Profiles
This topic explains the concept of profiles in Infrahub, their purpose in the system architecture, and how they enable configuration consistency across your infrastructure. You'll gain a deeper understanding of profile inheritance, priority mechanisms, and the design decisions behind this feature.
What are profiles?
Profiles in Infrahub are configuration templates that define common attribute values for nodes. They represent a fundamental approach to managing configuration at scale by separating the definition of common settings from individual node instances.
Think of profiles as reusable configuration blueprints. Just as a class in object-oriented programming defines properties that instances inherit, profiles define attribute values that nodes inherit. This design pattern promotes consistency while maintaining flexibility for exceptions.
Why profiles matter
The configuration consistency challenge
In infrastructure management, you often have hundreds or thousands of similar components that need identical configuration. Consider these scenarios:
- Network interfaces: All user-facing switch ports need the same VLAN, mode, and security settings
- BGP sessions: Internal BGP peers share common timers, authentication, and policy settings
- Server configurations: Groups of servers require identical monitoring, logging, and security settings
Without profiles, you would need to:
- Manually set the same values on each node
- Risk configuration drift when standards change
- Lack visibility into which nodes follow which standards
- Struggle to update configurations consistently
How profiles solve these challenges
Profiles address these issues through:
- Centralized definition: Define configuration once, apply everywhere
- Automatic inheritance: Nodes automatically receive profile values
- Dynamic updates: Changes to profiles propagate to all associated nodes
- Override capability: Individual nodes can still have exceptions
- Data lineage: Track where each configuration value originated
Profile architecture and design
Dynamic schema generation
Infrahub automatically generates profile schemas based on your node schemas. This design decision ensures:
- Type safety: Profiles always match their corresponding node type
- Schema evolution: Profile schemas update automatically when node schemas change
- No manual maintenance: You never need to define profile schemas separately
For every node type with generate_profile: true
(the default), Infrahub creates:
- A profile schema named
Profile<Namespace><NodeName>
- GraphQL queries and mutations for profile operations
- Validation logic ensuring profile-node compatibility
Profile components
Each profile contains:
-
Core attributes (inherited from
CoreProfile
):profile_name
: Unique identifier (3-32 characters)profile_priority
: Numeric priority for inheritance order (default: 1000)
-
Node-specific attributes: All attributes from the corresponding node schema, except:
- Attributes that are part of unique constraints
- Attributes without default values (if required)
Inheritance mechanism
Profile inheritance follows a sophisticated model:
Node Creation/Update
↓
Check if profiles assigned
↓
For each attribute:
- Is value explicitly set on node? → Use node value
- Is default value being used? → Check profiles
↓
Check profiles by priority (lowest number first)
↓
Use first profile-defined value found
↓
If no profile defines it → Use schema default
This mechanism ensures predictable behavior while maintaining flexibility.
Profile priority system
Understanding priority values
Profile priority uses numeric values where lower numbers have higher priority. This might seem counterintuitive but aligns with common networking conventions (like route metrics).
Example scenario:
Profile A: priority = 1000 (default)
Profile B: priority = 500 (higher priority)
Profile C: priority = 1500 (lower priority)
Inheritance order: B → A → C
Priority in practice
Consider a node with three profiles defining MTU:
- Base profile (priority 1000): MTU = 1500
- Department profile (priority 500): MTU = 9000
- Legacy profile (priority 1500): MTU = 1400
The node inherits MTU = 9000 from the department profile (highest priority).
Design rationale
The priority system enables:
- Hierarchical configuration: Organization-wide → Department → Team → Special cases
- Controlled overrides: Higher-priority profiles override lower-priority ones
- Flexible composition: Combine multiple profiles without conflicts
Data lineage and metadata
Tracking value origins
Every attribute in Infrahub maintains metadata about its source:
attribute = {
"value": "active",
"is_from_profile": True,
"is_default": False,
"source": {
"id": "17d5a1b2-...",
"display_label": "ProfileInfraInterface:end-user-interface"
}
}
This metadata enables:
- Audit trails: Know exactly where each value came from
- Impact analysis: Understand which nodes would be affected by profile changes
- Troubleshooting: Quickly identify why a node has specific values
Metadata properties explained
is_from_profile
: Boolean indicating inheritance from a profileis_default
: Boolean indicating use of schema default valuesource
: Reference to the specific profile providing the valueis_protected
: (Future) Will indicate if value is locked from changes
Profile constraints and limitations
Current constraints
-
Attribute restrictions:
- Cannot define unique constraint attributes (like primary keys)
- Required attributes need schema defaults for profile use
- Relationship definitions not yet supported
-
Assignment limitations:
- Static assignment only (no dynamic rules yet)
- No conditional logic (if X then apply profile Y)
- No profile composition (profile extending another profile)
-
Scope boundaries:
- Profiles are node-type specific
- Cannot share profiles across different node types
- No global or cross-schema profiles
Design rationale for constraints
These constraints exist to:
- Maintain data integrity (unique constraints)
- Ensure predictable behavior (static assignment)
- Simplify mental model (type-specific profiles)
- Enable future enhancements without breaking changes
Mental models for profiles
Object-oriented inheritance
Profiles work like class inheritance in programming:
class InterfaceProfile:
mtu = 1500
enabled = True
mode = "access"
class UserInterface(InterfaceProfile):
name = "GigabitEthernet0/0/1"
# Inherits mtu, enabled, mode from profile
CSS-like cascading
Similar to CSS, profiles cascade with priority:
/* Lower priority */
.interface { mtu: 1500; }
/* Higher priority */
.user-interface { mtu: 1500; }
/* Highest priority - direct assignment */
#interface-001 { mtu: 9000; }
Policy-based configuration
Profiles implement policy-based management where:
- Policies (profiles) define desired state
- Nodes subscribe to policies
- Changes to policies automatically propagate
- Exceptions are explicitly documented
Future directions
Planned enhancements
-
Dynamic assignment: Rules-based profile application
if: node.location == "datacenter-1"
then: apply_profile("dc1-standards") -
Profile composition: Profiles extending other profiles
profile: edge-interface
extends: base-interface
overrides:
mtu: 9000 -
Relationship profiles: Define standard relationships
profile: standard-server
relationships:
connected_to: {id: "spine-switch-01"}
Architecture evolution
The profile system is designed to evolve toward:
- More sophisticated inheritance models
- Integration with external configuration systems
- Event-driven profile updates
- Multi-tenancy with profile isolation
Conclusion
Profiles in Infrahub represent a thoughtful approach to configuration management that balances consistency with flexibility. By understanding the inheritance model, priority system, and design constraints, you can effectively use profiles to manage infrastructure at scale while maintaining clear configuration lineage and enabling controlled exceptions.
The system's design anticipates future needs while providing immediate value through reduced configuration drift, improved consistency, and clear audit trails. As Infrahub evolves, profiles will become even more powerful while maintaining backward compatibility with current usage patterns.
Related resources
Guides
- How to use profiles for consistent configuration - Step-by-step guide for creating and using profiles
- Creating a schema - Learn how to create schemas that support profiles
- Managing groups - Understand how groups complement profiles for organization
Topics
- Schema - Deep dive into schema design and how profiles are generated
- GraphQL - Understanding Infrahub's GraphQL API for profile operations
- Metadata - Learn about metadata tracking and data lineage
- Version control - How profiles work with branches and version control
Reference
- Node schema reference - Complete node schema options including profile generation
- Generic schema reference - How profiles work with generic schemas
- Schema validation - Validate schemas that generate profiles