RE: Changing IP address post fog install is problematic

In its simplest form that we run, some of our FOG servers are stationary, others move around. For us to have a single solution build that works for any location, all of our FOG servers are configured to grab an IP via external DHCP reservation.

I copy and paste the following to the CLI to edit rc.local:

cp -f /etc/rc.local /etc/rc.local.old
if [ -f /etc/centos-release ]; then
echo ' ' >> /etc/rc.local
echo 'make_fog_portable' >> /etc/rc.local
echo ' ' >> /etc/rc.local
else
sed -i "s|exit 0|make_fog_portable &|g" /etc/rc.local
echo ' ' >> /etc/rc.local
echo 'exit 0' >> /etc/rc.local
fi
chmod 755 /etc/rc.local
echo '#!/bin/bash' > /bin/make_fog_portable
echo '#' >> /bin/make_fog_portable
echo '# make_fog_portable &' >> /bin/make_fog_portable
echo '#' >> /bin/make_fog_portable
echo '# This script is expected to be run as a job from /etc/rc.local' >> /bin/make_fog_portable
echo '# It will wait until an IP address is found, then use that IP' >> /bin/make_fog_portable
echo '# address to configure the FOG Server for that site.' >> /bin/make_fog_portable
echo '#' >> /bin/make_fog_portable
echo ' ' >> /bin/make_fog_portable
echo 'exit 0' >> /bin/make_fog_portable
chmod 755 /bin/make_fog_portable
vim /bin/make_fog_portable

At the now open file ‘make_fog_portable’ Insert the following, before “exit 0” ; [ESC]:wq to write/quit

# Wait for an IP address
IP=`ip addr list eth0 | grep "inet " |cut -d" " -f6|cut -d/ -f1`
while [ -z $IP ]
do
	echo "Waiting :05 for an IP Address" > /dev/kmsg
	sleep 5
	IP=`ip addr list eth0 | grep "inet " |cut -d" " -f6|cut -d/ -f1`
done

# Make FOG Server Portable
sleep 6
echo "Updating IP address for FOG_TFTP_HOST to be $IP [`date`]" > /dev/kmsg
mysql --user=root -e "UPDATE \`globalSettings\` SET \`settingValue\` = '$IP' WHERE \`settingKey\` ='FOG_TFTP_HOST';" fog
echo "Updating IP address for FOG_WEB_HOST to be $IP [`date`]" > /dev/kmsg
mysql --user=root -e "UPDATE \`globalSettings\` SET \`settingValue\` = '$IP' WHERE \`settingKey\` ='FOG_WEB_HOST';" fog
echo "Updating IP address for FOG_WOL_HOST to be $IP [`date`]" > /dev/kmsg
mysql --user=root -e "UPDATE \`globalSettings\` SET \`settingValue\` = '$IP' WHERE \`settingKey\` ='FOG_WOL_HOST';" fog
echo "Updating IP address for Storage Node DefaultMember to be $IP [`date`]" > /dev/kmsg
mysql --user=root -e "UPDATE \`nfsGroupMembers\` SET \`ngmHostname\` = '$IP' WHERE \`ngmMemberName\` ='DefaultMember';" fog
echo "Updating IP address in file .fogsettings to be $IP [`date`]" > /dev/kmsg
sed -i "s|ipaddress=\".*\"|ipaddress=\"$IP\"|" /opt/fog/.fogsettings
echo "Updating IP address in file default.ipxe to be $IP [`date`]" > /dev/kmsg
sed -i "s|http://\([^/]\+\)/|http://$IP/|" /tftpboot/default.ipxe
sed -i "s|http:///|http://$IP/|" /tftpboot/default.ipxe

echo "Sleeping 10 seconds before releasing script [`date`]" > /dev/kmsg
sleep 10
echo "releasing script [`date`]" > /dev/kmsg

Complete the generalization with this; you will also need to run this after any FOG trunk update:

if [ -f /etc/debian_version ]; then
cd /var/www/fog/lib/fog
fi

if [ -f /etc/centos-release ]; then
cd /var/www/html/fog/lib/fog
fi

cp -f config.class.php config.class.php.old
sed -i "s|\".*\..*\..*\..*\"|\$_SERVER['SERVER_ADDR']|" config.class.php
reboot

Why a job at startup? In the case of a power failure, the FOG server itself whether it be physical or virtual will almost invariably be available long before the site’s switches finish their POSTs and the network is available again. The loop to check for an IP prevents the FOG server coming up without an IP or in the case of a mobile server, forces the new IP into FOG’s configuration before it has a chance to start.

This solution even allows us to change the subnet entirely and the server will always, automatically reconfigure itself according to the new DHCP reservation.

Works like a charm.

This works on Ubuntu 14-, 15+, Debian 8+ and CentOS 7.

It is into this make_fog_portable job that I would also add any code for restarting critical services:

# Ubuntu 14-
sleep 6
echo "Restarting tftpd-hpa [`date`]" > /dev/kmsg
service tftpd-hpa restart
sleep 6
echo "Restarting mysql [`date`]" > /dev/kmsg
service mysql restart
sleep 6
echo "Restarting FOGMulticastManager [`date`]" > /dev/kmsg
service FOGMulticastManager restart

# Debian 8+, Ubuntu 15+
if [ -f /etc/debian_version ]; then
echo "Restarting Critical FOG Services [`date`]" > /dev/kmsg
systemctl restart tftp* mysql* FOG* apache*
fi

If you insist on not using sysprep, there is a fourth option. Select [SHIFT] + [SHUTDOWN].

To expand further:

Windows Registry Editor Version 5.00

; delete a registry key
[-<HIVErootkey>\<keyname>]

; delete a registry value
[<HIVErootkey>\<keyname>]
"<value>"=-

; delete only the value data of a value
[<HIVErootkey>\<keyname>]
"<value>"=""

A great starting point

Aha! Thanx Jbob. I swear I clicked on it before and it gave me a `you can not upvote your own posts’. I must have slipped onto the ^ voting symbol.

< edit >
… and the crowd goes wild.

I’m happy enough to leave it as my development fog.

I did not notice any hiccups or gotchas during installation or import.

So yes, I think this is solved.

Thx for all of your hard work getting FOG up to speed for us bleeding edge types.

I have also seen this error caused by the Antivirus in the image. Although it affected all deployments, effectively poisoning the image beyond repair.

From Lexmark’s site

Download then run the executable. Tell it to extract for later installation.

Find this:

C:\Lexmark\Lexmark_MS510_Series_ADU_Installation_Package\InstallationPackage\InstallationPackage\Drivers\Print\GDI\LMADUP40.inf

This article is the result of this previous thread.

I think I’ve figured it out.

When kernel 3.18.5 and earlier versions enumerate the interfaces in a 2012 R2.u1 Hyper-V Generation-1 Virtual Machine, it only has drivers to recognize the Legacy adapter (eth0). it ignores whether you have the ‘Ethernet’ adapter (eth1) connected to the virtual switch or not.

Kernel 3.18.5 then uses the 100Mb Legacy adapter (eth0) that it PXE booted from to transfer to/from the FOG server.

Beginning with my use of kernels 3.19.1 on up to the current version 4.1.4 kernel, I’m guessing that the driver for the Hyper-V ‘Ethernet’ adapter (eth1) is included. If the ‘Ethernet’ adapter (eth1) is disconnected, like I had been doing for kernels 3.18.5 and older, 4.1.4 will not fail back to use the ‘Legacy’ adapter (eth0), but will fail the process in an infinite spit out of CR+LF, or error out with network interface (eth1) not found.

If when using kernels 3.19.1 on up, the ‘Ethernet’ adapter (eth1) IS connected to the virtual switch at the same time as the Legacy adapter (eth0), the VM will PXE boot from the Legacy adapter (eth0), then uses the 'Ethernet" adapter (eth1) for the data transfer.

… and there was much rejoicing.

As a bonus, using the ‘Ethernet’ adapter (eth1) for the data transfer means using a 1Gb connection; ergo, roughly 1/8 the time required for data transfer.

I’m a big fan of dpinst as well. Injecting for reals, into an OS for 30 different platforms prior to sysprep bloats the registry and can even poison an image in extreme cases.

I prefer to not leave Windows to install drivers as it wants, but where I want, when I want; I do this in the unattend.xml.

<settings pass="specialize">
	<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
		<ExtendOSPartition>
			<Extend>true</Extend>
		</ExtendOSPartition>
		<RunSynchronous>
			<RunSynchronousCommand wcm:action="add">
				<Order>1</Order>
				<Description>Driver Installation Pass 1 of 3</Description>
				<Path>"C:\temp\drivers\dpinst.exe" /path "C:\temp\drivers" /q /se</Path>
			</RunSynchronousCommand>
			<RunSynchronousCommand wcm:action="add">
				<Order>2</Order>
				<Description>Driver Installation Pass 2 of 3</Description>
				<Path>"C:\temp\drivers\dpinst.exe" /path "C:\temp\drivers" /q /se</Path>
			</RunSynchronousCommand>
			<RunSynchronousCommand wcm:action="add">
				<Order>3</Order>
				<Description>Driver Installation Pass 3 of 3</Description>
				<Path>"C:\temp\drivers\dpinst.exe" /path "C:\temp\drivers" /q /se</Path>
			</RunSynchronousCommand>
		</RunSynchronous>
	</component>
</settings>

Where C:\temp\drivers\ contains every driver extracted from every system needed.

Alongside dpinst.exe in c:\temp\drivers I also place the dpinst.xml

<?xml version="1.0" ?>
<dpinst> 
	<!-- equivalent to /sa -->
	<suppressAddRemovePrograms/>
	<!-- The following search and subDirectory elements direct DPInst to search all subdirectories (under the DPInst working directory) to locate driver packages. -->
	<search> 
		<subDirectory>*</subDirectory> 
	</search> 
	<!-- The following language element localizes its child elements for the English (Standard) language. The child elements customize the text that appears on the DPInst wizard pages. -->
	<language code="0x0409"> 
		<dpinstTitle>Device Driver Updater</dpinstTitle> 
		<welcomeTitle>Welcome to the Device Installer!</welcomeTitle> 
		<welcomeIntro>This wizard will walk you through updating the drivers for your device.</welcomeIntro> 
		<installHeaderTitle>Installing the software for your device...</installHeaderTitle> 
		<finishTitle>Congratulations! You finished installing your device drivers.</finishTitle> 
	</language> 
	<!-- equivalent to /sh -->
	<scanHardware/>
</dpinst>

I run dpinst three times deliberately. First to grab primary devices, then to detect and load daughter devices, and then finally for those very few tertiary devices that can only be seen after two other parent devices are loaded.

I then leave it to setupcomplete.cmd to reclaim the disk space taken up by staging the drivers in the image.

@REM Place this file in C:\Windows\Setup\Scripts
@REM SetupComplete.cmd is executed as final step of coming out of Sysprep under SYSTEM account

@REM Cleanup
del /Q /F c:\windows\system32\sysprep\closer*.xml
del /Q /F c:\windows\system32\sysprep\default*.xml
del /Q /F c:\windows\panther\unattend.xml
rd /s /q C:\temp
rd /s /q C:\temp

This does not take care of any OEM software which I install through separate automated means.

My current driver pack for Windows 10 (64) is fully compatible with 30 different makes/models in our environment.

Manufacturer Model Name Model Version

Dell Inc. Latitude 3379 <blank>
Dell Inc. OptiPlex 790 <blank>
Dell Inc. OptiPlex 7010 <blank>
Dell Inc. OptiPlex 7020 <blank>
Dell Inc. XPS One 2710 <blank>

LENOVO 7373BTU ThinkCentre M58

LENOVO 3548C1U ThinkCentre M72z
LENOVO 3548C8U ThinkCentre M72z

LENOVO 10BBS00Y00 ThinkCentre M73z
LENOVO 10BBS12Q00 ThinkCentre M73z

LENOVO 10EWS0B000 ThinkCentre M800z
LENOVO 10NY0010US ThinkCentre M810z

LENOVO 20GKS0A700 ThinkPad 13
LENOVO 20J2S0MJ00 ThinkPad 13 2nd Gen

LENOVO 20FES0VJ00 ThinkPad Yoga 260

LENOVO 20JJS2F200 ThinkPad Yoga 370

LENOVO 30ASS3NA0 ThinkStation P310

LENOVO 30BH002KUS ThinkStation P320

Toshiba PORTEGE R830 PT320C-0F502L
Toshiba PORTEGE R830 PT320C-01H018
Toshiba PORTEGE R830 PT320C-05L02L

Toshiba PORTEGE R930 PT330C-00v009
Toshiba PORTEGE R930 PT330C-05X039
Toshiba PORTEGE R930 PT330C-08S039

Toshiba PORTEGE Z930 PT235C-02H049

Toshiba PORTEGE R30-A PT341C-00W00T
Toshiba PORTEGE R30-A PT343C-0YP08W
Toshiba PORTEGE R30-A PT343C-01N01J

Toshiba PORTEGE Z30t-A PT24CC-05D02V

Toshiba TECRA R700 PT318C-00C001

Wow … that one almost got lost to the mists of time.

Yes. An update.

I don’t remember precisely when, but I think it was soon after I made this initial post that it started working again.

Regardless, I’m currently running 1.4.0-RC-4 and I just tested on both types of VMs for this reply and they work.

Gen1 (Legacy) picks up undionly.kpxe and Gen2 (UEFI) pulls down ipxe.efi on Hyper-V 2016 VMs .

So the problem isn’t the cloning but that I was transferring from an IDE/Compatible VM to an Physical system with AHCI enabled. Setting the physical to IDE/Compatible mode fixed that. However IDE mode is not a solution. I required building AHCI into the kernel prior to deployment.

Thanks to some help from centos.org forums I have a working solution.

I’ve moved the OS update and some other new code that forces the recompiled kernel to include AHCI drivers to the final mastering.

Server building occurs for me in several steps.

1. Install the Minimal Server to a VM, nothing else, no updates
2. Purpose the VM (in this case for FOG and all that entails, no updates)
3. Master the image (every update and generalizing code)
4. Capture the image
5. Distribute the image
6. Align the Deployed system

I’ve added the following code to the Mastering:

03> Master the Image
	## Login REMOTELY with Kitty ( http://kitty.9bis.net/ )
	## Elevate Access Level
	## --
	## Disable root access via SSH (CentOS only)
	## Direct next Kernel recompilation update to include AHCI drivers & be HW generic
	## Clean & Update the OS
	## Shutdown

sudo su

if [ -f /etc/centos-release ]; then
sed -i "s|#PermitRootLogin yes|PermitRootLogin no|g" /etc/ssh/sshd_config
systemctl restart sshd.service
sed -i 's|#add_drivers+="|add_drivers+="ahci|g' /etc/dracut.conf
sed -i 's|#hostonly="yes|hostonly="no|g' /etc/dracut.conf
yum clean all
yum makecache
yum update -y
shutdown now
fi

Any changes made to Storage Group or Storage Node are not written.

Web interface pushes back with:

“Storage Group/Node already exists”

Capture it as a Windows 8.1 image.

Throw a chkdsk /offlinescanandfix then Restart.

How did you shut down Windows 10?

There’s Shutdown, then there’s SHIFT+Shutdown; the latter is what you want.

I’m not trying to insult you. This trips up lots of folks.

That did the trick!

# Join to an AD Domain
# --------------------------
# Elevate Access Level
	sudo su

# Install Pre-requisites for joining to an AD Domain
	yum install -y sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python

# Join to domain
# ( http://www.unix.com/man-page/centos/8/realm/ )
	realm join --user=DomainJoinCapableADAccount domain.name

# Restrict access from domain
	realm deny --all

# Permit access by Domain User Group "ADGroupName" (A-z only)
	realm permit -R domain.name -g ADGroupName

# Do not require FQDN for username
	sed -i "s|use_fully_qualified_names = True|use_fully_qualified_names = False|g" /etc/sssd/sssd.conf
	systemctl restart sssd

# Permit Access to SUDO
	echo "%ADGroupName    ALL=(ALL)       ALL" >> /etc/sudoers.d/sudoers

# Reboot to Commit
	reboot

Now for the next hurdle.

Thank you for the quick response.

I ran into something similar and it was a matter of the machines being too fast thx to the SSD for certain functions being called by my setupcomplete.cmd, answerfile.xml and a .vbs script run as a first time logon script during autologon. I had to build in some wait times or checks to ensure certain things were complete before allowing any of these to continue past what was now completing too quickly asynchronously.

I finally got my hands on a Lenovo ThinkPad OneLink+ to RJ45 Adapter ( model SC10J34224 ).

Using FOG RC10, kernel 4.7.3, it connects and fogs quite happily in UEFI mode using ipxe.efi and Legacy mode using undionly.kpxe.

Tested on a Lenovo ThinkPad Yoga 260 and a Lenovo ThinkPad 13.

You’re being modest.

Boy does this thread sound familiar