Turning up a new site for one of our clients used to take weeks or sometimes months. Now it takes 1-2 days.
What they had before was a custom Python script with a ton of IF statements. If device model X, apply config Y. If model A, apply config B. Variables lived in a var file somebody filled in by hand before each run. No source of truth, no change tracking, the script ran once, produced a config, and the network drifted from there.
We rebuilt it around Netbox as the intent base system.
Every link, config attribute, and BGP policy lives in Netbox now. Python pulls the intent, Jinja2 renders the config, Github Actions runs the workflows. Every change goes through a pull request, lands in a git diff, and propagates to the network only after checks pass. Post deployment it updates SoT, so the next change starts from a known state.
The workflows cover device and rack provisioning, VPS, bare metal and BGP customer services provisioning, new BGP sessions for private peering, IX and transit, routing policy and prefix list updates via the Netbox BGP plugin, as well as CoPP and ACL changes driven by IP and prefix tagging. A web-hook driven Netbox to Zabbix sync makes sure every new device is in NMS with the right template attached.
On tooling we picked Python plus Jinja2 over Ansible or Terraform. Most network engineers already read Python and Ansible comfortably. But, Ansible holds up until your conditionals get ugly. Terraform for networking is powerful, but you need a real DevOps to keep it stable. This stack lets the network team own the system without additional overhead.
The thing that surprised us most was not the network code. It was the tradeoff between Custom Fields and Config Context in Netbox. Config Context is elegant until someone non-technical has to touch it. Custom Fields are cleaner for humans but mean more setup work per run. You need to find a middle ground per use case and rebalance for months.
One thing I keep coming back to. There is huge pressure right now to put AI into every single layer of network operations. I think it’s just because of the hype. For repetitive deterministic work like provisioning, automation still wins on cost, consistency, and predictability. Before reaching for an LLM, the honest question is whether a workflow and a template would do the job or not.
