Save and Deploy OS Image

Overview

Create a deployable OS Image for production use based on the OS and software running on this gateway. The deployment OS image includes all applications, data files, and OS updates from the running gateway, but changes are made to the OS settings and some configuration files to harden the OS to provide better security in a deployment environment. The OS image is hardened and saved to a USB drive while leaving the development gateway OS unchanged. No changes are made to your running gateway. Only the new OS image on the USB drive is modified.

Why?

The replicated image can quickly be deployed onto another system for evaluation & testing. This enables validation of an IOT system prior to field deployment.

Prepare

A) Create your custom IoT application per your business goals
B) Configure the gateway OS and network setup via LuCI including WiF settings, network setup, hostname, etc.
C) Provide a 8GB USB drive for storing the OS image.

Save OS Image

Step 1

Begin

Navigate to Administration then select Save OS Image

Step 2

Insert USB into development gateway

Insert 8GB USB flash drive
Any existing data on the USB drive will be deleted.

Step 3

Select & Confirm USB

View selection of available USB drives. Select the desired drive.

Step 4

Review & Confirm Configuration

Confirm the OS configuration and set passwords for OS image about to be written.

If necessary, use LuCI to modify OS (network, WiFi, hostname, etc.).
The administrative accounts of Linux and McAfee Embedded Control are secured independently, offering protection for Linux administrators and security operations.

Writing the OS image may take up to 30 minutes for the OS, applications and data to be written onto a USB drive.

Step 5

View Success confirmation

After OS image saved, remove USB drive from development gateway

Deploy

Step 1

Setup keyboard and monitor

Install keyboard and monitor on 2nd gateway

Step 2

Insert USB & reboot

Insert USB flash drive containing OS image into a 2nd gateway and Reboot

Step 3

Setup BIOS and Secure Boot

  1. Upon reboot quickly enter BIOS setup*
  2. Ensure BIOS is 64 bit (not 32 bit)*
  3. Set 1st boot priority = UEFIL via USB (make note of the internal storage device name)
  4. Save & exit BIOS Setup, then reboot

* See gateway manufacturer for BIOS Setup instructions
Read about BIOS setup
Read about Secure Boot setup

Step 4

Login & deploy

At Linux command line, login with admin account and password

Deploy OS image from USB flash drive to gateway entering: sudo deploytool -C -F -Y -y -d /dev/sda

Step 5

Reboot & reset BIOS setting

  1. At command line enter: sudo reboot
  2. Upon boot up, quickly enter BIOS setup
  3. Ensure 1st boot priority = UEFI using internal storage device
  4. Remove the USB flash drive
  5. Save & exit BIOS Setup, then reboot.

Step 6

Test your IoT application on gateway #2

It is highly recommended to retest your IoT application on the newly created gateway. Enabling security capabilities can result in unwanted software behavior.

For maintenance as needed, login as gwuser