playbook perhaps) would do the change based on the information in the source of truth
Now it’s possible you only have a couple dozen hosts and a handful of networks and thus your source of truth could be an inventory file, that’s a reasonable solution. When you have dozens or hundreds of switches and hosts in the thousands or more range, I would prefer to have a UI wrapped around that file though, with various links between different locations, switch ports, MDU outputs, etc, that’s where netbox comes in. Your grafana dashboard can take the physical location and tie in with your various monitoring (host and environment) to identify a problem in a specific part of your data centre quickly and reliably, as netbix knows what rack the host is in, what switch it’s connected to, etc
Other products do those things well, and can integrate with NetBox via our extensibility facilities including API, plugins, and scripts. In fact, we just announced partnerships with a couple of vendors that do those very things: https://netboxlabs.com/news/strategic-partnerships-reduce-ad...
So, (sorry I probably should read the docs, and I will, but I'm pretty curious now) the day we implement it, we have to plan to add all our data by hand, am I right? (IP, subnets, details on routes/routers, switches, login URI, notes, locations, ecc ecc..)
The main area where they don't overlap is documenting physical equipment in racks, with which you can use to do some quite useful things.
e.g. document every cable connection, so it can draw the full path from one interface to a switchport through multiple layers of structure cabling/patch panels, and associate an IP address with a specific physical interface on a specific device.
Or track power draw on PSUs, and track that back to the relevant PDU/power feed to ensure it's within permitted power levels.
Needless to say, using all features can be quite time consuming!
[1] https://github.com/netbox-community/netbox/tree/develop/netb...
You may have good reasons, but I'll note for other readers that the NetBox documentation takes a position against doing that:
> "Serve as a "Source of Truth" - NetBox intends to represent the desired state of a network versus its operational state. As such, automated import of live network state is strongly discouraged. All data created in NetBox should first be vetted by a human to ensure its integrity. NetBox can then be used to populate monitoring and provisioning systems with a high degree of confidence." - https://docs.netbox.dev/en/stable/introduction/
and
> "ultimately the onus falls to a human operator to assert what is correct and what is not. For example, NetBox can validate the connection of a cable between two interfaces, but it cannot say whether the cable should be there." - https://docs.netbox.dev/en/stable/getting-started/planning/
Monitoring systems reflect the way your network is; ideally NetBox holds the admin side of the way your network should be - from your contracts, services, business agreements - and if the real state differs, you bring the real state into line with NetBox.
admin:admin
My use at work was just a subset of features (IP and hostname), but I ended up using its Postgres DB as a source for SSH key deployment scripts (these days (maybe back then too) much easier to do with Ansible).
Glad to see it's still actively developed and has a ton of features, yet seems to still be great at its core features!
NetBox: Infrastructure resource modeling application for network automation - https://news.ycombinator.com/item?id=28264828 - Aug 2021 (11 comments)
NetBox – DigitalOcean's IPAM and DCIM tool – open sourced - https://news.ycombinator.com/item?id=11986828 - June 2016 (4 comments)
EDIT: should note we are using the on-prem version, not cloud/SaaS.
Used a replicated PostgreSQL database and a Redis cluster (we went for KeyDB for HA) backing it and it's HA.
I'm also really excited about the recently (like last week) added IPAM/Rack management in Hudu (kind of like IT Glue). It's pretty rudimentary but they seem to iterate quickly and that will be a great option for people who do IPAM/rack documentation for many customers.
