GLPI Integration

---

This role, netbox_glpi is part of the Ansible collection nofusscomputing.netbox and contains all of the logic to setup GLPI and NetBox so that the data from NetBox can be synchronized to GLPI.

There are two methods available to take advantage of this role: running the playbooks and rulebook manually or by deploying the docker container we publish. The docker container is intended to be the all-in-one solution for integrating NetBox with GLPI. The container is published to Docker Hub and can be fetched by running docker pull nofusscomputing/netbox-glpi:dev.

Features

• Devices Created/Updated within NetBox are synced to GLPI

  Info

  Currently the only supported items for updates are those that have had itil_item_type field set to computer. See below for further details.

• Entity Sync from GLPI

• Deployment of netbox-glpi container to Kubernetes

• Manufacturer Sync from Netbox

• NetBox Status' added to GLPI

Requirements

The following requirements to use this collection are as follows:

• GLPI

  NetBox-sync:

  • User that has read/write permissions for assets and to All entities within GLPI

  • API Application Token Setup -> General -> API

  • API Token from the user account mentioned above

  NetBox Setup:

  • User that has read/write permissions for custom fields, custom field choices and custom links

  GLPI Setup:

  • User has access to add Status' to global drop downs

  • User has access to add Manufacturers to global drop downs

• NetBox

  • User with write permissions to devices and Virtual Machines

  • ALL items for sync to GLPI need to have fields GLPI Item Type and GLPI Entity set. Without this the item will not be added to GLPI. This will be possible only after running the setup steps.

Setup

To be able to automate the syncing of NetBox to GLPI, both Netbox and GLPI must be setup. to do this run the following play.

ansible-playbook nofusscomputing.netbox.glpi  \
    --extra-vars "nfc_pb_netbox_netbox_url=https://my-netbox-url" \
    --extra-vars "nfc_pb_netbox_netbox_token=my-netbox-token" \
    --extra-vars "nfc_pb_netbox_glpi_url_glpi=https://my-glpi-url" \
    --extra-vars "nfc_pb_netbox_itam_glpi_app_token=my-glpi-app-token" \
    --extra-vars "nfc_pb_netbox_itam_glpi_user_token=my-glpi-api-user-token"
    --tags setup

This play sets up both NetBox and GLPI for the sync process.

NetBox

The following items are setup/created in netbox as part of the setup process:

• Custom field itil_id is used by the system to keep track of the GLPI item ID within netbox.

• Custom field itil_item_type is used for the end user to set the device GLPI type. This is used to add the item to the correct location within GLPI.

  Tip

  If you already have your device in GLPI, you can manually set the NetBox items itil_id to that of the existing GLPI ID.

• Custom field UUID for computers and virtual machines. This field is the machines UUID.

• A custom link is also created within NetBox as part of the setup. This custom link has a bit of wizardry in that it builds the GLPI link for the device. This only occurs however, when the item has been added to GLPI and there exists a GLPI ID in field itil_id

GLPI

As Part of the setup process the default device status' from NetBox are added to the root entity (recusive=yes) within GLPI. This Dropdown field will be used for the device when it is synced from Netbox so that the Status between the two systems remain in sync. So as not to require additional permissions for the API client, the status' are setup within the default vars as a list under key nfc_role_netbox_glpi_device_status. This enables you to update the available status' if you use a custom set within Netbox. This process unfortunately, is manual. If you update the status' list, don't forget to run the setup job again.

GLPI/NetBox Sync

A play exists with the purpose of syncing items between GLPI and NetBox. The purpose of this play is to keep fields that have information from the other system in sync. To run, use the following command.

ansible-playbook nofusscomputing.netbox.sync \
    --extra-vars "nfc_pb_netbox_netbox_url=https://my-netbox-url" \
    --extra-vars "nfc_pb_netbox_netbox_token=my-netbox-token" \
    --extra-vars "nfc_pb_netbox_glpi_url_glpi=https://my-glpi-url" \
    --extra-vars "nfc_pb_netbox_itam_glpi_app_token=my-glpi-app-token" \
    --extra-vars "nfc_pb_netbox_itam_glpi_user_token=my-glpi-api-user-token"

This playbook will create within NetBox, a custom field choices containing ALL of the GLPI Entities and add a custom field for the end user to select the GLPI entity the item should be added to. Within GLPI all of the manufacturers found in NetBox are added to GLPI. This play can be run as often as you would like as it will update GLPI/Netbox with any updated items.

Events Endpoint

As part of the collection there is an EDA (Event Driven Ansible) rulebook for NetBox to use to post updates to that is the ingress for updating GLPI. This endpoint is available as a docker container or can be setup to run manually with the following command.

ansible-rulebook -r nofusscomputing.netbox.entities --vars "my-vars.yaml"

the following variables are required for the rulebook.

nofusscomputing_netbox_eda_port: 5000           # Optional, Integer. the port number the EDA rulebook will listen on.
nofusscomputing_netbox_api_username: ansible    # Optional, string. Username of the API user. Recommend setting to prevent update loops.

# See default variables below for explanation
nfc_pb_netbox_netbox_token:
nfc_pb_netbox_netbox_url:
nfc_pb_netbox_glpi_url_glpi:
nfc_pb_netbox_itam_glpi_app_token:
nfc_pb_netbox_itam_glpi_user_token:

Container Setup

We build and publish a docker container for the EDA rulebook and sync that you can use within your environment. Doesn't matter if it's a simple docker-compose or kubernetes setup.

The container already automagically starts an EDA rulebook that is listening for connections from NetBox. To setup the container you must configure the rulebook via a vars file. Mount your a vars file to path /root/var.yaml. The content of this vars file is mentioned in the previous section. There is also a cronjob within the container that synchronizes the GLPI entites to NetBox. By default the job will run every 15 mins. if you wish to change this mount a new cron file to path /etc/cron.d/glpi-sync within the container.

/etc/cron.d/glpi-sync

#
# Default GLPI to Netbox Entity Sync Job
#

*/15 * * * * ansible-playbook nofusscomputing.netbox.sync --extra-vars "@/root/vars.yaml" -v

Default cron file for sync with NetBox.

Once you have the container running all available playbooks can be run from within the the container. i.e. docker run -ti <container name> ansible-playbook nofusscomputing.netbox.glpi --tags setup

Kubernetes Deployment

As part of this role there exists a play to deploy the nofusscomputing/netbox-glpi container to kubernetes. The Kubernetes deployment is customizable by adjusting the variables prefixed with nfc_role_netbox_glpi_kubernetes_. You will also be need to configure the required variables for the API as explained in the previous section. These variables will be automagically added to the vars.yaml file. Manifests that are deployed can be viewed in the repository. To run the play use:

ansible-playbook nofusscomputing.netbox.glpi \
    -i inventory/ \
    --tags deploy-kubernetes

Updating the container

To update the container to a newer version, the following steps should be followed:

1. pull the new container

2. relaunch the deployment using the new container

3. run the setup command docker run -ti <container name> ansible-playbook nofusscomputing.netbox.glpi --tags setup

What gets synced from NetBox to GLPI

Syncing of items occurs based off of the presence of a field. The order of precedence is serial number then name. If the item is not found no additional search is conducted and the item will be created in GLPI. If the item that was added/updated has a GLPI item ID set, then no search is done and it is this item that will be updated in GLPI.

• Device with its type set to computer.

  Device with its type set to networkequipment.

  The following fields are kept in sync:

  • Asset Number

  • Manufacturer

  • Name

  • Selected GLPI Entity

  • Serial Number

  • Status

  • UUID

• Virtual Machine with its type set to computer.

  The following fields are kept in sync:

  • Name

  • Selected GLPI Entity

  • UUID

Default Variables

---

nfc_pb_netbox_force_logging: false    # Optional, Boolean. Don't hide sensitive data from logs. Setting this to true will have secrets logged.

# NetBox
nfc_pb_netbox_netbox_token:                    # Mandatory, String. Token of user with write permissions
nfc_pb_netbox_netbox_url:                      # Mandatory, String. URL of netbox server. including protocol and port if applicable. no trailing `/`
nofusscomputing_netbox_api_username: Ansible   # Recommended, String. The username of the Netbox API user. Used to prevent update/event webhook loops.


# GLPI
nfc_pb_netbox_glpi_url_glpi:           # Mandatory, String. URL of GLPI server. including protocol and port if applicable. no trailing `/`
nfc_pb_netbox_itam_glpi_app_token:     # Mandatory, String. App Token from GLPI Settings
nfc_pb_netbox_itam_glpi_user_token:    # Mandatory, String. Token of user with write permissions

nfc_role_netbox_glpi_device_status:    # Netbox Default Device Status'
  - Offline
  - Active
  - Planned
  - Staged
  - Failed
  - Inventory
  - Decommissioning


########################################################################################
# Container netbox-glpi Kubernetes Deployment
########################################################################################


nfc_role_netbox_glpi_kubernetes_namespace: netbox          # Namespace to create deployment in

nfc_role_netbox_glpi_kubernetes_instance: netbox-glpi      # Deployment instance name

nfc_role_netbox_glpi_kubernetes_image:                     # The Deployed Image
  name: NetBox GLPI Integration                            # Optional, String. Name of the image.
  # registry:                                              # Optional, String. Name of the registry to fetch the image from
  image: nofusscomputing/netbox-glpi                       # Mandatory, String. Name of the image to fetch
  tag: 0.3.0                                               # Mandatory, String. Image tag to pull
  # sha256:                                                # Optional, String. The sh256 of the image to lock the tag to.

nfc_role_netbox_glpi_kubernetes_affinity: {}               # Deployment Affinity

nfc_role_netbox_glpi_kubernetes_replicas: 1                # How many deployment replicas to deploy

nfc_role_netbox_glpi_kubernetes_tolerations: []            # Deployment tolerations

nfc_role_netbox_glpi_kubernetes_limit_cpu: 1000m           # Pod CPU limit

nfc_role_netbox_glpi_kubernetes_limit_memory: 2Gi          # Pod memory limit

About:

This page forms part of our Project Netbox Ansible Collection.

Page Metadata

Version: ToDo: place files short git commit here
Date Created: 2024-04-07
Date Edited: 2024-04-12

Contribution:

Would You like to contribute to our Netbox Ansible Collection project? You can assist in the following ways:

• Edit This Page If there is a mistake or a way you can improve it.
• Add a Page to the Manual if you would like to add an item to our manual
• Raise an Issue if there is something about this page you would like to improve, and git is unfamiliar to you.

 

ToDo: Add the page list of contributors