After SR OS authenticates successfully to the bootstrap server, the node can download the conveyed information using HTTPS. The operator can choose the name of the conveyed information file.
The SR OS conveyed information is trusted and does not require an additional signature verification.
The following conveyed information file example contains only onboarding information.
onboarding-information {
boot-image
download-uri https://images.com/$(sys.platform).zip
pre-configuration-script "https://config.com/provisioning.cfg"
}The conveyed information can also contain redirect information, in which case a recursive redirect can happen to another bootstrap server. If the conveyed information contains onboarding information and redirect information, the node executes the onboarding information first, then the redirect to the next bootstrap server.
The following conveyed information file example contains onboarding and redirect information, and the certificates required for the second redirect.
onboarding-information {
boot-image
download-uri https://images.com/$(sys.platform).zip
pre-configuration-script "https://config.com/provisioning.cfg"
}
import {
client {
cert "cf3:/artifacts/node.cert"
key "cf3:/artifacts/node.key" {
format der
}
}
trust-anchor BOOTSERVER {
cert "cf3:/artifacts/bootserver.cert"
}
}
redirect-information {
boot-server "https://mybootserver.com/" {
port 50
trust-anchor BOOTSERVER
file "conveyed.info"
}
boot-server "https://backupserver.com/" {
port 50
trust-anchor BOOTSERVER
file "conveyed.info"
}
}After the conveyed information is executed successfully, the BOF is loaded in the provisioning file to which the preconfiguration script is pointing and the auto-boot flag is cleared.