HowTo install FOG-Project CloneServer on NethServer


(fpausp) #41

I need more time, I will test it in a VM properly with your setup…


(Manonthemoon Ak) #42

Ok! Thanks a lot!


(fpausp) #43

Please show me the output of: cat /etc/dnsmasq.conf


(Manonthemoon Ak) #45
# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 
#
# 10base
#

# Set the domain for dnsmasq. this is optional, but if it is set, it
# does the following things.
# 1) Allows DHCP hosts to have fully qualified domain names, as long
#     as the domain part matches this setting.
# 2) Sets the "domain" DHCP option thereby potentially setting the
#    domain of all systems configured by DHCP
# 3) Provides the domain part for "expand-hosts" 
domain=spxxxxxxx.pl


#
# 20dns
#

# Never forward plain names (without a dot or domain part)
domain-needed

# Never forward addresses in the non-routed address spaces.
bogus-priv


# Domain is automatically added to simple names in a hosts-file.
expand-hosts

cache-size=4000
#
# 25NameServers
#

# Don't read /etc/resolv.conf. Get upstream servers only from the
# command line or the dnsmasq configuration file.
no-resolv

# Specify IP address of upstream servers directly. Setting this flag
# does not suppress reading of /etc/resolv.conf, use "no-resolv" to do
# that.
server=8.8.8.8


# By  default,  dnsmasq  will  send queries to any of the upstream
# servers it knows about and tries to favour servers that are known
# to  be  up.  Uncommenting this forces dnsmasq to try each query
# with  each  server  strictly  in  the  order  they   appear   in
# /etc/resolv.conf
strict-order


#
# 30dhcp
#

# Enable the DHCP server. Addresses will be given out from the range
# <start-addr> to <end-addr> and from statically defined addresses
# given in dhcp-host options. 
# See db configuration getprop dnsmasq DhcpStatus

dhcp-range=set:br0,192.168.0.1,192.168.0.254,255.255.255.0,86400
dhcp-option=tag:br0,option:router,192.168.0.1
dhcp-option=tag:br0,option:tftp-server,"192.168.0.1"
dhcp-lease-max=253


# Should be set when dnsmasq is definitely the only DHCP server on a
# network.
dhcp-authoritative

# Read dhcp reservations from dhcp-hostsfile. 
# See dhcp-hosts option for more informations.
dhcp-hostsfile=/etc/dnsmasq-dhcp-hosts



#
# 40bind
#
except-interface=enp1s0f0
except-interface=virbr0

#
# 50sssd -- the Samba Domain controller is
# the authoritative DNS for our realm/domain
# 
server=/ad.spxxxxxxx.pl/192.168.0.30


#
# 80tftp
#
enable-tftp
tftp-root=/var/lib/tftpboot
dhcp-option=66,"192.168.0.1"

#
# Create Domain wildcard for remote hosts
#

During installation I used br0 and not enp1s0f1
enp1s0f1 did not accept


(Rob Bosch) #46

If it were for me, I would implement FOG on a dedicated NethServer with RED interface in your LAN subnet and create another subnet as staging network for installing your clients. You will have DHCP on GREEN interface of your NS FOG server for your clients. This way you are not at risk installing a production client with new software. You can use VLAN or dedicated separate switch for your FOG subnet.

If you use proxmox, you can have this all on 1 physical server. Using an extra physical switch for your FOG lan, you will need at least 3 networking cards in your proxmox server.


(Manonthemoon Ak) #47

This is a school. Limited budget. I have to use what they have.
The server has two cards.
If I fail to run, I will set FOG separately.
Then I will use the switch. How did you write.


(Rob Bosch) #48

I understand exactly your situation. I am involved with ict on several schools, including a school in Senegal. Limited budgets are a known problem. I don’t know what type of server you have and if there are any spare systems that can be used as FOG server.
In Belgium I installed a server with plain ubuntu server and installed KVM on it. Installed 2 VM’s: 1 with pFSense and 1 with Karoshi server. This was before I entered the NethServer community. But both VM’s could perfectly be executed by NethServer.
If I would have to re-implement this server, I would definately go for proxmox instead of Ubuntu + KVM because it is much easier to maintain. And for the VM’s I definitely would choose NethServer.
To get cheap hardware that can do the job I would advice you to ask companies for their old stuff. Or contact datacenters for there old hardware. Most of the time they have loads of servers and switches laying around that are not used anymore and go for free or a low price.


(fpausp) #49

OK, just for a quick test, edit /etc/dnsmasq.conf manually:

  • change tftp-root to:
    tftp-root=/tftpboot

  • add this on the end:
    dhcp-boot=undionly.kpxe,,192.168.0.1

Now save /etc/dnsmasq.conf and PXE-boot a client. Try to register it in the FOG way…


(Manonthemoon Ak) #50

Thank you very much for help.
There is a chance for modernization, but everything goes quite reluctantly and is usually postponed.
Projects from the EU are being implemented.
I’m from Poland.
All wiring is not in perfect condition. It is not perfect. You know how it is :wink:
Old computers. Historical cross-section.
The server is not so bad.
2x Xeon CPU 2.27GHz
16 GB RAM
3x 1TB
One hundred computers in the network. Plus printers, phones, tablets…
I also think about pFSense.
The NethServer community is great :slight_smile: This is a big advantage.
Maybe Proxmox would be a good solution.


(Manonthemoon Ak) #51

Thanks! I’ll let you know on Monday.
Then I will have access to the computer room.


(fpausp) #52

I would use Proxmox as a Hypervisor and Nethserver as VM?

Do you know OPNsense, the fork of pfsense? Maybe you also know IPFire?


(Manonthemoon Ak) #53

I know pfsense, IPFire, but I have never implemented it. I have never worked with it.
Just wonder what would be the best solution. With my knowledge it can be hard :smiley:
…but I would like to learn new things.
It is important that this FOG facilitates my work.
NiethServer does not filter the content strongly. It does not filter google photos.
This is another problem. Widely known. Very important for the school.


(Manonthemoon Ak) #54

We managed to register! Can I leave these settings or are they for testing only?
Only when trying to download the image shows me “connection timed out”.


(André Wismer) #55

Hi
I’ve used FOG for several years now. Same with SME-Server, now upgraded to using NethServer.
I also made the move from VMWare ESXi to Proxmox 2-3 years ago.
I would also suggest using ProxMox as basis for virtualization, running NethServer and FOG-Project as virtualized servers (separate!) in Proxmox.
Years back, I made a Master-Image using VMWare ESXi and successfully reused that image for several clients. I repeated that Master-Image in ProxMox, using LX-Containers (Even less overhead used). I have reused that master again and again. If it works, why repair it? :wink:

I use FOG-Project in productive networks, because I want to be able to image important (actually all) workstations running Windows or Linux automatically for Backup purposes on a regular basis.
The machines get “waked” with WOL. They automatically boot into PXE, check if there is an imaging job to do. If not, they will normally reboot (and turn off with a cron job or on Windows a schedule job). If there’s an image job, they will do it and then turn off. This saves energy and power, and in summer creates less heat - aircons are expensive…

Note: even though i personally use a lot of Macs, and so do some of my clients, I don’t let FOG-Project image my Macs. For Macs I use Deploy-Studio (Integrates well with FOG) and/or CCC.

My 2 cents
Andy


(fpausp) #56

Just one thing… for Proxmox you should use a HW-Raid Controller instead of SW-Raid or use ZFS but in this case you need more RAM and you have to know ZFS very well…

You should use a custom-template to make the settings permanent.

Have you done the additional steps? I had some problems without it…

## Additional steps to for NFS, Infos from here: [NFS Server](http://theterminallife.com/adding-a-nfs-server-to-nethserver)

# make dirs
mkdir -p /etc/e-smith/db/configuration/defaults/nfs
mkdir -p /etc/e-smith/db/configuration/defaults/nfslock
mkdir -p /etc/e-smith/db/configuration/defaults/rpcbind
mkdir -p /etc/e-smith/db/configuration/defaults/rpcgssd
mkdir -p /etc/e-smith/db/configuration/defaults/rpcidmapd
mkdir -p /etc/e-smith/db/configuration/defaults/rpcsvcgssd


# edit /etc/sysconfig/nfs
LOCKD_TCPPORT=32803 
LOCKD_UDPPORT=32769 
MOUNTD_PORT=892 
RQUOTAD_PORT=875 
STATD_PORT=662 
STATD_OUTGOING_PORT=2020


# set config
config set nfs service status enabled
config setprop nfs TCPPorts 111,662,875,892,2020,2049,32803
config setprop nfs UDPPorts 111,662,875,892,2020,2049,32769
config setprop nfs access private
echo "enabled" > /etc/e-smith/db/configuration/defaults/nfs/status
echo "111,662,875,892,2020,2049,32803" > /etc/e-smith/db/configuration/defaults/nfs/TCPPorts
echo "111,662,875,892,2020,2049,32769" > /etc/e-smith/db/configuration/defaults/nfs/UDPPorts
echo "private" > /etc/e-smith/db/configuration/defaults/nfs/access


## For the rest of the services...

# nfslock
config set nfslock service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/nfslock/status

# rpcbind
config set rpcbind service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcbind/status

# rpcgssd
config set rpcgssd service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcgssd/status

# rpcidmapd
config set rpcidmapd service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcidmapd/status

# rpcsvcgssd
config set rpcsvcgssd service status enabled
echo "enabled" > /etc/e-smith/db/configuration/defaults/rpcsvcgssd/status


## Now, signal the firewall to save and update.
signal-event nethserver-firewall-base-save
signal-event nethserver-firewall-base-update

(Manonthemoon Ak) #57

Thank you very much for valuable tips. They are very important to me :slight_smile:
It’s enough for me 16 GB of RAM for Proxmox?

I’m still fighting the original idea :slight_smile:
I apologize for the quality of the photo. This error pops up.
It’s as if he did not register my image.
s


(fpausp) #58

Have you done the additional steps?


(Manonthemoon Ak) #59

Sorry!
I think it went! :slight_smile:
I’m just testing image creation.
I’ll let you know how I finished.
Thanks, thanks, thanks! :slight_smile:


My motherboard supports hardware raid, but there is no option in the BIOS.
I have to check it out.
That’s why I can not test Proxmox.
For now I am happy that FOG is working :wink:


(fpausp) #60

You are welcome, please don’t forget to create a template for /etc/dnsmasq.conf


(Manonthemoon Ak) #61

Is this code?

# make folder for template
mkdir -p /etc/e-smith/templates-custom/etc/dnsmasq.conf/

# create template-file
nano /etc/e-smith/templates-custom/etc/dnsmasq.conf/99fog

# content for 99fog
dhcp-boot=undionly.kpxe,,192.168.xxx.248

# expand template
expand-template /etc/dnsmasq.conf