New to Fog + Tough scenario = Mobile FOG Server

thiagotw

Hi, I am new to FOG, and my plain is to build a mobile FOG Server.
But i have some difficult to configure it, since i have low level access to the network, due some contracts with service providers .

Server
• FOG Version: Last Version 1.4.4 SNV 6077
OS: ubuntu 17.04 legacy
• Dual boot
• Windows 10 legacy

Client
• OS: Windows 10 pro
• Security boot OFF
• Legacy boot ON
• Local IP 10.47.0.27
• Subnet Mask 255.255.255.0

Local Network
• Fortigate Firewall (unable to access)
• Windows server 2012 DHCP (unable to access)
• Gateway 10.47.0.5
• DHCP 10.47.0.5
• DNS 10.47.0.8
• DNS 10.1.16.24
• DNS 8.8.8.8

Description
The computer I am attempting to PXE boot, is an HP Prodesk with UFI Windows factory installed.
So, to add the machine through booting and host registration it’s just don’t boot the FOG menu.
If I try to add the machine manually through portal, and send a capture image command, the magic packet work ok and turn the machine on, but keep looking for ipv4 boot, then skip to windows.

Question 1
What I should do to it work, since there is a server provide DHCP already, and I can´t access it?

Question 2
On the installation process I choose FOG DHCP server No, how do I turn it on now? Should I run the fog install process again?

Question 3
How easy will be to keep changing the ip and subnets due the mobile server concept?

Additional Information

Initial Setup From Script

Installing LSB_Release as needed
 * Attempting to get release information.......................Done
systemd


   +------------------------------------------+
   |     ..#######:.    ..,#,..     .::##::.  |
   |.:######          .:;####:......;#;..     |
   |...##...        ...##;,;##::::.##...      |
   |   ,#          ...##.....##:::##     ..:: |
   |   ##    .::###,,##.   . ##.::#.:######::.|
   |...##:::###::....#. ..  .#...#. #...#:::. |
   |..:####:..    ..##......##::##  ..  #     |
   |    #  .      ...##:,;##;:::#: ... ##..   |
   |   .#  .       .:;####;::::.##:::;#:..    |
   |    #                     ..:;###..       |
   |                                          |
   +------------------------------------------+
   |      Free Computer Imaging Solution      |
   +------------------------------------------+
   |  Credits: http://fogproject.org/Credits  |
   |       http://fogproject.org/Credits      |
   |       Released under GPL Version 3       |
   +------------------------------------------+


   Version: 1.4.4 Installer/Updater

  What version of Linux would you like to run the installation for?

          1) Redhat Based Linux (Redhat, CentOS, Mageia)
          2) Debian Based Linux (Debian, Ubuntu, Kubuntu, Edubuntu)
          3) Arch Linux

  Choice: [2] 2



  Starting Debian based Installation


 *** Detected a potential need to reinstall apache and php files.
 *** This will remove the /etc/php* and /etc/apache2* directories
 ***  and remove/purge the apache and php files from this system.
 *** If you're okay with this please type Y, anything else will
 ***  continue the installation, but may mean you will need to
 ***  remove the files later and make proper changes as
 ***  necessary. (Y/N):
y
 * Removing apache and php files...............................Done
 * Stopping web services.......................................Failed
 * Removing the apache and php packages........................Done
 * Resetting our variables to specify php version 7.1..........Done
  FOG Server installation modes:
      * Normal Server: (Choice N)
          This is the typical installation type and
          will install all FOG components for you on this
          machine.  Pick this option if you are unsure what to pick.

      * Storage Node: (Choice S)
          This install mode will only install the software required
          to make this server act as a node in a storage group

  More information:  
     http://www.fogproject.org/wiki/index.php?title=InstallationModes

  What type of installation would you like to do? [N/s (Normal/Storage)] n

  What is the IP address to be used by this FOG Server? [10.47.0.27]

  Would you like to change the default network interface from enp1s0?
  If you are not sure, select No. [y/N] n

  Would you like to setup a router address for the DHCP server? [Y/n] y
  What is the IP address to be used for the router on
      the DHCP server? [10.47.0.5]

  Would you like DHCP to handle DNS? [Y/n] y
  What DNS address should DHCP allow? [127.0.0.53] 10.47.0.8

  Would you like to use the FOG server for DHCP service? [y/N] n

  This version of FOG has internationalization support, would  
  you like to install the additional language packs? [y/N] n

   ######################################################################
   #     FOG now has everything it needs for this setup, but please     #
   #   understand that this script will overwrite any setting you may   #
   #   have setup for services like DHCP, apache, pxe, tftp, and NFS.   #
   ######################################################################
   # It is not recommended that you install this on a production system #
   #        as this script modifies many of your system settings.       #
   ######################################################################
   #             This script should be run by the root user.            #
   #      It will prepend the running with sudo if root is not set      #
   ######################################################################
   #           ** Notice ** FOG is difficult to setup securely          #
   #        SELinux and IPTables are usually asked to be disabled       #
   #           There have been strides in adding capabilities           #
   #          The recommendations would now be more appropriate         #
   #    to set SELinux to permissive and to disable firewall for now.   #
   #  You can find some methods to enable SELinux and maintain firewall #
   #   settings and ports. If you feel comfortable doing so please do   #
   ######################################################################
   #            Please see our wiki for more information at:            #
   ######################################################################
   #             https://wiki.fogproject.org/wiki/index.php             #
   ######################################################################

 * Here are the settings FOG will use:
 * Base Linux: Debian
 * Detected Linux Distribution: Ubuntu
 * Server IP Address: 10.47.0.27
 * Server Subnet Mask: 255.255.255.0
 * Interface: enp1s0
 * Installation Type: Normal Server
 * Internationalization: 0
 * Image Storage Location: /images
 * Using FOG DHCP: No
 * DHCP will NOT be setup but you must setup your
 | current DHCP server to use FOG for PXE services.

 * On a Linux DHCP server you must set: next-server and filename

 * On a Windows DHCP server you must set options 066 and 067

 * Option 066/next-server is the IP of the FOG Server: (e.g. 10.47.0.27)
 * Option 067/filename is the bootfile: (e.g. undionly.kpxe)


 * Are you sure you wish to continue (Y/N) y

 * Installation Started

 * Installing required packages, if this fails
 | make sure you have an active internet connection.

 * Adding needed repository....................................OK
 * Preparing Package Manager...................................OK
 * Packages to be installed:

    apache2 bc build-essential cpp curl g++ gawk gcc gzip htmldoc lftp libapache2-mod-php7.1 libc6 libcurl3 m4 mysql-client mysql-server net-tools nfs-kernel-server openssh-server php7.1 php7.1-bcmath php7.1-cli php7.1-curl php7.1-fpm php7.1-gd php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-mysql php7.1-mysqlnd php-gettext sysv-rc-conf tar tftpd-hpa tftp-hpa unzip vsftpd wget xinetd zlib1g


 * Installing package: apache2.................................OK
 * Skipping package:   bc......................................(Already Installed)
 * Skipping package:   build-essential.........................(Already Installed)
 * Skipping package:   cpp.....................................(Already Installed)
 * Skipping package:   curl....................................(Already Installed)
 * Skipping package:   g++.....................................(Already Installed)
 * Installing package: gawk....................................OK
 * Skipping package:   gcc.....................................(Already Installed)
 * Skipping package:   gzip....................................(Already Installed)
 * Installing package: htmldoc.................................OK
 * Installing package: lftp....................................OK
 * Installing package: libapache2-mod-php7.1...................OK
 * Skipping package:   libc6...................................(Already Installed)
 * Skipping package:   libcurl3................................(Already Installed)
 * Installing package: m4......................................OK
 * Installing package: mysql-client............................OK
 * Installing package: mysql-server............................OK
 * Installing package: net-tools...............................OK
 * Installing package: nfs-kernel-server.......................OK
 * Installing package: openssh-server..........................OK
 * Installing package: php7.1..................................OK
 * Installing package: php7.1-bcmath...........................OK
 * Skipping package:   php7.1-cli..............................(Already Installed)
 * Installing package: php7.1-curl.............................OK
 * Installing package: php7.1-fpm..............................OK
 * Installing package: php7.1-gd...............................OK
 * Skipping package:   php7.1-json.............................(Already Installed)
 * Installing package: php7.1-ldap.............................OK
 * Installing package: php7.1-mbstring.........................OK
 * Installing package: php7.1-mcrypt...........................OK
 * Installing package: php7.1-mysql............................OK
 * Skipping package:   php7.1-mysql............................(Already Installed)
 * Installing package: php-gettext.............................OK
 * Skipping package: sysv-rc-conf..............................(Does not exist)
 * Skipping package:   tar.....................................(Already Installed)
 * Installing package: tftpd-hpa...............................OK
 * Installing package: tftp-hpa................................OK
 * Skipping package:   unzip...................................(Already Installed)
 * Installing package: vsftpd..................................OK
 * Skipping package:   wget....................................(Already Installed)
 * Installing package: xinetd..................................OK
 * Skipping package:   zlib1g..................................(Already Installed)
 * Updating packages as needed.................................OK

 * Confirming package installation

 * Checking package: apache2...................................OK
 * Checking package: bc........................................OK
 * Checking package: build-essential...........................OK
 * Checking package: cpp.......................................OK
 * Checking package: curl......................................OK
 * Checking package: g++.......................................OK
 * Checking package: gawk......................................OK
 * Checking package: gcc.......................................OK
 * Checking package: gzip......................................OK
 * Checking package: htmldoc...................................OK
 * Checking package: lftp......................................OK
 * Checking package: libapache2-mod-php7.1.....................OK
 * Checking package: libc6.....................................OK
 * Checking package: libcurl3..................................OK
 * Checking package: m4........................................OK
 * Checking package: mysql-client..............................OK
 * Checking package: mysql-server..............................OK
 * Checking package: net-tools.................................OK
 * Checking package: nfs-kernel-server.........................OK
 * Checking package: openssh-server............................OK
 * Checking package: php7.1....................................OK
 * Checking package: php7.1-bcmath.............................OK
 * Checking package: php7.1-cli................................OK
 * Checking package: php7.1-curl...............................OK
 * Checking package: php7.1-fpm................................OK
 * Checking package: php7.1-gd.................................OK
 * Checking package: php7.1-json...............................OK
 * Checking package: php7.1-ldap...............................OK
 * Checking package: php7.1-mbstring...........................OK
 * Checking package: php7.1-mcrypt.............................OK
 * Checking package: php7.1-mysql..............................OK
 * Checking package: php-gettext...............................OK
 * Checking package: tar.......................................OK
 * Checking package: tftpd-hpa.................................OK
 * Checking package: tftp-hpa..................................OK
 * Checking package: unzip.....................................OK
 * Checking package: vsftpd....................................OK
 * Checking package: wget......................................OK
 * Checking package: xinetd....................................OK
 * Checking package: zlib1g....................................OK

 * Configuring services

 * Setting up fog user.........................................OK
 * Setting up fog password.....................................OK
 * Stopping FOGMulticastManager.service Service................OK
 * Stopping FOGImageReplicator.service Service.................OK
 * Stopping FOGSnapinReplicator.service Service................OK
 * Stopping FOGScheduler.service Service.......................OK
 * Stopping FOGPingHosts.service Service.......................OK
 * Stopping FOGSnapinHash.service Service......................OK
 * Stopping FOGImageSize.service Service.......................OK
 * Setting up and starting MySQL...............................OK
 * Backing up user reports.....................................Done
 * Stopping web service........................................OK
 * Is the MySQL password blank? (Y/n) y
 * Stopping FOGMulticastManager.service Service................OK
 * Stopping FOGImageReplicator.service Service.................OK
 * Stopping FOGSnapinReplicator.service Service................OK
 * Stopping FOGScheduler.service Service.......................OK
 * Stopping FOGPingHosts.service Service.......................OK
 * Stopping FOGSnapinHash.service Service......................OK
 * Stopping FOGImageSize.service Service.......................OK
 * Setting up and starting MySQL...............................OK
 * Setting up Apache and PHP files.............................OK
 * Testing and removing symbolic links if found................OK
 * Backing up old data.........................................OK
 * Copying new files to web folder.............................OK
 * Creating config file........................................OK
 * Unzipping the binaries......................................Done
 * Copying binaries where needed...............................Done
 * Enabling apache and fpm services on boot....................OK
 * Creating SSL CA.............................................OK
 * Creating SSL Private Key....................................OK
 * Creating SSL Certificate....................................OK
 * Creating auth pub key and cert..............................OK
 * Resetting SSL Permissions...................................OK
 * Setting up SSL FOG Server...................................OK
 * Starting and checking status of web services................OK
 * Changing permissions on apache log files....................OK
 * Backing up database.........................................OK

 * You still need to install/update your database schema.
 * This can be done by opening a web browser and going to:

   http://10.47.0.27/fog/management

 * Press [Enter] key when database is updated/installed.

 * Setting up storage..........................................OK
 * Setting up and starting DHCP Server.........................Skipped
 * Setting up and starting TFTP and PXE Servers................OK
 * Setting up and starting VSFTP Server........................OK
 * Setting up FOG Snapins......................................OK
 * Setting up UDPCast..........................................OK
 * Configuring UDPCast.........................................OK
 * Building UDPCast............................................OK
 * Installing UDPCast..........................................OK
 * Installing FOG System Scripts...............................OK


 * Configuring FOG System Services


 * Setting permissions on FOGMulticastManager.service script...OK
 * Enabling FOGMulticastManager.service Service................OK
 * Setting permissions on FOGImageReplicator.service script....OK
 * Enabling FOGImageReplicator.service Service.................OK
 * Setting permissions on FOGSnapinReplicator.service script...OK
 * Enabling FOGSnapinReplicator.service Service................OK
 * Setting permissions on FOGScheduler.service script..........OK
 * Enabling FOGScheduler.service Service.......................OK
 * Setting permissions on FOGPingHosts.service script..........OK
 * Enabling FOGPingHosts.service Service.......................OK
 * Setting permissions on FOGSnapinHash.service script.........OK
 * Enabling FOGSnapinHash.service Service......................OK
 * Setting permissions on FOGImageSize.service script..........OK
 * Enabling FOGImageSize.service Service.......................OK
 * Setting up FOG Services.....................................OK
 * Starting FOGMulticastManager.service Service................OK
 * Starting FOGImageReplicator.service Service.................OK
 * Starting FOGSnapinReplicator.service Service................OK
 * Starting FOGScheduler.service Service.......................OK
 * Starting FOGPingHosts.service Service.......................OK
 * Starting FOGSnapinHash.service Service......................OK
 * Starting FOGImageSize.service Service.......................OK
 * Setting up exports file.....................................OK
 * Setting up and starting RPCBind.............................OK
 * Setting up and starting NFS Server..........................OK
 * Linking FOG Logs to Linux Logs..............................OK
 * Linking FOG Service config /etc.............................OK
 * Ensuring node username and passwords match..................Done

 * Setup complete

   You can now login to the FOG Management Portal using
   the information listed below.  The login information
   is only if this is the first install.

   This can be done by opening a web browser and going to:

   http://10.47.0.27/fog/management

   Default User Information
   Username: fog
   Password: password

Any help?

george1421

Can you post a clear screen shot of the exact error you see taken with a mobile phone? The context of the error is almost as important as the error itself.

george1421

Beyond the error your current network should work without needing to use the fog dhcp server. Windows 2012 is fully capable to support your fog imaging as long as your target computers can get an IP address then we should be able to make the rest work.

Can you tell me what you have precisely set for dhcp options 66 {next-server} and dhcp option 67 {boot-file} on the dhcp server?

It appears your fog server and target computer are on the same subnet but I suspect your dhcp server is on a different subnet. Not an issue just adds a small bit of pain in solving your issue. Not a problem at all.

thiagotw

@george1421 Hi george, thank you for the fast reply.
“dhcp options 66 {next-server} and dhcp option 67 {boot-file} on the dhcp server” Where is that?

The tough scenario that I mean is, i don´t have access to the 2012 server and not even the fortigate firewall due another service provider contract, so i cannot setting anything there if i need to.

george1421

@thiagotw well those settings are on your dhcp server configuration.

If you don’t have access to change those settings we still have options.

The dhcp option 66 tells the target computer how to find the fog server.

Dhcp option 67 tells the target computer which boot image to load from the fog server. For bios (legacy) systems the default value for dhcp option 67 is undionly.kpxe and for uefi systems it is ipxe.efi.

Without the client receiving those values, it will not pxe boot (any imaging software that relies on pxe booting).

Can you tell me if all of the computers you would like to image are on the subnet 10.47.0.x/24

Psycholiquid

Did you turn off secure boot in the UEFI?

Secure boot off and Legacy boot off ins the option you want

thiagotw

@george1421 Can you tell me if all of the computers you would like to image are on the subnet 10.47.0.x
Yes they are…

@Psycholiquid Hmmm, i will take a look into this, thx.

george1421

@thiagotw said in New to Fog + Tough scenario :

@Psycholiquid Hmmm, i will take a look into this, thx.

You are not this far yet, but that WILL be a problem soon.

OK so they are all on the same subnet. That is a good thing if you can’t modify your existing dhcp server. There is a wiki that explains how and why you want to use dnsmasq. https://wiki.fogproject.org/wiki/index.php?title=Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server

I’m going to take you a little different path, but in general that will be the process. For your install I want you to go ahead and install dnsmasq using your distribution’s version of dnsmasq. Once it is installed lets confirm the version that gets installed. We need version 2.76 or newer for dynamic bios/efi support.

Once you have your distributions dnsmasq installed open a linux command prompt and key in the following command, this will tell us the version number. sudo dnsmasq -v Once we have that information we will take the next steps.

thiagotw

@george1421 Ok, I´ts ok install through Ubuntu Software “store” ?
i got that…

Do i need to do the step from wiki? 7.Create /etc/dnsmasq.d/ltsp.conf using the following settings, modify as needed:

george1421

@thiagotw Well this IS confusing the dnsmasq -v says 2.75 but the installer said 2.77 (which is current). We need 2.76 or newer (2.77 if fine). If you installed it through the ubuntu store that is great, but we need 2.77

george1421

@thiagotw As for the ltsp.conf file, I want you to use the one listed in this post at the bottom: https://forums.fogproject.org/topic/8725/compiling-dnsmasq-2-76-if-you-need-uefi-support/6

Make sure there are no other dnsmasq config files in the dnsmasq.d directory so to mess up your setup.

Be sure to change all of the <fog_server_IP> values to the IP address of your fog server. Then restart your dnsmasq process with sudo systemctl restart dnsmasq

thiagotw

@george1421 I look the dnsmasq index and download the dnsmasq-2.77.tar.gz file, but how do I manually install it after unpack.

george1421

@thiagotw Well the post I provided with the ltsp.conf file explains how to build the file from the source image. You can do it that way (and was required before the linux distributions supported 2.76 and newer). But its better off to use your distributions dnsmasq package if its new enough. I don’t run ubuntu (rhel guy myself) so I’m a bit conflicted with what you have installed vs what your software catalog shows.

george1421

Just doing a quick google-fu it looks like you need to have Ubuntu 16.10 to get built in support for dnsmasq 2.76+. So it look like you will need to compile it using those instructions, sorry.

thiagotw

@george1421 said in New to Fog + Tough scenario :

@thiagotw Well the post I provided with the ltsp.conf file explains how to build the file from the source image. You can do it that way (and was required before the linux distributions supported 2.76 and newer). But its better off to use your distributions dnsmasq package if its new enough. I don’t run ubuntu (rhel guy myself) so I’m a bit conflicted with what you have installed vs what your software catalog shows.

And I am not a Linux guy at all the closest thing i use in my day is pure Pfsense haha!

I can download the 17.04 Ubuntu real kick and reinstall it, since it is a fresh install anyway. At least i can cover future incompatibility problems i guess.

george1421

@thiagotw I provided some additional guidance via FOG DM (look at the talk bubble in the fog tool tray)

george1421

@george1421 I had a lengthy chat session with the OP. I also remoted in with teamviewer to look at his install. His install of Ubuntu was a bit confused and Ubuntu’s desire to have NetworkManager take over the management of dnsmasq added a bit of complexity to getting this up and running. Per our discussion I was going to look to see if linux mint was a better choice than ubuntu 16.04. In a way it is and in a way its the same.

I was able to install FOG on linux mint 18.2 without any issues. I was able to unhook dnsmasq from NetworkManager without breaking dnsmasq. So I have a process on how to upgrade the native dnsmasq 2.75 to 2.77 that will work reliably.

In the end the OP’s goal is to make a mobile deployment server he can take to remote sites, plugin and image computers. He won’t have access to the remote site’s dhcp server so he does need dnsmasq to overrride any settings that the remote site has for pxe booting. There is still a chance it won’t work in all situations, but I feel confident that it should work in most.

So the recommendation I have for the OP is that you can install Ubuntu 16.04 or 17.04, or Linux Mint 18.2 and we can make it work. We will also need Wayne’s mobile fog script from here: https://github.com/FOGProject/fog-community-scripts to complete the mobile FOG setup.

thiagotw

@george1421 It Worked !! Hail George, savior of the nine realms.

Trough TeamViewer, George did a “bit” (alot) of work on dnsmasq, and we see the requests, act, through Wireshark I think he will make a new topic with all process to help others, also for my future replications

george1421

@thiagotw Hey I’m glad we were able to get it worked out. And I have to say, your graphic is way cooler than my avatar!! Maybe someday I will get that good with graphics to update my avatar.