Overcoming the Limitations of Bulk Device Deployment

Bulk device deployment enables you to configure target SBCs using a file template created from an existing SBC with a similar hardware and software platform.

Limitations of the Bulk Device Deployment Process

The bulk device deployment or provisioning process replaces the security certificates and private keys of the target SBCs with the security certificate and private key of the source SBC that was used to create the Offline Configuration associated to the device cluster. Due to the replacement of the security certificates and private key, functionalities that require TLS connection (For example, ACP over TLS) will not function after the bulk device deployment is completed. This is limitation in the bulk device deployment process.

Overcoming the Limitations

The limitations of the bulk device deployment process can be overcome by modifying the process that SDM uses to configure target SBCs. The following process generated the limitation:
  • Erase the existing configuration in the target SBCs to be added and configured by ‘bulk configuration’ or manual addition to the device cluster.
  • Send the configurations in the Offline Configuration to the target SBC(s) and save the configuration.
This limitation can be overcome by modifying the above steps as:
  1. SDM checks if the security certificate, tls-profile and the acp-tls-profile attributes in the system-configuration exists either in:
    • The Offline Configuration created from the existing SBC and associated to the device cluster.
    • The target SBCs to be added and configured in the device cluster.
  2. If the Offline Configuration and the target SBCs to be added and configured in the device cluster do not contain security certificate, tls-profile and the acp-tls-profile attribute in the system-configuration, there is no change in the workflow.
  3. If the Offline Configuration or the target SBCs to be added and configured in the device cluster, contain security certificate, tls-profile and the acp-tls-profile attribute in system-configuration, SDM needs to pull and save a copy of the security certificate, tls-profile and the acp-tls-profile attribute in the system-configuration of the target SBCs.
  4. Erase the existing configuration in the target SBCs.
  5. Modify the security certificate, tls-profile and the acp-tls-profile attribute in the system-configuration of the configurations created from the Offline Confirguration with the saved copy of the security certificate, tls-profile and the acp-tls-profile attribute in system-configuration of the target SBCs.
  6. Sends and saves the modified configurations in the target SBCs. The security certificate, tls-profile and the acp-tls-profile attribute in the system-configuration in the Offline Configuration are not affected and are not considered for the creation of modified configurations which are sent and saved in the target SBCs.
  7. Verify that the target SBCs are reachable and accessible by SDM. Ensure that the target SBC has been added to the Device Cluster.
Appropriate logs are created to log the operations performed in each of the above mentioned steps.