Fast Deployment Image (Blink) image - detailed explanation
Fast Deployment Image (Blink) image installation
Deploying a new appliance/server via First Time Wizard
Using Blink with CPUSE (Clean Install / Upgrade)
How to use the Blink mechanism
How to configure the Blink mechanism
File Description
The answers.xml file for Security Management Images
The answers.xml file for Security Gateway Images
Limitations
Revision History
Click Here to Show the Entire Article
Introduction
Gaia Fast Deployment mechanism called "Blink" allows users fast and easy deployment of Check Point Security Gateways and Security Managements. Upon completion of the deployment process, user gets a cleanly installed appliance/server (with completed First Time Configuration Wizard) and the desired Hotfixes. In case of a Security Gateways upgrade, a configuration migration from the old version will be performed.
For deployment procedure, refer to sections "How to use the Blink mechanism" and "How to configure the Blink mechanism".
Blink mechanism allows:
Deployment within ~5-7 minutes for Security Gateway and ~10-16 for Security Management of a cleanly installed Security Gateway or Security Management (Blink Image), including desired hotfix packages. In case of an upgrade, a configuration migration from the old version will be performed.
Basic configuration that allows the basic functionality of the appliance/server:
IP address configuration on the appliance/server's Management interface
For Security Gateway:
SIC configuration
Gaia OS admin password
For Security Management:
Administrator credentials
Approval to upload data to / download data from Check Point cloud
Important Note: Blink mechanism is intended only Check Point appliance/servers and Open Servers, on which Check Point software has been installed. If the appliance/server is not after a clean install (the First Time Configuration Wizard has been run already), the "--reimage" flag needs to be used (see the "How to use the Blink mechanism" section).
Supported deployments
Fast Deployment Image (Blink) is supported on Security Gateway, Security Management Server and primary Multi-Domain Management.
Each Blink image has a different hardware support according to the ISO it is based on. If this ISO supports the Check Point appliance/server, then the relevant Blink image will support it too.
Note: Starting from R81, these appliance/servers are no longer supported: Smart-1 205/210, 2200, 4200, 4400, 4600, 4800, 12200, 12400, 12600, 13500, 13800, 21400, 21600, 21700, 21800.
Downloads
Fast Deployment Image (Blink) Utility
Blink Utility - the main utility that extracts the Blink Image and other packages, and installs them. Starting from R80.20, Blink Utility is a part of release.
Description
Link to download
Blink Utility version 1.1
(TGZ)
To verify the version of the Blink Utility you have, run the below command from the Expert mode:
The root partition of a pre-installed Check Point appliance/server
Simplified First Time Configuration Wizard (will be used in case of attended installation)
Installation logic
The main files in the Blink image are:
Directory / File
Description
BlinkInstaller
Main executable file that extracts and installs all the packages.
CheckPoint_Gaia_fd.tgz
This is the actual installation image.
installation_logic
Directory that contains internal installation logic:
answers.xml - User's configuration file for unattended installation.
fd_wizard_gateway.sh - (Internal) Shell script for unattended First Time Configuration Wizard.
fd_wizard_gateway.sh.sha256 - (Internal) Check Point Signature file for the fd_wizard_gateway.sh script.
Note: The answers.xml is the only file that user is allowed to modify - refer to section "How to configure the Blink mechanism -> The answers.xml file".
manifest.xml
XML-based file that represents the structure of the Blink package (internal).
user_updates
Directory that may contain user shell scripts and binary files that should be executed and installed during the main installation process (after the reboot). The answers.xml file has to be edited to contain the name of the main shell script that will be executed (refer to section "How to configure the Blink mechanism -> The answers.xml file").
Blink image installation
To deploy a new appliance/server via First Time Wizard
Connect to the appliance/server with a web browser and log in. The First Time Configuratiion Wizard opens:
Select the option "Install from Check Point cloud":
After configuring the external interface, a list of supported images appears in the installation table. The latest images use Blink mechanism to install the version. The selected Blink image is downloaded and deployed on the appliance/server:
Blink packages installation is similar to the Major installation:
All packages are displayed in categories and by default are filtered to view recommended packages only. Note: Use the filter button near the help icon and select the packages you wish to see:
Find the relevant package under Blink section in CPUSE packages list:
For offline packages, manually import the package to CPUSE by clicking on Import Package on the top-right corner of the page:
To download a package from the list, right-click on the relevant package that is "Available for Download" and click on Download
After the download completed, right-click on the package and click on Clean Install or Upgrade (if available):
Installation/Upgrade will start and you can follow the installation via CPUSE WebUI or CLI.
Important Note: Blink mechanism is intended only Check Point appliance/servers and Open Servers, on which Check Point software has been installed.
Action plan (basic mode only):
Download all the required (and optional) files from the "Downloads" section.
Transfer all the files to the appliance/server (to a newly created directory).
Execute the Blink utility (reboot will be performed automatically).
Connect with your web browser to the Check Point appliance/server to complete the First Time Configuration Wizard.
Detailed instructions:
Download all the required (and optional) files from the "Downloads" section to your computer:
Download the Blink utility
Download the Blink image
(Optional) Download the Blink Image updates package
Connect to the command line on the Check Point appliance/server.
Log in to the Expert mode.
Create some directory on the /var/log/ partition (largest partition):
[Expert@HostName:0]# mkdir -v /var/log/MyDIR
Transfer all the files from your computer to the newly created directory on the appliance/server.
Either transfer the files over SCP (recommended).
Note: This requires changing the default shell of the admin user from /etc/cli.sh to /bin/bash (by running the "set user admin shell /bin/bash" command in Gaia Clish - refer to Gaia Administration Guide (R77.X, R80.10))
Or transfer the files to a USB storage device and mount it on Gaia OS.
Note: This requires working in the Expert mode. In addition, refer to sk31657.
Go to the newly created directory:
[Expert@HostName:0]# cd /var/log/MyDIR
Unpack the Blink utility package:
[Expert@HostName:0]# tar -zxvf blink.tgz
Assign the execute permission to the Blink utility:
[Expert@HostName:0]# chmod -v +x blink
Execute the Blink utility by running the desired basic flow:
[Expert@HostName:0]# ./blink [-i <path to Blink Image>] [-b <path to Blink Image updates package>] [-u <path to user TGZ file>] [-a <path to answers.xml file>] [-d <output directory>] [-x]
where:
Argument
Description
-i <path to Blink Image>
Specifies the path to the Blink image.
If this path is not specified explicitly, then Blink will search in the current working directory for a file with prefix blink_image.
-b <path to Blink Image updates package>
Specifies the path to the Blink Image updates package (blink_updates_<OSVERSION>.tgz).
If this path is not specified explicitly, then Blink will search in the current working directory for a file blades_updates_<OSVERSION>.tgz.
-u <path to user TGZ file>
Specifies the path to the user TGZ file that contains user shell scripts and binary files that should be executed and installed during the main installation process.
If this path is not specified explicitly, then Blink will search in the current working directory for a file blink_custom_content.tgz.
Note: The package blink_custom_content.tgz must contain the main shell script as specified in the answers.xml configuration file (by default, Blink will search for the script install_content.sh - refer to section "How to configure the Blink mechanism -> The answers.xml file").
-a <path to answers.xml file>
Specifies the path to the user's configuration file for unattended installation (if needed). Refer to section "How to configure the Blink mechanism -> The answers.xml file".
-d <output directory>
Specifies the output directory, into which the Blink image and all the other packages should be extracted.
If this path is not specified explicitly, then the Blink image and all the other packages will be extracted into the /var/log/blink/launcher/files directory.
-x
Specifies that Blink image should be only extracted, skipping the installation.
This option is for advanced users that wish to configure an unattended installation - refer to Step 9 below.
--reimage
Using this flag will allow installation on appliance/servers that are already configured (performed First Time Wizard). By default, a snapshot of the old partition is saved, unless the "--delete-old-partition" flag is supplied.
--delete-old-partition
Removes the old partition. Does not override the "--keep-old-partition" flag.
--keep-old-partition
A snapshot of the old partition is saved if this flag is on.
Example commands and their results:
Extract the Blink image and Blink Image updates package into a temporary directory and start the main installation process, keeping the old partition as a snapshot:
[Expert@HostName:0]# ./blink [-i <path to Blink Image>] [-b <path to Blink Image updates package>] [-u <path to user TGZ file>] [-a <path to answers.xml file>] --keep-old-partition
A temporary directory /var/log/blink/launcher/files will be created.
The Blink Image will be extracted to the /var/log/blink/launcher/files/ directory.
The Blink Image updates package blink_updates_<OSVERSION>.tgz will be copied to the /var/log/blink/launcher/files/blades_updates/ directory.
The user update shell script and binary files will be copied to the /var/log/blink/launcher/files/user_updates/ directory.
The main installation process will be started.
A snapshot of the old partition will be saved.
Extract the Blink image and Blink Image updates package into a specified directory and start the main installation process, on an already configured appliance/server, and NOT saving the old partition as snapshot:
[Expert@HostName:0]# ./blink [-i <path to Blink Image>] [-b <path to Blink Image updates package>] [-u <path to user TGZ file>] [-a <path to answers.xml file>] -d <output directory> --reimage --delete-old-partition
The Blink Image will be extracted in the specified output directory.
The Blink Image updates package blink_updates_<OSVERSION>.tgz will be copied to the specified output directory.
The user update shell script and binary files will be copied to the specified output directory.
The main installation process will be started.
Validation for a configured appliance/server will be skipped.
A snapshot of the old partition will NOT be created.
Extract the Blink image into a a specified directory and do NOT start the main installation process:
The Blink Image will be extracted to the specified output directory. If the output directory is not specified, then it will be extracted to the temporary directory /var/log/blink/launcher/files/.
The main installation process will NOT be started.
For advanced users that wish to configure custom settings:
Extract and configure the Blink image:
Extract all the files from the Blink image (to get access to the internal configuration files) - either to the temporary directory /var/log/blink/launcher/files/, or to the specified directory:
Configure the desired settings in the installation_logic/answers.xml file - refer to the "How to configure the Blink mechanism" section.
Add the Blink Image updates package:
Add the package blades_updates/blink_updates_<OSVERSION>.tgz
Extract the desired user packages:
Extract the desired user packages to the user_updates directory.
Note: If the main user shell script is not called install_content.sh, then make sure it matches the script defined in the installation_logic/answers.xml file (refer to section "How to configure the Blink mechanism -> The answers.xml file").
Start the main installation process:
[Expert@HostName:0]# cd /path_to_extracted_Blink_Image/
[Expert@HostName:0]# ./BlinkInstaller
You can monitor the Blink installation process in two ways (until the appliance/server is rebooted automatically):
Query the current state by running one of these commands:
[Expert@HostName:0]# ./BlinkInstaller -status <json | full | id>
where:
Option
Description
./BlinkInstaller -status json
Returns the last recorded status in JSON format.
Example:
[Expert@HostName:0]# ./BlinkInstaller -status json
{
"isCompleted" : "true",
"stageEndTime" : "5:0:4",
"stageID" : "finish_message",
"stageName" : "BlinkInstaller Installation",
"stageStartTime" : "4:56:39",
"state" : "Success",
"statusDescription" : "The installation has finished successfully and is pending reboot!"
}
./BlinkInstaller -status full
Returns the last recorded status in a single-string representation.
Example:
[Expert@HostName:0]# ./BlinkInstaller -status full BlinkInstaller Installation - The installation has finished successfully and is pending reboot! - Success [Started at: 4:56:39] [Ended at:5:0:4]
./BlinkInstaller -status id
Returns the last status recorded identifier as a string.
Example:
[Expert@HostName:0]# ./BlinkInstaller -status id finish_message
Check the output log and status files: /var/log/blink/logs_<DATE>/Main_log.elg /var/log/blink/status.txt
Reboot will be performed automatically.
Connect with your web browser to the Check Point appliance/server to complete the First Time Configuration Wizard (basic mode only).
Example of First Time Configuration Wizard after attended installation:
How to configure the Blink mechanism
File Description:
This is an XML-based file (located in the installation_logic directory) that contains user's configuration for unattended installation.
<properties xmlVersion="1.1">
<installation>
<reboot_delay>10</reboot_delay>
</installation>
<machine_configuration>
<perform>false</perform>
<hostname>GWOBJECT_NAME_FIELD</hostname>
<password_hash>PASSWORD_HASH_FIELD</password_hash>
<network>
<ipv4addr>IPV4_FIELD</ipv4addr>
<masklength>IPV4_MASKLENGTH_FIELD</masklength>
<interface>IPV4_INTERFACE_FIELD</interface>
<default_gw>DEFAULTGW_FIELD</default_gw>
</network>
<role_configuration>
<gateway>
<!-- activation_key must be in base64 encoding -->
<activation_key>SIC_BASED64_FIELD</activation_key>
<cluster>false</cluster>
</gateway>
<management>
<credentials>
<use_gaia_admin>true</use_gaia_admin>
<!-- Relevant only if use_gaia_admin is false -->
<admin_name>MGMT_ADMIN_FIELD</admin_name>
<!-- admin_password must be in base64 encoding -->
<admin_password>MGMT_PASS_BASED64_FIELD</admin_password>
</credentials>
</management>
</role_configuration>
<send_data_to_usercenter>true</send_data_to_usercenter>
<enable_download_from_checkpoint>true</enable_download_from_checkpoint>
</machine_configuration>
<user_updates>
<entry_point>install_content.sh</entry_point>
</user_updates>
<!--
logging - Used in order to filter the logs saved to files, displayed on the screen or sent to the syslog.
Supported logging levels: DEBUG, NORMAL, ERROR, ALWAYS, NEVER
Colors - Should be set to true for displaying log messages in color on the screen.
-->
<logging>
<file_level>DEBUG</file_level>
<screen_level>NORMAL</screen_level>
<sys_log_level>NEVER</sys_log_level>
<colors>true</colors>
</logging>
</properties>
Supported XML elements:
The root XML element is "properties".
Enter the string to filter this table:
Section
Sub-Section
XML element
Description
<installation>
<reboot_delay>
Specifies the delay (in seconds) before rebooting the appliance/server after completing the installation process. The default delay is: 10 To suppress the reboot completely, define the value -1 (not recommended).
<machine_configuration>
<perform>
Specifies the whether to perform the unattended installation or not:
true - perform the unattended installation
false - (default) do not perform the unattended installation (other elements in the <machine_configuration> sub-section will be ignored)
<hostname>
Specifies the appliance/server's HostName to configure during the unattended installation.
<password_hash>
Specifies the appliance/server's admin password to configure during the unattended installation.
hash value of the password string (e.g., 72ae25495a7981c40622d49f9a52e4f 1565c90f048f59027bd9c8c8900d5c3d8)
Run the following command in the Expert mode to get the hash value of the admin password from the configured system (must use the same Gaia OS version):
Either run: dbget passwd:admin:passwd
Or run: grep admin /etc/shadow | cut -d: -f2
<network>
This sub-section specifies the network interface configurations that will apply during the unattended installation
<network>
<ipv4addr>
Specifies the appliance/server's IPv4 address (X.X.X.X) to configure during the unattended installation
<network>
<masklength>
Specifies the appliance/server's IPv4 address subnet mask length (0-32) to configure during the unattended installation.
<network>
<interface>
Specifies the appliance/server's main management interface to configure during the unattended installation
<network>
<default_gw>
Specifies the appliance/server's default gateway to configure during the unattended installation.
<role_configuration>
This sub-section specifies the role-based configurations that will apply during the unattended installation
<gateway>
This sub-section specifies the Security Gateway related configurations
<activation_key>
Specifies the appliance/server's SIC one-time key to configure during the unattended installation. SIC key must be provided in base64 encoding
<cluster>
Flag that specifies whether to enable cluster membership for the gateway or not
<management>
This sub-section specifies the Security Management related configurations
<credentials>
This sub-section specifies the credentials for the Security Management administrator
<credentials> <use_gaia_admin>
Constant flag that specifies whether to use the Gaia credentials as the Security Management administrator or define a new administrator:
true - (default) use the Gaia credentials
false - define a new administrator
<credentials> <admin_name>
Specifies the username for the Security Management administrator. Relevant only if use_gaia_admin set to "false"
<credentials> <admin_password>
Specifies the password for the Security Management administrator. Password must be provided in base64 encoding. Relevant only if "use_gaia_admin" is set to "false"
<send_data_to_usercenter>
Consent flag that specifies whether the appliance/server is allowed to send various statistics data to Check Point Cloud (refer to sk111080):
true - (default) send various statistics data to Check Point Cloud
false - do not send various statistics data to Check Point Cloud
<enable_download_from_checkpoint>
Consent flag that specifies whether the appliance/server is allowed to download various data (updates, latest packages, contracts, etc.) from Check Point Cloud (refer to sk111080):
true - (default) download various data from Check Point Cloud
false - do not download various data from Check Point Cloud
<user_updates>
<entry_point>
Specifies the main executable user shell script to call during the unattended installation, which will perform the desired operations. The default script name is: install_content.sh
Example:
The "user_updates" directory contains:
The main user shell script install_content.sh with the following commands:
The file with relevant Gaia Clish commands clish_commands.txt:
lock database override set interface Mgmt auto-negotiation off set interface Mgmt state on set interface Mgmt link-speed 100M/full set interface Mgmt ipv4-address 192.168.1.1 subnet-mask 255.255.255.0
User RPM package some_private_RPM.rpm
<logging>
<file_level>
Specifies the desired priority to filter the log entries saved in the main log file /var/log/blink/logs_<DATE>/Main_log.elg (order below is from highest to lowest priority):
DEBUG (default)
NORMAL
ERROR
ALWAYS
NONE
For example, if "file_level" is set to "ERROR", then messages marked as "Debug" and "Normal" will not be written to the log file - only messages marked as "Errors" and "Always" will be written to the log file.
If "file_level" is set to "NONE", then no messages will be written to the log file.
<screen_level>
Specifies the desired priority to filter the log entries displayed on the screen (order below is from highest to lowest priority):
DEBUG
NORMAL (default)
ERROR
ALWAYS
NONE
For example, if "screen_level" is set to "ERROR", then messages marked as "Debug" and "Normal" will not be displayed on the screen - only messages marked as "Errors" and "Always" will be displayed on the screen.
If "screen_level" is set to "NONE", then no messages will be displayed on the screen.
<sys_log_level>
Specifies the desired priority to filter the log entries sent to Syslog server (order below is from highest to lowest priority):
DEBUG
NORMAL
ERROR
ALWAYS
NONE (default)
For example, if "sys_log_level" is set to "ERROR", then messages marked as "Debug" and "Normal" will not be sent to Syslog server - only messages marked as "Errors" and "Always" will be sent to Syslog server.
If "sys_log_level" is set to "NONE", then no messages be sent to Syslog server.
<colors>
Specifies the whether to use colors on the screen or not (refer to the <screen_level>):
true - (default) use colors on the screen
false - do not use colors on the screen
Management example file:
<propertiesxmlVersion="1.1">
<installation>
<reboot_delay>10</reboot_delay>
</installation>
<machine_configuration>
<perform>false</perform>
<hostname>MyGW123</hostname>
<password_hash>$1$Es1wXWZ8$vVK0iT0nXRiGdYZ9zb6ah/</password_hash>
<network>
<ipv4addr>192.168.1.22</ipv4addr>
<masklength>24</masklength>
<interface>Mgmt</interface>
<default_gw>192.168.1.254</default_gw>
</network>
<role_configuration>
<gateway>
<!-- activation_key must be in base64 encoding -->
<activation_key>SIC_BASED64_FIELD</activation_key>
<cluster>false</cluster>
</gateway>
<management>
<credentials>
<use_gaia_admin>false</use_gaia_admin>
<!-- Relevant only if use_gaia_admin is false -->
<admin_name>myadmin</admin_name>
<!-- admin_password must be in base64 encoding -->
<admin_password>YWRtaW5wYXNzMTIz</admin_password>
</credentials>
</management>
</role_configuration>
<send_data_to_usercenter>true</send_data_to_usercenter>
<enable_download_from_checkpoint>true</enable_download_from_checkpoint>
</machine_configuration>
<user_updates>
<entry_point>install_content.sh</entry_point>
</user_updates>
<!--
logging - Used in order to filter the logs saved to files, displayed on the screen or sent to the syslog.
Supported logging levels: DEBUG, NORMAL, ERROR, ALWAYS, NEVER
Colors - Should be set to true for displaying log messages in color on the screen.
-->
<logging>
<file_level>DEBUG</file_level>
<screen_level>NORMAL</screen_level>
<sys_log_level>NEVER</sys_log_level>
<colors>true</colors>
</logging>
</properties>
The answers.xml xml version 1.0 (for old Blink Security Gateway images) file
<?xmlversion="1.0"encoding="UTF-8"?>
<properties xmlVersion="1.0">
<installation>
<reboot_delay>10</reboot_delay>
</installation>
<machine_configuration>
<perform>false</perform>
<hostname>GWOBJECT_NAME_FIELD</hostname>
<password>
<value>PASSWORD_FIELD</value>
<is_hash>true</is_hash>
</password>
<network>
<ipv4addr>IPV4_FIELD</ipv4addr>
<masklength>IPV4_MASKLENGTH_FIELD</masklength>
<interface>IPV4_INTERFACE_FIELD</interface>
<default_gw>DEFAULTGW_FIELD</default_gw>
</network>
<activation_key>SIC_FIELD</activation_key>
<cluster>false</cluster>
<send_data_to_usercenter>true</send_data_to_usercenter>
<enable_download_from_checkpoint>true</enable_download_from_checkpoint>
... ...
</machine_configuration>
<user_updates>
<entry_point>install_content.sh</entry_point>
</user_updates>
<!--
logging - Used in order to filter the logs saved to files, displayed on the screen or sent to the syslog.
Supported logging levels: DEBUG, NORMAL, ERROR, ALWAYS, NEVER
Colors - Should be set to true for displaying log messages in color on the screen.
-->
<logging>
<file_level>DEBUG</file_level>
<screen_level>NORMAL</screen_level>
<sys_log_level>NEVER</sys_log_level>
<colors>true</colors>
</logging>
</properties>
Supported XML elements:
The root XML element is "properties".
Enter the string to filter this table:
Section
Sub-Section
XML element
Description
<installation>
<reboot_delay>
Specifies the delay (in seconds) before rebooting the appliance/server after completing the installation process. The default delay is: 10 To suppress the reboot completely, define the value -1 (not recommended).
<machine_configuration>
<perform>
Specifies the whether to perform the unattended installation or not:
true - perform the unattended installation
false - (default) do not perform the unattended installation (other elements in the <machine_configuration> sub-section will be ignored)
<hostname>
Specifies the appliance/server's HostName to configure during the unattended installation.
<password>
This sub-subsection specifies the appliance/server's admin password to configure during the unattended installation.
<password>
<value>
Specifies the appliance/server's admin password string:
either plain-text string (e.g., password123)
or hash value of the password string (e.g., 72ae25495a7981c40622d49f9a52e4f1565c90f048f59027bd9c8c8900d5c3d8)
Run the following command in the Expert mode to get the hash value of the admin password from the configured system (must use the same Gaia OS version):
Either run:
dbget passwd:admin:passwd
Or run:
grep admin /etc/shadow | cut -d: -f2
<password>
<is_hash>
Specifies how the appliance/server's admin password string was defined in the <value> element:
false - the defined appliance/server's admin password string is a plain-text string
true - (default) the defined appliance/server's admin password string is a hash value of the password string
<network>
This sub-section specifies the network interface configurations that will apply during the unattended installation
<network>
<ipv4addr>
Specifies the appliance/server's IPv4 address (X.X.X.X) to configure during the unattended installation.
<network>
<masklength>
Specifies the appliance/server's IPv4 address subnet mask length (0-32) to configure during the unattended installation.
<network>
<interface>
Specifies the appliance/server's main management interface to configure during the unattended installation.
<network>
<default_gw>
Specifies the appliance/server's default gateway to configure during the unattended installation.
<activation_key>
Specifies the appliance/server's SIC one-time key to configure during the unattended installation.
<cluster>
Flag that specifies whether to enable cluster membership for the gateway or not.
<send_data_to_usercenter>
Consent flag that specifies whether the appliance/server is allowed to send various statistics data to Check Point Cloud (refer to sk111080):
true - (default) send various statistics data to Check Point Cloud
false - do not send various statistics data to Check Point Cloud
<enable_download_from_checkpoint>
Consent flag that specifies whether the appliance/server is allowed to download various data (updates, latest packages, contracts, etc.) from Check Point Cloud (refer to sk111080):
true - (default) download various data from Check Point Cloud
false - do not download various data from Check Point Cloud
<user_updates>
<entry_point>
Specifies the main executable user shell script to call during the unattended installation, which will perform the desired operations. The default script name is: install_content.sh
Example:
The "user_updates" directory contains:
The main user shell script install_content.sh with the following commands:
The file with relevant Gaia Clish commands clish_commands.txt:
lock database override set interface Mgmt auto-negotiation off set interface Mgmt state on set interface Mgmt link-speed 100M/full set interface Mgmt ipv4-address 192.168.1.1 subnet-mask 255.255.255.0
User RPM package some_private_RPM.rpm
<logging>
<file_level>
Specifies the desired priority to filter the log entries saved in the main log file /var/log/blink/logs_<DATE>/Main_log.elg (order below is from highest to lowest priority):
DEBUG (default)
NORMAL
ERROR
ALWAYS
NONE
For example, if "file_level" is set to "ERROR", then messages marked as "Debug" and "Normal" will not be written to the log file - only messages marked as "Errors" and "Always" will be written to the log file.
If "file_level" is set to "NONE", then no messages will be written to the log file.
<screen_level>
Specifies the desired priority to filter the log entries displayed on the screen (order below is from highest to lowest priority):
DEBUG
NORMAL (default)
ERROR
ALWAYS
NONE
For example, if "screen_level" is set to "ERROR", then messages marked as "Debug" and "Normal" will not be displayed on the screen - only messages marked as "Errors" and "Always" will be displayed on the screen.
If "screen_level" is set to "NONE", then no messages will be displayed on the screen.
<sys_log_level>
Specifies the desired priority to filter the log entries sent to Syslog server (order below is from highest to lowest priority):
DEBUG
NORMAL
ERROR
ALWAYS
NONE (default)
For example, if "sys_log_level" is set to "ERROR", then messages marked as "Debug" and "Normal" will not be sent to Syslog server - only messages marked as "Errors" and "Always" will be sent to Syslog server.
If "sys_log_level" is set to "NONE", then no messages be sent to Syslog server.
<colors>
Specifies the whether to use colors on the screen or not (refer to the <screen_level>):
true - (default) use colors on the screen
false - do not use colors on the screen
Example File:
<?xmlversion="1.0"encoding="UTF-8"?><propertiesxmlVersion="1.0">
<installation>
<reboot_delay>10</reboot_delay>
</installation>
<machine_configuration>
<perform>true</perform>
<hostname>MyGW123</hostname>
<password>
<value>mypassword</value>
<is_hash>false</is_hash>
</password>
<network>
<ipv4addr>192.168.1.22</ipv4addr>
<masklength>24</masklength>
<interface>Mgmt</interface>
<default_gw>192.168.1.254</default_gw>
</network>
<activation_key>12345</activation_key>
<cluster>true</cluster>
<send_data_to_usercenter>true</send_data_to_usercenter>
<enable_download_from_checkpoint>true</enable_download_from_checkpoint>
</machine_configuration>
<user_updates>
<entry_point>install_content.sh</entry_point>
</user_updates>
<!--
logging - Used in order to filter the logs saved to files, displayed on the screen or sent to the syslog.
Supported logging levels: DEBUG, NORMAL, ERROR, ALWAYS, NEVER
Colors - Should be set to true for displaying log messages in color on the screen.
-->
<logging>
<file_level>DEBUG</file_level>
<screen_level>NORMAL</screen_level>
<sys_log_level>NEVER</sys_log_level>
<colors>true</colors>
</logging>
</properties>
When performing advanced upgrade with Blink, make sure to configure the correct timezone on the new installed appliance/server.
-
Default value for "Management GUI Clients" property is set to "Any"
DP-2884
Using Blink images to downgrade from kernel 3.10 to 2.6.18 is prohibited.
Use "revert to snapshot" to return to the old version
DP-1644
Reimage: Blink reimage is blocked from running on VSX Gateways.
PMTR-41564
You can install Blink images on VSX Gateways only of blink images are R80.40 and up.
-
No automatic Cleanup in case of un-normal progress interruption (power problem, early reboot, etc...). In case interruption, perform the following (in expert mode):