Identifying devices

[boedy]

How does one keep track of which device is which when hooking it up with the switch. If you only hook up 1 device at at time this is easy of-course, but how does it work if you have a 16 port switch and you connect 15 devices. If a labels is printed after each successful flash you wouldn't know for which hooked up cm4 it is intended.

One possible solution I could think of is using a managed switch that has support for a MAC Address Table. You could lookup which mac address is hooked up to which port in the switch.

Interested to learn what strategies others are deploying.

[maxnet]

One possible solution I could think of is using a managed switch that has support for a MAC Address Table. You could lookup which mac address is hooked up to which port in the switch.

That's an idea I also proposed originally.
Coming from a data center automation background, I know that it is indeed quite possible to query which MAC addresses is seen on which port if it concerns a managed Ethernet switch that supports SNMP BRIDGE-MIB.
Have performed that trick before for other projects to match data traffic graphs to the right server.
Problem is that it do would require cmprovision users to get a managed Ethernet switch, and knowledge how to properly configure the thing.
So support for querying MAC addresses was never implemented in cmprovision.

If you program the CM4 modules using CMIO boards (and not in the final device), you do can put jumpers on the GPIO header to signal to the server which provisioning board it is.
To use that, put (or leave out) jumpers at GPIO 5, 13, 21 to the GND pin opposite of those pins (pin 29 to 30, pin 33 to 34, pin 39 to pin 40).
The binary number you set with the jumpers, will set $provisionboard in the label template.

[boedy]

Thanks for your prompt response, @maxnet. We find cmprovision particularly beneficial as it allows us to:

1. Fully assemble our devices, including the CM4, thus significantly simplifying and streamlining our assembly process. This eliminates the need for us to flash the CM4 separately before installing it in the final device. This is a big win for us! 💪
2. Flash in bulk, enabling us to connect devices to the switch as we progress.

Given these benefits, we believe that cmprovision's users who are looking to automate the flashing process wouldn't mind more intricate setups, such as acquiring the knowledge to operate and configure a managed switch. For our purposes, we're willing to explore this option if there aren't simpler alternatives.

Unfortunately, configuring our devices post-assembly implies your suggestion may not be suitable for us. We've pondered other possibilities, although we're uncertain about their feasibility of implementation:

• Using device LEDs to communicate identifiers via pulsing or color changes.
• Employing device audio output to broadcast identifiers through voice or Morse code.
• Leveraging device HDMI output to display identifiers.

I'm curious, would there be a way to trigger LED blinking through a button on the cmprovision dashboard or website? It could be a valuable function to consider.

Let me know your thoughts on these suggestions. Thanks in advance for your time and insights.

[maxnet]

Given these benefits, we believe that cmprovision's users who are looking to automate the flashing process wouldn't
mind more intricate setups, such as acquiring the knowledge to operate and configure a managed switch. For our
purposes, we're willing to explore this option if there aren't simpler alternatives.

Most simple alternatives comes with other down sides.

E.g. I am aware that another user attaches USB sticks that have a label (1,2,3,4, etc) to the device being provisioned.
The USB stick contains a file with the number on the label, that is read by a pre-installation script, and phoned home to the cmprovision server.

Works in principle, but only when network booting fresh CM4 modules.
If for some you need to reprovision a device that already has data in eMMC, it will no longer network boot, and you will need to use the USB rpiboot mode to boot the thing instead.
When rpiboot'ing a device, the USB host ports do not work, so the USB stick cannot be read...

[ghollingworth]

Can you be clear what it is you are trying to achieve here?

CMProvision was written by @maxnet under my request to create a thing we needed at the time to program CM3/4 devices quickly and efficiently. We have a setup with a handful of CMIO4 boards and a Raspberry PI for the server, the process is:

1. User inserts CM4 into one of the CMIO4 boards, each of those has a different set of GPIOs to set a 'programmer number'
2. Device does network boot from server downloading and running the buildroot
3. The buildroot downloads a script from the server which tells it what to do (i.e. program the eMMC)
4. The server monitors the various devices as they connect to its webserver to pull various bits of information (the image and various scripts)
5. At the end, the server gets a completion notification (i.e. the device does a GET request to the server saying it's now finished)
6. The contents of that reply includes things like, which image it programmed, what SHA sum was, what the board number was (i.e. the number it read from the GPIOs), the MAC address etc. etc.
7. The device flashes some LEDs to say it's finished
8. The server prints a label containing some of the information from the device (for us this is the device MAC address and the device it was programmed on...) The number on the label corresponds with the number on the CMIO4 board, so the operator puts the label on that board
9. operator removes the board, sticks it into a box and go back to 1)

If you need to do something different here (for example flash a different LED or communicate with the server or even some other piece of hardware to say 'I'm finished, please box me') this just needs a small change to the script that is being executed...

Maybe you just need the ability to edit the execution script?

Gordon

[maxnet]

User inserts CM4 into one of the CMIO4 boards

Think the topic starter does not want to use CMIO boards as an intermediate step, but wants to insert the CM4 module into the final device right away, program that, and stick a label on the final device.
Needs a way to know which label goes onto which device. And the jumpers on GPIO header way does not go well with devices that may not have one.

[boedy]

E.g. I am aware that another user attaches USB sticks that have a label (1,2,3,4, etc) to the device being provisioned.
The USB stick contains a file with the number on the label, that is read by a pre-installation script, and phoned home to the cmprovision server.

Ah haven't though about this. The USB stick approach seems straightforward and worth considering.

Can you be clear what it is you are trying to achieve here?

@ghollingworth I appreciate you sharing your process in detail. As @maxnet accurately pointed out, we're looking into the possibility of flashing the final device directly using cmprovision. This is mainly to streamline our device assembly, which could then be easily outsourced. Currently, flashing the CM4 is a technical step in the assembly process; eliminating it simplifies the task to merely piecing the parts together.

Ideally, our workflow would look like this:

1. A team member prepares 'X' devices for provisioning, powers them up, and connects them to the switch.
2. Each device network boots, and cmprovision configures the device, including programming the eMMC and generating/assigning a serial number, which is registered on our backend.
3. Once provisioning is complete, the team member disconnects the device and applies a sticker label with the corresponding serial number.

The main challenge here arises when steps 1-3 are executed simultaneously for multiple devices. Identifying which device has been assigned which serial number, and therefore which label, becomes difficult. We're seeking a way to address this issue.

Please let me know if you have any further suggestions. Thanks again for your insights and assistance!

[ghollingworth]

Do you have any method of communicating directly with the operator from the device?

i.e. a local display, an HDMI display (or a miniature USB-connected display)

Otherwise, you could write a script to talk to a managed switch from the device and run that at the end of provisioning...

[boedy]

I think we will try out the USB drive approach first and see how well that works for us.

Each usb drive contains a file usb-id.txt which stores its corresponding letter. An after script will output the serial number when completed and the letter of the attached thumb drive 🤓

[maxnet]

cmprovision4_1.6.4.zip

In case the USB sticks do not work out: I added some minimal support for querying the port numbers of managed Ethernet switches that support SNMP v2 + BRIDGE-MIB.

Still need to make some proper configuration option for it in the web interface (and add some documentation), but for now you can try out 1.6.4 from attached .zip and configure it from console like this:

It will show right away if it can query the currently connected MAC addresses and port names.
And if it gets back any, it will save settings and enable the integration. Port names should then appear in the log and on the labels.

Can change the port names to your liking in the configuration of your switch on most brands. (it queries ifAlias if it exists, otherwise the standard ifName of the port is used).

The functionality has been tested on Juniper, HP, MikroTik and Cisco switches, and should work on others, but can naturally not make any guarantees in regards to compatibility with every device on the market.

[boedy]

This is great @maxnet 👏 !

Last Friday I was able to get the USB-stick solution to work, which I was already pretty happy with, but now I feel I should definitely try this out!

As I'm writing this message I'm looking for a switch that supports SNMP BRIDGE-MIB. Currently looking at the Cisco Business 250 Series. The spec sheet states it supports p-bridge-MIB and q-bridge-MIB. I'm assuming one of the two is required for this to work?

Secondly: Looking at the changes you made, it seems that the port number of the switch is used as the provisioning_board name. Is that how we can identify the the attached devices?

[maxnet]

As I'm writing this message I'm looking for a switch that supports SNMP BRIDGE-MIB. Currently looking at the Cisco
Business 250 Series. The spec sheet
states it supports p-bridge-MIB and q-bridge-MIB. I'm assuming one of the two is required for this to work?

We only support the first.
The normal BRIDGE-MIB is used to query the MAC table of the first VLAN, since we are assuming cmprovision users to only have one.

If you were dividing your switch ports into multiple VLANs, for example a VLAN of switch ports with Internet connectivity, and an isolated VLAN for stuff that should only be accessible in private network, and had a need to know the MAC tables of all the different VLANs than Q-BRIDGE would need to be used. But that is overkill for this purpose, so not implemented.

Do be aware that Cisco switches tend to be the most difficult to setup.
The enabling SNMP part is easy, as the switch will ask if you want it enabled during first setup.
However Cisco comes out-of-the-box with a configuration that has STP enabled that tests for network loops for 30 seconds before letting traffic through, each time the network link of a port goes up.
Which conflicts with network booting and you may need to use CLI console commands to properly disable it.
While I don't know their business series, their other models lack an option in the web interface for that.

[maxnet]

Secondly: Looking at the changes you made, it seems that the port number of the switch is used as the
provisioning_board name. Is that how we can identify the the attached devices?

"provisioning_board" is just what the field is called in our internal SQLite database, that keeps the bookkeeping.
(It may sound a bit odd to put the port number in the provisioning board number field. But it is the easiest way to re-use the existing code that was written for the use-case of using a fixed number of CMIO provisioning boards, that are identified by jumpers on the GPIO header, instead of programming in the final device)

The port name will be made available as $provisionboard in the label template.
See "labels" in the web interface for an example of a label template.
(The example is in the Jscript markup language used by industrial Brady/CAB printers, but you can also use cheaper Zebra printers if you draft your own ZPL template instead).

[boedy]

Yesterday I received the switch I ordered (a TP-LINK TL-SG2008) and tested out the new functionality. Everything worked flawlessly. To ensure consistency, I configured a static IP for the switch. I also modified the /cms page to display essential details like our serial number and the connected switch port. Here's how it looked:

I was able to successfully provision 7 cm4's in paralel which was really cool to see 😎 . Here's a screenshot from an internal video I made to share with the team:

Having experimented with both the USB stick and switch port approaches and reflecting which method provides us with best solution, we're leaning towards the former. Initially I thought not having to plug in an extra thumb drive would speed up the process, but I already noticed that the complexity of the network wiring can make it difficult to track the physical port connections.

Additionally, our cmprovision frontend computer is located a few meters away from the flashing station, creating a challenge in port-to-device identification. With a USB stick attached to each device, I can unplug it from power and Ethernet, bring it back to the computer, and still be able identify the device. Conversely, using the switch port method, once the device is disconnected from the switch, I would have to remember the port number, which could be challenging if any interruption occurs. The USB stick method also eliminates the need to trace each network cable back to its port.

Having said that I still feel this is a really cool solution. Others might not have the same concerns as me, perhaps by having better cable-management 😅. Thanks again for your efforts @maxnet. With this tool we just improved our assembly process by at least a factor of 3 💪

[maxnet]

Initially I thought not having to plug in an extra thumb drive would speed up the process, but I already noticed that the
complexity of the network wiring can make it difficult to track the physical port connections.

• Note that on most switches you can rename the network ports.
  So if you use different colored network cables, and "port 3" has the red cable, I would give the port the name "red" instead. And cmprovision should automatically use "red" everywhere. Or if not using colors, just label both ends of your network cables...
  

With a USB stick attached to each device, I can unplug it from power and Ethernet, bring it back to the computer

• Not sure why you would need to bring the device back to your computer.
  The way it works when you use our example label template, is that the ID gets printed in the corner on your label.
  So you normally just take the label from the label printer, and bring that label to your devices. And if the label has "red" printed in the corner, you glue it to the device that has "red" cable.

[boedy]

Thanks for the suggestions. I'll give it some more thoughts.

We currently don't use the printer functionality, so all labels are pre-printed. The past devices I flashed I brought back to my desk and screen where I grabbed the label that matched the serial-number on the screen and sticked it to the device.

The printer we use is a Brother PT-P900W. I already checked if it would be easy to interface with this printer, but the support is pretty lacking. It should be possible but it has certain limitations and currently not worth the extra engineering effort.

[ghollingworth]

I believe it supports ESC/POS language...

[ghollingworth]

Sorry, didn't mean to close...

[maxnet]

The printer we use is a Brother PT-P900W. I already checked if it would be easy to interface with this printer, but the
support is pretty lacking. It should be possible but it has certain limitations and currently not worth the extra engineering
effort.

If it does not support any template friendly printing language, you can also look if it has a CUPS driver that can print arbitrary raster images.

If it has CUPS support, and you only want simple 2D barcodes, a trick is to let cmprovision produce HTML with a barcode font, and pipe that to dompdf and lpr (lpr takes pdf files as input, if you do NOT specify the "-o raw" option, which you do would specify if you want to print jscript/zpl).

Template would look like:

<html>
<head>
    <meta content="text/html; charset=UTF-8" http-equiv="content-type">
    <style type="text/css">
        @font-face {
                font-family: 'Libre Barcode 39 Text';
                font-weight: normal;
                font-style: normal;
                font-variant: normal;
                src: url('fonts/LibreBarcode39Text-Regular.ttf') format('truetype');
        }
        .code39Text {
                font-family: 'Libre Barcode 39 Text';
                font-size: 2rem;
        }
   </style>
</head>
<body>
<span class="code39Text">$serial</span><br>
$serial<br>
$provisioningboard
</body>
</html>

Another cmprovision user does a similar trick to print other supporting paperwork.

[saeedjohar]

Yesterday I received the switch I ordered (a TP-LINK TL-SG2008) and tested out the new functionality. Everything worked flawlessly. To ensure consistency, I configured a static IP for the switch. I also modified the /cms page to display essential details like our serial number and the connected switch port.

Hello, I also got the same TP-LINK switch. Are there any settings I should be aware of?
So far I have enabled SNMP, under SNMP v2 config added a community. Yet I have 0 in the board section.

Could you please point out what changes were made on /cms in your case?

Thank you.

[maxnet]

So far I have enabled SNMP, under SNMP v2 config added a community. Yet I have 0 in the board section.

When you ran sudo /var/lib/cmprovision/artisan ethernetswitch:configure, to enable the Ethernet switch integration, it did output the Mac table correctly?

(Like in the screenshot I posted earlier in: #25 (comment) )

[saeedjohar]

Yes, the ethernet switch integration was enabled.

[maxnet]

If you connect the device being provisioned, and re-run the command, it does show a second entry in the "Mac -> interface name/alias table" ?
(The one entry in your screenshot is likely the device running the cmprovision server.)

Are you sure the entries in the "last 100 provisioning log entries" are from AFTER you enabled the Ethernet switch integration?
(If a device was already provisioned earlier, it may no longer network boot, and you may need to connect USB cable and set jumper to enable rpiboot, to reprovision it a second time).

[saeedjohar]

If you connect the device being provisioned, and re-run the command, it does show a second entry in the "Mac -> interface name/alias table" ? (The one entry in your screenshot is likely the device running the cmprovision server.)

Yes, the first one is cmprovision server. Re-running shows the mac.

Are you sure the entries in the "last 100 provisioning log entries" are from AFTER you enabled the Ethernet switch integration? (If a device was already provisioned earlier, it may no longer network boot, and you may need to connect USB cable and set jumper to enable rpiboot, to reprovision it a second time).

I have erased the previous image connecting to a PC. So I am using an empty CM4 all the time.
You can see the provisioning time from both dash board and CMs.

[maxnet]

Yes, the first one is cmprovision server. Re-running shows the mac.

Looks strange to me.
If things work properly, I would expect to see two entries in your second screenshot, "gigabitEthernet 1/0/1" for your server, "gigabitEthernet 1/0/2" for your client.
Not only one...

[saeedjohar]

I have reset the TL-SG2008 switch to factory defaults, assigned a static IP for the switch and reconfigured SNMP community name. After these adjustments, it started working as expected.

Additionally, I ordered another switch from Tenda TEG5328F, which also worked seamlessly.

Thank you @maxnet

[djr-spectrummfg]

Can we get a proper tagged release including the SNMP switch integration?

[nimbo78]

looking forward to snmp mib-bridge integration
could we see this feature in release?