SOP: Inventory & Observability
1. Overview​
To maintain a high-quality managed service, we must know exactly what we manage. We use two primary "Sources of Truth" to track our clients' environments.
2. The Two Pillars of Truth​
2.1. NetBox (Infrastructure & Network)​
NetBox is our Infrastructure Source of Truth. It models the physical and virtual "bones" of the network.
- What goes here:
- IP Addresses (IPAM) & Subnets.
- Virtual Machines & Physical Servers.
- VLANs, Racks, and Cabling.
- Provider Circuits (WAN links).
- Workflow:
- When provisioning new infra (via Terraform), the resource MUST be registered in NetBox.
- NetBox acts as the dynamic inventory source for Ansible.
2.2. Port.io (Software & Services)​
Port.io is our Internal Developer Portal and Software Inventory. It models the "applications" running on top of the bones.
- What goes here:
- Installed Software (e.g., Nginx, Postgres, Custom Apps).
- Libraries & Dependencies (for vulnerability tracking).
- Service Ownership (Who is the tech contact?).
- Live Status (Links to Grafana Dashboards).
- Workflow:
- We use Port to answer: "Which clients are running an outdated version of OpenSSL?" or "What services are running on Server X?"
3. Observability (Grafana Cloud)​
Grafana Cloud is our Single Pane of Glass. It does not store inventory, it monitors it.
- Grafana Alloy: The collector agent installed on every server (via Ansible).
- Alerting: Alerts are sent to Odoo (Helpdesk) and Google Chat.
4. Integration Workflow​
- Provision: Terraform creates a VM -> Updates NetBox with IP/Hostname.
- Configure: Ansible installs software -> Updates Port.io with software version.
- Monitor: Grafana Alloy starts sending metrics -> Dashboards light up in Grafana Cloud.