Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Simon_Macpherso
Collaborator

Check Point Ansible Mgmt Collection - Software Deployment

Hello,

The following is regarding the cp_mgmt_show_software_package_detail and cp_mgmt_verify_software_package modules which are part of the Check Point Ansible Mgmt Collection.

For these modules to work on R80.40, does the JHF need to be copied to each target gateway prior to running the verification and installation playbooks? If so, can someone confirm the folder it must be copied to i.e. ‘/var/log/cpupgrade/suroot/tmp/’, ‘/opt/’?

In the check_point.mgmt.cp_mgmt_verify_software_package documentation, there are download_package and download_package_from parameters; but it states these parameters are available from R81 only. So I’m assuming the package needs to be manually copied to each gateway in R80.40 or earlier.

Regards,

Simon

0 Kudos
2 Replies
Boaz_Orshav
Employee
Employee

Hi

IN 80.40 the requirement is that both management and gateway are connected to the internet or more accurate - to Check Point download center.

The show_software_package_detail command runs on the management machine and is not connecting to the gateway.

It is looking for the package in the package repository located on the management machine and answers according to basic information we get from the download center (the package doesn't have to be on the management machine at all)

The verify command uses the same information but asks the gateway to get this information from the download center. Again - the package is not required, only connectivity of the gateway to the download center.

In the next step - when you perform the install command, the gateway will download the package from the download center

 

Simon_Macpherso
Collaborator

Thanks @Boaz_Orshav 

0 Kudos