The Provisioning application provides a simplified method for deployment of AOS Switches. The Provisioning application utilizes user-configured templates to automatically push Management User and Switch Configurations to AOS Switches. Using the application, you create Provisioning Rules containing Management User and Switch Configuration Templates for specific switches/switch models. When a switch contacts OmniVista Cirrus, the switch is then matched to a Provisioning Rule containing the Management User and Switch Configuration Templates for that switch/switch model. The Configuration Templates are then automatically pushed to the switch. Once the configuration is complete, the switch is added to the Managed Devices List and is manageable by OmniVista Cirrus.
Note: The Provisioning application is supported on switches running AOS 6.7.2.R03 GA and higher, and AOS 8.4.1.R03 GA and higher. Switches running a lower version than 6.7.2.R06 GA will be upgraded automatically if they are set up to be onboarded using this application.
Use the Provisioning application to create Provisioning Rules containing Management User and Switch Configuration Templates for specific switches/switch models. When a switch boots up, it contacts the DHCP Server and gets the location of the OmniVista Activation Server. The Cloud Agent on the switch then makes an HTTPS call to the OmniVista Server and is matched to a Provisioning Rule containing the Management User and Switch Configuration Templates for that switch/switch model. OmniVista then uses SSH to log into the switch using the credentials specified in the Management User Template and configures/provisions the switch. Once provisioning is complete, the switch is added to the Managed Devices List and is manageable by OmniVista.
The following screens are used to provision switches:
Once a switch is successfully provisioned, a Backup Job is also created on the switch to take automatic switch backups. The backups can be used to choose a configuration for marking it as the "Golden Configuration". See the Results Online Help for more information on the "Golden Configuration".
The Rules Screen is used to create Provisioning Rules to automatically push Configuration Templates to switches. The basic deployment workflow is slightly different for new "out of the box" switches or currently-deployed switches.
1. Go to the Rules Screen and click on the Default Mgmt Users Template button to view/configure a default Management Template. This Default Management Template is initially applied to any switch that is successfully provisioned and enables OmniVista Cirrus management of the switch.
Important Note: After successfully provisioning a switch(es), it is highly recommended that you change the default "admin" password on the switches. Use the CLI Scripting application to change the password. In the CLI Scripting application, you can SSH to an individual switch, or create a CLI Script to update the password on multiple switches. See the CLI Scripting online help for more information.
2. On the Rules Screen, click on the Add icon to create a Rule for a specific switch or switch model. The Rule contains identifying information for the switch/switch model, as well as Management User and Configuration Templates. For example, you can configure a rule that will push a configuration to a specific switch (by entering a serial number or MAC Address) or to all OS6860-P48 Model Switches (by entering the switch model). See the Rules online help for more information on creating Configuration Templates.
3. New switches initially boot up in the Working Directory. Switches should be running from the Working Directory for provisioning (unless the switch is provisioned as a Thin Switch, which can be running from the Certified, Working, or a user-defined directory).
4. Connect the switch(es) to the network. The switch(es) will contact the OmniVista Cirrus Server, be matched to a corresponding Provisioning Rule, and the configuration in the templates will be pushed to the switch(es). Once configuration is complete, the switch(es) will be displayed in the Managed Devices List and manageable by OmniVista Cirrus.
Note: See Matching a Rule below for more information on how Rules are pushed to switches.
Note that a switch should be running from the Working Directory for provisioning. If a switch is running from the Certified Directory, reload the switch from the Working Directory before beginning the steps below.
Note: A switch running from the Certified can be provisioned, however, the configuration is temporary and will not be persisted. The switch will lose its configuration if it reboots. If a switch is provisioned from the Certified Directory, reload the switch from the Working Directory and "Force Provision" the configuration to the switch from the Results Screen. When you "Force Provision" a switch, the configuration is pushed to the switch the next time the switch contacts the OmniVista Cirrus Server and matches a Rule. See the Results Screen online help for more information on manually pushing ("Force Provisioning") a configuration to a provisioned switch.
1. If the switch is currently managed by OmniVista Cirrus, go to the Managed Devices Screen (Network - Discovery - Managed devices) and delete the switch(s). Otherwise, go to Step 2.
2. Go to the Rules Screen and click on the Default Mgmt Users Template button to view/configure a default Management Template. This default Management Template is initially applied to any switch that is successfully provisioned and enables OmniVista Cirrus management of the switch.
3. Enable the switch(es) to contact the OmniVista Cirrus Server for provisioning.
4. On the Rules Screen, click on the Add icon to create a Rule for a specific switch or switch model. The Rule contains identifying information for the switch/switch model. For example, you can configure a rule that will push a configuration to a specific switch (by entering a serial number or MAC Address) or to all OS6860-P48 Model Switches (by entering the switch model). See the Rules online help for more information on creating Configuration Templates. When the switch(es) contacts the OmniVista Cirrus Server, it will be matched to a corresponding Provisioning Rule, and the configuration in the templates will be pushed to the switch(es). Once configuration is complete, the switch(es) will be displayed in the Managed Devices List and manageable by OmniVista Cirrus.
Note that you can retain a switch's current configuration. You do not need include a Configuration Template in the Rule. In this case, only the Management Template in the Rule will be pushed to the switch so that it can be managed by OmniVista Cirrus. If you do include a Configuration Template in the Rule, it will append the existing Configuration File with the configuration in the Rule's Configuration Template.
If you do include a Configuration Template and it conflicts with the current switch configuration, provisioning will fail and the device will not be manageable by OmniVista Cirrus. The switch will be displayed in the Results Table with a status of "Failed". You can then edit the Rule (or create a new one), and "Force Provision" the configuration to the switch from the Results Screen. When you "Force Provision" a switch, the configuration is pushed to the switch the next time the switch contacts the OmniVista Cirrus Server and matches the Rule. See the Results Screen online help for more information on manually pushing ("Force Provisioning") a Rule to a switch.
Note: See Matching a Rule below for more information on how Rules are pushed to switches.
When a new switch is connected to the network or the Cloud Agent is configured on an existing switch, the switch contacts the OmniVista Cirrus Server every five (5) minutes until it is matched to a Rule. If the switch is matched to a Rule, it is configured, added to the Managed Devices List, and is manageable in OmniVista Cirrus.
If a switch contacts the OmniVista Cirrus Server and is not matched to a Rule, you can choose how OmniVista Cirrus will handle the switch. You can:
Onboarding options are configured on the Settings Screen. See the Settings Screen online help for more information.
Note: When a new switch is connected to the network or the Cloud Agent is configured on an existing switch, the switch contacts the OmniVista Cirrus Server every five (5) minutes until it is matched to a Rule. Once a switch is successfully provisioned, if you want to change the configuration on the switch, you can create a new Rule or edit the existing Rule and "Force Provision" the switch. See the Results Screen online help for more information on manually pushing ("Force Provisioning") a configuration to a switch.
If provisioning fails, go to the Results Screen and check the "Last Provisioning Message" column for the reason. The most common cause of failure is that OmniVista does not know the correct credentials to SSH/SFTP the switch. The credentials that OmniVista uses to connect to the switch are specified in Default Management Template or in Custom Management Template on the Rules Screen. If the Configuration Template is the problem, make any necessary updates to the Configuration Template, and save it. The next time the switch contacts the OmniVista Server, provisioning should be successful.
You can also view the Resource Manager Client Service Log in the Audit application (Administration - Audit) for more details. Click on the "Configuration" link on the left-hand side of the screen, then select "resource-manager-client-service".