OpenWiFi
2.10.0
2.10.0
  • OpenWiFi Release 2.10
  • ABOUT
    • About OpenWiFi
    • Supported Hardware
    • Device Partner Information
    • Cloud Partner Information
    • Ordering OpenWiFi APs
    • Example Partner Integrations
    • Contributing
  • OPENWIFI STACK
    • Overview
    • SDK
    • Access Points
      • Local Device Settings
    • Cloud Discovery
      • Discovery without Cloud
    • Code Repositories
    • Artifacts
  • SDK
    • Getting Started
    • Architecture
    • Provisioning for Integrators
      • Data Model Introduction
      • Creating a Configuration
    • User Interface for Admins
      • Provisioning
        • Creating Entities
          • Configurations
            • Metrics Settings Example
        • Creating Venues
          • Configurations
            • WAN
            • VAP - SSID
      • Inventory Association
      • Gateway
      • Devices
        • Commands
        • Statistics
        • Command History
      • Firmware
    • Monitoring
      • ELK Integration
  • RELEASE
    • What's New
    • Features
    • Security Updates
    • Resolved Issues
    • Outstanding Items
    • Testing Results
  • SDK Installation
    • Overview
    • Deploy using Docker Compose
    • Deploy using Helm
  • Device Feature Configuration Examples
    • Basic Device Provisioning
      • Bridge Mode SSID
      • NAT Gateway Mode SSID
      • Multi-VLAN SSID
    • Advanced Device Feature Configuration Examples
      • Zero Touch Provisioning
      • DHCP Relay
      • Services
      • Metrics
      • GRE
      • L2TP
      • VxLAN
      • WDS
      • Mesh
      • QoS
      • Dynamic Air Time Fairness
      • Advanced Captive Portal
        • External Captive Portal
      • Roaming RRM and SON
      • RADIUS Authenticated SSID
        • Dynamic VLANs with RADIUS
        • WISPr Subscriber Bandwidth
        • Dynamic Multi PSK
        • RADIUS MAC-Auth
      • Multi-PSK (MDU Shared Key)
      • Wireguard
      • Dynamic Air-Time Policy
      • Opportunistic Wireless Encryption (OWE)
      • Passpoint®
        • Configuration Introduction
        • Advertising Services
        • Passpoint® Configuration
      • Restricted Unit Support
  • DEVELOPER RESOURCES
    • SDK API
      • OpenAPI Definitions
      • Security Service
      • Gateway Service
      • Firmware Management Service
      • Provisioning Service
      • Analytics Service
      • Radio Resource Management Service
      • Postman Collection
    • SDK KAFKA
      • Connection
      • Device Event Queue
      • Device Telemetry
      • Healthcheck
      • Provisioning Change
      • Service Events
      • State
      • WiFi Scan
Powered by GitBook
On this page
  1. SDK

Provisioning for Integrators

uCentral Data Model Introduction

PreviousArchitectureNextData Model Introduction

OpenWiFi 2.x makes it possible for integrators of the SDK to implement commercial products leveraging OpenWiFi Gateway service with vendor supplied provisioning above OpenWiFi SDK. As a minimum, the OpenWiFi 2.0 SDK framework offers a Security service which handles all OpenAPI authentication northbound, and the Gateway service which provides all uCentral websocket interface functionality southbound.

OpenWiFi also provides options to receive telemetry and events over both OpenAPI interface as well as Kafka message bus. When using Kafka, OpenWiFi Gateway directly publishes telemetry and event topics to the bus.

In future sprints of OpenWiFi dynamic device provisioning will be available as an added microservice.

Gateway

OpenWiFi 2.0 Gateway implements the uCentral device management interface. uCentral specifies the data model and interface for management and telemetry of OpenWrt based devices. Gateway uCentral interface is a websocket JSON-RPC based design between OpenWiFi Gateway and the device running uCentral agent.

All communications from Gateway to Device are secured using mutual Transport Layer Security (mTLS). In mTLS systems each endpoint is a unique device sharing the same signed root or intermediate trust. In OpenWiFi each device has a signed certificate, key and device identifier. These are validated by the uCentral-Gateway to establish mTLS session.

Upon successful connection the device exchanges its capabilities with the OpenWiFi SDK. OpenWIFi SDK, via the Gateway microservice will send the entire device provisioning data as a JSON payload. Within OpenWiFi devices, the uCentral agent has a reader and renderer process providing serialization and validation of data sent from cloud. If any data presented can not be processed by the local agent, this is returned within an ERROR message using the same websocket connection.

If the device agrees with provisioning information presented, the render process builds calls into the operating system configuration sub-system known as UCI. The Unified Configuration Interface ensures OpenWrt compliant syntax is persisted within the device.

Configuration source of truth is the OpenWiFi SDK. Consistency of device configuration is handled with an applied hash compared by the Gateway for each device. If the value differs on device from that of the stored information in cloud, the device will be immediately resent its configuration from the OpenWiFi SDK Gateway service.

Once present, all configuration data is preserved on device restart.

It is possible to generate device configurations outside of the OpenWiFi 2.0 SDK as shown in the minimum SDK image at the start of this page. This may occur for some integrations or may occur when the OpenWiFi Provisioning microservice is not present. In this way, integrators of commercial products are welcome to build device provisioning outside of OpenWiFi and use the OpenWiFi cloud to manage the scale, state, security and validation of device websocket communications.

Minimum 2.0 SDK - Assumes DB is either SQLite or PGSql
Southbound Interface to Devices
High Level SDK Gateway to uCentral Agent