@Avaryan Its important to not have spaces it should be one command
Posts made by george1421
-
RE: New PXE menu entry: Deploy Image & Shutdown
-
RE: New PXE menu entry: Deploy Image & Shutdown
@Tom-Elliott He wants after quick imaging to shutdown the computer, either by asking or just do it.
I thought the easiest way is with a kernel parameter.
-
Setting up a Windows 2012 server as a FOG Storage Node
Proof of concept build, not intended for a production environment
In a previous tutorial I created an outline of what was required to configure a windows server as a FOG Storage Node. At the time I was just “testing” to see if it was even possible. With the outcome successful I concluded it was possible to do. After many months away from the tutorial, reviewing it now its a bit of a convoluted mess mainly because of the way the forums place newer content at the beginning and older content at the tail. With this in mind I’ve consolidated the steps into a single post. If you want to understand the logic behind these steps, you can read the original document here: https://forums.fogproject.org/topic/6941/windows-server-as-fog-storage-node-proof-of-concept-blog
From elevated rigts powershell prompt
Import-Module ServerManager Add-WindowsFeature FS-NFS-Service
Reboot the server to complete the feature addition. If you don’t reboot you will get an error on the next ps command.
Import-Module NFS $WinSNode = "<win_storage_node_ip>" mkdir c:\share mkdir c:\share\images mkdir c:\share\images\postdownloadscripts mkdir c:\share\images\dev mkdir c:\share\images\dev\postinitscripts mkdir c:\share\tftpboot mkdir c:\share\snapins mkdir c:\share\snapins\ssl New-NfsShare –Name "images" –Path c:\share\images –Authentication sys -AllowRootAccess $True -EnableUnmappedAccess $True –Permission Readwrite Enable-NetFirewallRule -DisplayGroup “Server for NFS” -Verbose net localgroup fog_users /add net user fog_user "mi5ty_cl0ud" /add /EXPIRES:NEVER /PASSWORDCHG:NO /active:YES /Y net localgroup fog_users fog_user /add icacls c:\share /grant "fog_users:M" Install-WindowsFeature Web-FTP-Server,Web-FTP-Service,Web-FTP-Ext -IncludeManagementTools New-WebFtpSite -Name "FOGFtpSite" -Port 21 -PhysicalPath "c:\share" -IPAddress $WinSNode Set-ItemProperty "IIS:\Sites\FOGFtpSite" -Name ftpServer.security.ssl.controlChannelPolicy -Value 0 Set-ItemProperty "IIS:\Sites\FOGFtpSite" -Name ftpServer.security.ssl.dataChannelPolicy -Value 0 Set-ItemProperty "IIS:\Sites\FOGFtpSite" -Name ftpServer.security.authentication.basicAuthentication.enabled -Value $true Set-ItemProperty "IIS:\Sites\FOGFtpSite" -Name ftpserver.userisolation.mode -Value 4 Add-WebConfiguration "/system.ftpServer/security/authorization" -value @{accessType="Allow";roles="fog_users";permissions="Read,Write";users=""} -PSPath IIS:\ -location "FOGFtpSite" Restart-WebItem "IIS:\Sites\FOGFtpSite" New-Item "IIS:\Sites\Default Web Site\fog" -type Directory New-Item "IIS:\Sites\Default Web Site\fog\service" -type Directory New-Item "IIS:\Sites\Default Web Site\fog\service\ipxe" -type Directory Create the following file: C:\inetpub\wwwroot\fog\service\ipxe\web.config and paste the following xml contents: <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <staticContent> <mimeMap fileExtension="." mimeType="application/octet-stream" /> <mimeMap fileExtension=".*" mimeType="application/octet-stream" /> </staticContent> </system.webServer> </configuration> nfsshare fogipxe=C:\inetpub\wwwroot\fog\service\ipxe -o rw sec=sys root unmapped=yes nfsshare fogpxe=C:\share\tftpboot -o rw sec=sys root unmapped=yes
Install tftp32d server (third party application) because windows doesn’t have a native tftp server.
- Go to the following URL: http://tftpd32.jounin.net/tftpd32_download.html and download the tftpd64 service edition (installer)
- Launch the installer you just downloaded.
- Read and agree to EULA if you accept it continue.
- Select (all) Options: Add start menu shortcuts, Add desktop icon, Start service Tftp32_svc, start service monitoring
- Use default install location: C:\Program Files\Tftpd64_SE
- Tftpd64 Service console should launch
- Select the Settings button
- Select the GLOBAL tab
- Uncheck all options except TFTP Sever. The only selection option we need is “TFTP Server”.
- Select the TFTP tab
- For the base directory, select the browse button and then navigate to the c:\share\tftpboot folder
- Select OK
- In the tftp options section enable PXE Compatibility option. Leave all other settings at their default
- Press OK
This concludes the install of the tftp server
From fog server console logged in as root or with sudo rights. In this section we will copy all of the required files from the fog server to the windows storage node that are needed to transform windows into a fog storage node.
mount -t nfs <win_storage-node_ip>:/images /mnt mkdir /mnt/dev touch /mnt/.mntcheck touch /mnt/dev/.mntcheck umount /mnt # copy the FOS image files mount -t nfs <win_storage-node_ip>:/fogipxe /mnt cp /var/www/html/fog/service/ipxe/* /mnt umount /mnt # Copy the iPXE boot files mount -t nfs <win_storage-node_ip>:/fogpxe /mnt cp -R /tftpboot/* /mnt umount /mnt
Final clean up steps on Windows Storage node. In this section we’ll make a few final adjustments needed to complete the Storage Node installation.
nfsshare fogipxe /delete icacls.exe "C:\inetpub\wwwroot\fog\*" /q /c /t /reset icacls.exe "C:\share\*" /q /c /t /reset nfsshare fogpxe /delete netsh advfirewall firewall add rule name=“TFTP Server” dir=in action=allow program="%ProgramFiles%\Tftpd64_SE\tftpd64_svc.exe"
Installation Quality checks to perform before moving on to the fog server configuration. For these tests we’ll use a windows 7 workstation.
First we need to test to see if the FTP server is working and we can login using the fog_user account we setup.
C:\>ftp <win_storage-node_ip> Connected to <win_storage-node_ip>. 220 Microsoft FTP Service User (<win_storage-node_ip>:(none)): fog_user 331 Password required for fog_user. Password: 230 User logged in.
Next issue a
dir
command to see if we can see the files we created.ftp> dir 200 PORT command successful. 125 Data connection already open; Transfer starting. 05-22-16 08:39PM <DIR> images 05-22-16 07:41PM <DIR> snapins 05-24-16 02:42PM <DIR> tftpboot 226 Transfer complete. ftp: 144 bytes received in 0.00Seconds 144000.00Kbytes/sec. quit
That completes the FTP test
The next step is to test the tftp server
C:\>tftp <win_storage-node_ip> get default.ipxe Transfer successful: 427 bytes in 1 second, 427 bytes/s
If your tests matches the above then we can move onto the FOG part of the setup.
Activate the FOG Plugin module
Fog Configuration -> Plugin System
FOG_PLUGINSYS_ENABLED = checkedEnable the Location plugin
Plugin Management
Activate and install Location management pluginAdd Windows Storage Node to FOG’s configuration
Storage Management -> Add Storage node
-
RE: snapin and batch script
@plegrand PDQ Deploy?? https://www.pdq.com/pdq-deploy/
We use this tool instead of FOG Snapins to deploy applications in our offices. They have a free version that should do what you need, but the paid for version is reasonable in cost and well worth the price because of the additional functionality.
-
RE: Problem with Fog 1.3.5 install-- Setting up and Starting MySql...........FAILED! :(
@safari2010 If you send the plane tickets, I will personally come out and inspect your FOG setup if you like
Just be aware that this command will install the working branch (think of it as alpha code). You probably only want to use this branch if instructed by one of the developers.
git checkout working
And this command will get the latests Release Candidate (RC) release
git checkout dev-branch
And finally this one is for the stable releases
git checkout master
Just be aware that FOG 1.4.0 (stable) was released over this past weekend
-
RE: Is it possible to store Images centrally and deploy them from different servers?
@jherron said in Is it possible to store Images centrally and deploy them from different servers?:
i came to the conclusion that server would replicate ALL the images to all the nodes that way
I want to make sure we are on the same page here.
- Any image stored on the master node will be replicated to all storage nodes in the storage group.
- Only the master node of any storage group can capture images. The storage nodes can only deploy replicated images and pxe boot target computers.
On the master node you can selectively enable/disable an image from replication to the storage nodes. You can also disable images to prevent them from being used to image machines.
-
RE: Is it possible to store Images centrally and deploy them from different servers?
You are describing the typical fog server (1 master fog server) and many storage nodes. The fog server will replicate any images on the master fog server to all of the storage nodes in the storage group. You would use the location plugin to direct the clients to the proper storage node for pxe booting, image deployment, and snapin deployments.
Just be aware in this setup you may only capture images to the master fog server.
-
RE: Windows server as FOG Storage Node - proof of concept blog
@Tom-Elliott I’m currently spinning up a new FOG 1.4.0 server to test multicasting across subnets (and usb FOS booting it now appears). I’ll divert that setup to test FOG with a windows 2012 server setup as a storage node. I don’t have a centos template on this dev box so its going to take me some time to get up to speed. I do have a windows 2012 template so that one shouldn’t take too long.
I would still expect it to take until this evening before I can get to testing with my day job and everything…
-
RE: Updated To FOG 1.4.0 - Getting Blank White Page
Are you referring to full address being
http://<FOG_Server_IP>/fog
??Were you using some kind of rewriting rules in apache to redirect the user to the proper url? I remember during the 1.4.0RC releases people that had the redirection in place, it stopped redirecting them after an update.
-
RE: Mounting /images/dev Permission Denied
Understand you are not paying me for my service here, so these are only my opinions. Also I’m not throwing rock here either, the goal is to help you to a workable FOG solution.
I need a Windows server containing the Storage node so, if required, someone with no *nix experience can drop images, software etc… on the storage server.
This constraint is illogical. The storage for fog being Windows based has no bearing on being able to drop (capture and deploy) images, installing snapins or anything for that matter. The IT Admins interface with FOG using the web gui once FOG is installed. MS Windows in this situation really has no value for image deployment.
I also need the Windows server where the images are stored to have certain security protocols in place that are only officially approved for Windows. They also have these protocols for REDHAT but the licensing costs required was not approved.
If you are talking about DHS, STIG or NIST requirements, install FOG on a Centos OS. Centos and RHEL are functionally equivalent operating systems. The protocols and their execution should be nearly identical.
Further, i need this storage node to provide storage to 5 FOG VM’s. I have an enterprise setup with 5 different VLANs and need a FOG VM for each VLAN, but need the images to be available to all VLANs/FOG VMs.
Is there a technical reason why you need 5 FOG VMs in this setup? Functionally having 5 VMs using shared storage would consume the same bandwidth as having 1 VM and shared storage. You would consume even less with 1 FOG VM and local storage.
I am still getting the Permission Denied even though “Everyone” can access the CIFS shared drive… I’m so close yet so far.
The CIFS option was just an idea, we have not tested this configuration to say it will work or not. I would try to mount the CIFS share from the fog server and see if as root on the FOG server can you
touch
a file that exists on the CIFS share.Time is running out for the network maps and submission of a proof of concept. There has to be a way…
If you would have followed the guidance I gave you in the very first post. It would have instructed you how to setup windows 2012 as a FOG storage node. Can I say for absolute will it work in your environment? In a word, No. It appears you have some kind of validation / security protocols you must execute. There are no telling what local GPOs would have on restricting access form an external linux server.
-
RE: NetBoot problem, new mac..!
@Warget I’m glad you have it running now.
I agree it is not ideal, but until the iPXE folks can create a PXE boot compatible version for your hardware, this is the best we can do from the FOG Project side.
-
RE: NetBoot problem, new mac..!
@Warget This should be working!!
You are getting a dhcp address so the network adapter is working, but FOS can’t reach the FOG server. The error message is a bit misleading but I remember this was an issue because of a bad check.
Just as an idea, did you remember to change / update the grub.conf file on the usb flash drive. You needed to give the IP address of the fog server so FOS knows how to find the FOG server. It was in the link I provided before: https://forums.fogproject.org/topic/7727/building-usb-booting-fos-image/4 in the section called: The final steps you MUST complete
-
RE: FogReplicator and Storage Nodes.
@Wayne-Workman Just be aware the OP has setup a FOG Master -> FOG Slave setup not the traditional and fully supported FOG Master -> [FOG] Storage node configuration.
My hope is as the API matures that we can have the FOG Master -> FOG Slave setup a supported configuration.
-
RE: Mount and Extract files from images
@BedCruncher This is only an FYI note for those who may find this thread in the future.
The developers have added a new and faster compression/decompression tool in the current release of fog (1.3.5 and later). This is the zstd compression tool instead of the pigz tool. You just have to be aware of this. The zstd tool should read pigz compressed files no problem. But pigz can not read zstd compressed files. -
RE: NetBoot problem, new mac..!
@Warget Please confirm that you have the latest kernels and inits on that flash drive. That issue should have been resolved by the developers. What your posted WAS an issue with fog 1.4.0RC8 and before.
You can download the current kernels and inits from here:
https://fogproject.org/inits/init.xz https://fogproject.org/inits/init_32.xz https://fogproject.org/kernels/bzImage https://fogproject.org/kernels/bzImage32
You can just download them from the above links using a windows computer. Then replace the files on the flash drive with these current ones. You will overwrite what is on the usb boot key.
-
RE: NetBoot problem, new mac..!
@Warget That is sad that pxe booting is not working.
We do have an option still for fog (the right answer is to get pxe booting working). If the mac is capable to usb boot into the FOS engine directly. We have to use this method sometimes when the UEFI firmware is faulty and pxe booting fails.
https://forums.fogproject.org/topic/7727/building-usb-booting-fos-image
This method should work but there is one thing you must remember. For imaging, you must schedule a deployment task in the fog server before you usb boot FOS or you will get an error message.
I will IM you some additional information in a few minutes. Look for the chat icon in the FOG forum tool tray.
-
RE: PXE boot under Fortigate 40C
@Kpax said in PXE boot under Fortigate 40C:
Dnsmasq version 2.75 Copyright 2000-2015 Simon Kelley
OK dnsmasq 2.75 is not new enough to enable both uefi and bios booting. UEFI booting is broken in 2.75. But now that you have 2.75 installed you can follow this process to compile 2.76: https://forums.fogproject.org/topic/8725/compiling-dnsmasq-2-76-if-you-need-uefi-support/6
There is more in the thread, but that is the actions part.
You will compile 2.76 and then just swap out the binary for 2.75 with 2.76. Restart dnsmasq, confirm that 2.76 is running with
dnsmasq -v
, then try to pxe boot your target computer again.No worries, this is progressing just as I had planned. Your just distribution hasn’t released the latest version of dnsmasq yet, so you will compile it.
Also in your fortigate remove the line that contains the undionly.kpxe value, and then restart your dhcp server on your fortigate. We want dnsmasq to provide everything for pxe booting. This way the target computer only gets pxe booting instructions from dnsmasq
-
RE: FogReplicator and Storage Nodes.
@sbenson The mhb looks a bit suspect, but is OK. For SRO I would expect this if MHB had already been synchronized on a previous run.
I do have to question the time differences. Are you running UTC on these systems, especially SRO?
-
RE: FogReplicator and Storage Nodes.
@Tom-Elliott That probably should be done on the MHB server too just to flush out any cached systems since we deleted a node.
-
RE: FogReplicator and Storage Nodes.
@sbenson said in FogReplicator and Storage Nodes.:
There are a TOTAL of 2 servers in the whole company, SRO-FOG-01 and MHB-FOG-01
Well for that I’m sorry. Somewhere along the way I thought you said you had two physical fog servers at MHB, because you had two subnets there. I didn’t question it.
Delete the slave node on the MHB fog server and then things will straighten out.