Firmware Update (NTC)

From Stratodesk Knowledge Base
Jump to: navigation, search

NoTouch Center can and should be used to manage and provide and update the endpoint's client OS by distributing NoTouch OS Images aka "the .LFI files". It manages the firmware distribution and by deploying multiple Stratodesk Virtual Appliances you can even build a hierarchy of distribution with automatic mirroring.

Certainly you can update a device directly without NoTouch Center, in that case please read on here: Local Firmware Update. If you are using PXE boot, then this section does not apply - read PXE instead.

Basic principle

Easy and simple:

  1. Make OS image (LFI files) available to NoTouch Center
  2. Select on client or group level which image should be updated to

Yes, that's it. NoTouch Center will do the rest. Whenever a connected device checks in next time, be it in a second or in a year, NoTouch Center will update it.

NoTouch uses a declarative approach. Unlike many legacy Thin Client tools the firmware update is not a task that is executed one time and done with or without error. Instead, you specify or declare what you want, and NoTouch aims to fulfill that, a much more elegant approach. Note that this has an intended side effect: NoTouch will always maintain this consistency. If for example a system administrator uses his privileges to perform a local Firmware Update, NoTouch Center will still update it back to what it specified centrally.

Make the OS image available

StratodeskNoTouchCenter-FirmwareOSImages.jpg

Generally, NoTouch Center only distributes NoTouch OS Images, commonly referred to as .lfi files. You get these from the Stratodesk customer portal at https://www.stratodesk.com/portal (customer status required). Should you need an account, please contact Stratodesk support.

There are different ways to upload the file:

  • In NoTouch Center, click Resources in the Main Menu, and then "Client OS Images"
  • In the VA console of Stratodesk Virtual Appliance, click "OS Images"
  • Copy the file via scp or interactively with wget into /opt/center/images

Please allow for some processing to take place before you will find the image in the Images list (ca. one minute).

Note: Please always double-check file size and preferably MD5 and SHA1 checksums to ensure file integrity. It happens once and again that a file gets corrupted during a download.

List of available images in NoTouch Center

To see a list of available images, please click on "Resources" in the main menu of NoTouch Center, and choose "Client OS images" in the just-appeared menu in the upper-middle of the screen.

Delete images from NoTouch Center

An image that is not needed any longer can be removed by clicking on Delete next to the image in the Image List ("Resources" -> "Client OS images")

You can always delete an image, even those that are in use. NoTouch Center will simply set all parameter values that were referring to the deleted image to "no setting" instead which is a safe setting. Clients that already have this image installed will also not be negatively affected. They will simply keep this image until another image is chosen by the system administrator.

OS image configuration

On each group or client, you define what OS image this entity should use, and how it should be rolled out:

NoTouchCenter-ClientOSImageSelection.jpg

Client OS image selection

When clicking on a group or a client, you will notice the "Client OS Image" parameter. It contains a list of all images that are available to NoTouch Center (please see below to see how to add images there). Set this parameter to specify which image should be used for the client or the group. (As always, we recommend to use group-based configuration). By default, this parameter will have the value of "no setting" which means that no updating will take place.

Image Update Mode

Directly below is the "Image update mode" parameter. It controls the way how image updates are performed - there are three options:

  • never. This is the default on a fresh installation but not the recommended value. This will disallow any updates.
  • at announce. This would push out the update at next announce which can happen any time. This would interrupt user sessions so we don't really need recommend this setting.
  • at reboot. This is the recommended setting. Only when a client boots will the new image be applied. This allows you to kindly ask your users to reboot the machine and get the update when they are ready. Of course you can always issue a remote reboot if users refuse to reboot.

Multiple image pools

To avoid large transfers over WAN connections, you can create an image pool at each location, thus reducing the needed bandwidth for updates to one single sync between those locations.

Set the Firmware Pool URL parameter in the group's parameters (Note: not the group settings, really click on the group), to point to the base URL of your satellite web server, which can be either another Stratodesk Virtual Appliance or a custom set up web server, see below:

Using Stratodesk Virtual Appliance

You can set up "satellite Stratodesk Virtual Appliances" and configure them to replicate the master image pool.

  1. Access the "Replication" menu in the VA console on both the main appliance and the satellite appliance
  2. Type in the main VA's host name or IP address as well as the main VA's replication key into the satellite
  3. Switch on "LFI file replication"

Using other webservers

  1. Set up a web server of your liking in the satellite locations
  2. Keep this folder in sync with the main NTC image pool, however you do this (the more comfortable version is the one above)

Note: If you're using Microsoft's IIS to serve the image files, please make sure that you've selected "application/octet-stream" for the MIME type of the files to enable the download of the images.