Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download 2011.06.15 - Setup NetBoot Service on Mac OS X 10.6.x Client
Document related concepts
Transcript
Setup NetBoot Server on
Mac OS X 10.6.x Client
Terms
Terms
• NetBoot
Terms
• NetBoot
NetBoot is a technology from Apple which enables Macs with
capable firmware to boot from a network disk image, rather than
a local hard disk, optical disc drive or other locally attached
portable media like USB/FireWire drives, etc.
Client
Server
Terms
• NetInstall
Terms
• NetInstall
NetInstall uses a network image to install the operating system
or software onto the local hard disk.
In the same way that a NetBoot image replaces the role of a hard
disk, a NetInstall image is a replacement for an installation DVD.
Client
Server
Terms
• NetRestore
Terms
• NetRestore
NetRestore is a network image that you can use to restore a
volume over the network.
You can also use the asr tool to restore a NetRestore image onto
a volume or to clone volume.
Client
Server
Terms
Shadow Files
Terms
Shadow Files
Many clients can read from the same NetBoot image, but when a
client must write back to its startup volume, such as print jobs
and other temporary files, NetBoot service redirects the written
data to shadow files.
Terms
Shadow Files
Many clients can read from the same NetBoot image, but when a
client must write back to its startup volume, such as print jobs
and other temporary files, NetBoot service redirects the written
data to shadow files.
Network
Apple Filing Protocol (AFP) is used for the network based
shadow files.
Terms
Shadow Files
Many clients can read from the same NetBoot image, but when a
client must write back to its startup volume, such as print jobs
and other temporary files, NetBoot service redirects the written
data to shadow files.
Network
Apple Filing Protocol (AFP) is used for the network based
shadow files.
Local Hard Disk
You can also use a hard disk on the client if available
Terms
Shadow Files
Many clients can read from the same NetBoot image, but when a
client must write back to its startup volume, such as print jobs
and other temporary files, NetBoot service redirects the written
data to shadow files.
Network
Apple Filing Protocol (AFP) is used for the network based
shadow files.
Local Hard Disk
You can also use a hard disk on the client if available
Ram Disk
Or setup a ram disk for shadow files.
The Setup
The Setup
• Create Directories & Symlinks
The Setup
• Create Directories & Symlinks
# Create “NetBoot” directory in “/Library” directory
mkdir /Library/NetBoot
The Setup
• Create Directories & Symlinks
# Create “NetBoot” directory in “/Library” directory
mkdir /Library/NetBoot
# Create “NetBootClient0” directory in “/Library/NetBoot” directory
mkdir /Library/NetBoot/NetBootClients0
The Setup
• Create Directories & Symlinks
# Create “NetBoot” directory in “/Library” directory
mkdir /Library/NetBoot
# Create “NetBootClient0” directory in “/Library/NetBoot” directory
mkdir /Library/NetBoot/NetBootClients0
This is where the client shadow file data is stored.
The Setup
• Create Directories & Symlinks
# Create “NetBoot” directory in “/Library” directory
mkdir /Library/NetBoot
# Create “NetBootClient0” directory in “/Library/NetBoot” directory
mkdir /Library/NetBoot/NetBootClients0
This is where the client shadow file data is stored.
If you wanted better performance, you could setup multiple share points using different
server hard disks named...
NetBootClient0
NetBootClient1
NetBootClient3
NetBootClient4
The Setup
• Set Privileges
The Setup
• Set Privileges
# Recursively, change owner to “root” & group to “admin”
chown -R root:admin /Library/NetBoot
The Setup
• Set Privileges
# Recursively, change owner to “root” & group to “admin”
chown -R root:admin /Library/NetBoot
# Recursively, change permissions for owner & group to read, write & execute
# And others to read & execute NetBoot directory & sub-directories.
chmod -R 775
/Library/NetBoot
The Setup
• Change Directory
The Setup
• Change Directory
# Change directory to "/Library/NetBoot"
cd /Library/NetBoot
The Setup
• Create Symlinks
Network
Apple Filing Protocol (AFP) is used for the network based
shadow files.
Local Hard Disk
You can also use a hard disk on the client if available
Ram Disk
Or setup a ram disk for shadow files.
The Setup
• Create Symlinks
# Create symlink ".clients" from "NetBootClients0" in directory "/Library/NetBoot”
# Using the "ln" utility with options "-s", "-h" & "-f"
ln -shf NetBootClients0 /Library/NetBoot/.clients
The Setup
• Create Symlinks
# Create symlink ".clients" from "NetBootClients0" in directory "/Library/NetBoot”
# Using the "ln" utility with options "-s", "-h" & "-f"
ln -shf NetBootClients0 /Library/NetBoot/.clients
# The "-s" option creates a symbolic links
The Setup
• Create Symlinks
# Create symlink ".clients" from "NetBootClients0" in directory "/Library/NetBoot”
# Using the "ln" utility with options "-s", "-h" & "-f"
ln -shf NetBootClients0 /Library/NetBoot/.clients
# The "-s" option creates a symbolic links
# The "-h" option will not follow the target file/directory if it is a symbolic links
The Setup
• Create Symlinks
# Create symlink ".clients" from "NetBootClients0" in directory "/Library/NetBoot”
# Using the "ln" utility with options "-s", "-h" & "-f"
ln -shf NetBootClients0 /Library/NetBoot/.clients
# The "-s" option creates a symbolic links
# The "-h" option will not follow the target file/directory if it is a symbolic links
# The "-f" will unlink the target file if the symbolic link exists.
The Setup
• Create Symlinks
# Create symlink ".clients" from "NetBootClients0" in directory "/Library/NetBoot”
# Using the "ln" utility with options "-s", "-h" & "-f"
ln -shf NetBootClients0 /Library/NetBoot/.clients
# The "-s" option creates a symbolic links
# The "-h" option will not follow the target file/directory if it is a symbolic links
# The "-f" will unlink the target file if the symbolic link exists.
# Create symlink ".sharepoint" from "NetBootSP0" in directory "/Library/NetBoot"
ln -shf NetBootSP0 /Library/NetBoot/.sharepoint
The Setup
• Configure NFS Exports
The Setup
• Configure NFS Exports
# Create NFS Export for "NetBootSP0"
echo "/Library/NetBoot/NetBootSP0 -ro -maproot=root" > /etc/exports
The Setup
• Configure NFS Exports
# Create NFS Export for "NetBootSP0"
echo "/Library/NetBoot/NetBootSP0 -ro -maproot=root" > /etc/exports
# “-ro” option shares the directory read only
The Setup
• Configure NFS Exports
# Create NFS Export for "NetBootSP0"
echo "/Library/NetBoot/NetBootSP0 -ro -maproot=root" > /etc/exports
# “-ro” option shares the directory read only
# “-maproot=root” maps root account to remote system root account
The Setup
• Configure NFS Exports
# Create NFS Export for "NetBootSP0"
echo "/Library/NetBoot/NetBootSP0 -ro -maproot=root" > /etc/exports
# “-ro” option shares the directory read only
# “-maproot=root” maps root account to remote system root account
#
#
#
#
#
#
I/O Redirection “>”
COMMAND_OUTPUT >
Redirect stdout to a file.
Creates the file if not present, otherwise overwrites it
The Setup
• Configure NFS Exports
# Create NFS Export for "NetBootSP0"
echo "/Library/NetBoot/NetBootSP0 -ro -maproot=root" > /etc/exports
# “-ro” option shares the directory read only
# “-maproot=root” maps root account to remote system root account
#
#
#
#
#
#
I/O Redirection “>”
COMMAND_OUTPUT >
Redirect stdout to a file.
Creates the file if not present, otherwise overwrites it
# Create NFS Export for "NetBootClients0"
echo "/Library/NetBoot/NetBootClients0 -ro -maproot=root" >> /etc/exports
The Setup
• Configure NFS Exports
# Create NFS Export for "NetBootSP0"
echo "/Library/NetBoot/NetBootSP0 -ro -maproot=root" > /etc/exports
# “-ro” option shares the directory read only
# “-maproot=root” maps root account to remote system root account
#
#
#
#
#
#
I/O Redirection “>”
COMMAND_OUTPUT >
Redirect stdout to a file.
Creates the file if not present, otherwise overwrites it
# Create NFS Export for "NetBootClients0"
echo "/Library/NetBoot/NetBootClients0 -ro -maproot=root" >> /etc/exports
# I/O Redirection “>>”
#
# Redirects stdout to a file.
# Creates the file if not present, otherwise appends to it.
The Setup
• Configure TFTP Service - Directories
The Setup
• Configure TFTP Service - Directories
# Create NetBoot directory in "/private/tftpboot" directory
mkdir /private/tftpboot/NetBoot
The Setup
• Configure TFTP Service - Symlinks
The Setup
• Configure TFTP Service - Symlinks
# Created symlink "NetBootSP0" from "/Library/NetBoot/NetBootSP0" in directory "/private/tftpboot"
ln -shf /Library/NetBoot/NetBootSP0 /private/tftpboot/NetBoot/NetBootSP0
The Setup
/System/Library/LaunchDaemons/tftp.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>com.apple.tftpd</string>
<key>ProgramArguments</key>
<array>
<string>/usr/libexec/tftpd</string>
<string>-s</string>
<string>/private/tftpboot</string>
</array>
<key>inetdCompatibility</key>
<dict>
<key>Wait</key>
<true/>
</dict>
<key>InitGroups</key>
<true/>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>tftp</string>
<key>SockType</key>
<string>dgram</string>
</dict>
</dict>
</dict>
</plist>
The Setup
/System/Library/LaunchDaemons/tftp.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>com.apple.tftpd</string>
<key>ProgramArguments</key>
<array>
The "-s" option enables tftpd to chroot
<string>/usr/libexec/tftpd</string>
<string>-s</string>
to the /tftpboot directory restricting
<string>/private/tftpboot</string>
access to outside files/directories.
</array>
<key>inetdCompatibility</key>
<dict>
<key>Wait</key>
<true/>
</dict>
<key>InitGroups</key>
<true/>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>tftp</string>
<key>SockType</key>
<string>dgram</string>
</dict>
</dict>
</dict>
</plist>
The Setup
/System/Library/LaunchDaemons/tftp.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>com.apple.tftpd</string>
<key>ProgramArguments</key>
<array>
The "-i" option enables insecure mode
<string>/usr/libexec/tftpd</string>
<string>-i</string>
which allows access to files outside
<string>/private/tftpboot</string>
the /private/tftpboot directory
</array>
<key>inetdCompatibility</key>
<dict>
This is necessary for NetBoot to allow
<key>Wait</key>
access to the images located in
<true/>
</dict>
directory...
<key>InitGroups</key>
<true/>
/Library/NetBoot/NetBootSP0
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>tftp</string>
<key>SockType</key>
<string>dgram</string>
</dict>
</dict>
</dict>
</plist>
The Setup
• Edit tftp.plist
The Setup
• Edit tftp.plist
# Modify /System/Library/LaunchDaemons/tftp.plist
sed -i '.bak' "s%-s%-i%g" "/System/Library/LaunchDaemons/tftp.plist”
The Setup
• Edit tftp.plist
# Modify /System/Library/LaunchDaemons/tftp.plist
sed -i '.bak' "s%-s%-i%g" "/System/Library/LaunchDaemons/tftp.plist”
# Find string "-s" and replace with string "-i"
The Setup
• Edit tftp.plist
# Modify /System/Library/LaunchDaemons/tftp.plist
sed -i '.bak' "s%-s%-i%g" "/System/Library/LaunchDaemons/tftp.plist”
# Find string "-s" and replace with string "-i"
# The sed “-i” option creates a backup with the extension .bak
The Setup
• Reload TFTP Service
The Setup
• Reload TFTP Service
# Use launchctl to unload the tftp service
launchctl unload -w "/System/Library/LaunchDaemons/tftp.plist”
The Setup
• Reload TFTP Service
# Use launchctl to unload the tftp service
launchctl unload -w "/System/Library/LaunchDaemons/tftp.plist”
# “-w” option overrides the “Disabled” key and sets it to false
The Setup
• Reload TFTP Service
# Use launchctl to unload the tftp service
launchctl unload -w "/System/Library/LaunchDaemons/tftp.plist”
# “-w” option overrides the “Disabled” key and sets it to false
# Use launchctl to load the tftp service
launchctl load -w "/System/Library/LaunchDaemons/tftp.plist”
The Setup
• Download NetBoot Image
The Setup
• Download NetBoot Image
The Setup
• Download NetBoot Image
•
Use Finder
The Setup
• Download NetBoot Image
•
Use Finder
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
# Mount AFP sharepoint
mount_afp afp://[USERNAME]:[PASSWORD]@images.server.edu/path/to/image
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
# Mount AFP sharepoint
mount_afp afp://[USERNAME]:[PASSWORD]@images.server.edu/path/to/image
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
# Mount AFP sharepoint
mount_afp afp://[USERNAME]:[PASSWORD]@images.server.edu/path/to/image
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
cp -R /Volumes/images/[NETBOOT_IMAGE_NAME].nbi /Library/NetBoot/NetBootSP0
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
# Mount AFP sharepoint
mount_afp afp://[USERNAME]:[PASSWORD]@images.server.edu/path/to/image
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
cp -R /Volumes/images/[NETBOOT_IMAGE_NAME].nbi /Library/NetBoot/NetBootSP0
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
# Mount AFP sharepoint
mount_afp afp://[USERNAME]:[PASSWORD]@images.server.edu/path/to/image
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
cp -R /Volumes/images/[NETBOOT_IMAGE_NAME].nbi /Library/NetBoot/NetBootSP0
# Unmount file system
unmount /Volumes/images
The Setup
• Download NetBoot Image
•
•
Use Finder
Or command line
# Make directory for sharepoint mount path
mkdir /Volumes/images
# Mount AFP sharepoint
mount_afp afp://[USERNAME]:[PASSWORD]@images.server.edu/path/to/image
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
cp -R /Volumes/images/[NETBOOT_IMAGE_NAME].nbi /Library/NetBoot/NetBootSP0
# Unmount file system
unmount /Volumes/images
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
# -D
preserve device & special files
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
# -D
preserve device & special files
# -c
skip based on checksum, not mod-time & size
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
# -D
preserve device & special files
# -c
skip based on checksum, not mod-time & size
# -v
increase verbosity
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
# -D
preserve device & special files
# -c
skip based on checksum, not mod-time & size
# -v
increase verbosity
show progress during transfer
# --progress:
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
# -D
preserve device & special files
# -c
skip based on checksum, not mod-time & size
# -v
increase verbosity
# --progress:
show progress during transfer
# --delete
delete extraneous files from dest dirs
The Setup
• Or if you update image routinely...
# Copy NetBoot image to directory /Library/NetBoot/NetBootSP0
rsync -acv --progress --delete --ignore-existing [Source] [Target]
# -a
archive mode, same as -rlptgoD (no -H)
# -r
recurse into directories
# -l
copy symlinks as symlinks
# -p
preserve permissions
# -t
preserve times
# -g
preserve group
# -o
preserve owner
# -D
preserve device & special files
# -c
skip based on checksum, not mod-time & size
# -v
increase verbosity
# --progress:
show progress during transfer
# --delete
delete extraneous files from dest dirs
# --ignore-existing
skip updating files that exist on receiver
The Setup
• rsync on Mac OS X 10.6.x
The Setup
• rsync on Mac OS X 10.6.x
•
Default version installed 2.6.9
# Default version of rsync installed on Mac OS X 10.6.x
# rsync --version
rsync version 2.6.9
protocol version 29
The Setup
• rsync on Mac OS X 10.6.x
•
Default version installed 2.6.9
# Default version of rsync installed on Mac OS X 10.6.x
# rsync --version
rsync version 2.6.9
•
protocol version 29
Pre-Built Binaries for Mac OS X
The MacPlace
http://www.themacplace.co.uk/downloads.html
The Setup
• rsync on Mac OS X 10.6.x
•
Default version installed 2.6.9
# Default version of rsync installed on Mac OS X 10.6.x
# rsync --version
rsync version 2.6.9
protocol version 29
•
Pre-Built Binaries for Mac OS X
•
Compiling Your Own
The MacPlace
http://www.themacplace.co.uk/downloads.html
Compiling Rsync with Resource Fork Support
http://www.lbackup.org/developer/rsync_hfs
The Setup
• BOOTP Setup
The Setup
• BOOTP Setup
•
Client doesn’t include /etc/bootpd.plist
The Setup
• BOOTP Setup
•
•
Client doesn’t include /etc/bootpd.plist
Used Mac OS X Server to create template
The Setup
• BOOTP Setup - Template Example
The Setup
/etc/bootpd.plist template
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
!
<key>NetBoot</key>
!
<dict/>
!
<key>Subnets</key>
!
<array>
!
!
<dict>
!
!
!
<key>allocate</key>
!
!
!
<false/>
!
!
!
<key>dhcp_domain_name</key>
!
!
!
<string>DHCP_DOMAIN_NAME</string>
!
!
!
<key>dhcp_domain_name_server</key>
!
!
!
<array>
!
!
!
!
<string>DHCP_DOMAIN_NAME_SERVER_0</string>
!
!
!
!
<string>DHCP_DOMAIN_NAME_SERVER_1</string>
!
!
!
</array>
!
!
!
<key>dhcp_domain_search</key>
!
!
!
<array>
!
!
!
!
<string>DHCP_DOMAIN_SEARCH</string>
!
!
!
</array>
!
!
!
<key>dhcp_router</key>
!
!
!
<string>DHCP_ROUTER</string>
!
!
!
<key>lease_max</key>
!
!
!
<integer>3600</integer>
!
!
!
<key>name</key>
!
!
!
<string>NAME</string>
!
!
!
<key>net_address</key>
!
!
!
<string>NET_ADDRESS</string>
!
!
!
<key>net_mask</key>
!
!
!
<string>NET_MASK</string>
!
!
!
<key>net_range</key>
The Setup
/etc/bootpd.plist template
!
!
!
!
!
!
!
!
!
!
!
!
<array>
!
!
!
<string>NET_RANGE_START</string>
!
!
!
<string>NET_RANGE_END</string>
!
!
</array>
!
!
<key>selected_port_name</key>
!
!
<string>en0</string>
!
!
<key>uuid</key>
!
!
<string>UUID</string>
!
</dict>
</array>!
!
<key>allow</key>
!
<array/>
!
<key>bootp_enabled</key>
!
<false/>
!
<key>deny</key>
!
<array/>
!
<key>detect_other_dhcp_server</key>
!
<false/>
!
<key>dhcp_enabled</key>
!
<false/>
!
<key>netboot_enabled</key>
!
<array>
!
!
<string>en0</string>
!
</array>
!
<key>old_netboot_enabled</key>
!
<false/>
!
<key>relay_enabled</key>
!
<false/>
!
<key>relay_ip_list</key>
!
<array/>
!
<key>startTime</key>
!
<string>START_TIME</string>
</dict>
</plist>
The Setup
• BOOTP Setup - Create plist from Template
The Setup
• BOOTP Setup - Create plist from Template
# Use cat and a here file to create /etc/bootpd.plist with template data
cat <<'EOF'
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
.
.
.
</dict>
</plist>
EOF
) > /etc/bootp.plist
The Setup
• BOOTP Setup - Domain Name
The Setup
• BOOTP Setup - Domain Name
# Get Host Domain Name
DHCP_DOMAIN_NAME=`hostname | awk -F "." '{print $2"."$3"."$4}'`
The Setup
• BOOTP Setup - Domain Name
# Get Host Domain Name
DHCP_DOMAIN_NAME=`hostname | awk -F "." '{print $2"."$3"."$4}'`
# Set “Find” & “Replace” variables
FIND="<string>DHCP_DOMAIN_NAME</string>"
REPLACE="<string>$DHCP_DOMAIN_NAME</string>"
The Setup
• BOOTP Setup - Domain Name
# Get Host Domain Name
DHCP_DOMAIN_NAME=`hostname | awk -F "." '{print $2"."$3"."$4}'`
# Set “Find” & “Replace” variables
FIND="<string>DHCP_DOMAIN_NAME</string>"
REPLACE="<string>$DHCP_DOMAIN_NAME</string>"
# Replace “Find” with “Replace” variable
sed -i '.bak' "s%$FIND%$REPLACE%g" /etc/bootpd.plist
The Setup
• BOOTP Setup
•
See script for other modifications to bootp.plist
http://www.macos.utah.edu/documentation/system_deployment/setup_netboot_on_mac_os_x_10.6_client
The Setup
• BOOTP Setup
•
See script for other modifications to bootp.plist
http://www.macos.utah.edu/documentation/system_deployment/setup_netboot_on_mac_os_x_10.6_client
•
After all modifications done unload/load
# Use launchctl to unload the bootps service
launchctl unload -w /System/Library/LaunchDaemons/bootps.plist
The Setup
• BOOTP Setup
•
See script for other modifications to bootp.plist
http://www.macos.utah.edu/documentation/system_deployment/setup_netboot_on_mac_os_x_10.6_client
•
After all modifications done unload/load
# Use launchctl to unload the bootps service
launchctl unload -w /System/Library/LaunchDaemons/bootps.plist
# Use launchctl to load the bootps service
launchctl load -w /System/Library/LaunchDaemons/bootps.plist
The Setup
• AFP Setup - Apple Filing Protocol
•
Needed for NetBoot network
shadow files
•
Mac OS X 10.6 Client limited to
10 Concurrent AFP connections
•
Used fseventer to reverse engineer
client File Sharing setup
The Setup
• AFP Setup - Apple Filing Protocol
•
Needed for NetBoot network
shadow files
The Setup
• AFP Setup - Apple Filing Protocol
•
Needed for NetBoot network
shadow files
•
Mac OS X 10.6 Client limited to
10 Concurrent AFP connections
The Setup
• AFP Setup - Apple Filing Protocol
•
Needed for NetBoot network
shadow files
•
Mac OS X 10.6 Client limited to
10 Concurrent AFP connections
•
Used fseventer to reverse engineer
client File Sharing setup
The Setup
• AFP Setup - fseventer
The Setup
• AFP Setup - fseventer
The Setup
• AFP Setup - dscl -read
The Setup
• AFP Setup - dscl -read
# Noticed file system changes to path...
/private/var/db/dslocal/nodes/Default/config/SharePoints/NetBootClients0.plist
The Setup
• AFP Setup - dscl -read
# Noticed file system changes to path...
/private/var/db/dslocal/nodes/Default/config/SharePoints/NetBootClients0.plist
# To get the values you can turn on File Sharing using GUI “System Preferences -> Sharing”
# Then use Directory Service command line utility [dscl] to read the sharepoints values needed
# dscl . -read SharePoints/NetBootClient0
dsAttrTypeNative:afp_guestaccess: 1
dsAttrTypeNative:afp_name: NetBootClient0
dsAttrTypeNative:afp_shared: 1
dsAttrTypeNative:directory_path: /Library/NetBoot/NetBootClient0
dsAttrTypeNative:ftp_name: NetBootClient0
dsAttrTypeNative:sharepoint_group_id: DD8A7526-901D-4D31-8B90-8EC8B71A1B43
dsAttrTypeNative:smb_createmask: 644
dsAttrTypeNative:smb_directorymask: 755
dsAttrTypeNative:smb_guestaccess: 1
dsAttrTypeNative:smb_name: NetBootClient0
dsAttrTypeNative:smb_shared: 1
AppleMetaNodeLocation: /Local/Default
RecordName: NetBootClient0
RecordType: dsRecTypeStandard:SharePoints
The Setup
• AFP Setup - dscl -create
The Setup
• AFP Setup - dscl -create
# Create items
dscl . -create
dscl . -create
dscl . -create
dscl . -create
dscl . -create
dscl . -create
needed for NetBoot sharepoint /Library/NetBoot/NetBootClients0
SharePoints/NetBootClients0
SharePoints/NetBootClients0 afp_guestaccess 1
SharePoints/NetBootClients0 afp_name NetBootClients0
SharePoints/NetBootClients0 afp_shared 1
SharePoints/NetBootClients0 directory_path /Library/NetBoot/NetBootClients0
SharePoints/NetBootClients0 ftp_name NetBootClients0
The Setup
• AFP Setup - dscl -create
# Create items
dscl . -create
dscl . -create
dscl . -create
dscl . -create
dscl . -create
dscl . -create
needed for NetBoot sharepoint /Library/NetBoot/NetBootClients0
SharePoints/NetBootClients0
SharePoints/NetBootClients0 afp_guestaccess 1
SharePoints/NetBootClients0 afp_name NetBootClients0
SharePoints/NetBootClients0 afp_shared 1
SharePoints/NetBootClients0 directory_path /Library/NetBoot/NetBootClients0
SharePoints/NetBootClients0 ftp_name NetBootClients0
# Not sure how to generate the sharepoint group id and works without specifying it.
# dscl . -create SharePoints/NetBootClients0 sharepoint_group_id F7D1C81A-53EF-48E7-BF47-D2ABEF4F400B
The Setup
• AFP Setup - dscl -create
# Create items
dscl . -create
dscl . -create
dscl . -create
dscl . -create
dscl . -create
dscl . -create
needed for NetBoot sharepoint /Library/NetBoot/NetBootClients0
SharePoints/NetBootClients0
SharePoints/NetBootClients0 afp_guestaccess 1
SharePoints/NetBootClients0 afp_name NetBootClients0
SharePoints/NetBootClients0 afp_shared 1
SharePoints/NetBootClients0 directory_path /Library/NetBoot/NetBootClients0
SharePoints/NetBootClients0 ftp_name NetBootClients0
# Not sure how to generate the sharepoint group id and works without specifying it.
# dscl . -create SharePoints/NetBootClients0 sharepoint_group_id F7D1C81A-53EF-48E7-BF47-D2ABEF4F400B
dscl
dscl
dscl
dscl
dscl
.
.
.
.
.
-create
-create
-create
-create
-create
SharePoints/NetBootClients0
SharePoints/NetBootClients0
SharePoints/NetBootClients0
SharePoints/NetBootClients0
SharePoints/NetBootClients0
smb_createmask 644
smb_directorymask 755
smb_guestaccess 0
smb_name NetBootClients0
smb_shared 0
The Setup
• AFP Setup - Restart Services
The Setup
• AFP Setup - Restart Services
# Restarting DirectoryService after modifying database
killall DirectoryService
The Setup
• AFP Setup - Restart Services
# Restarting DirectoryService after modifying database
killall DirectoryService
# Make sure AFP is running by starting the daemon
/usr/sbin/AppleFileServer
The Setup
• AFP Setup - Restart Services
# Restarting DirectoryService after modifying database
killall DirectoryService
# Make sure AFP is running by starting the daemon
/usr/sbin/AppleFileServer
# Unload the AppleFileServer launch daemon after modifying database
launchctl unload -w /System/Library/LaunchDaemons/com.apple.AppleFileServer.plist
The Setup
• AFP Setup - Restart Services
# Loop Until Apple File Sharing enabled and gives error its already in use and sleep 30 seconds in-between loops
LOAD_APPLEFILESERVER_ERROR=`cat /tmp/load_applefileserver_error.txt | grep "Address already in use" | sed "s%bind(): %%g"`
INDEX=1
while [[ "${LOAD_APPLEFILESERVER_ERROR}" != "Address already in use"
do
&& "${INDEX}" -lt 10 ]]
launchctl load -w /System/Library/LaunchDaemons/com.apple.AppleFileServer.plist 2>/tmp/load_applefileserver_error.txt
LOAD_APPLEFILESERVER_ERROR=`cat /tmp/load_applefileserver_error.txt | grep "Address already in use" | sed "s%bind(): %%g"`
let INDEX=INDEX+1
sleep 30
done
Testing
Testing
• NetBoot a client
Testing
• NetBoot a client
• Test TFTP - From Client
Testing
• NetBoot a client
• Test TFTP - From Client
# Using tfpt command line tool, test transferring the booter file from the NetBoot server
# tftp [NetBoot Server IP]
% tftp xxx.xxx.xxx.xxx
tftp> get NetBoot/NetBootSP0/CMS_Default_NetBoot.nbi/i386/booter
Received 334686 bytes in 0.2 seconds
Testing
• NetBoot a client
• Test TFTP - From Client
# Using tfpt command line tool, test transferring the booter file from the NetBoot server
# tftp [NetBoot Server IP]
% tftp xxx.xxx.xxx.xxx
tftp> get NetBoot/NetBootSP0/CMS_Default_NetBoot.nbi/i386/booter
Received 334686 bytes in 0.2 seconds
# Note: this test will fail if your Netboot set has spaces in its name. In general, however,
# its OK to have spaces in your Netboot set's name
Testing
• Test NFS - From Client
Testing
• Test NFS - From Client
# showmount shows status info about a NFS on host
# -e
Shows the hosts exports list
showmount -e [NetBoot Server IP]
Testing
• Test NFS - From Client
# showmount shows status info about a NFS on host
# -e
Shows the hosts exports list
showmount -e [NetBoot Server IP]
# For example...
%showmount -e xxx.xxx.xxx.xxx
Exports list on xxx.xxx.xxx.xxx:
/Library/NetBoot/NetBootSP0
/Library/NetBoot/NetBootClients0
Everyone
Everyone
Testing
• Test NFS - From Client
# showmount shows status info about a NFS on host
# -e
Shows the hosts exports list
showmount -e [NetBoot Server IP]
# For example...
%showmount -e xxx.xxx.xxx.xxx
Exports list on xxx.xxx.xxx.xxx:
/Library/NetBoot/NetBootSP0
/Library/NetBoot/NetBootClients0
Everyone
Everyone
# The mount_nfs command attempts to load the NFS Sharepoints
mkdir /tmp/mnt
mount_nfs <NetBoot Server IP>:/Library/NetBoot/NetBootSP0 /tmp/mnt
Testing
• Test NFS - From Client
# showmount shows status info about a NFS on host
# -e
Shows the hosts exports list
showmount -e [NetBoot Server IP]
# For example...
%showmount -e xxx.xxx.xxx.xxx
Exports list on xxx.xxx.xxx.xxx:
/Library/NetBoot/NetBootSP0
/Library/NetBoot/NetBootClients0
Everyone
Everyone
# The mount_nfs command attempts to load the NFS Sharepoints
mkdir /tmp/mnt
mount_nfs <NetBoot Server IP>:/Library/NetBoot/NetBootSP0 /tmp/mnt
# For example...
mkdir /tmp/mnt
mount_nfs xxx.xxx.xxx.xxx:/Library/NetBoot/NetBootSP0 /tmp/mnt
Testing
• Test NFS - From Client
# The sharepoint will show on the Desktop in
# Or access it via command line.
% ls -al /tmp/mnt/
total 2
drwxrwxr-x
3 root admin 102 Jun 9 15:28
drwxrwxrwt 13 root wheel 442 Jun 9 16:40
drwxrwxr-x
5 root admin 170 Jun 6 13:56
Finder
.
..
CMS Default NetBoot.nbi
Testing
• Test DHCP - From Client
# Didn’t find a command line tool to test DHCP on Mac OS X
# But, there is a Mac OS X GUI application called IPNetMonitorX that tests DHCP
http://www.sustworks.com/site/prod_ipmx_overview.html
The DHCP Test tool allows you to initiate DHCP
transactions or exercise a DHCP Server
The "DHCP Type" popup menu at the upper left corner of
the test parameters area allows you to select what DHCP
transaction to generate.
Startup in NetBoot
Startup in NetBoot
• N Key
Press “N” key on during client startup to NetBoot using default image
Startup in NetBoot
• Startup Manager
Press Option to start into Startup Manager and select NetBoot volume
Startup in NetBoot
• Startup Disk
From System Preferences - Startup Disk, select NetBoot volume
Launch System Preferences
Select “Startup Disk” pane
Select NetBoot volume
Startup in NetBoot
• Apple Remote Desktop
Select “Set Startup Disk” from Manage menu and enter NetBoot volume name
Launch Remote Desktop
Select “Set Startup Disk” from Manage Menu
Select “Custom Volume” then Enter
Server Address and NetBoot Volume Name
Startup in NetBoot
• Command Line
Startup from Default NetBoot Image from Client
# Startup from default NetBoot Image Syntax
sudo bless --netboot --server bsdp://[NetBoot Server IP]
Startup in NetBoot
• Command Line
Startup from Default NetBoot Image from Client
# Startup from default NetBoot Image Syntax
sudo bless --netboot --server bsdp://[NetBoot Server IP]
• Command Line
Startup from Non-Default NetBoot Images Client
# Startup from Non-Default NetBoot Image Syntax
sudo bless --netboot --server bsdp://[NetBoot Server IP]/[Image Name]
• Command Line
Tip & Tricks
Startup in NetBoot
• Command Line
Startup from Default NetBoot Image from Client
# Startup from default NetBoot Image Syntax
sudo bless --netboot --server bsdp://[NetBoot Server IP]
• Command Line
Startup from Non-Default NetBoot Images Client
# Startup from Non-Default NetBoot Image Syntax
sudo bless --netboot --server bsdp://[NetBoot Server IP]/[Image Name]
• Command Line
Tip & Tricks
# The "--nextonly" option will change the boot device selection for the next boot
sudo bless --netboot --server bsdp://[NetBoot Server IP] --nextonly
Startup in NetBoot
• Command Line
Change NetBoot Server’s Default NetBoot Image
See this script called “netbootch” from website...
http://yourmacguy.wordpress.com/2008/07/31/netbootch/
When run, it lists all available NetBoot images, the current default is marked
with an asterisk, and prompts you to select a new default.
[0]:
[1]:
* [2]:
[3]:
[4]:
10.5.3_Auto_NetInstall.nbi
NetInstall-Restore.nbi
Tiger to 10.5.4 Upgrade.nbi
Tiger_to_10.5.3.nbi
Visitors iMacs.nbi
Select a new default image [0-4]:
Modify Shadow File
• Three Options...
Modify Shadow File
• Three Options...
Network
Apple Filing Protocol (AFP) is used for the network based shadow
files.
Modify Shadow File
• Three Options...
Network
Apple Filing Protocol (AFP) is used for the network based shadow
files.
Mac OS X 10.6.x client is limited to 10 concurrent AFP connections
Modify Shadow File
• Three Options...
Network
Apple Filing Protocol (AFP) is used for the network based shadow
files.
Mac OS X 10.6.x client is limited to 10 concurrent AFP connections
NetBoot
NetBoot by default will use a network sharepoint if specified
In Server Admin -> NetBoot -> Settings -> Images -> Diskless Enabled
Modify Shadow File
• Three Options...
Network
Apple Filing Protocol (AFP) is used for the network based shadow
files.
Mac OS X 10.6.x client is limited to 10 concurrent AFP connections
NetBoot
NetBoot by default will use a network sharepoint if specified
Or if there isn’t a problem with the sharepoint and have 10 or less AFP connections
Modify Shadow File
• Three Options...
Local Hard Disk
You can also use a hard disk on the client if available
Modify Shadow File
• Three Options...
Local Hard Disk
You can also use a hard disk on the client if available
NetBoot
Or local hard disk for shadow files if specifies
In Server Admin -> NetBoot -> Settings -> Images -> Diskless Disabled
Or if there is a problem wih the sharepoint setup of more than 10 AFP connections
Modify Shadow File
• Three Options...
Ram Disk
Or setup a ram disk for shadow files.
•
NetInstall/NetRestore
NetInstall/NetRestore uses RAM disk
Modify Shadow File
• Use hints from NetInstall/NetRestore
•
Mount the NetInstall.dmg image
NetInstall
•
View the rc.cdrom file
# NetInstall Shadow File Configuration Specified by file...
NetInstall/private/etc/rc.cdrom
Modify Shadow File
• NetBoot Shadow File Configuration
•
Mount the NetBoot.dmg image
NetBoot
•
Edit the rc.netboot file
# NetBoot Shadow File Configuration Specified by file...
NetBoot/private/etc/rc.netboot
Modify Shadow File
Comment out the following lines from the local_mount() subroutine
local_mount()
{
tries=0
limit=11
while [ $tries -lt $limit ]; do
!
tries=$(( tries + 1 ))
!
volinfo=`autodiskmount -F 2>/dev/null`
!
if [ $? -ne 0 ]; then
!
if [ $tries -lt $limit ]; then
!
!
echo "Waiting for local drives..."
!
!
echo "Waiting for local drives (retry ${tries}/$(( limit - 1 )))..." > /dev/console
!
!
sleep 5
!
else
!
!
echo "autodiskmount -F found no local drives"
!
!
return 1
!
fi
!
else
!
tries=$limit
!
fi
done
set ${volinfo}
devname=$1
fstype=$2
mount -t "${fstype}" -o nosuid,nodev "/dev/${devname}" "${NETBOOT_MOUNT}" 2>&1
if [ $? -ne 0 ]; then
!
echo "mount of ${devname} failed"
!
return 1
fi
common_start "${NETBOOT_MOUNT}/.com.apple.NetBootX" shadowfile
return 0
}
local_mount()
{
# tries=0
# limit=11
# while [ $tries -lt $limit ]; do
#! tries=$(( tries + 1 ))
#! volinfo=`autodiskmount -F 2>/dev/null`
#! if [ $? -ne 0 ]; then
#!
if [ $tries -lt $limit ]; then
#! !
echo "Waiting for local drives..."
#! !
echo "Waiting for local drives (retry ${tries}/$(( limit - 1 )))..." > /dev/console
#! !
sleep 5
#!
else
#! !
echo "autodiskmount -F found no local drives"
#! !
return 1
#!
fi
#! else
#!
tries=$limit
#! fi
# done
# set ${volinfo}
# devname=$1
# fstype=$2
#
# mount -t "${fstype}" -o nosuid,nodev "/dev/${devname}" "${NETBOOT_MOUNT}" 2>&1
# if [ $? -ne 0 ]; then
#! echo "mount of ${devname} failed"
#! return 1
# fi
common_start "${NETBOOT_MOUNT}/.com.apple.NetBootX" shadowfile
return 0
}
Modify Shadow File
Add the following 2 lines to the local_mount subroutine
local_mount()
{
# tries=0
# limit=11
# while [ $tries -lt $limit ]; do
#! tries=$(( tries + 1 ))
#! volinfo=`autodiskmount -F 2>/dev/null`
#! if [ $? -ne 0 ]; then
#!
if [ $tries -lt $limit ]; then
#! !
echo "Waiting for local drives..."
#! !
echo "Waiting for local drives (retry ${tries}/$(( limit - 1 )))..." > /dev/console
#! !
sleep 5
#!
else
#! !
echo "autodiskmount -F found no local drives"
#! !
return 1
#!
fi
#! else
#!
tries=$limit
#! fi
# done
# set ${volinfo}
# devname=$1
# fstype=$2
#
# mount -t "${fstype}" -o nosuid,nodev "/dev/${devname}" "${NETBOOT_MOUNT}" 2>&1
# if [ $? -ne 0 ]; then
#! echo "mount of ${devname} failed"
#! return 1
# fi
common_start "${NETBOOT_MOUNT}/.com.apple.NetBootX" shadowfile
return 0
}
local_mount()
{
# tries=0
# limit=11
# while [ $tries -lt $limit ]; do
#! tries=$(( tries + 1 ))
#! volinfo=`autodiskmount -F 2>/dev/null`
#! if [ $? -ne 0 ]; then
#!
if [ $tries -lt $limit ]; then
#! !
echo "Waiting for local drives..."
#! !
echo "Waiting for local drives (retry ${tries}/$(( limit - 1 )))..." > /dev/console
#! !
sleep 5
#!
else
#! !
echo "autodiskmount -F found no local drives"
#! !
return 1
#!
fi
#! else
#!
tries=$limit
#! fi
# done
# set ${volinfo}
# devname=$1
# fstype=$2
#
# mount -t "${fstype}" -o nosuid,nodev "/dev/${devname}" "${NETBOOT_MOUNT}" 2>&1
# if [ $? -ne 0 ]; then
#! echo "mount of ${devname} failed"
#! return 1
# fi
volinfo=`autodiskmount -F 2>/dev/null`
RAMDisk "${NETBOOT_MOUNT}"
common_start "${NETBOOT_MOUNT}/.com.apple.NetBootX" shadowfile
return 0
}
Modify Shadow File
Add the following RAMDisk() subroutine
RAMDisk()
{
mntpt=$1
echo "Creating RAM Disk for $mntpt"
dev=`hdik -drivekey system-image=yes -drivekey eject-upon-logout=no -nomount ram://500000`
if [ $? -eq 0 ] ; then
newfs $dev #hack to init partition table automatically
newfs_hfs $dev
mount -t hfs -o nosuid,nodev $dev $mntpt
echo "ramdisk created and mounted OK"
fi
}
Show Me
• Enough talk show me a demonstration
