NetBox v3.0.10 with Napalm

xav....@gmail.com

unread,

Nov 18, 2021, 1:23:46 PM11/18/21

to NetBox

Has anyone successfully installed Napalm and have it integrated with NB 3 ?

I struggled to get it working with NB v2 but since a full reinstall and upgrade, I don't have any version to upgrade from.

I had previously posted my issues with v2 here: https://groups.google.com/g/netbox-discuss/c/eJVi7McWOMM/m/JCSiPJeuAQAJ and managed to get it working.

But I'm now trying to recreate it on my fresh v3 install. So far, I've:

added napalm, pynxos and netmiko in local_requirements and done an ./upgrade.sh
added the Napalm username and password in configuration.py
configured a platform specifying "nxos" as the driver for a Cisco NX OS switch

But I have no LLDP tab, etc.

What am I missing?

Brian Candler

unread,

Nov 18, 2021, 2:52:16 PM11/18/21

to NetBox

Works for me. I have the 'Status', 'LLDP Neighbors', 'Config' tabs.

# local_requirements.txt

napalm

napalm-ros

# configuration.py

NAPALM_USERNAME = 'oxidized'

NAPALM_PASSWORD = 'xxxxxxxx'

NAPALM_TIMEOUT = 30

NAPALM_ARGS = {}

I didn't change anything between NB2 and NB3, but I did ensure that configuration.py was up to date, by careful diffing with configuration.example.py

As I think you already know, it's necessary to link the device to a platform, and the platform to a Napalm driver. In my case I'm using Mikrotik, so the device has

Platform: RouterOS

and the RouterOS platform has

NAPALM Driver: ros

Try nbshell, and see if you see any error when importing napalm:

cd /opt/netbox

. venv/bin/activate

python netbox/manage.py nbshell

>>> import napalm

>>>

Xavier Walker

unread,

Nov 18, 2021, 3:28:40 PM11/18/21

to Brian Candler, NetBox

Thank you for the superb answer Brian. I'll give it a go tomorrow and report back!

--
You received this message because you are subscribed to the Google Groups "NetBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netbox-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netbox-discuss/ce80dde4-8bf2-47ec-b0e5-a33ea59d48c2n%40googlegroups.com.

Bogdan Cordos

unread,

Nov 19, 2021, 4:01:59 AM11/19/21

to NetBox

If you don't see the Status,LLDP and Configuration is because you might miss setting a primary IP for the device.

Brian Candler

unread,

Nov 19, 2021, 4:24:02 AM11/19/21

to NetBox

Good point. The device status also has to be "Active". You also need permission "dcim.napalm_read_device", although if you're logged in as a "Superuser" that shouldn't make a difference.

Here's the actual logic from netbox//templates/dcim/device/base.html

{% if perms.dcim.napalm_read_device and object.status == 'active' and object.primary_ip and object.platform.napalm_driver %}

{# NAPALM-enabled tabs #}

Status

</a>

</li>

LLDP Neighbors

</a>

</li>

Configuration

</a>

</li>

{% endif %}

xav....@gmail.com

unread,

Nov 19, 2021, 6:45:59 AM11/19/21

to NetBox

I have the IP configured, Bogdan, but good point.

I think the issue is because in my local_requirements, it looks like you need to list the driver name with a preceding "napalm". I see Brian has "napalm-ros". I think this is the critical point.

In the very good video Brian posted on YouTube, installing napalm alone via pip seems to be sufficient - it brought in all the different driver packages. My guess is this is no longer the case and you need to explicitly mention each driver you want. So napalm-ros, and I guess "napalm-nxos" ?

In adding these to my local_requirements, I now have a new error. It seems it cannot download them ("Network is unreachable"). I do have to use a proxy which I've set up and it's worked for everything else, not sure what I'm missing. I've looked at the proxy logs and they show a connection to pypi.org on 443.

Installing local dependencies (pip --proxy=http://172.16.98.12:3128 install -r local_requirements.txt)...

Collecting napalm

Using cached napalm-3.3.1-py2.py3-none-any.whl (256 kB)

Collecting napalm-ros

Using cached napalm-ros-1.0.1.tar.gz (8.0 kB)

Installing build dependencies ... error

ERROR: Command errored out with exit status 1:

command: /opt/netbox-3.0.10/venv/bin/python3 /tmp/pip-standalone-pip-3fvg2pys/__env_pip__.zip/pip install --ignore-installed --no-user --prefix /tmp/pip-build-env-00wvfi2a/overlay --no-warn-script-location --no-binary :none: --only-binary :none: -i https://pypi.org/simple -- setuptools wheel

cwd: None

Complete output (7 lines):

WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7f9acb0d6100>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /simple/setuptools/

WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7f9acb0d6340>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /simple/setuptools/

WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7f9acb0d61f0>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /simple/setuptools/

WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7f9acb0d6670>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /simple/setuptools/

WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7f9acb0d6850>: Failed to establish a new connection: [Errno 101] Network is unreachable')': /simple/setuptools/

ERROR: Could not find a version that satisfies the requirement setuptools (from versions: none)

ERROR: No matching distribution found for setuptools

----------------------------------------

WARNING: Discarding https://files.pythonhosted.org/packages/b9/4c/cba55eb547c6fbede85daeafa527bb87dc98a98528e30d9a379a5524c651/napalm-ros-1.0.1.tar.gz#sha256=ae19898545d77cfd2169b6129e75bf1e9fc4b61a93a84d3fcc10544f6b645af2 (from https://pypi.org/simple/napalm-ros/). Command errored out with exit status 1: /opt/netbox-3.0.10/venv/bin/python3 /tmp/pip-standalone-pip-3fvg2pys/__env_pip__.zip/pip install --ignore-installed --no-user --prefix /tmp/pip-build-env-00wvfi2a/overlay --no-warn-script-location --no-binary :none: --only-binary :none: -i https://pypi.org/simple -- setuptools wheel Check the logs for full command output.

Using cached napalm-ros-1.0.0.tar.gz (7.9 kB)

Preparing metadata (setup.py) ... done

Collecting napalm-nxos

Using cached napalm-nxos-0.7.1.tar.gz (27 kB)

Preparing metadata (setup.py) ... error

etc.

Thoughts?

Brian Candler

unread,

Nov 19, 2021, 10:52:26 AM11/19/21

to NetBox

On Friday, 19 November 2021 at 11:45:59 UTC xav....@gmail.com wrote:

In the very good video Brian posted on YouTube

That must be a different Brian :-)

Your networking problem I can't help you with. That's something local to your site, and/or a broken pip repository.

Regarding which packages to install, these are the ones I have:

root@netbox3:/opt/netbox# . venv/bin/activate

(venv) root@netbox3:/opt/netbox# pip list | grep napalm

napalm 3.3.1

napalm-ros 1.0.1

(venv) root@netbox3:/opt/netbox#

The documentation says the napalm package includes all the "core" drivers. If nxos is "core" then you won't need anything else. This works for me:

(venv) root@netbox3:/opt/netbox# python3 netbox/manage.py nbshell

### NetBox interactive shell (netbox3)

### Python 3.8.10 | Django 3.2.9 | NetBox 3.0.10

### lsmodels() will show available models. Use help(<model>) for more info.

>>> import napalm.nxos

>>>

So it looks like nxos is there by default.

xav....@gmail.com

unread,

Nov 19, 2021, 12:31:36 PM11/19/21

to NetBox

Ahh I'm getting closer to the probable cause of the problem: it's a rights thing!

If, in the venv, I do a pip list, I don't get any Napalm packages.

(venv) netbox@netbox:/opt/netbox$ pip --proxy=http://172.16.98.12:3128 list |grep napalm

(venv) netbox@netbox:

So I try to install it thinking "that's strange, I've had that in my local_requirements" file...

(venv) netbox@netbox:/opt/netbox$ pip --proxy=http://172.16.98.12:3128 install napalm

Collecting napalm

Using cached napalm-3.3.1-py2.py3-none-any.whl (256 kB)

Requirement already satisfied: requests>=2.7.0 in ./venv/lib/python3.8/site-packages (from napalm) (2.26.0)

Collecting paramiko>=2.6.0

Using cached paramiko-2.8.0-py2.py3-none-any.whl (206 kB)

Requirement already satisfied: netaddr in ./venv/lib/python3.8/site-packages (from napalm) (0.8.0)

Collecting lxml>=4.3.0

Using cached lxml-4.6.4-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl (6.9 MB)

Requirement already satisfied: jinja2 in ./venv/lib/python3.8/site-packages (from napalm) (3.0.3)

Requirement already satisfied: pyYAML in ./venv/lib/python3.8/site-packages (from napalm) (6.0)

Collecting netmiko>=3.1.0

Using cached netmiko-3.4.0-py3-none-any.whl (178 kB)

Requirement already satisfied: setuptools>=38.4.0 in ./venv/lib/python3.8/site-packages (from napalm) (44.0.0)

Collecting future

Using cached future-0.18.2-py3-none-any.whl

Collecting junos-eznc>=2.2.1

Using cached junos_eznc-2.6.3-py2.py3-none-any.whl (196 kB)

Collecting ncclient

Using cached ncclient-0.6.12.tar.gz (106 kB)

Preparing metadata (setup.py) ... done

Collecting cffi>=1.11.3

Using cached cffi-1.15.0-cp38-cp38-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (446 kB)

Collecting pyeapi>=0.8.2

Using cached pyeapi-0.8.4-py3-none-any.whl

Collecting textfsm

Using cached textfsm-1.1.2-py2.py3-none-any.whl (44 kB)

Collecting ciscoconfparse

Downloading ciscoconfparse-1.6.6-py3-none-any.whl (116 kB)

|████████████████████████████████| 116 kB 29.9 MB/s

Collecting scp

Using cached scp-0.14.1-py2.py3-none-any.whl (8.4 kB)

Collecting pycparser

Using cached pycparser-2.21-py2.py3-none-any.whl (118 kB)

Requirement already satisfied: pyparsing in ./venv/lib/python3.8/site-packages (from junos-eznc>=2.2.1->napalm) (3.0.6)

Collecting ncclient

Using cached ncclient-0.6.9-py2.py3-none-any.whl

Collecting pyserial

Downloading pyserial-3.5-py2.py3-none-any.whl (90 kB)

|████████████████████████████████| 90 kB 13.5 MB/s

Collecting yamlordereddictloader

Using cached yamlordereddictloader-0.4.0-py3-none-any.whl

Collecting transitions

Using cached transitions-0.8.10-py2.py3-none-any.whl (83 kB)

Requirement already satisfied: six in ./venv/lib/python3.8/site-packages (from junos-eznc>=2.2.1->napalm) (1.16.0)

Requirement already satisfied: MarkupSafe>=2.0 in ./venv/lib/python3.8/site-packages (from jinja2->napalm) (2.0.1)

Collecting tenacity

Using cached tenacity-8.0.1-py3-none-any.whl (24 kB)

Collecting ntc-templates

Using cached ntc_templates-3.0.0-py3-none-any.whl (303 kB)

Collecting bcrypt>=3.1.3

Using cached bcrypt-3.2.0-cp36-abi3-manylinux2010_x86_64.whl (63 kB)

Collecting pynacl>=1.0.1

Downloading PyNaCl-1.4.0-cp35-abi3-manylinux1_x86_64.whl (961 kB)

|████████████████████████████████| 961 kB 32.8 MB/s

Collecting cryptography>=2.5

Downloading cryptography-35.0.0-cp36-abi3-manylinux_2_24_x86_64.whl (3.5 MB)

|████████████████████████████████| 3.5 MB 51.9 MB/s

Requirement already satisfied: charset-normalizer~=2.0.0 in ./venv/lib/python3.8/site-packages (from requests>=2.7.0->napalm) (2.0.7)

Requirement already satisfied: idna<4,>=2.5 in ./venv/lib/python3.8/site-packages (from requests>=2.7.0->napalm) (3.3)

Requirement already satisfied: certifi>=2017.4.17 in ./venv/lib/python3.8/site-packages (from requests>=2.7.0->napalm) (2021.10.8)

Requirement already satisfied: urllib3<1.27,>=1.21.1 in ./venv/lib/python3.8/site-packages (from requests>=2.7.0->napalm) (1.26.7)

Collecting ipaddr

Downloading ipaddr-2.2.0.tar.gz (26 kB)

Preparing metadata (setup.py) ... done

Collecting dnspython<3.0.0,>=2.1.0

Using cached dnspython-2.1.0-py3-none-any.whl (241 kB)

Collecting toml==0.10.2

Downloading toml-0.10.2-py2.py3-none-any.whl (16 kB)

Collecting loguru==0.5.3

Using cached loguru-0.5.3-py3-none-any.whl (57 kB)

Collecting passlib<2.0.0,>=1.7.4

Using cached passlib-1.7.4-py2.py3-none-any.whl (525 kB)

Building wheels for collected packages: ipaddr

Building wheel for ipaddr (setup.py) ... done

Created wheel for ipaddr: filename=ipaddr-2.2.0-py3-none-any.whl size=18280 sha256=bfde9d87d142029fa91f09b1f03cc14600bd23f9d40199e2fa3c0adb5c55bef8

Stored in directory: /home/netbox/.cache/pip/wheels/38/59/0e/c20fbbd7969a095fa10b79bdde5d9852227f60bdbdd3a90b49

Successfully built ipaddr

Installing collected packages: pycparser, cffi, pynacl, future, cryptography, bcrypt, textfsm, paramiko, lxml, yamlordereddictloader, transitions, toml, tenacity, scp, pyserial, passlib, ntc-templates, ncclient, loguru, ipaddr, dnspython, pyeapi, netmiko, junos-eznc, ciscoconfparse, napalm

ERROR: Could not install packages due to an OSError: [Errno 13] Permission denied: '/opt/netbox-3.0.10/venv/lib/python3.8/site-packages/pycparser'

Check the permissions.

I then get the error above. So maytbe it's a rights problem.

If I try again with sudo, it's listed!

(venv) netbox@netbox:/opt/netbox$ sudo pip --proxy=http://172.16.98.12:3128 list |grep napalm

napalm 3.3.1

WARNING: You are using pip version 21.0.1; however, version 21.3.1 is available.

You should consider upgrading via the '/usr/bin/python3 -m pip install --upgrade pip' command.

I also noticed the warning about the pip version I don't get when running it as the netbox user. Does this mean I have two different versions of pip installed and a different one is used by each user?

Thanks again for your guidance, it's much appreciated.

xav....@gmail.com

unread,

Nov 19, 2021, 12:33:34 PM11/19/21

to NetBox

Sorry, I just realised you were running your pip commands as root anyway, but I still think I have some permissions set up not quite right.

Brian Candler

unread,

Nov 19, 2021, 1:21:16 PM11/19/21

to NetBox

My preference is to *install* netbox as root, but *run* it as the netbox user. This means that if anyone were to break into the system as the 'netbox' user, they'd be unable to modify netbox code (as it's owned by root). Only the "media" directory needs to be owned/writeable by netbox.

But in practice, you just need to be consistent one way or the other. If you decided to checkout netbox code as the 'netbox' user, then you should always update it and run it as the 'netbox' user. If you sometimes run it as root, you may end up with files owned by root which are then not accessible when you run it as 'netbox'.

xav....@gmail.com

unread,

Nov 20, 2021, 6:43:10 AM11/20/21

to NetBox

OK, I feel like an idiot.

It turns out it appears to be a user permission thing I had missed.

Reading the install notes, it says dcim.napalm_read_device is required.

How does this relate to the permissions screen? I have assigned all DCIM types of permissions (full view, add, change and delete) but this doesn't allow the user to see the extra tabs. However, if I give this user "superuser" status, then the tabs appear.

I'm wondering if there isn't an extra "object type" that specifies napalm access which isn't in the list and so isn't assigned unless superuser access is given,

Brian Candler

unread,

Nov 20, 2021, 8:37:56 AM11/20/21

to NetBox

> I have assigned all DCIM types of permissions (full view, add, change and delete) but this doesn't allow the user to see the extra tabs

That's correct. You have to create a permission called "napalm_read_device" - type that into the "Additional actions:" field when creating the permission.

Brian Candler

unread,

Nov 20, 2021, 8:40:15 AM11/20/21

to NetBox

Sorry, I think it's "napalm_read" not "napalm_read_device"

xav....@gmail.com

unread,

Nov 20, 2021, 9:03:41 AM11/20/21

to NetBox

Thanks Brian, but not having much luck.

I've created a "Napalm" permission, assigned all the DCIM objects, added the "napalm_read_device" in additional properties and given myself the permission, but still nothing.

Edit: it's "napalm_read" :) It is mentioned in the Napalm integration, just a little cryptic. It's in the second note on the page https://netbox.readthedocs.io/en/stable/additional-features/napalm/

I don't know if this is an addition / change from previously because I don't recall having to add this manually in my previous installation of NetBox.