Skip to content

Using the App

This document describes common use-cases and scenarios for this App.

General Usage

Leveraging Nautobot to perform automated software upgrades on networking equipment.

Use-cases and common workflows

This app provides composable jobs that can be used individually as needed to perform the following tasks:

  • Using Jobs to transfer software to a network device from a central software repository (HTTP(S), FTP, SFTP, etc).
  • Using Jobs to save the running configuration of a device.
  • Using Jobs to reboot a network device.
  • Manage the lifecycle of software on a network device with a workflow execution to upgrade a device.

Individual Jobs for Custom Workflows

Each step of the upgrade process is implemented as a separate Nautobot Job that can be run independently:

Job Description
Transfer Software Image to Device Transfers one or more software image files to a device from a remote URL.
Save Device Configuration Saves the running configuration to the startup-config or an alternative file.
Install OS on Device Installs the new OS image and reboots the device.
Reboot Device Reboots a network device with an optional wait for reload.
Update Device Software Version Updates the Software Version association on the device in Nautobot.
Execute OS Upgrade Workflow Orchestrates all of the above jobs in sequence with a custom results view.

Because each job can be run on its own, you can use an external orchestrator (such as Nautobot Job Hooks, an external workflow engine, or a CI/CD pipeline) to build custom upgrade workflows that fit your operational requirements. For example, you might run the file transfer job across an entire fleet in advance, then execute the install and reboot jobs during a maintenance window on a per-device basis.

Operational Compliance Integration

When the Nautobot Operational Compliance app is installed alongside OS Upgrades, the Execute OS Upgrade Workflow job automatically expands to include pre-change and post-change operational state checks. This provides a built-in mechanism for validating that network devices are healthy before and after an upgrade.

How It Works

With Operational Compliance enabled, the upgrade workflow chain expands from:

Upload Image → Save Configuration → Install OS → Assign New Software

to:

Pre Check → Upload Image → Save Configuration → Install OS → Post Check → Upgrade Validation → Assign New Software
  • Pre Check — Collects command output from devices before the upgrade begins using the Operational Compliance CollectCommandOutput job. This captures the baseline operational state.
  • Post Check — Collects the same command output after the OS install and reboot, capturing the post-upgrade operational state.
  • Upgrade Validation — Runs the Operational Compliance CompareCommandOutput job to compare pre and post check results against the selected validation rules, highlighting any unexpected changes.

Selecting Validation Rules

When Operational Compliance is installed, the Execute OS Upgrade Workflow job form will display additional input fields:

  • Validation Rules — Select individual validation rules to run during pre/post checks.
  • Validation Rule Groups — Select validation rule groups to run during pre/post checks.
  • Fail Fast — When enabled (default), the upgrade validation will stop on the first error encountered.

Jobs Inputs Web UI Jobs Inputs Web UI

If no validation rules or validation rule groups are selected, the Pre Check, Post Check, and Upgrade Validation steps are automatically skipped.

Viewing Results

The custom job results view reflects the expanded workflow, showing the status of each step including the compliance checks:

Custom Job Results with Op Compliance Custom Job Results with Op Compliance

Each step in the workflow displays one of the following statuses: pending, started, finished, skipped, or failure.