[Proof of Concept] Combining {FoG & XCP-NG} for a Zero-Touch Bulletproof Classroom Deployment!

Hi All,

Are you interested in solving a general worldwide Lazy IT “problem”? (Zero-Touch Machine Control) or follow how the can get solved? Then continue reading! --Note to my knowledge there is no such software available. If so please comment details about the software i will check it out

Intro:
I’m an system administrator for a company that educates in IT (Instructor-led courses) for all kinds of vendor’s such as Cisco, Citris, VMWare, Redhat, Microsoft and many more.

We try to avoid costs of “Virtual Labs” thus making our own (on instructions of vendor we re-build cloud OS machines, and deploy them on a powerful physical machine) images to deploy to classrooms. Our classrooms are high-end in IT hardware. You can imagine we have a (currently Altiris .gho files) huge library of images that we can deploy.

But every Friday when imaging to be ready for the new course starting next Monday we encounter “lazy IT problems” which increase our time we need to spend on restoring a lot of classrooms (multiple external locations, each location has multiple classrooms)

A default course is 5 days, we deploy corresponding images every Friday (after 17:00) to the systems. It’s a variation of images from Linux, to Windows Server editions that has Hyper-V with multiple images inside (Example: it will be used for a course Microsoft Domain Controller.).

Our “lazy IT problems” :
We want a bullet proof classroom, we want to fully control the classrooms systems. We want to be able to boot/shutdown, yes we have working WoL! But that diden’t solve our problem… <—Soooo many “We want” i know. Lazy…

Because Alot of courses use Hyper-V. Hyper-V breaks WoL It Hijacks NiC Ownership making WoL not work. We need to unplug/plug machine from power then WoL works untill it loads OS with Hyper-V again. That means we need to walk to the classrooms and/or ask the receptionist to boot up machines.

Idea!
Then i had one crazy idea to combine FOG with XCP-NG Server a.k.a (Citris Hypervisor, Xen-Server) ^0^. Wait what? What is XCP? It’s a free version of Xen-Server but with all features enabled for free.-> https://xcp-ng.org/

XCP-NG it not intended for classroom deployments… I know! But hear me out how i want to use the open-source combination to create a zero-touch deployment! even when Harddrive is wiped including the XCP-NG Host installation thus making us lose control of the machine! (I know it sounds insane, but bare with me a lot of typing is required to explain this!)

[XCP-NG limitations]:

*When XCP-NG Is installed it displayers the “Server console on screen”

First Dilemma: How do we serve end-user VM Guest screen instead of the console displayed on the image below?

Solution: vGPU Passthrough function, we stream the VM output to Graphic card. Attach Graphic card to VM Solved we see OS screen!

Second Dilemma: USB Port not working, mouse and keyboard not useable.
Solution: Almost same solution, but we use USB Passthrough, and there is another function to be able to hot mount/dismount usbs to vms. But for now we pre-configure usb passthrough.

Oke we now proofed that end-users can use the same fysical Guest VM machine where XCP-NG host is installed on LOL ;0

How do we recover XCP-NG Host if disk is formatted for any reason?
Well, my idea is we let the host machine boot by default on PXE and load our “customised” XCP-NG Netinstaller including answer file which includes the configuration.

I was planning on editing the netinstaller code to:
Check Disk -> Partition with XCP-NG Host Found?
----------------------- ^Yes -Boot from disk ^No -Start XCP-NG Host Netinstaller recovering XCP-NG Host.

Thus making it zero touch bulletproof, correct? We can fully use WoL or the XCP-NG tools*
*

• XCP-NG Center (Installer)
• Xen Orchenstra (Web-GUI)
• API Commands (FoG plugin if possible

to remote control it.

And what has FoG to do with it?
Well, FoG is insanely faster when pxe installing a VM than import and mounting the image file.

So i wanted to create a plugin for FoG to be able to send API commands to any XCP-NG Host to create an empty VM. When creating the vm template we can generate a MAC for the VM NiC& Boot it on PXE.

Because we generate the MAC in the template inside FoG webserver we can internally parse a deploy task for FoG targeting the guest Mac Address (That we generated when creating template) and install our classroom image.

What do i think we a achieve if this 100% works? First ever Zero-Touch Classroom Deployment.
–This workaround is pure for 1 thing! Hyper-V breaking WoL when Hyper-V is installed on host OS.

----If some one now comes with a solution to get WoL working on Hyper-V host machine i will fall off my chair.

So what do you think? I’m halfway with the PoC. Next step is to customize the net-installer to decide whether to reinstall or boot from disk.

Cheers!
Mokerhamer

Hi all,

Intro:
We’re currently extensively testing FoG and it’s capability’s. And since w’re doing it and gathering data, why not share and spare

Sooo… now what?
Well… We’ve set-up a FoG Server with a test windows 10 deployment image (25gb). Our goal is to to define the best configuration set-up for FoG and network hardware.

We needed to apply some configuration changes to our Cisco appliance to increase speed and packet size. i can image more users need to do so.

If anyone is interested we’re going to test some things and it would be great to be able to compare our results/config with others.

Bench testing what?
Since we’re not experienced with FoG, we will play around in some ways:
–Hardware and bios are exact. in our case. Dell T5810, Dell 3610, Dell 3600.

• Best Deployment -type, protocol, compression, etc.
  • Deployment difference -Deploying to direct system vs XCP-NG VM. in different settings
  • Multicast: * Multi-casting from Master node (playing with storage groups) to external location through VPN*

We have our own environment set-up as test corner with it’s own appliance that we use in general. It’s a lot of details. Might be good to set-up a general environment criteria to avoid “dirty” and contradicting results… Feel free to reply if you have any idees or layouts

Goal:

• Map all criteria to reach highest deployment/capture speed.
• Define extra configuration requirements of third party appliance of FoG, such as Switch, Router, Firewall, Etc

Motivated by this wiki page
https://wiki.fogproject.org/wiki/index.php/Image_Compression_Tests

And by the replys –amount of devices the are managing with FoG
https://forums.fogproject.org/topic/4382/organizations-using-fog/107

Hoping for a very active thread <Fingers-Crossed>

Cheers,
Mokerhamer

@george1421

You knocked it right on the head with the multicast details, took a few tries to get the all the details configured. We’re now thinking about setting up a 10GB network and do the exact same tests. just curious… what speed would we reach? especially with all the variables in play.

This is a pure trial and fail, find the limits. Fail uncountable times and still keep seeking for answers. We’re using something new with a very high compression ration and i find there is a limited information pool about it. So i am extra curious about pushing limits with this.

In my eyes these trial and fails can decide or break a future plan of our classroom hardware architecture.

@george1421 @Sebastian-Roth

Only Client is limited with 1GB network card. Current speed with Multicast (18Gb! - Windows 10 Deployment 1:36 LOL)

10GBE network card for client will be here within a hour! Curious what will happen!