Integrate FOG with WDS/MDT?


  • I have a WDS/MDT setup at work for deploying Windows machines. Since I’m now deploying a lot more Linux machines I’d like to integrate FOG to help with this. It’s possible I’m just not using the correct search, but is there already a howto in doing this? I.e. keeping WDS/MDT for Windows while using FOG for Linux?

    Thanks for any help.

  • Moderator

    @smccloud Ok as long as you have it going, but seeing the error probably would have made me suggest that you install the dev-branch which supports debian 11 and ubuntu 20.10. But working is working…

    I still think there is value in upgrading to the dev-branch to get support for imaging 20H2 and later images. The dev-branch is on 1.5.9.114 or later as of today.

    I would also recommend that you install the latest FOS Linux kernels 5.10.x that is done under the Web UI->FOG Configuration->Kernel update. Just be aware if you update the kernel now and then install 1.5.9.114 you will need to redownload the 5.10.x series of kernels.


  • @george1421 It was actually an issue with Debian 11. I’m running Ubuntu without issue now. Next is getting everything working, and it has a static IP.

  • Moderator

    @smccloud said in Integrate FOG with WDS/MDT?:

    Now to figure out why the FOG installer errors out on me. I’m probably doing something wrong. Any suggested distro to use to run it? I normally use Debian but I can use Ubuntu or Rocky Linux (I refuse to use CentOS due to their change to the length of time it’s supported).

    Same animosity here with Centos…

    Debian works just fine (that is my preference since the Centos thing). Your FOG server needs internet access to install fog. Once the install is done internet access is not required. FOG doesn’t enjoy the network interface to change IP address once fog is installed. The installation for your site is pretty simple you just need a standard storage node.

    If you could create a new thread and post the error you are seeing there we can focus on that in the new thread. This thread is about fog and wds. We try to keep the threads, single threaded.


  • Now to figure out why the FOG installer errors out on me. I’m probably doing something wrong. Any suggested distro to use to run it? I normally use Debian but I can use Ubuntu or Rocky Linux (I refuse to use CentOS due to their change to the length of time it’s supported).


  • @george1421 The MX95 did pass the correct DHCP server info before I added the additional interfaces, just didn’t pass the traffic correctly. Given that we are a small company, and I have two roles (IT & Client Services) I went with the just throw more interfaces at it method because it was faster and easier.

  • Moderator

    @smccloud Yes if your main dhcp server is servicing this subnet then disable the fog dhcp server. Having 2 dhcp servers on the same subnet will only cause you pains.


  • @george1421 And I can disable the DHCP on the FOG server correct?

  • Moderator

    @smccloud Yes I’m familiar with policy based rules in windows dhcp server. Everything you have is normal. Just as a side note, make sure you have both arch 007 and 009 defined for UEFI x64 because both types of hardware are common.

    SO if you were to tweak these policies for FOG, of course you would need to change dhcp option 66 to be the fog server’s IP.

    Then for
    uefi x64 the boot file is ipxe.efi
    uefi x32 the boot file is i386\ipxe.efi (not very common hardware maybe some inexpensive windows based tablets)
    for bios the boot file is undionly.kpxe

    Meraki MX95 handles inter-VLAN traffic. Our DHCP server (Windows) has multiple DHCP 66 & 67 options

    Not specifically connected. The policies are needed to send the right boot file name based on the pxe booting target computer. If you would have said multiple interfaces then I would point you to the router’s dhcp-helper / dhcp-relay service needs to be setup with the listening interface and IP address of your main dhcp server.


  • @george1421 said in Integrate FOG with WDS/MDT?:

    @smccloud said in Integrate FOG with WDS/MDT?:

    Ok lets break this down

    I know when I set up WDS there was the option to override DHCP option 66, I did not choose that. So I have to set it in our DHCP server.

    OK this is helpful in that you are not using the ProxyDHCP function of WDS. You have to hardcode dhcp options 66 and 67. What do you have configured for dhcp option 67? If you are using static entries then you can either image bios or uefi systems but not both on the same subnet.

    I really only want FOG to run on one VLAN, our production server VLAN, and none of the others that WDS listens on (I had to give WDS a NIC in each VLAN it needs to listen on or it didn’t work right after we re-did our network).

    This kind of makes me think you do have the WDS bootp service enabled. This issue can be fixed so you don’t need an interface on each subnet if you want.

    Its something with the way our Meraki MX95 handles inter-VLAN traffic. Our DHCP server (Windows) has multiple DHCP 66 & 67 options, one for UEFI x64, one for UEFI x86 & one for BIOS, so they get the right boot file.
    2022-01-19_09-16-02.png

    Hopefully, the screenshot explains it better than I can in text.

    So in theory I could just change the DHCP options to point to the FOG server and then have it chain the WDS server.

    Yes. You would simply create two new fog iPXE menus. One to chain to the bios bootstrap and the other to the uefi boot strap. I’d have to look to see if iPXE can tell what platform its on, then only one iPXE menu is needed. I’m pretty sure I can do that too.

  • Moderator

    @george1421 Well this a first stab at building an iPXE boot menu for chaining to wds.

    Menu Item: os.WDS-Boot
    Description: Windows WDS Deployment
    Parameters:
    set next-server 0.0.0.0 # Replace with WDS server IP address

    iseq ${platform} efi && goto is_wds_efi || goto is_wds_bios

    :is_wds_efi
    set wds-bootfile \boot\x64\wdsmgfw.efi
    goto wds_boot

    :is_wds_bios
    set wds-bootfile \boot\x64\wdsnbp.com

    :wds_boot
    set filename ${wds-bootfile}
    set net0.dhcp/filename ${wds-bootfile}
    set proxydhcp/filename ${wds-bootfile}
    chain ${wds-bootfile} || goto Menu

    Menu Show with: All Hosts

    If the above chain command doesn’t work then lets try this one
    chain tftp://${next-server}${wds-bootfile} || goto Menu

  • Moderator

    @smccloud said in Integrate FOG with WDS/MDT?:

    Ok lets break this down

    I know when I set up WDS there was the option to override DHCP option 66, I did not choose that. So I have to set it in our DHCP server.

    OK this is helpful in that you are not using the ProxyDHCP function of WDS. You have to hardcode dhcp options 66 and 67. What do you have configured for dhcp option 67? If you are using static entries then you can either image bios or uefi systems but not both on the same subnet.

    I really only want FOG to run on one VLAN, our production server VLAN, and none of the others that WDS listens on (I had to give WDS a NIC in each VLAN it needs to listen on or it didn’t work right after we re-did our network).

    This kind of makes me think you do have the WDS bootp service enabled. This issue can be fixed so you don’t need an interface on each subnet if you want.

    So in theory I could just change the DHCP options to point to the FOG server and then have it chain the WDS server.

    Yes. You would simply create two new fog iPXE menus. One to chain to the bios bootstrap and the other to the uefi boot strap. I’d have to look to see if iPXE can tell what platform its on, then only one iPXE menu is needed. I’m pretty sure I can do that too.


  • @george1421 I would love to put WDS & FOG on different subnets but unless I add another VLAN that isn’t easily possible.

    I know when I set up WDS there was the option to override DHCP option 66, I did not choose that. So I have to set it in our DHCP server.

    I really only want FOG to run on one VLAN, our production server VLAN, and none of the others that WDS listens on (I had to give WDS a NIC in each VLAN it needs to listen on or it didn’t work right after we re-did our network). So in theory I could just change the DHCP options to point to the FOG server and then have it chain the WDS server.

    Right now our mix is around 2 WIndows machines to every 1 Linux machine.

  • Moderator

    @smccloud WDS and FOG use the same base technology for PXE booting. So your quest is challenging but not impossible.

    WDS uses a booting function called ProxyDHCP. This process supplies a dynamic boot file depending on the target computer’s type (bios or uefi). This ProxyDHCP overrides anything you might set in dhcp options 66 and 67. So this will be a problem if your WDS server, and FOG server are in the same broadcast domain.

    Depending on your network configuration and needs, the simplest method would be to put the windows and linux computers on different subnets. The second option would be to stop the ProxyDHCP service (called something else in WDS, but boot is in the name) and then PXE boot into the FOG iPXE menu, where from there you can chain into WDS booting. This would be a menu selection in the FOG iPXE menu.

    Tell me a bit more about your network infrastructure so we can think about the next steps.

    Also what is your mix of windows to linux deployments?

271
Online

9.6k
Users

16.0k
Topics

147.9k
Posts