PoC: Using FOG as a netboot server

george1421

The concept here is to use the FOG server as a dedicated netboot server that could be used to boot remote clients into a linux live OS. The following PoC will show how you can netboot Linux Mint on a legacy client with 2GB of ram and no internal hard drive. This PoC will not support both normal FOG imaging and netboot mode at the same time. The concept of this tutorial is an extension of the work documented in this tutorial: https://forums.fogproject.org/topic/10944/using-fog-to-pxe-boot-into-your-favorite-installer-images

I do have to say there are other / better ways to go about creating a netboot server. BUT since FOG is very flexible and has a great user interface its pretty easy to setup we’ll see if its possible…

The target systems might be older or reallocated PCs that are no longer viable for today’s releases of MS Windows but would work great as a terminal running linux. In this example we’ll use Linux Mint 18.3 x86 (32 bit version). I selected the 32 bit version because idea is to netboot older hardware with limited resources. 32 bit images are a better for systems with limited amount of RAM.

1. Install FOG normally as you would if this server was going to be a traditional FOG imaging server. Make sure you setup your dhcp server to point dhcp option 66 and 67 appropriately towards your FOG server.
2. Download linux mint from the LM download site: https://linuxmint.com/download.php You can download either the cinnamon release or the mate release. If you want to be really ram conscious use the mate interface. For my PoC I downloaded Linux Mint 18.3 Cinnamon. Download the ISO to your FOG server local hard drive.
3. Create the following directory structure on your FOG server’s local hard drive.

mkdir /mnt/loop
mkdir /images/os
mkdir /images/os/lm_18-3

3. Now we’ll mount the Linux Mint ISO over the loop directory we created above.
4. Then we’ll copy the contents of the DVD to the directory we built above.

mount -o loop -t iso9660 /{full path where you have the iso stored}/linuxmint-18.3-cinnamon-32bit.iso /mnt/loop

cp -R /mnt/loop/* /images/os/lm_18-3

umount /mnt/loop

5. With the LM Live files in place, now we need to adjust FOG operation by making a few changes in the FOG WebGUI
6. In the fog WebGUI go to FOG Configuration->iPXE Menu Configuration->fog.local
7. Uncheck Default Item
8. Save the configuration
9. Next go to FOG Configuration->iPXE New Menu Entry
   Set the following fields:
   Menu Item: os.LM-Live-18.3
   Description: Linux Mint Live 18.3
   Parameters:
   kernel nfs://${fog-ip}:/images/os/lm_18-3/casper/vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/images/os/lm_18-3 quiet splash
   initrd nfs://${fog-ip}:/images/os/lm_18-3/casper/initrd.lz
   boot || goto MENU
   Default Item: <checked>
   Menu Show with: All Hosts
10. Save the changes.
11. Then go to FOG Configuration->FOG Settings->FOG Boot Settings
12. Adjust these settings
    FOG_PXE_MENU_TIMEOUT: 1
    FOG_REGISTRATION_ENABLED: <unchecked>
    FOG_IMAGE_LIST_MENU: <unchecked>
13. Save the changes

With all of the changes now in place, pxe boot a target computer. It should pause momentarily at the FOG iPXE menu then move on to netbooting linux mint. Sweet…

You have to remember that netbooting linux using this method the OS is non-persistent in that any local changes will be lost upon reboot. If you need persistent storage (such as a user’s home directory) you will need to map an NFS or CIFS share to use as the user’s home directory.

If someone wanted to take this one step more, they could create a customized Linux Mint (or Ubuntu for that matter) boot ISO image with all of their favorite applications preinstalled

This concludes this PoC tutorial.

george1421

Alternate method for netbooting a EFI target system

This post is driven from the request to build a uefi boot PoC for Linux Mint. In this post we will create a UEFI only capable netboot server based on FOG 1.4.4

1. Download the required signed efi shim

wget https://launchpad.net/ubuntu/+archive/primary/+files/shim-signed_1.32.tar.xz
tar -xJf shim-signed_1.32.tar.xz
cp shim-signed_1.32/shim.efi.signed /tftpboot/shim.efi

2. Download the required signed grub image

wget http://archive.ubuntu.com/ubuntu/dists/xenial/main/uefi/grub2-amd64/current/grubnetx64.efi.signed
mv grubnetx64.efi.signed /tftpboot/grubx64.efi

3. Create a few needed directories

mkdir /tftpboot/grub
mkdir /tftpboot/os
mkdir /tftpboot/os/lm_18-3
mkdir /images/os
mkdir /images/os/lm_18-3

4. Now we’ll mount the Linux Mint ISO over the loop directory we created above.
5. Then we’ll copy the contents of the DVD to the directory we built above

mount -o loop -t iso9660 /{full path where you have the iso stored}/linuxmint-18.3-cinnamon-64bit.iso /mnt/loop

cp -R /mnt/loop/* /images/os/lm_18-3

umount /mnt/loop

6. Now we need to copy the boot kernel and initrd files to the tftpboot directory.

cp /images/os/lm_18-3/casper/{vmlinuz,initrd.lz} /tftpboot/os/lm_18-3/

7. Now we need to create a default grub.cfg file so when grub is loaded it will know what OS to boot.
   vi /tftpboot/grub/grub.cfg
8. Insert the following text into the grub.cfg file:

set default=0
set timeout=0

menuentry "Linux Mint" {
  linux os/lm_18-3/vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=192.168.1.53:/images/os/lm_18-3/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=us splash --
  initrd os/lm_18-3/initrd.lz
}

9. You MUST hard code the fog server IP address into the grub.cfg file. Replace 192.168.1.53 with the IP address of your FOG server.
10. Save and exit your text editor
11. Now the following is a break from how we would typically pxe boot into FOG. And in the end its a bit faster and allows us to pxe boot with secure boot enabled. Update your dhcp server and change dhcp option 67 from the FOG UEFI default of ipxe.efi and insert shim.efi in its place.

I recap of this post, you really don’t need a FOG server to setup netbooting. It can be done, somewhat easier with just a stock OS. Then adding in nfs server and tftp server. What is great about FOG is it provides us a solid framework for this PoC test.

This post is only possible because of the prompting of @Tito026 and the link he provided here: https://www.downtowndougbrown.com/2017/03/hosting-ubuntu-16-04-desktop-live-install-iso-on-a-pxe-netboot-server-bios-and-uefi-simultaneously/

george1421

[Mod Note] I have locked this post to keep it tidy for others who may find it useful. Discussion is important around this topic. If you have a question on this post, please create a new thread, reference this post and also tag me in the post so I can find it. I will add links to those posts here so others may follow along without filling up this thread.

Discussions regarding this post:
https://forums.fogproject.org/topic/11216/netbooting-efi-with-fog