Auto-Installing FOG with HTTPS enabled issues
-
Hello again! I am sorry for multiple post with similar issues. I receive a lot of different errors when attempting different installation configurations. I’ll try to organize what I am attempting to do below and the issues I am having.
Scenario:
Attempt to install FOG remotely, pre-configured, using HTTPS and without having a technician watch it. This needs to be done on a decently large scale. In other words, I want to send an installation package to run on a remote machine, and not have to touch it. I will be remotely deploying images to the machine as well.What I have:
I have setup my .fogsettings with the correct options, but I get stuck either during installation, or when attempting to PXE boot computers.I have installed FOG using the following lines to test what would help the most.
sudo ./installfog -S -y sudo ./installfog -S -C -y sudo ./installfog -S -K -y sudo ./installfog -S -C -K -yI understand you get the "Please connect to http://x.x.x.x/fog/management and update the database then press enter to continue during the setup, but this does not happen with the -y option. It can be done manually later. (If you have a way to do it automatically, please let me know
)Since the -S options forces HTTPS, I have gotten it to work after setting the .fogsettings line to the following. (It won’t install if left null)
httpproto='https'But, the most common issue I am having involves the following error associated with the -S option.
Compiling iPXE binaries that trust our SSL certificate......Failed!the -C and -K options fixed this error, but when Capturing/deploying an image, I get a long range of TFTP errors, resulting in no PXE boot.
My overall goal is to further secure a FOG server installed from scratch and get it to automatically do so.
Any and all help is much appreciated! I am familiarizing myself with the install scripts this week. So Ill be reading! Hopefully I can respond fast to any questions!
(I will update this post once I get back to my documentation on the issues I have faced to see If I missed anything.)
-
@TBuzaTechnician said:
sudo ./installfog -S -y ...Who told you to use
sudo ./installfog.sh?? Don’t use it this way!! Usesudo -i cd /path/to/fogproject/bin/ ./installfog.sh ... -
@Sebastian-Roth Sorry about that. I was just showing an example of what modifiers I used. (-S, -y, -K, -C) And the combinations I tried with them.
I do install fog as a root user, but I have a habit of using sudo anyway.
-
@TBuzaTechnician Ok, back to work, lets tackle this.
Compiling iPXE binaries that trust our SSL certificate......Failed!Have you checked the install error log (
fogproject/bin/error_logs/fog_error...) to see if there is any hint in there on why this fails?In other words, I want to send an installation package to run on a remote machine, and not have to touch it. I will be remotely deploying images to the machine as well.
Can you give us more details on the tools you use for this? I am fairly sure this is a kind of new thing not many people have done before (except @Wayne-Workman) and it might be a bug in the installer preventing from it to work in your setup. The more we know about it the better we can help.
-
@Sebastian-Roth Thanks for the help. I will deploy another server and retrieve the error log to share here. On another note, I have not been using any other tools other than the FOG server. I’ll reply sooner or later with more information!
Again, Thank you for the help.
-
@TBuzaTechnician But what sort of tools do you use to automate the install? Remote shell script execution? Puppet?..
-
@TBuzaTechnician said in Auto-Installing FOG with HTTPS enabled issues:
but I have a habit of using sudo anyway.
This has in-fact caused many people problems. I don’t know why, don’t really care why, but using sudo with the installer doesn’t work. As Sebastion said, properly log in as root with
sudo -iand then execute the installer. -
@TBuzaTechnician Any news on this?
-
@Sebastian-Roth said in Auto-Installing FOG with HTTPS enabled issues:
fogproject/bin/error_logs/fog_error
Hello Sebastian
Using ./installfog.sh -W http://cosinus/ -S
I get the same error:* Compiling iPXE binaries that trust our SSL certificate......Failed!Here is my error log file:
fog_error_1.5.7.56.log -
Works without -S option
-
@lebrun78 In the logs we see:
Clonage dans '/opt/ipxe'... fatal: unable to access 'https://git.ipxe.org/ipxe.git/': error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocolPossibly you are behind a proxy server? Find information on how to configure git to use your proxy see here: https://gist.github.com/evantoli/f8c23a37eb3558ab8765
-
No, we don’t have any proxy.
-
I am on a Centos 8 server.
wget https://git.ipxe.org/ipxe.git/ gives :--2019-12-09 15:51:41-- https://git.ipxe.org/ipxe.git/ Résolution de git.ipxe.org (git.ipxe.org)… 212.13.204.60 Connexion à git.ipxe.org (git.ipxe.org)|212.13.204.60|:443… connecté. GnuTLS: A packet with illegal or unsupported version was received. Incapable d’établir une connexion SSL.On a centos 7, wget https://git.ipxe.org/ipxe.git/ works
-
@lebrun78 Possibly they have an old version running on the ipxe git server. If I remember correctly there was some discussion of server maintenance on the developer mailing list.
Can you please try wget on this URL on your CentOS 8 machine: https://github.com/ipxe/ipxe
-
@Sebastian-Roth said in Auto-Installing FOG with HTTPS enabled issues:
wget https://github.com/ipxe/ipxe works on my centos 8.0 machine
-
-
@Sebastian-Roth
with your modification, the execution of the script goes to the endThank you
-
@lebrun78 Thanks, I will change the URL in our code as well.
-
Updated the URL in the official code (ref).
