Boot from hard drive if connection to fog server fails


  • I have a setup where I replaced the Windows EFI files with a custom FOG efi file that connects to the fog server first, checks if there are any tasks, then boots to Windows if no tasks are running. If the connection can’t be made to the FOG server, according to the ipxeconfig script, it will fail and either prompt to drop to shell or reboot.

    :netboot
    chain http://fogip/html/default.ipxe ||
    prompt --key s --timeout 10000 Chainloading failed, hit 's' for the iPXE shell; reboot in 10 seconds && shell || reboot
    
    

    This can be a problem if internet goes down for a remote site, the PCs won’t boot into Windows and the clients can’t work locally at the very least.
    How do I tell the script to boot from the hard drive or a specific file instead of rebooting? Windows has multiple EFI files to boot from that work, bootmgrfw.efi and bootx64.efi work the same. So I’m thinking to leave one of those as the stock Windows efi file, then tell the script if it cannot connect to the fog server, boot from a specific file, in this case the Windows efi file.

  • Moderator

    @brakcounty Well done!!

    Where I also see value in this is if someone wanted to hard drive boot into iPXE then from iPXE into the hard drive or FOG without using PXE booting. Instead of a usb drive, everything could happen off the efi partition on the local hard drive. It would not solve the secure boot part of it, but its an option.

    Also lets say someone wanted to setup a preboot menu (such as for dual booting) using refind. Your idea could be tweaked slightly to boot into refind menu manager and then pick to boot windows, linux or something else from the refind menu. There are a number of options this method opens up. Again, well done!


  • So to anyone else that wants to do what I’m doing or similar, here is what my final ipxeconfig script looks like. Also keep in mind that while I followed the USB boot method instructions, I adapted the method to drop the files onto the EFI partition of the primary drive, same directory structure as well.

    #!ipxe
    isset ${net0/mac} && ifopen net0 && dhcp net0 || goto dhcperror
    echo Received DHCP answer on interface net0 && show ip && goto netboot
    
    :dhcperror
    prompt --key s --timeout 3000 DHCP failed, 's' !!!I.T. ONLY!!!; or continue to Windows in 3 seconds && shell || goto refind
    
    :netboot
    chain http://*fogip*/html/default.ipxe || goto netbooterror
    
    :netbooterror
    prompt --key s --timeout 3000 Connection failed, 's' !!!I.T. ONLY!!!; or continue to Windows in 3 seconds && shell || goto refind
    
    :refind
    imgfetch file:///EFI/Boot/refind.conf
    chain -ar file:///EFI/Boot/refind.efi
    
    

  • @george1421 Pretty much there man! I still want to play with echos and hiding/masking command outputs. Also want to throw in “echo show ip” so I can see what IP is grabbed. This can be useful.
    Thanks for you help!

    :netbooterror
    prompt --key s --timeout 3000 Connection failed, hit 's' for the iPXE shell; continue to Windows in 3 seconds && shell || goto refind
    
    :refind
    imgfetch file:///EFI/Boot/refind.conf
    chain -ar file:///EFI/Boot/refind.efi
    
    
  • Moderator

    @brakcounty said in Boot from hard drive if connection to fog server fails:

    imgload file:///EFI/boot/refind.conf

    I guess I missed completing my thought. The imgload bit was just to see if you can get the command to complete ok and THEN add in the chain command.

    chain -ar file:///EFI/Boot/refind.efi
    

    So you will be doing the same thing as you are with pxe but via the file command. By just loading refind.efi you don’t get any options only the option defaults build into refind.efi. I have a feeling you are almost there, though.


  • @george1421 Follwing your suggestion, here’s what I ended up doing with success:
    ipxeconfig:

    :netboot
    chain http://*fogip*/html/default.ipxe || goto netbooterror
    
    :netbooterror
    prompt --key s --timeout 10000 DHCP failed, hit 's' for the iPXE shell; reboot in 10 seconds && shell || goto refind
    
    :refind
    imgload file:///EFI/Boot/refind.efi
    boot
    
    

    I also placed refind.efi and refind.conf on the EFI partition in EFI/Boot/ along with the custom bootx64.efi. Now I don’t know if refind.efi will automatically read refind.conf or do I have to tell ipxe to load the conf as well.

    Now when the connection fails, I get the 10sec prompt (which I will shorten and change the message of), then it goes to the refind menu, which the first option is selected, Windows EFI Boot option, with a 20sec timeout. Boots into Windows!

    I just have to clean things up and shorten the timeouts since our end users will see this if their internet goes out. Otherwise our Helpdesk will get flooded with “weird messages on screen when starting up”.

  • Moderator

    @george1421 Ah found something too that needs to be updated in iPXE config general.h

    https://github.com/FOGProject/fogproject/blob/171d63724131c396029992730660497d48410842/src/ipxe/src/config/general.h#L61

    //#undef DOWNLOAD_PROTO_FILE	/* Local filesystem access */
    

    we probably need this defined to access local file system

    as well as this one: https://github.com/FOGProject/fogproject/blob/171d63724131c396029992730660497d48410842/src/ipxe/src/config/general.h#L113

    //#define	IMAGE_EFI		/* EFI image support */
    
  • Moderator

    @brakcounty First let me say that this is a bit out of my wheelhouse. So if you put refind.efi and refind.conf right next to FOGs ipxe.efi (renamed) on the hard drive. Your saying that its dropping you to the ipxe command line. So get to this point, then you can try to poke about.

    From your ipxe menu you have these two commands.

    imgfetch http://fogip/service/ipxe/refind.conf
    chain -ar http://fogip/service/ipxe/refind_x64.efi
    

    So what happens when you key in

    imgload file:///EFI/boot/refind.conf
    

    Or what ever path refind.conf is in.

    I’m also seeing references to

    imgload file://<partition_label>/EFI/boot/refind.conf
    

    If you can get ipxe to load in the config file then you should be able to get the refind kernel to load too.


  • @george1421 I was messing around with a UEFI vm that has windows 10. Normally it boots from EFI/Microsoft/Boot/bootmgfw.efi. I made a vISO with the FOG bootx64.efi and watched as the ipxe process would try to connect to the fog server, failed, then it boot into windows. When I placed the fog bootx64.efi onto the hard drive efi partition, and told the vm to boot to that first, ipxe would fail and drop to a shell instead of booting to the first boot option in the UEFI. I don’t think or know if the ipxe shell can access a gpt partition, or if it can even see the drive. Sanboot 0x80 returns an error device could not be found.


  • @george1421 Odd thing is that it worked on a VM booting from the USB files inside of a vISO in virtualbox, I had the VM on a local lan that does not have access to the prod network so it couldn’t connect to the fog server and then it booted from the virtual hdd. That could be because the default boot device is the first vhdd, and it is pointing to efi/microsoft/boot/bootmgfw.efi. So I could specify that file somewhere in the ipxeconfig file right? Only thing is how would I know the root path of the efi partition of the windows drive? I’ve seen something like PCI/HDD0/something/something/EFI/ but not sure.

  • Moderator

    @brakcounty Oh wait, I just thought of a problem. You are going this route if your remote site is having internet issues, how will you grab refind from the FOG server. You might need to have those files on the local flash drive.

    You might want to look into imgload file:// and chain file:// to see if that will give you some kind of boot autonomy.

  • Moderator

    @brakcounty So now the only thing you “might” need to tweak is refind.conf in it doesn’t find the windows boot loader. The default settings should work out of the box. But just know you have quite a bit of power in refind to do exactly what you need.


  • @george1421 said in Boot from hard drive if connection to fog server fails:

    http://<fog_server_ip>/fog/service/ipxe/boot.php?mac=00:00:00:00:00:00

    You da man sir!
    I changed the ipxeconfig to this and it booted to the hdd after failing to connect to the fog server!

    :netboot
    chain http://fogip/html/default.ipxe ||
    imgfetch http://fogip/service/ipxe/refind.conf
    chain -ar http://fogip/service/ipxe/refind_x64.efi
    
  • Moderator

    I’m going to teach you how to hack an answer. FOG uses rEFInd to boot into the target OS. So you will need that bit. (yes I know but you need this to get your answer). You can snag that file and its config file from /var/www/html/fog/service/ipxe directory on the FOG server.)

    Now I want you to go in (on a temp basis) and set FOG Settings -> FOG Configuration and set the default exit mode for BIOS to refind.

    Once that is set I want you to go to a windows browser and call up this URL. http://<fog_server_ip>/fog/service/ipxe/boot.php?mac=00:00:00:00:00:00

    That will give you the ipxe text behind the FOG iPXE menu. Read through it and see what’s possible. Pay attention to the default menu item where it something listed as fog.local That should be the command syntax needed to invoke refind to boot locally in iPXE command syntax.

365
Online

9.0k
Users

15.6k
Topics

145.1k
Posts