Diskless Machines (iPXE &iSCSI)

 

We have done some work about creating iSCSI targets (disks) on FreeBSD 10. If you haven’t checked my tutorial go ahead and click here.

So now we are going to learn how to simplify things by using the FreeNAS interface in order to create targets.

We are going to need a few things:

  • Portal: It is the socket in which FreeNAS is going to be receiving all connections from the clients
  • Extent: It is the dataset that you are going to share. You also need to specify the size
  • Initiators: add permissions to your sharing
  • Target: name your target (name, ip, port, Lun)
  • Target/ Extents: You are going to associate your dataset to you target.

So let me create a target as an example.

1. – Once you get access to your FreeNAS interface, go to the following path

    Services àiSCSIàPortalà Add Portal

        

2. – Create an Extent by clicking on “Add Extent” (Even if you did not create “centos” directory previously, don’t worry FreeNAS will create the dataset for you automatically.

 

3. – It is time to set our initiator (you might want to add your network address or you might also want to add “ALL” under the authorized networks.

4. – Alright! It is time for our target. (Important changes are marked)

5. – We also have to associate the Extent (dataset) to the Target.

6. – Finally, do not forget to turn on the service.

 

From now, if you want to create more operating system installation you only need to create another Extent and associate it to the target (use the same portal, target, and initiator unless you have to configure something very specific.

NOTE: Read some documentation about iSCSI so it can help you to understand better the topic.

 

So how can I install operating systems over the network Mrwhitebp?

Ok we are going to need:

  • TFTP server
  • DHCP server
  • iPXE code (build our image)
  • Computers connected via cable supporting PXE on their networks cards (computers can be diskless or not, it doesn’t matter. We are going to boot from the network card anyways)

 

Note: I’m going to be doing all the configuration on pfsense (FreeBSD graphical router). However, if you have questions about the services (TFTP, DHCP) do not hesitate to contact me. Probably, I will not give you technical support unless you pay me (haha) but I will point you in the right direction.

1. – TFTP server.

Go to “available packages” in the pfsense router (under the menu “system”) and add the TFTP server package. After installing the package, verify that it appearing into the Installed packages. Also check that the service is running in the dashboard (under the menu “Status”).

Here is an example of the dashboard.

2. – DHCP

Go to “Services” in pfsense router and click on DHCP Server. Scroll down your page until you hit the bottom then you will see something like this “DHCP Static Mappings for this interface.” Click on the symbol (+) in order to add a new entry. Fill it up all the boxes according to your needs (mac address, IP address, DNS server, Gateway and Domain).

Note: If you are going to install Microsoft Windows then you do not provide a gateway (0.0.0.0).

The explanation is on the video attached to this tutorial.

 

Continuing on the same page, right to the bottom click on “advanced” on the TFTP server and add the IP address of the pfsense router. Why? Because we have installed the TFTP as a part of the router, the IP address will be the same. (Don’t worry there is not security issues unless you create them).

Save everything and restart the DHCP server. So from now on, when you boot your computer associated to the mac address, it will connect to the DHCP server and will download the file undionly.kpxe (it contain the entire information associate to the target on the FreeNAS box).

 

3.- iPXE

Now let’s compile our image undionly.kpxe

Note: I built my image on CentOS because it has all the requirements out of the box. So what I did, I installed a virtual machine with CentOS and I run the command below.

# git clone https://git.ipxe.org/ipxe.git

Note: this command will create a folder called “ipxe” into the path in which you were at the time you run the command

These are the requirements for building the image in case you want to know.

  • gcc (version 3 or later)
  • binutils (version 2.16 or later)
  • make
  • perl
  • syslinux (for isolinux, only needed for building .iso images)
  • zlib and binutils header files (only needed for EFI builds)

 

 

Note: the command on the website is using the protocol git in order to download the source code. However, if you have blocked git by your router, alternatively you can use https instead.

# git clone
https://git.ipxe.org/ipxe.git

Note: try to download the git source code into a directory with writing rights like /home/user/

Configuration:

Under the path: (whatever path that you have chosen)/ipxe/src/config/

Edit the following file general.h

Also uncomment the following lines into the same file (general.h)

Under the path: (whatever path that you have chosen)/ipxe/src/config/console.h, uncomment the line that refers to VESAFB

 

After the configuration, go back to the path: (whatever path that you have chosen)/ipxe/src/ and run the following command.

Configuration is done. Now we have to create a script called script.ipxe under the

path: (whatever path that you have chosen)/ipxe/src/

# vi script.ipxe

Copy the following lines into the script

#!ipxe

set initiator-iqn iqn.2014-04.com.mrwhitebp:boot-${net0/mac}

dhcp net0

clear net0.dhcp/gateway:ipv4

#set keep-san 1

#start of menu

:start

menu iPXE boot menu for ${net0/mac} ${net0/ip}

item windowsos Boot Windows 8

item centos Boot CentOS GNU/Linux 6.5

item shell Launch iPXE shell

#default

choose –timeout 30000 –default windowsos selected && goto ${selected}

#iPXE Shell

:shell

echo Type ‘exit’ to get the back to the menu

shell

set menu-timeout 0

set submenu-timeout 0

goto start

#other OSes

:windowsos

set net0/gateway 0.0.0.0

set keep-san 1

sanhook iscsi:192.168.1.7::::iqn.2014-04.com.mrwhitebp:windows

boot

:centos

sanboot iscsi:192.168.1.7::::iqn.2014-04.com.mrwhitebp:mrwhite-centos

boot

 

Once you create the script run the following command in order to compile our image undionly.kpxe

# make bin/undionly.kpxe EMBED=script.ipxe

 

After the compilation you will get your new image under the path: (whatever path that you have chosen)/ipxe/src/bin/undionly.kpxe

Upload your image (undionly.kpxe) to the TFTP server:

Note: I used scp (security copy) in order to transfer mine but you can use TFTP directly.

Linux scp command:

Under the pfsense router, open a shell

# cd /tftpboot

# scp root@(ip-address of the linux):(whatever path that you have chosen)/ipxe/src/bin/undionly.kpxe .

Note: be aware that there is a point at the end of the command

    Example:

    # scp root@192.168.1.146:/home/oblanco/ipxe/src/bin/undionly.kpxe .

 

4. – TEST on a virtual Machine (VMWARE 10)

Create a new virtual machine without hard drive and attach the windows 8 ISO into the CDROM/DVDROM. (32 bits or 64 bits)

 

Change the boot order into the VM (press F2 to get access to the BIOS on the virtual machine).

Your first boot up should look like this:

 

Ok. You have to understand that your iSCSI hard drive doesn’t have any operating system yet so when you select windows 8 from the ipxe menu, it will try to boot from the iSCSI Hard Drive. If it fails then the VM will try to boot from the CDROM (ISO image). It is very important that you do not provide any gateway either from your DHCP or from your script.ipxe configuration file, because windows 8 will send the traffic to the router instead connecting directly to the FreeNAS box. If windows send the traffic to the router and you did not redirect the traffic in the router, the installation will become very unstable and slow.

 

 

Note: Do not disconnect the CDROM until the installation is completed (no matter that your VM reboots several times). Also after the first reboot, select windows 8 on the iPXE menu but do not press any other key otherwise you will be boot from the windows ISO again).

Note: After the installation of windows 8, you have to add a gateway to your ipv4 configuration because we had disabled it.

 

Repeat the same process if you want to install more operating systems.

 

Note: I should be a video attached to this tutorial but I’m working on it. Also I will provide you a link of the PDF.

 

Thank you very much guys! If you have any comments or questions, please contact me through my twitter account or Facebook.

______________________________________________________________________

 

Update: May 17, 2014: 12:18 PM