Making Fog independent from pxe boot.
-
Anyone ever thought of the idea of being able to truly remotely image a pc with FOG without the need for pxe boot? For example you’re able to take the local hard drive of a pc make a bootable partition place an env like WinPE and set the temporary boot order to boot in to it that can pull the image from a network share. There is already a paid imaging solution that leverages this that is also client based. PDQ owns them now. This would be an awesome feature for people like me that have to use a IPXE usb to point to my fog server in the data center due to the network being set up the way it is. Setting up this isn’t hard but how to integrate it in to my fog installation is the challenging part. Where would be a good starting point to utilize something like this so that when you start a deploy task the fog client could utilize the script that would set the env then boot the pc in to the preinstall env? Any ideas
-
@JamiesonCA092 I’m not totally sure what you are asking here because I can read this a few different ways.
You can usb boot into FOG for imaging, pxe booting is not require to image with FOG.
Also what you are describing taking a portable hard drive and booting off that drive and either loading the image from a network share or the local portable hard drive would be best served with a tool like clonezilla. Clonezilla could make a totally off-line imaging solution.
-
@george1421 no that’s not what I’m talking about I already use a usb to point the pcs to the server in our data center over pxe. You can shrink a partition from the local c drive of a computer copy a preinstallation env in to that created partition make it a boot entry with bcdedit then boot to it without needing usb or external drive of any kind. So it’s something you could do 100% remote. The object is to go usb free and pxe boot free. You can boot in to the env locally and pull the image from a shared folder.
-
@george1421 so for example you could schedule a deployment task that fog would then execute a script that would make a small EFI fat32 partition on the host local storage drive assign it a letter, set the temporary boot order to the partition, reboot the pc that would launch in to that environment and get imaged. So automate the entire process. As of now yes fog can schedule the task and reboot the host but if the boot order isn’t set properly it will not boot in to env and it’s not logical to keep network boot as your first boot option default. So if you’re not there at the host with a usb to point to the server over the network or booting to usb without booting over network you’re out of luck you have to have some level of manual intervention in my situation and I’m sure there’s many others that have a similar situation to mine versus just being able to truly 100% remotely image a client. So add this functionality to the code of fog client and FOS to give it this capability.
-
@JamiesonCA092 OK I think I understand the goal here.
In theory what you suggest is possible. But with Microsoft being microsoft its not practical.
Lets just talk hypothetical here for a minute.
Your system will be a uefi only system.
In the ESP partition ( disk partition 1 ), which is uefi boot. You will install grub and ipxe and refind.efi or wimboot.efi (might no be needed if ipxe can find the Windows OS partition) . You will have grub call fog’s ipxe.snp. iPXE will check in with the FOG server to see if there is anything to do. If not ipxe will exit to its default menu selection which will call refind or winboot. It will be refind or wimboot’s responsibility to find the windows OS partition and boot. The ESP partition will probably need to be 768MB in size to be able to contain grub, ipxe, and refind or wimboot. In theory it should work and FOG could clone this disk configuration.Now enter Microsoft…
Windows 11 requires secure boot. FOG’s ipxe, refind, wimboot, and bzImage is not secure boot signed so they will not boot when secure boot is enabled in the firmware. You could get around this by including your own signing keys in UEFI and then sign ipxe, refind, wimboot and bzImage. Its possible to do, but not simple. The last part is windows thinks it owns the hardware and no matter how meticulous this system is setup, during any random windows update windows might update the UEFI - ESP partition and overwrite all of your settings.
-
@george1421 sounds like a good starting point. Has anyone tried implementing Shim along with GRUB to get around the secure boot issue? I was reading up about this and it can bridge the gap with UEFI secure boot in situations like this.
-
@george1421 seems like in this post it is a similar interest they were implying by putting FOS on a bootable partition of the hard drive
https://forums.fogproject.org/topic/7727/building-usb-booting-fos-image/4
