Introduction to CDT

Central Deployment Tool (CDT) is a tool that runs on Gaia Security Management Servers and Gaia Multi-Domain Security Management Servers.

This tool lets you manage deployment of software packages from your Management Server to multiple managed Security Gateways and Cluster Members at the same time:

  • Install and uninstall software packages.

  • Do different actions - take snapshots, run shell scripts, push or pull files, and so on.

  • Automate the RMA backup and restore procedure.

CDT handles cluster upgrades automatically, including Full Connectivity Upgrade - see Package Installation in Clusters.

Below are different workflows to use the Central Deployment Tool (CDT):

  1. CDT makes sure that the state of the Security Gateway is valid (all required processed are up and running)

  2. CDT prepares Access Control Policy for the Security Gateway:

    1. Changes the version in the Security Gateway object.

    2. Changes the applicable configuration settings and Access Control Policy.

  3. CDT executes the Deployment Plan on the Security Gateway:

    1. Runs Pre-Script(s).

    2. Updates the CPUSE version.

    3. Pushes the CPUSE package(s) to the Security Gateway.

    4. Imports the CPUSE package(s) on the Security Gateway.

    5. Installs the CPUSE package(s) on the Security Gateway.

    6. Makes sure the Access Control Policy is installed on the Security Gateway.

    7. Runs Post-Script(s).

  4. CDT makes sure that the state of the Security Gateway is valid (all required processed are up and running).

  1. CDT makes sure that the states of the Cluster Members are valid (Active and Standby).

  2. CDT prepares Access Control Policy for the Cluster:

    1. Changes the version in the Cluster object.

    2. Changes the applicable configuration settings and Access Control Policy.

  3. CDT executes the Deployment Plan on the Standby Cluster Members.

    1. Runs Pre-Script(s).

    2. Updates the CPUSE version.

    3. Pushes the CPUSE package(s) to the Cluster Members.

    4. Imports the CPUSE package(s) on the Cluster Members.

    5. Installs the CPUSE package(s) on the Cluster Members.

    6. Makes sure the Access Control Policy is installed on the Cluster Members.

    7. Runs Post-Script(s).

  4. CDT runs a Full Connectivity Upgrade:

    1. Makes sure the upgraded Cluster Member is in the Standby or Ready state.

    2. Performs cluster failover to one of the upgraded Cluster Members.

  5. CDT executes the Deployment Plan on the former Active Cluster Member.

  6. CDT makes sure that the states of the Cluster Members are valid (Active and Standby).

  1. CDT makes sure that the state:

    • CDT makes sure that the state of the Security Gateway is valid (all required processed are up and running)

    • CDT makes sure that the state of the Cluster Members are valid (Active and Standby)

  2. CDT executes the Deployment Plan:

    1. Runs Pre-Script(s).

    2. Updates the CPUSE version.

    3. Pushes the CPUSE package(s) to the Security Gateway / Cluster Members.

    4. Imports the CPUSE package(s) on the Security Gateway / Cluster Members.

    5. Installs the CPUSE package(s) on the Security Gateway / Cluster Members.

    6. Makes sure the Access Control Policy is installed on the Security Gateway / Cluster Members.

    7. Runs Post-Script(s).

  3. CDT makes sure that the state is valid:

    • On the Security Gateway all required processed are up and running

    • Cluster Members are in the states Active and Standby