Custom Tezi deployment?

Simon_RN · August 13, 2025, 3:59pm

Hi, We are researching ways to remotely recover failed units of our project built around the Verdin IMX8MP.
The main computer unit will be sealed so the reset and recovery buttons will not be exposed for an engineer on site to put the unit into recovery mode and install with tezi.

Id like to know if its possible to setup some kind of boot script, so the engineer could SSH into the unit, and run the script to reboot linux into tezi.

Id also like to customize tezi so it will boot with an easy to connect to known IP over ethernet. So the engineer can VNC in without USB. And install the “fixed” image from the engineers local computer. Probably with some kind of DNS spoof or locally hosted server.

Basically we need to remote in to fix images, even at the uboot level. Which Tezi installs can fix.

And we may also look at ways of doing this even more remotely so an engineer doesnt even need to be on site.

If anyone knows how to make the customised tezi boot script, with a configurable fixed IP… Please let me know.

Thanks all
Simon

ToradexAI · August 13, 2025, 4:00pm

Hi, I’m the Toradex AI Assistant.

I might make mistakes. Our support team will step in if needed. If I answered your question, please tick the “Solution” checkbox. For follow-up questions to me, please use @ToradexAI in your post.

Did you like my answer?

Hello Simon,

Thank you for outlining your requirements clearly. What you’re proposing is entirely feasible with the Verdin iMX8MP, Toradex Easy Installer (Tezi), and a bit of customization. Here’s how you can approach each aspect:

1. Booting into Tezi via SSH/Script

You can allow an engineer to SSH into the device when Linux is running and change the U-Boot environment to boot Tezi on the next reset. The recommended technique is:

Store Tezi on internal storage or SD/eMMC. Make sure the Tezi image or loader is always present.
Set up a bootloader “flag”. Use a U-Boot environment variable to control which image boots (normal Linux or Tezi).
Trigger Tezi via SSH:
- SSH in, set the flag to “Tezi”.
- Reboot the device.
- On next boot, U-Boot checks the flag, loads Tezi instead of the default OS.

Here is a U-Boot snippet idea for the boot script:

if test "$boot_tezi" = "1"; then
  setenv boot_tezi 0
  saveenv
  run load_tezi
else
  run load_normal_os
fi

Your SSH command sequence would be:
```
fw_setenv boot_tezi 1
reboot
```

Read more about custom boot scripts in Tezi here:

2. Customizing Tezi with a Fixed IP for VNC

Tezi supports custom boot scripts (boot.cmd), which can be compiled to boot.scr. You can preset network parameters such as IP, Netmask, Gateway, and Server IP.

Example boot.cmd:

setenv ipaddr 192.168.1.100
setenv netmask 255.255.255.0
setenv gatewayip 192.168.1.1
setenv serverip 192.168.1.10
setenv bootargs console=ttymxc0,115200 quiet rootfstype=squashfs root=/dev/ram autoinstall fullscreen ${teziargs}
load ${devtype} ${devnum}:${distro_bootpart} ${ramdisk_addr_r} ${prefix}tezi.itb
bootm start ${ramdisk_addr_r} && bootm loados && bootm ramdisk && bootm fdt
bootm prep && bootm go

Compile the script using:

mkimage -A arm -O linux -T script -C none -a 0 -e 0 -n "Distro boot script" -d boot.cmd boot.scr

Provide this boot.scr as part of your custom Tezi setup.
Documentation:
How to Customize Toradex Easy Installer Boot | Toradex Developer Center

3. Remote Access & Installation

VNC Access:
Tezi comes with VNC server enabled by default, so after booting it (with your fixed IP), your engineer can connect the VNC client remotely.
- Security Note: Tezi VNC does not implement authentication, so use this on trusted networks only.
Supplying Images:
You can host your update image on the engineer’s laptop, a local LAN, or pre-copy it to the device. Alternatively, set up a small TFTP or HTTP server for installation.
- More details on image structure:
  How to Modify a Toradex Easy Installer Image | Toradex Developer Center

4. Automatic Installation

By setting the "autoinstall": true parameter in the Tezi image’s image.json file, installation can proceed without any further interaction once the correct image is found.
https://www.toradex.com/blog/toradex-easy-installer-user-manual-for-bsp5

5. Fully Remote (No On-site Engineer)

If you want to go further and eliminate on-site intervention:

Ensure SSH is accessible (from a secure network) for initial trigger.
Set up VPN or remote management solution to expose the Ethernet network with fixed IPs and VNC in a controlled, secure way.

Summary Steps

SSH into device and set a U-Boot variable (e.g., boot_tezi).
Reboot the device; U-Boot loads Tezi based on the variable.
Tezi boots with a fixed network configuration for remote VNC access.
Provide the fix image via a local PC/server, USB, or pre-load.
Optionally, Tezi installs automatically using the autoinstall flag.

Would you like more detailed steps for customizing the Tezi image or scripting the U-Boot logic?

Best regards,
Toradex AI Assistant.

rudhi.tx · August 14, 2025, 11:42am

Hello @Simon_RN,

Our solution to such a problem is ideally to avoid a bricked stage of the module- ie, if it cannot boot to the current installed version of the image for some reason, it should be able to rollback and boot into the previously installed OS version anyway. We implement that in Torizon OS using OSTree rollback mechanisms. That being said, I am not sure if, by “failed units” you mean devices failing to boot or failing to start the application. Depending on that, I could imagine a few different solutions.

Can I schedule a meeting with you to discuss this in detail and propose possible solutions?

Simon_RN · August 14, 2025, 12:02pm

Hi Rudhi, thanks for getting in touch.
I think in this instance the Ai bot answered most of the questions we needed.
But the main thing is figuring out how to install images over ethernet alone, overwriting uboot as well as linux.

Tezi appears to be the main entry point for that. Going deeper than that, you may need to talk to Alan our main Linux developer. I’m more the hardware engineer.
He’s about to go on holiday, so if he needs to chat it’ll likely be early September now.
Thanks
Kind regards
Simon

rudhi.tx · August 14, 2025, 12:45pm

Hello @Simon_RN,

Thanks for your reply.

Good to know that the AI bot could help, but I believe that answer is not the actual solution. I would like to ask if your device is still capable of SSH-ing when it is in the failed state - meaning, does it still have Linux running on it? Otherwise, it will not be possible to connect to the device via SSH. Also, to boot Toradex Easy Installer from an external media such as an SD card, you need to have this external media with a compatible TEZI on it in the first place. There are some unknown variables here that we need to clarify to propose the best solution for you.

But the main thing is figuring out how to install images over ethernet alone, overwriting uboot as well as linux.

We have Torizon Cloud with features for bootloader, OS (therefore Linux kernel) and application updates (over the air updates) implemented exactly for these use-cases. It would be worth looking into that.

I will try to schedule a call with Alan to understand the issues and requirements here.