Use the USB FOG Boot method on a ssd/hdd as first boot partition to manage remote clients

DBCountMan

GOAL: Manage remote clients for imaging on a non-PXE enabled network
Obstacles: Boot method and process
Since we don’t have pxe set up on our prod network sigh, I have been using the USB drive boot method for imaging from our secondary FOG server which does not have DHCP enabled. So the images get pulled from the NFS share. I noticed that when I boot the USB on the same network as the FOG server, the boot process does not ask for the FOG server IP address. But If I am on a different VLAN, it will ask. So thats issue #1.

Issue #2 is that I have the FOG menu password protected. So if I had a task set up to deploy for a particular device, I believe that password protection will stop the process, unless I’m wrong and it will just continue. Obviously for any of this to work the hosts will have to be registered.

So I’d like to take the USB method and make that the first boot option of the main drive in a PC. Put a timeout option to 3 seconds. And also keep the menu protected. Could I do this?

george1421

@brakcounty The short answer is you need a custom ipxe boot loader (I assume that you find my tutorial on the easy method of usb booting). You need a custom ipxe boot file (ipxe.efi) to do this.

A bit longer explanation is that the FOG delivered versions of iPXE have an embedded script. ref: https://github.com/FOGProject/fogproject/blob/master/src/ipxe/src-efi/ipxescript

That script when ipxe boots again requieries for the dhcp settings and picks up the FOG server ip from dhcp option 66.

Now if someone was to insert at line 21 this code

set next-server 192.168.1.50

Or what ever your fog server IP is, the custom version of iPXE would always contact the fog server no matter what dhcp told it.

The standard fog install does have the ability to rebuild ipxe from source. So if you were to hack the efi ipxescript you should be able to do what you want for usb booting into ipxe.

george1421

@brakcounty As for issue 2 I’m not sure if I understand. I can tell you before the ipxe menu is displayed the FOG server checks to see if there is a task waiting. If there is one waiting then it will deploy bzImage (FOS Linux) and not the ipxe menu. The iPXE menu provides the facilities for passwords, bzImage is all about the business of moving bits based on what its told to do.

DBCountMan

@george1421 The USB ipxe boot method works perfectly, from a USB drive. The idea is to somehow make that ipxe process boot BEFORE Windows on the hard drive itself instead of the usb drive, and have a countdown to boot from first hardrive. This way I can set a deploy or capture task remotely and it would work. As for specifying the IP address, I already did. Ipxe sees the FOG server on the same vlan, but on a different vlan ipxe asks for the FOG server address.