Installing Netdisco

May 1, 2017

Installing Netdisco

What is Netdisco

Netdisco is an application that is meant to manage the switches on larger networks. It crawls the network and maps associations using LLDP. This mapping allows administrators to see what ports connect the devices on the network together.

Prerequisites

We are going to be installing netdisco on Ubuntu 16.04. This guide assumes you have a machine that is running that OS.

Installing Netdisco

  1. Ensure you machine is up to date: sudo apt-get update && apt-get upgrade
  2. Install the dependencies: sudo apt-get install curl libdbd-pg-perl libsnmp-perl libssl-dev build-essential
  3. Create a user for netdisco: sudo useradd -m -p x -s /bin/bash netdisco
  4. Install postgres: sudo apt-get install postgresql
  5. Setup Postgres
    • Switch to the postgres user: sudo su - postgres
    • Create a user for netdisco: createuser -DRSP netdisco
      • This will prompt you for a password. Make sure that is stored somewhere secure.
    • Create a database for netdisco: createdb -O netdisco netdisco
  6. Installing Netdisco
    • Drop out of postgres shell: exit
    • Switch to netdisco user: sudo su - netdisco
    • Download data for netdisco:
      • curl -L https://cpanmin.us/ | perl - --notest --local-lib ~/perl5 App::Netdisco
      • This might take a bit since it has to download quite a bit of stuff. Hang tight.
    • Make links for easy use of binaries:
      • mkdir ~/bin
      • ln -s ~/perl5/bin/{localenv,netdisco-*} ~/bin/
      • Test your links: ~/bin/netdisco-daemon status
      • Although, you should get some sort of output. The service will not be running.
    • Create environment configuration:
      • Make directory: mkdir ~/environments
      • Copy default configuration: cp ~/perl5/lib/perl5/auto/share/dist/App-Netdisco/environments/deployment.yml ~/environments
      • Set permissions: chmod 600 ~/environments/deployment.yml
    • Configure database connection:
      • Open ~/environments/deployment.yml in your preferred editor
      • Change user, name, pass, and host to match what you setup earlier.
    • Run ~/bin/netdisco-deploy to setup the application
      • It will ask you a variety of questions during setup
      • You should setup the database
      • You should setup the default user and please, save the credentials somewhere safe.
      • You should download the OUIs from the internet.
      • You should download the MIBs. (This can take a bit)
    • Starting Services:
      • Start the web server: ~/bin/netdisco-web start
      • Start the daemon: ~/bin/netdisco-daemon start

  7. Setup SSL

    • Exit out of netdisco shell: exit
    • Install apache: sudo apt-get install apache2
    • Enable modules: sudo a2enmod ssl headers proxy proxy_http
    • Generate a self-signed certificate:
      • Make a directory to store the certificates: sudo mkdir -p /etc/apache2/ssl
      • cd into that directory: cd /etc/apache2/ssl
      • Generate the certificate: openssl req -x509 -newkey rsa:4096 -nodes -keyout ./key.pem -out ./cert.pem -days 365
      • You will be asked a series of questions
      • Make sure that the “Common Name” matches the DNS name(the name people will use to reach the server) of your server
      • Set certificate permissions: sudo chmod -R 400 /etc/apache2/ssl
    • Create a file at /etc/apache2/sites-available/netdisco.conf
    • Edit that file and paste the following content: 
      <VirtualHost *:80>
     ServerName netdisco.company.org
     Redirect permanent / https://netdisco.company.org/
  </VirtualHost>

  <VirtualHost *:443>
      SSLEngine on
      SSLCertificateFile /etc/apache2/ssl/cert.pem
      SSLCertificateKeyFile /etc/apache2/ssl/key.pem

      ProxyPreserveHost On
      ProxyPass / http://localhost:5000/ retry=0 timeout=60
      ProxyPassReverse / http://localhost:5000/

      ProxyRequests Off
      <Proxy *>
        Order allow,deny
        Allow from all
      </Proxy>

      ServerName netdisco.company.org
  </VirtualHost>
    • Enable your site: sudo ln -s /etc/apache2/sites-available/netdisco.conf /etc/apache2/sites-enabled/netdisco.conf
    • Restart Apache: sudo service apache2 restart

  8. Access the interface. To access the interface simply go to the server address in your web browser.

    • Since we configured a self-signed certificate, you will get a security error in your browser.

If you see the login page, then you have successfully installed netdisco!