Add documentation about mbed dm
#681
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| ### Updating Devices with Mbed CLI | ||
|
|
||
| Mbed CLI includes features to prepare and ship updates for devices managed through the [Device Management Portal](https://cloud.mbed.com/docs/current/introduction/index.html). Mbed CLI uses the subcommands starting with `mbed device-management`, `mbed dev-mgmt` or `mbed dm` to manage devices. As `device-management` is very long to type, the remainder of this document uses the `mbed dm` alias for all device management subcommands. This document explains the steps to enable and use Mbed Device Managment with a project. | ||
|
|
||
| #### Project Setup | ||
|
|
||
| Configuring your Mbed Cloud SDK API key, target and toolchain. Obtain the API key from the the Device Management Portal. | ||
|
There was a problem hiding this comment. I would honestly just drop the "Mbed Cloud SDK" bit here. Even though that's the library being used behind the scenes, its a bit confusing with the Pelion naming before it. Plus its fairly obvious what "API key" is. There was a problem hiding this comment. That's there to explain the configuration variable below, which is consistent with other configs: it's prefixed by There was a problem hiding this comment. Hmm, fair enough. It's very minor either way 👍 I imagine these naming problems will get easier one all of the packages have been updated. |
||
|
|
||
| ``` | ||
| $ mbed config -G CLOUD_SDK_API_KEY <API_KEY> | ||
| $ mbed target K64F | ||
| $ mbed toolchain GCC_ARM | ||
| ``` | ||
|
|
||
| Initialize the device management feature of Mbed CLI with the following command: | ||
|
|
||
| ``` | ||
| $ mbed dm init -d "<company domain name>" --model-name "<product model identifier>" | ||
| ``` | ||
| <span class="notes">**Note:** If you do not want to enter the subject information for your update certificate (country, state, city, organization and so on), add the `-q` flag to the command above.</span> | ||
|
|
||
| This command asks for information about your update certificate. When Mbed CLI has enough information, it creates several files: | ||
|
|
||
| * A certificate in `.update-certificates/default.der`. | ||
|
There was a problem hiding this comment. Don't think this will render as a list without an empty line before the first bullet |
||
| * A matching private key in `.update-certificates/default.key.pem`. | ||
| * A set of default settings in `.manifest_tool.json`. | ||
| * Mbed Device Management update credentials in `update_defalut_resources.c` | ||
| * Mbed Device Management settings in `.mbed_cloud_config.json`, including default settings for: | ||
| * A unique vendor identifier, based on the domain name supplied as the `-d` parameter to `mbed dm init`. | ||
| * A unique model identifier, based on the vendor identifier and the model name supplied as the `--model-name` to `mbed dm init`. | ||
| * The path of the update certificate and private key. | ||
| * Mbed Device Management developer credentials in `mbed_cloud_dev_credentials.c` | ||
|
There was a problem hiding this comment. Ditto about the "Mbed" prefix for "Device Management" here. Since you mentioned Pelion above I think you're ok just saying "Device Management" here. There was a problem hiding this comment. Again, @MelindaWeed Asked for this name change. There was a problem hiding this comment. That'd just be Device Management. Sorry for not communicating the standards clearly. |
||
|
|
||
| <span class="notes">**Note:** The certificate created in `mbed dm init` is not suitable for production. Use it for testing and development only. To create a certificate for production purposes, use an air-gapped computer or a Hardware Security Module. When going to production, conduct a security review on your manifest signing infrastructure, as it is the core of the security guarantees for update client.</span> | ||
|
|
||
| #### Single-device update | ||
|
|
||
| Mbed CLI provides a subcommand, `mbed dm update device`, for development with a device and for testing purposes. After following the steps in Project Setup, perform firmware updates on a single-device by running: | ||
|
|
||
| ``` | ||
| $ mbed compile | ||
| ``` | ||
|
|
||
| This will generate a payload to update the device with. After generating the payload, update the device through Mbed Device Management with: | ||
|
|
||
| ``` | ||
| $ mbed dm update device -D <device ID> | ||
| ``` | ||
theotherjimmy marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| This will perform several actions: | ||
|
|
||
| 1. Upload the payload, generated by `mbed compile`, to Mbed Device Management. | ||
| 1. Hash the payload and create a manifest that links to its location in Mbed Device Management. | ||
| 1. Create an update campaign for the supplied device ID, with the newly created manifest. | ||
| 1. Start the campaign. | ||
| 1. Wait for the campaign to complete. | ||
|
There was a problem hiding this comment. It's waiting? Even though devices could take ages to come on line and receive an update? What happens if it fails? Do I see that here? There was a problem hiding this comment. The whole point of the command is to update a device. so, yes it waits for that to happen, and yes that can take a while. |
||
| 1. Delete the payload, manifest and update campaign out of Mbed Device Management. | ||
|
There was a problem hiding this comment. Ditto about the "Mbed" prefixes. There was a problem hiding this comment. ditto about the name changes. |
||
|
|
||
| #### Multidevice update | ||
|
|
||
| To update more than one device, use Mbed CLI to generate and upload a manifest and payload to the Mbed Device Management portal. Then use the Mbed Device Management portal to create device filters that include many devices in an update campaign. After the steps in Project Setup, you can create and upload manifests and palyoads by running: | ||
|
|
||
| ``` | ||
| $ mbed compile | ||
| ``` | ||
|
|
||
| This will generate a payload to update the device with. After generating the payload, upload the payload and manifest with: | ||
|
|
||
| ``` | ||
| $ mbed dm update prepare | ||
| ``` | ||
|
|
||
| `mbed dm update prepare` automatically uses the update payload generated by `mbed compile`. You may provide a name and description for the payload and corresponding manifest with additional arguments: | ||
|
|
||
| ``` | ||
| $ mbed dm update prepare -n <PAYLOAD_NAME> -d <PAYLOAD_DESCRIPTION>\ | ||
| --manifest-name <MANIFEST_NAME> --manifest-description <MANIFEST_DESCRIPTION> | ||
| ``` | ||
|
|
||
| Both methods of creating a manifest use the defaults created in `mbed dm init`. You can override each default using an input file or command-line arguments. | ||
|
|
||
| Once you execute `mbed dm update prepare`, Mbed CLI automatically uploads the payload and manifest to Mbed Device Management and you can then create and start an [update campaign](https://cloud.mbed.com/docs/current/updating-firmware/update-campaigns.html) using the Mbed Cloud portal. | ||
|
|
||
| ### Advanced usage | ||
|
|
||
| Mbed CLI allows for significantly more flexibility than the model above shows in exactly the same way as Manifest Tool. You can override each of the defaults that `mbed dm init` sets by using the command-line or an input file. Mbed CLI supports a variety of commands. You can print a full list of commands by using `manifest-tool --help`. | ||
|
There was a problem hiding this comment. Mbed CLI keeps its name as far as I'm aware. There was a problem hiding this comment. Also looks like in our manifest tool documentation, it's not capitalized, and instead referred to as "the manifest tool." There was a problem hiding this comment. Seeing how this is the first mention of the manifest tool, I would provide a link to the tool's page. There was a problem hiding this comment. /docs/working/updating-firmware/manifest-tool.html |
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The document I have states that the full name is "Pelion Device Managment", not "Mbed Device Managment".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bridadan That's what I had before @MelindaWeed Asked me to change it to what it is now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@MelindaWeed @AnotherButler is "Mbed Device Management" correct? Everything I've seen so far says wither "Pelion Device Management" or just "Device Management". Sorry, not trying to belabor this but since Mbed CLI is pretty forward facing it'd be worth it to get this one right. Also, I guess I want to know for myself going forward what the right phrasing is. Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I should've been more specific.
'Mbed Device Management' is never used. Pelion Device Management is used at the first mention in a page or at the top level of any nested pages, but after that, the Pelion is dropped and it's just Device Management.
Mbed CLI, Mbed OS, and Mbed client (but NOT Mbed Cloud client) keep their names "for brand recognition" 🙄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is indeed really confusing. Sorry for being unclear!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No problem! Thanks for clarifying!