The resource files used to provision target managed devices (i.e. configuration files/scripts and OS/firmware images) are stored in a central file repository on Lighthouse.
Lighthouse automatically and securely distributes (pushes) resource files to nodes, which in turn deliver them to the managed devices via ZTP.
The central resource file repository on Lighthouse uses the git version control system. Secure Provisioning supports two distinct workflows for uploading files to the git repository:
The Secure Provisioning module provides a simple web UI. This UI support its full feature set, but is designed primarily for manual operation, evaluation and testing.
It's also a useful way to familiarize yourself with the system before adopting a CLI-based workflow, as it automatically generates the YAML file, which defines resource bundling and distribution policies.
For comprehensive automation, you may choose to manage device resources (config, image files) and resource bundling and distribution (the YAML file) with direct access to the central file repository. Files may either be:
- Uploaded using scp protocol, where they will automatically checked in to git by Lighthouse, using a command similar to:
scp -P 2222 -rp /path/to/resources/* firstname.lastname@example.org:/srv/central-auto/
- Pushed directly using git, by setting Lighthouse as an upstream remote using a URL similar to:
If you have adopted DevOps-style configuration management using your own source repository and/or configuration deployment using continuous integration (such as Jenkins or GitLab), this workflow provides a convenient way to hook into your existing systems.
At this time, the two workflows operate out of separate repositories. UI resources take precedence, so resources pushed to a node from the UI repository will overwrite any resources pushed to that nodes from the CLI repository.