RE: UEFI pxe boot problem from a network

@Sebastian-Roth Yes, if I change vlan, it works…

No bootable device found

Hello
My machines can’t start with pxe over uefi from one vlan but works fine from an other vlan.
I have no problem with bios legacy pxe boot
I can’t understand the reason why ?
here the dhcpd.conf file:

# 
# dhcpd.conf  
#
ddns-update-style standard;
authoritative;

#log-facility local7;
set vendor-string = option vendor-class-identifier;
log (info, option vendor-class-identifier);

include "/etc/dhcp/vip.conf";

subnet 148.60.0.0 netmask 255.255.248.0 {
##########################################
option domain-name-servers 148.60.15.109,148.60.15.106 ;
option domain-name "istic.univ-rennes1.fr" ;
option routers 148.60.7.254 ;
option subnet-mask 255.255.248.0 ;
default-lease-time 2592000 ;
max-lease-time 5184000 ;

pool {
                allow members of "vip";
                range 148.60.7.200 148.60.7.230;
}

group {
        next-server 148.60.4.1;

class "Legacy" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
        filename "undionly.kkpxe";
    }
    class "UEFI-32-2" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
        filename "i386-efi/ipxe.efi";
    }
    class "UEFI-32-1" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
        filename "i386-efi/ipxe.efi";
    }
    class "UEFI-64-1" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
        filename "ipxe.efi";
    }
    class "UEFI-64-2" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
        filename "ipxe.efi";
    }
    class "UEFI-64-3" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
        filename "ipxe.efi";
    }

host admin01 { hardware ethernet 7**d:cf; fixed-address admin01; option Host-name "admin01";} # 
host admin02 { hardware ethernet b8:85**a; fixed-address admin02; option Host-name "admin02";} # proto windows salles istic
#host admin04 { hardware ethernet 74**; fixed-address admin04; option Host-name "admin04";} #AIO Dell 9030
host admin05 { hardware ethernet d8:** fixed-address admin05; option Host-name "admin05";} # HP8100 AIO
host admin07 { hardware ethernet c**; fixed-address admin07; option Host-name "admin07";} # AIO Dell 9030
           
# marque debut pour dhcp-vm vlan 2, pas touche SVP.
# marque fin pour dhcp-vm vlan 2, pas touche SVP.
}

subnet 148.60.10.0 netmask 255.255.255.0 {
##########################################
option domain-name-servers 148.60.15.109,148.60.15.106 ;
option domain-name "istic.univ-rennes1.fr" ;
option routers 148.60.10.254 ;
option subnet-mask 255.255.255.0 ;
default-lease-time 600 ;
max-lease-time 1200 ;

group {
# On commente les deux lignes suivantes pour éviter le menu de Fog
        next-server 148.60.4.1;

class "Legacy" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
        filename "undionly.kkpxe";
    }
    class "UEFI-32-2" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
        filename "i386-efi/ipxe.efi";
    }
    class "UEFI-32-1" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
        filename "i386-efi/ipxe.efi";
    }
    class "UEFI-64-1" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
        filename "ipxe.efi";
    }
    class "UEFI-64-2" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
        filename "ipxe.efi";
    }
    class "UEFI-64-3" {
        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
        filename "ipxe.efi";
    }
host arrakis { hardware ethernet 0***FA; fixed-address arrakis; option Host-name "arrakis";} # Gx360 Gentoo AD
host admin11 { hardware ethernet 9c****:ca; fixed-address admin11; option Host-name "admin11";} #linux test 8300 AD
host brisbane { hardware ethernet 00:2****c9; fixed-address brisbane; option Host-name "brisbane";} # Windows SA

# marque fin pour dhcp-vm vlan 10, pas touche SVP.
        pool {
                deny members of "telephones-ip";
                range 148.60.10.180 148.60.10.220;
                next-server 148.60.15.121;
                filename "pxelinux.0";
        }

        ####################################################
        # pool d'adresse dynamique reserve aux telephones IP
        # testsip
        pool {
                allow members of "telephones-ip";
                range 148.60.10.224 148.60.10.239; #
        }
}

}

The problem is for the subnet 148.60.10.0/24
With tcpdump, I don’t capture any packet on 148.60.4.1 fog server from the booting 148.60.10.193 machine
I have no firewall working on my fog server.
I have no access rules from 148.60.10.0 vlan to 148.60.4.0 vlan
Could you help me

Thank you for you answer Sebastian,

I should reinstall using : “./installfog.sh -W https://fogus.istic.univ-rennes1.fr -S” ?
I will wait for the end of the college year to resintall and generate a new certificate.

@Sebastian-Roth said in can't install fog client 0.11.19 "Unable to install CA certificate":

apachectl -S
grep Server /etc/httpd/conf.d/*

[root@fogus ~]# apachectl -S

VirtualHost configuration:
*:80                   148.60.4.1 (/etc/httpd/conf.d/fog.conf:1)
*:443                  is a NameVirtualHost
         default server 148.60.4.1 (/etc/httpd/conf.d/fog.conf:14)
         port 443 namevhost 148.60.4.1 (/etc/httpd/conf.d/fog.conf:14)
                 alias fogus
         port 443 namevhost fogus.istic.univ-rennes1.fr (/etc/httpd/conf.d/ssl.conf:40)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/etc/httpd/run/" mechanism=default 
Mutex cache-socache: using_defaults
PidFile: "/etc/httpd/run/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48 

[root@fogus ~]# grep Server /etc/httpd/conf.d/*

/etc/httpd/conf.d/fog.conf:    ServerName 148.60.4.1
/etc/httpd/conf.d/fog.conf:    ServerAlias fogus
/etc/httpd/conf.d/fog.conf:    ServerName 148.60.4.1
/etc/httpd/conf.d/fog.conf:    ServerAlias fogus
/etc/httpd/conf.d/fog.conf.org:    ServerName 148.60.4.1
/etc/httpd/conf.d/fog.conf.org:    ServerAlias fogus
/etc/httpd/conf.d/fog.conf.org:    ServerName 148.60.4.1
/etc/httpd/conf.d/fog.conf.org:    ServerAlias fogus
/etc/httpd/conf.d/README:This directory holds configuration files for the Apache HTTP Server;
/etc/httpd/conf.d/ssl.conf:#ServerName www.example.com:443
/etc/httpd/conf.d/ssl.conf:#   Server Private Key:
/etc/httpd/conf.d/ssl.conf:#   Server Certificate Chain:
/etc/httpd/conf.d/ssl.conf:#   Per-Server Logging:

Here are the result fo the command:

ping -c 1 fogus2.istic.univ-rennes1.fr
ping: fogus2.istic.univ-rennes1.fr: Nom ou service inconnu
[root@fogus ~]# ping -c 1 fogus.istic.univ-rennes1.fr
PING fogus.istic.univ-rennes1.fr (148.60.4.1) 56(84) bytes of data.
64 bytes from fogus.istic.univ-rennes1.fr (148.60.4.1): icmp_seq=1 ttl=64 time=0.035 ms

--- fogus.istic.univ-rennes1.fr ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.035/0.035/0.035/0.000 ms
[root@fogus ~]# ping -c 1 fogus
PING fogus.istic.univ-rennes1.fr (148.60.4.1) 56(84) bytes of data.
64 bytes from fogus.istic.univ-rennes1.fr (148.60.4.1): icmp_seq=1 ttl=64 time=0.051 ms

--- fogus.istic.univ-rennes1.fr ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms
[root@fogus ~]# ping -c 1 fogus2
ping: fogus2: Nom ou service inconnu

ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens2f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether b0:26:28:78:ce:d0 brd ff:ff:ff:ff:ff:ff
    inet 148.60.4.1/21 brd 148.60.7.255 scope global noprefixroute ens2f0np0
       valid_lft forever preferred_lft forever
    inet6 fe80::b226:28ff:fe78:ced0/64 scope link 
       valid_lft forever preferred_lft forever
3: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 4c:d9:8f:8e:41:0f brd ff:ff:ff:ff:ff:ff
4: ens2f1np1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether b0:26:28:78:ce:d1 brd ff:ff:ff:ff:ff:ff
5: eno2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 4c:d9:8f:8e:41:10 brd ff:ff:ff:ff:ff:ff
6: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:1e:69:b9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
7: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:1e:69:b9 brd ff:ff:ff:ff:ff:ff

I try to find fogus2 string in /etc:

grep -Ri fogus2 /etc/*
grep: /etc/grub2.cfg: Aucun fichier ou dossier de ce type
grep: /etc/httpd/run/cgisock.2085: Aucun périphérique ou adresse
/etc/lvm/backup/cl:creation_host = "fogus2.istic.univ-rennes1.fr"	# Linux fogus2.istic.univ-rennes1.fr 4.18.0-80.11.2.el8_0.x86_64 #1 SMP Tue Sep 24 11:32:19 UTC 2019 x86_64
/etc/lvm/archive/cl_00000-2032209725.vg:creation_host = "fogus2.istic.univ-rennes1.fr"	# Linux fogus2.istic.univ-rennes1.fr 4.18.0-80.11.2.el8_0.x86_64 #1 SMP Tue Sep 24 11:32:19 UTC 2019 x86_64
/etc/mail/sendmail.cf:##### built by root@fogus2.istic.univ-rennes1.fr on ven. nov. 29 09:28:55 CET 2019

@Sebastian-Roth

Thank you for your help Sebastian, I’m not good at all in cert management !

grep “SSLC” /etc/httpd/conf.d/*.conf

/etc/httpd/conf.d/fog.conf:    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
/etc/httpd/conf.d/fog.conf:    SSLCertificateFile /var/www/html/fog//management/other/ssl/srvpublic.crt
/etc/httpd/conf.d/fog.conf:    SSLCertificateKeyFile /opt/fog/snapins/ssl//.srvprivate.key
/etc/httpd/conf.d/fog.conf:    SSLCACertificateFile /var/www/html/fog//management/other/ca.cert.pem
/etc/httpd/conf.d/ssl.conf:# Use "SSLCryptoDevice" to enable any supported hardware
/etc/httpd/conf.d/ssl.conf:SSLCryptoDevice builtin
/etc/httpd/conf.d/ssl.conf:#SSLCryptoDevice ubsec
/etc/httpd/conf.d/ssl.conf:SSLCipherSuite PROFILE=SYSTEM
/etc/httpd/conf.d/ssl.conf:#   Point SSLCertificateFile at a PEM encoded certificate.  If
/etc/httpd/conf.d/ssl.conf:SSLCertificateFile /etc/pki/tls/certs/localhost.crt
/etc/httpd/conf.d/ssl.conf:SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
/etc/httpd/conf.d/ssl.conf:#   Point SSLCertificateChainFile at a file containing the
/etc/httpd/conf.d/ssl.conf:#   the referenced file can be the same as SSLCertificateFile
/etc/httpd/conf.d/ssl.conf:#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
/etc/httpd/conf.d/ssl.conf:#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

Hello Sebastian,
I 've just restart the serer.
On an old installation client I get

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 04/03/2020 11:45:48 Client-Info Version: 0.11.19
 04/03/2020 11:45:48 Client-Info OS:      Windows
 04/03/2020 11:45:48 Middleware::Authentication Waiting for authentication timeout to pass
 04/03/2020 11:45:48 Middleware::Communication Download: https://fogus/fog/management/other/ssl/srvpublic.crt
 04/03/2020 11:45:48 Data::RSA FOG Server CA cert found
 04/03/2020 11:45:48 Middleware::Authentication Cert OK
 04/03/2020 11:45:48 Middleware::Authentication ERROR: Could not get security token
 04/03/2020 11:45:48 Middleware::Authentication ERROR: Le chemin d’accès spécifié est introuvable.

 04/03/2020 11:45:48 Middleware::Communication POST URL: https://fogus/fog/management/index.php?sub=requestClientInfo&authorize&newService
 04/03/2020 11:45:48 Middleware::Response Success
 04/03/2020 11:45:48 Middleware::Authentication Authenticated


 04/03/2020 11:45:48 Middleware::Communication URL: https://fogus/fog/management/index.php?sub=requestClientInfo&configure&newService&json
 04/03/2020 11:45:48 Middleware::Response Success
 04/03/2020 11:45:48 Middleware::Communication URL: https://fogus/fog/management/index.php?sub=requestClientInfo&mac=52:54:00:CE:A1:DD&newService&json
 04/03/2020 11:45:49 Middleware::Response Success
 04/03/2020 11:45:49 Middleware::Communication URL: https://fogus/fog/service/getversion.php?clientver&newService&json
 04/03/2020 11:45:49 Middleware::Communication URL: https://fogus/fog/service/getversion.php?newService&json

 04/03/2020 11:45:49 Service Creating user agent cache
 04/03/2020 11:45:49 Middleware::Response Success
 04/03/2020 11:45:49 Middleware::Response Module is disabled globally on the FOG server
 04/03/2020 11:45:49 Middleware::Response Success
 04/03/2020 11:45:49 Service Initializing modules

------------------------------------------------------------------------------
---------------------------------ClientUpdater--------------------------------
------------------------------------------------------------------------------
 04/03/2020 11:45:49 Client-Info Client Version: 0.11.19
 04/03/2020 11:45:49 Client-Info Client OS:      Windows
 04/03/2020 11:45:49 Client-Info Server Version: 1.5.8
 04/03/2020 11:45:49 Middleware::Response Success
------------------------------------------------------------------------------

It seems working even if I have this errors in thelog:

Middleware::Authentication ERROR: Could not get security token
 04/03/2020 11:45:48 Middleware::Authentication ERROR: Le chemin d’accès spécifié est introuvable.

On the server:

grep -e pem -e key /etc/httpd/conf.d/*.conf
/etc/httpd/conf.d/fog.conf:    SSLCertificateKeyFile /opt/fog/snapins/ssl//.srvprivate.key
/etc/httpd/conf.d/fog.conf:    SSLCACertificateFile /var/www/html/fog//management/other/ca.cert.pem
/etc/httpd/conf.d/ssl.conf:#   If the key is not combined with the certificate, use this
/etc/httpd/conf.d/ssl.conf:#   directive to point at the key file.  Keep in mind that if
/etc/httpd/conf.d/ssl.conf:#   you've both a RSA and a DSA private key you can configure
/etc/httpd/conf.d/ssl.conf:#   ECC keys, when in use, can also be configured in parallel
/etc/httpd/conf.d/ssl.conf:SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

md5sum /opt/fog/snapins/ssl/CA/.fogCA.pem /var/www/html/fog/management/other/ca.cert.pem
c5023563df0eeeac5186bd9b641426dc  /opt/fog/snapins/ssl/CA/.fogCA.pem
c5023563df0eeeac5186bd9b641426dc  /var/www/html/fog/management/other/ca.cert.pem

openssl verify -verbose -CAfile /opt/fog/snapins/ssl/CA/.fogCA.pem /var/www/fog/management/other/ssl/srvpublic.crt
/var/www/fog/management/other/ssl/srvpublic.crt: OK

May be the problem is here, initially the server name was fogus2, rename to fogus
with this command that you proposed to me, we find traces of fogus2

echo -n | openssl s_client -CAfile /var/www/html/fog/management/other/ca.cert.pem -connect fogus.istic.univ-rennes1.fr:443 | head
depth=1 C = US, O = Unspecified, OU = ca-7711430350767482536, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
verify error:num=19:self signed certificate in certificate chain
verify return:1
depth=1 C = US, O = Unspecified, OU = ca-7711430350767482536, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
verify return:1
depth=0 C = US, O = Unspecified, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
verify return:1
CONNECTED(00000003)
---
Certificate chain
 0 s:C = US, O = Unspecified, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
   i:C = US, O = Unspecified, OU = ca-7711430350767482536, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
 1 s:C = US, O = Unspecified, OU = ca-7711430350767482536, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
   i:C = US, O = Unspecified, OU = ca-7711430350767482536, CN = fogus2.istic.univ-rennes1.fr, emailAddress = root@fogus2.istic.univ-rennes1.fr
---
Server certificate
-----BEGIN CERTIFICATE-----
DONE

I installed the client without the https.
After installation, I edited the settings.json file to enable https.
I get the following error in the log

------------------------------------------------------------------------------
--------------------------------Authentication--------------------------------
------------------------------------------------------------------------------
 03/03/2020 17:13:59 Client-Info Version: 0.11.19
 03/03/2020 17:13:59 Client-Info OS:      Windows
 03/03/2020 17:13:59 Middleware::Authentication Waiting for authentication timeout to pass
 03/03/2020 17:13:59 Middleware::Communication Download: https://fogus.istic.univ-rennes1.fr/fog/management/other/ssl/srvpublic.crt
 03/03/2020 17:13:59 Data::RSA FOG Server CA cert found
 03/03/2020 17:13:59 Data::RSA ERROR: Certificate validation failed
 03/03/2020 17:13:59 Data::RSA ERROR: Trust chain did not complete to the known authority anchor. Errors: Une chaîne de certificats n’a pas pu être établie vers une autorité racine de confiance. (PartialChain)
 03/03/2020 17:13:59 Middleware::Communication SSL certificate chain error: Une chaîne de certificats a été traitée mais s’est terminée par un certificat racine qui n’est pas approuvé par le fournisseur d’approbation.

 03/03/2020 17:13:59 Middleware::Communication ERROR: Could not download file
 03/03/2020 17:13:59 Middleware::Communication ERROR: La connexion sous-jacente a été fermée : Impossible d'établir une relation de confiance pour le canal sécurisé SSL/TLS.

I tried with the smart installer and I got the same error.

Hello
I upgraded my server from 1.5.7.60 to 1.5.8 yesterday.
I can’t install my fog client using msi file.
I get “Unable to install CA certificate”
Could you help me ?

Arnaud

Yes

mysql> DELETE FROM `hosts` WHERE `hostID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `hostMAC` WHERE hmID = '0' OR `hmHostID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `groupMembers` WHERE `gmID` = '0' OR `gmHostID` = '0' OR `gmGroupID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `snapinGroupAssoc` WHERE `sgaID` = '0' OR `sgaSnapinID` = '0' OR `sgaStorageGroupID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE from `snapinAssoc` WHERE `saID` = '0' OR `saHostID` = '0' OR `saSnapinID` = '0';
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `hosts` WHERE `hostID` NOT IN (SELECT `hmHostID` FROM `hostMAC` WHERE `hmPrimary` = '1');
Query OK, 0 rows affected (0.01 sec)

mysql> DELETE FROM `hosts` WHERE `hostID` NOT IN (SELECT `hmHostID` FROM `hostMAC`);
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `hostMAC` WHERE `hmhostID` NOT IN (SELECT `hostID` FROM `hosts`);
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `snapinAssoc` WHERE `saHostID` NOT IN (SELECT `hostID` FROM `hosts`);
Query OK, 0 rows affected (0.01 sec)

mysql> DELETE FROM `groupMembers` WHERE `gmHostID` NOT IN (SELECT `hostID` FROM `hosts`);
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `tasks` WHERE `taskStateID` IN ("1","2","3");
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM `snapinTasks` WHERE `stState` in ("1","2","3");
Query OK, 4 rows affected (0.00 sec)

mysql> TRUNCATE TABLE multicastSessions; 
Query OK, 0 rows affected (0.02 sec)

mysql> TRUNCATE TABLE multicastSessionsAssoc; 
Query OK, 0 rows affected (0.00 sec)

mysql> DELETE FROM tasks WHERE taskTypeId=8;
Query OK, 437 rows affected (0.01 sec)

mysql> TRUNCATE TABLE history;
Query OK, 0 rows affected (0.01 sec)

mysql> TRUNCATE TABLE userTracking;
Query OK, 0 rows affected (0.00 sec)

Quist host deletion > It erase the host from the database, I thought it was wipping the disk

Nothing in apache error.log:

[Sun Feb 09 03:14:01.195079 2020] [lbmethod_heartbeat:notice] [pid 26820:tid 140285265893632] AH02282: No slotmem from mod_heartmonitor
[Sun Feb 09 03:14:01.195787 2020] [mpm_event:notice] [pid 26820:tid 140285265893632] AH00489: Apache/2.4.37 (centos) OpenSSL/1.1.1c configured -- resuming normal operations
[Sun Feb 09 03:14:01.195799 2020] [core:notice] [pid 26820:tid 140285265893632] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Mon Feb 10 16:48:20.677240 2020] [proxy_fcgi:error] [pid 14434:tid 140283463317248] (70008)Partial results are valid but processing is incomplete: [client 148.60.10.10:45504] AH01075: Error dispatching request to : (reading input brigade), referer: https://fogus//fog/management/index.php?node=snapin&sub=edit&id=4

Our fog version is 1.5.7.60, should I upgrade ?

Here is httpd access log :

148.60.3.152 - - [12/Feb/2020:08:36:39 +0100] "POST /fog/service/ipxe/boot.php HTTP/1.1" 200 4002 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:36:39 +0100] "GET /fog/service/ipxe/bg-plateforme2.png HTTP/1.1" 200 45904 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:36:56 +0100] "GET /fog/service/ipxe/refind.conf HTTP/1.1" 200 29719 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:36:56 +0100] "GET /fog/service/ipxe/refind_x64.efi HTTP/1.1" 200 208776 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:34 +0100] "POST /fog/service/ipxe/boot.php HTTP/1.1" 200 4000 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:34 +0100] "GET /fog/service/ipxe/bg-plateforme2.png HTTP/1.1" 200 45904 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:46 +0100] "POST /fog/service/ipxe/boot.php HTTP/1.1" 200 510 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:49 +0100] "POST /fog/service/ipxe/boot.php HTTP/1.1" 200 501 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:52 +0100] "POST /fog/service/ipxe/boot.php HTTP/1.1" 200 4339 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:53 +0100] "GET /fog/service/ipxe/bg-plateforme2.png HTTP/1.1" 200 45904 "-" "iPXE/1.0.0+ (3fe68)"
148.60.3.152 - - [12/Feb/2020:08:44:58 +0100] "GET /fog/service/ipxe/grub.exe HTTP/1.1" 200 234697 "-" "iPXE/1.0.0+ (3fe68)"

No trace on phpfpm

[12-Feb-2020 08:34:16] NOTICE: [pool www] child 704 exited with code 0 after 10966.343745 seconds from start
[12-Feb-2020 08:34:16] NOTICE: [pool www] child 15058 started
[12-Feb-2020 08:35:13] NOTICE: [pool www] child 1211 exited with code 0 after 10688.067733 seconds from start
[12-Feb-2020 08:35:13] NOTICE: [pool www] child 15128 started
[12-Feb-2020 08:36:31] NOTICE: [pool www] child 1763 exited with code 0 after 10354.590384 seconds from start
[12-Feb-2020 08:36:31] NOTICE: [pool www] child 15203 started
[12-Feb-2020 08:38:17] NOTICE: [pool www] child 2377 exited with code 0 after 9967.474334 seconds from start
[12-Feb-2020 08:38:17] NOTICE: [pool www] child 15340 started
[12-Feb-2020 08:38:35] NOTICE: [pool www] child 2597 exited with code 0 after 9858.520146 seconds from start
[12-Feb-2020 08:38:35] NOTICE: [pool www] child 15357 started
[12-Feb-2020 08:38:59] NOTICE: [pool www] child 2745 exited with code 0 after 9775.417709 seconds from start
[12-Feb-2020 08:38:59] NOTICE: [pool www] child 15382 started
[12-Feb-2020 08:39:44] NOTICE: [pool www] child 3033 exited with code 0 after 9556.303340 seconds from start
[12-Feb-2020 08:39:44] NOTICE: [pool www] child 15423 started
[12-Feb-2020 08:40:02] NOTICE: [pool www] child 3207 exited with code 0 after 9455.172945 seconds from start
[12-Feb-2020 08:40:02] NOTICE: [pool www] child 15457 started

I try erase disk with a centos 8 deployed image (uefi too). No error after but system allways present on reboot !

Hello,
actually, I’m trying to do a “quick host deletion” from the PXE menu.

Hello,

I can’t erase disk, when I try I get “Failed to destroy host”
I have the problem on uefi laptop.

Arnaud

Unfortunately, our test server is a VM but I haven’t done any snapshot before install.

@Sebastian-Roth
The apache configuration of our fog server is generated by fog

Here is the links!

https://filesender.renater.fr/?s=download&token=1556680b-9c1e-50af-5516-f42c06770b84

fog_error_1.5.7.100.log is the last install log with the 2 last lines of the .fogsettings deleted.
fog_error_1.5.7.93.log has generated mysql count error

Arnaud