search

netbox-community / netbox

The premier source of truth powering network automation. Open source under Apache 2. Try NetBox Cloud free: https://netboxlabs.com/free-netbox-cloud/
http://netboxlabs.com/oss/netbox/
Apache License 2.0
15.93k stars 2.56k forks source link

New functionality: Business Systems #11213

Open vliats2022 opened 1 year ago

vliats2022 commented 1 year ago

NetBox version

v3.4.0

Feature type

New functionality

Proposed functionality

Business Systems (or Business applications) are a type of application that are used to improve the operations of a business. For example, SAP ERP, Oracle EBS ERP, MES (Manufacturing Execution System), Material balance system, etc.

In general, a Вusiness system from the point of view of IT infrastructure operates on a certain number of VMs (database servers, application servers, WEB servers, integration servers, etc.). Every business system has production environment, test environment, development environment. Each environment is a collection of different VMs (bera metal servers).

Very often we or our bosses would like to know how many resources (VMs or bare metal servers) one business system or enother. Often we would like to know how much resources (VMs or bare metal servers) one system or another is using.

Use case

A possible attributes for describing a business system:

1) Application Name 2) Application Description 3) Application Type

4) Tenant or Business Application Owner (for example, this field can refer to the Tenant entity of NetBox) This is the application owner from the business, for example, various departments or organizations, etc. 5) Contact (this field can refer to the contacts entity of NetBox) These are IT employees, for example, application administrator, devops engineer, etc. 6) Criticality

Database changes

A possible database schema could be something like this:

CREATE TABLE criticality (
    id int8 NOT NULL,
    "name" varchar(64) NOT NULL,
    last_updated timestamptz NULL,
        created timestamptz NULL,
    description text NULL,
    CONSTRAINT criticality_pkey PRIMARY KEY (id)
);

CREATE TABLE app_type (
    id int8 NOT NULL,
    "name" varchar(64) NOT NULL,
    last_updated timestamptz NULL,
        created timestamptz NULL,
    description text NULL,
    CONSTRAINT app_type_pkey PRIMARY KEY (id)
);

CREATE TABLE businessapplication (
    id int8 NOT NULL,
    "name" varchar(256) NOT NULL,
    last_updated timestamptz NULL,
        created timestamptz NULL,
    description text NULL,
    tenant_id int8 NULL,
    criticality_id int4 NULL,
    notes text NULL,
        app_type_id int4 NOT NULL,
        is_internet_access BOOLEAN NOT NULL,
    CONSTRAINT businessapplication_pkey PRIMARY KEY (id)
);

ALTER TABLE businessapplication ADD CONSTRAINT fk_businessapplication_app_type FOREIGN KEY (app_type_id) REFERENCES app_type(id);
ALTER TABLE businessapplication ADD CONSTRAINT fk_businessapplication_criticality FOREIGN KEY (criticality_id) REFERENCES criticality(id);
ALTER TABLE businessapplication ADD CONSTRAINT fk_businessapplication_tenancy_tenant FOREIGN KEY (tenant_id) REFERENCES tenancy_tenant(id) DEFERRABLE INITIALLY DEFERRED;

--

CREATE TABLE businessapplication_assignment (
    id int8 NOT NULL,
        last_updated timestamptz NULL,
        created timestamptz NULL,
    businessapplication_id int4 NULL,
    object_id int8 NOT NULL, -- id from the table of devices or virtual machines here
        content_type_id int4 NOT NULL,
    CONSTRAINT businessapplication_assignment_pkey PRIMARY KEY (id),
        CONSTRAINT businessapplication_assignment_object_id_check CHECK ((object_id >= 0)),
);

-- public.businessapplicationelement foreign keys
ALTER TABLE businessapplication_assignment ADD CONSTRAINT fk_businessapplication_assignment_content_type_id FOREIGN KEY (content_type_id) REFERENCES django_content_type(id) DEFERRABLE INITIALLY DEFERRED;
ALTER TABLE businessapplication_assignment ADD CONSTRAINT fk_businessapplication_assignment_businessapplication FOREIGN KEY (businessapplication_id) REFERENCES businessapplication(id);

External dependencies

No new dependencies.

ziggekatten commented 1 year ago

You can achieve this with services, tags, contacts and custom fields already today.

But you are getting close to the CMDB realm, and should maybe consider integrate netbox with a real CMDB. for example iTop. A real CMDB handles relations to external parties as well, like integrations, that really dont fit to be modelled in netbox.

stavr666 commented 1 year ago

CMDB is not infrastructure-level logic. It's a (company) management logic. So, I'd prefer not have any of it in our "source of truth" service.

We have CMDBuild for this kind of stuff. All that matter for business projected there from Netbox. There you can limit some stuff by state, tenant etc., without continuously telling someone (without deep infrastructure knowledge), why they have "limited access".

P.S. Also, business apps operate close with financial responsibility and other relations. Integrating all that external contacts/schematics, that have not any relations to infrastructure outside of business logic...

apellini commented 1 year ago

It's a good idea, also you could create relation with services and so you have the set of ports exposed by a business application. Furthemore, we could create relation between them to collect network flows that are existing on your datacenter in high level mode.

AlexCh1991 commented 1 year ago

Yes, it would be nice to have some information about business applications in the Netbox. Of course, we can use tags, but it's not comfortable for us. Integrating Netbox with CMDB for such a simple task is too complicated.

DanSheps commented 1 year ago

For all those thumbing up, if you are doing it because you want this, make sure you thumb up the main FR. 😄

alehaa commented 7 months ago

For managing our infrastructure, I came across the same problem. For our needs, most of the tenancy feature is sufficient, i.e. resources are assigned to an application tenant instead of an organizational unit tenant. You may be able to add some custom fields to tenants to cover additional characteristics such as criticality.

alehaa commented 2 months ago

I'd like to contribute to this as I see great value in this information for managing applications in our infrastructure, e.g. to automatically add resource spaces in monitoring or virtualization systems. If there's interest, I can provide a PR for one of the following milestones.

A key question that came up in the discussion of https://github.com/Alef-Burzmali/netbox-data-flows/issues/25 is, whether or not a resource can belong to a Tenant and an Application at the same time. If not, I think most of the tenancy logic could be reused to implement this feature. Another question would be whether this FR should only implement resource allocation, or also how they relate to each other (i.e. Application A uses API of Application B).

goteamkor commented 3 weeks ago

I personally feel this FR https://github.com/netbox-community/netbox/issues/17196 better fits the idea of modeling applications.

alehaa commented 2 weeks ago

If I understand correctly, #17196 and the NetBox IPAM services target IP services. However, this FR targets applications in general. An application needs different resources to provide a certain service, which could be a device or a virtual machine, but also completely different resources like IP pools, DNS zones or even paper forms. So I think these FRs should be handled separately.

@jeremystretch could we add this to the 4.2 milestone by any chance? I think the window should be long enough to submit a PR and discuss any changes needed after review.

goteamkor commented 2 weeks ago

If I understand correctly, #17196 and the NetBox IPAM services target IP services.

no, it targets applications. Adding some of the fields above to existing 'services' model would accomplish what you're looking for, and leverage a lot of what already exists with the current model.

https://github.com/netbox-community/netbox/issues/17196 aims to address a big gap in modeling layers 4-7 within NetBox. What's great is that a lot of what is needed already exists within the services model. The problem is its too constrained to model only a single port/protocol rather than allowing grouping of ports/protocols to form an application which you can then associate with devices or virtual machines.

items 1, 2, 4, and 6 are already addressed in the current 'services' model. Adding some custom fields to a group of services aka an application for the 'application type' and the 'criticality' are simple enough.