Install NetBox IPAM Tool on CentOS 7 / RHEL 7

Welcome to our guide on how to Install Netbox on CentOS 7 with Apache and Supervisord. NetBox is an open source web application designed to help manage and document computer networks. Initially conceived by the network engineering team at DigitalOcean.

Netbox encompasses the following aspects of network management:

• IP address management (IPAM) – IP networks and addresses, VRFs, and VLANs
• Equipment racks – Organized by group and site
• Devices – Types of devices and where they are installed
• Connections – Network, console, and power connections among devices
• Virtualization – Virtual machines and clusters
• Data circuits – Long-haul communications circuits and providers
• Secrets – Encrypted storage of sensitive credentials

For Ubuntu / Debian, check:

• How To Install NetBox IPAM on Debian Linux
• How to Install NetBox on Ubuntu LTS

Follow steps below to install Netbox on your CentOS 7 server.

Step 1: Add EPEL repository

We need an epel repository to install some dependency packages. Add it to your CentOS 7 server using the following commands:

sudo yum -y install epel-release

A repository file for EPEL will be added to /etc/yum.repos.d directory:

ls /etc/yum.repos.d

Step 2: Disable SELinux

As we will be using custom TCP ports, it is recommended to disable or put SELinux in permissive mode unless you know how to work with the tool.

sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
cat /etc/selinux/config | grep SELINUX=

We put SELinux in Permissive mode but you can permanently disable it by running:

sudo sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

Step 3: Install dependency packages

Install all required dependencies on your CentOS 7 system:

sudo yum -y install @"Development Tools"
sudo yum -y install wget vim gcc httpd git libxml2-devel libxslt libffi-devel graphviz libxslt-devel supervisor zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel tk-devel libffi-devel xz-devel gdbm-devel ncurses-devel

After installation of Development tools you can proceed to install Python on your CentOS 7 system.

Step 4: Install Python 3.9

Netbox IPAM requires Python 3.9 and above. In this article we install Python 3.9 on CentOS 7.

Download Python 3.9 archive:

wget https://www.python.org/ftp/python/3.9.17/Python-3.9.17.tgz

Extract the archive.

tar xzf Python-3.9.17.tgz

Switch to the directory created after extracting the archive file

cd Python-*/
sudo ./configure --enable-optimizations

Install Python 3.9 on CentOS 7 using the make command:

sudo make altinstall

Confirm installation of Python by querying with the following command:

$ whereis python3.9
python3: /usr/bin/python3 /usr/local/bin/python3.9m /usr/local/bin/python3.9 /usr/local/bin/python3.9m-config /usr/local/lib/python3.9

Create symlink of Python3.9 to Python3

sudo ln -fs /usr/local/bin/python3.9 /usr/bin/python3
sudo ln -fs /usr/local/bin/pip3.9 /usr/bin/pip3

You should now be able to use python3 command directly:

$ python3 --version
Python 3.9.17

Step 5: Install and configure PostgreSQL

Add PostgreSQL repository to the system:

sudo yum -y install https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm

Then install PostgreSQL database server:

sudo yum -y install postgresql14 postgresql14-server

Initialize database

sudo /usr/pgsql-14/bin/postgresql-14-setup initdb

Start and enable PostgreSQL service to start on boot

sudo systemctl enable postgresql-14
sudo systemctl start postgresql-14

Confirm service status:

$ systemctl status postgresql-14
● postgresql-14.service - PostgreSQL 14 database server
   Loaded: loaded (/usr/lib/systemd/system/postgresql-14.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-11-09 12:02:16 UTC; 16s ago
     Docs: https://www.postgresql.org/docs/14/static/
  Process: 1698 ExecStartPre=/usr/pgsql-14/bin/postgresql-14-check-db-dir ${PGDATA} (code=exited, status=0/SUCCESS)
 Main PID: 1703 (postmaster)
   CGroup: /system.slice/postgresql-14.service
           ├─1703 /usr/pgsql-14/bin/postmaster -D /var/lib/pgsql/14/data/
           ├─1705 postgres: logger
           ├─1707 postgres: checkpointer
           ├─1708 postgres: background writer
           ├─1709 postgres: walwriter
           ├─1710 postgres: autovacuum launcher
           ├─1711 postgres: stats collector
           └─1712 postgres: logical replication launcher

Nov 09 12:02:16 centos.hirebestengineers.com systemd[1]: Starting PostgreSQL 14 database server...
Nov 09 12:02:16 centos.hirebestengineers.com postmaster[1703]: 2022-11-09 12:02:16.527 UTC [1703] LOG:  redirecting log output to logging collector process
Nov 09 12:02:16 centos.hirebestengineers.com postmaster[1703]: 2022-11-09 12:02:16.527 UTC [1703] HINT:  Future log output will appear in directory "log".
Nov 09 12:02:16 centos.hirebestengineers.com systemd[1]: Started PostgreSQL 14 database server.

Create a database and user for NetBox

$ sudo su - postgres
-bash-4.2$ psql
psql (14.0)
Type "help" for help.

postgres=# CREATE DATABASE netbox;
CREATE DATABASE
postgres=# CREATE USER netbox WITH PASSWORD 'StrongPassword';
CREATE ROLE
postgres=# GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;
GRANT
postgres=#
postgres=# \q
-bash-4.2$ exit
logout

Enable password login to PostgreSQL database

sudo sed -i -e 's/ident/md5/' /var/lib/pgsql/14/data/pg_hba.conf

Restart database service for the changes to take effect

sudo systemctl restart postgresql-14

Confirm that you can login to database as netbox user

$ psql -U netbox -h localhost -W
Password: StrongPassword
psql (14.0)
Type "help" for help.

netbox=> exit

Step 6: Install and configure Netbox

Change to /opt/ directory

cd /opt/
sudo git clone -b master https://github.com/digitalocean/netbox.git

Create a configuration file

cd netbox/netbox/netbox/
sudo cp configuration.example.py configuration.py

Edit the configuration file and set allowed host and database login details

$ sudo vim configuration.py
# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local']
ALLOWED_HOSTS = ['*']
# PostgreSQL database configuration.
DATABASE = {
    'NAME': 'netbox',                           # Database name
    'USER': 'netbox',                           # PostgreSQL username
    'PASSWORD': 'StrongPassword',               # PostgreSQL password
    'HOST': 'localhost',                        # Database server
    'PORT': '',                                 # Database port (leave blank for default)
}

1) Create a Python Virtual Environment.

Create a virtual environment for Netbox project.

cd /opt/netbox/
sudo python3 -m venv /opt/netbox/venv

Activate the environment to start using it.

source venv/bin/activate

Install Python module and Django dependencies:

sudo python3 -m pip install -U pip
sudo python3 -m pip install -U setuptools
sudo pip3 install -r /opt/netbox/requirements.txt
sudo pip3 install --upgrade PyYAML --ignore-installed

Modify the Django path.

$ sudo vim /etc/profile.d/local_python.sh
PYTHONPATH="/usr/local/lib/python3.9/site-packages/":"${PYTHONPATH}"
export PYTHONPATH 

$ source /etc/profile.d/local_python.sh

2) Generate the Django Secret Key

Now generate the Django SECRET Key as below.

cd /opt/netbox/netbox
./generate_secret_key.py

Then set the key on configuration.py file. The value is as generated above.

$ sudo vim netbox/configuration.py
SECRET_KEY = '30m&hqd@09h2i5hro=^l8wqtjw2$!3j%=f2!zh_sey+13jg%3$'

3) Create Schemas

Create the schema for Netbox IPAM by performing database migrations:

cd /opt/netbox/netbox/
sudo python3 manage.py migrate

Sample execution output:

....
Updating 0 prefixes...
 OK
  Applying ipam.0049_prefix_mark_utilized... OK
  Applying ipam.0050_iprange... OK
  Applying sessions.0001_initial... OK
  Applying taggit.0001_initial... OK
  Applying taggit.0002_auto_20150616_2121... OK
  Applying taggit.0003_taggeditem_add_unique_index... OK
  Applying tenancy.0002_tenant_ordering... OK
  Applying users.0001_squashed_0011... OK
  Applying virtualization.0023_virtualmachine_natural_ordering... OK

4) Create Netbox Admin User and Static files

The next step requires us to create a superuser account since Netbox doesn’t come with predefined user accounts. From the Netbox directory execute the command

sudo python3 manage.py createsuperuser

Proceed as below.

Username (leave blank to use 'thor'): admin
Email address: [email protected]
Password: 
Password (again): 
Superuser created successfully.

Move static files by running the following command

$ sudo python3 manage.py collectstatic
240 static files copied to '/opt/netbox/netbox/static'.

5) Configure gunicorn for Netbox

Install gunicorn Python module

sudo pip3 install gunicorn

Then configure Gunicorn like below:

sudo cp /opt/netbox/contrib/gunicorn.py /opt/netbox/gunicorn_config.py
sudo vim /opt/netbox/gunicorn_config.py

Add below at the top or bottom of the file

# Add below three lines
command = '/usr/bin/gunicorn'
pythonpath = '/opt/netbox/netbox'
user = 'netbox'

# The IP address (typically localhost) and port that the Netbox WSGI process should listen on
bind = '127.0.0.1:8001'

# Number of gunicorn workers to spawn. This should typically be 2n+1, where
# n is the number of CPU cores present.
workers = 5

# Number of threads per worker process
threads = 3

# Timeout (in seconds) for a request to complete
timeout = 120

# The maximum number of requests a worker can handle before being respawned
max_requests = 5000
max_requests_jitter = 500

Now create a supervisor configuration

$ sudo vim /etc/supervisord.d/netbox.ini
[program:netbox]
command = gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
directory = /opt/netbox/netbox/
user = netbox

Create netbox system user and group:

sudo groupadd --system netbox
sudo useradd --system netbox -g netbox
sudo chown -R netbox:netbox /opt/netbox/netbox/media/

Start and enable supervisord

sudo systemctl enable supervisord
sudo systemctl restart supervisord

Confirm that supervisord service is started without any errors:

$ systemctl status supervisord
● supervisord.service - Process Monitoring and Control Daemon
   Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-11-09 12:26:09 UTC; 25s ago
  Process: 2097 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
 Main PID: 2100 (supervisord)
   CGroup: /system.slice/supervisord.service
           ├─2100 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
           ├─2101 /bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
           ├─2104 /bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
           ├─2105 /bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
           ├─2106 /bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
           ├─2107 /bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi
           └─2108 /bin/python3 /usr/local/bin/gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi

Nov 09 12:26:09 centos.hirebestengineers.com systemd[1]: Starting Process Monitoring and Control Daemon...
Nov 09 12:26:09 centos.hirebestengineers.com systemd[1]: Started Process Monitoring and Control Daemon.

Netbox service should be listening on Port 8001

$ sudo ss -tunelp | grep 8001
tcp    LISTEN     0      128       *:8001                  *:*                   users:(("gunicorn",pid=4281,fd=5),("gunicorn",pid=4280,fd=5),("gunicorn",pid=4279,fd=5),("gunicorn",pid=4278,fd=5),("gunicorn",pid=4277,fd=5),("gunicorn",pid=4274,fd=5)) uid:997 ino:85986 sk:ffff9887b4799740 <->

Install and start redis service

sudo yum -y install redis
sudo systemctl enable --now redis
systemctl status redis

Step 7: Configure httpd or Nginx as proxy

We will use either Apache Web Server or Nginx to Proxy all requests from user to Netbox services.

For Nginx

Install nginx package with the following command:

sudo yum -y install nginx

Create a VirtualHost file –> /etc/nginx/conf.d/netbox.conf

server {
    listen 80;
    server_name netbox.example.com;
    client_max_body_size 25m;

    location /static/ {
        alias /opt/netbox/netbox/static/;
    }

    location / {
        proxy_pass http://127.0.0.1:8001;
    }
}

Check syntax and start nginx

sudo nginx -t
sudo systemctl start nginx
sudo systemctl enable nginx

Configure firewalld

If you have a running firewalld service, enable netbox port

sudo firewall-cmd --permanent --add-port={80,443}/tcp
sudo firewall-cmd --reload

Access Netbox Web UI

Open your default web browser and open Netbox server IP and port configured on Apache.

http://netbox.example.com

You should get a portal like below:

 Click “Log in” in the right corner to authenticate with created user and password

After login you’ll get access to Netbox admin portal where you can manage your Networks IPs, Devices, and Infrastructure.

Enjoy using Netbox to manage your IP networks and addresses, VRFs, and VLANs and Network devices in the Infrastructure. For further configurations and customizations refer to the official Netbox documentation.