Admin the Mac: Making a NetBoot Server
(I just uploaded a test copy of a script for 10.6. Please let me know if it works!)
NetBooting can be an extremely useful tool for imaging your Macs. Unfortunately, it’s only officially supported in the server editions of OS X. And, considering we only manage six or seven laptops right now, we can’t justify the $500 price tag. Fortunately for us, all of the functionality is still in the regular version of OS X, we just have to make it work.
If you’re reading this article, you probably already have an idea of what NetBoot is. Simply, NetBoot allows your Mac to boot over the network, from an external image stored elsewhere. While this technology certainly has other uses, it’s quite useful for imaging machines because it frees up the internal harddrive to be written to/from, without having to either boot the machine into Target mode or otherwise physically move the machine.
Normally, all of the configuration needed to get NetBoot going smoothly is taken care of by the Server. I’m sure there’s more to it, but I just like to imagine a nice button that says “Enable NetBoot” right there in System Preferences. If you’re using the client version of OS X, it’s a little trickier; we’ve got files and folders to make, services to start and configure.
I’ve included two shell scripts that will setup your machine more or less effortlessly, but I’m going to take the rest of this article to outline what’s being done (thanks to Adam Knight at Mac Geekery, as well as Armagon, who wrote the 10.5 script).
As with anything you download from the internet, be careful with these scripts. I’ve tested them both and they work to my knowledge, but they are provided free and as-is. If you experience any trouble with them (or even if you don’t), let me know:
netboot 10.6 script (This is just a test script right now. It should work, let me know)
To run these scripts, first make sure they’re executable:
From Terminal, CD to the directory you’ve saved the script to, and type chmod 777 netboot105.sh (or netboot104.sh)
Next, you need to run the script as root:
And then the script should execute.
Testing your NetBoot Setup
Once you’ve run the script, you need to create a NetBoot image to test it with. The easiest way (especially if you plan on using it for imaging) would be to download DeployStudio, and follow the instructions on making a netboot image. You can also create one from a bootable disk (like your OS X install disk). This image, if it’s not already there, belongs in /Library/NetBoot/NetBootSP0.
Now go to a computer on the same subnet as your NetBoot machine (we’ll call this one the Client). Open up System Preferences, and choose Startup Disk. In place of the Network Startup icon should be the name of your NetBoot image. Back on your NetBoot machine, open up the Console, and select system.log, you should have something like this it:
bootpd: re-reading /etc/bootptab bootpd: Loaded 0 entries from bootptab (0 bad) bootpd: server name Mothra.local bootpd: interface en0: ip 192.168.1.100 mask 255.255.255.0 bootpd: bsdpd: re-reading configuration bootpd: bsdpd: shadow file size will be set to 48 megabytes bootpd: bsdpd: age time 00:15:00 bootpd: BSDP INFORM [en0] 1,0:16:cb:9c:a4:a NetBoot003 arch=i386 sysid=MacBookPro1,1 bootpd: NetBoot: [1,0:16:cb:9c:a4:a] BSDP ACK[LIST] sent 192.168.1.108 pktsize 300 bootpd: DHCP INFORM [en0]: 1,0:16:cb:9c:a4:a bootpd: ACK sent 192.168.1.108 pktsize 300 bootpd: BSDP INFORM [en0] 1,0:16:cb:9c:a4:a NetBoot003 arch=i386 sysid=MacBookPro1,1 bootpd: NetBoot: [1,0:16:cb:9c:a4:a] BSDP ACK[LIST] sent 192.168.1.108 pktsize 300 bootpd: DHCP INFORM [en0]: 1,0:16:cb:9c:a4:a bootpd: ACK sent 192.168.1.108 pktsize 300
The logs in this article are taken from a Leopard machine, but they should be extremely similar on Tiger. If you’re not getting this, first rule out dumb things like cable/network problems before you begin digging through help pages (it’s happened to me). Like I said earlier, if you run into problems because of these scripts, let me know, and I’ll try to help.
So assuming you’ve come this far with no problems, the next test is to try to actually boot the machine. On the client machine, select your NetBoot image, and press Restart (alternatively, just restart the computer and hold N while it boots). You should then see a big gray globe instead of the normal Apple logo. Back at your NetBoot machine, your console should read a repeat of above followed by:
tftpd: adding RRQ to cache: 192.168.1.108,/private/tftpboot/NetBoot/NetBootSP0/ NetRestore Test.nbi/i386/booter tftpd: adding RRQ to cache: 192.168.1.108,/private/tftpboot/NetBoot/NetBootSP0/ NetRestore Test.nbi/i386/booter tftpd: adding RRQ to cache: 192.168.1.108,/private/tftpboot/NetBoot/NetBootSP0/ NetRestore Test.nbi/i386/mach.macosx tftpd: adding RRQ to cache: 192.168.1.108,/private/tftpboot/NetBoot/NetBootSP0/ NetRestore Test.nbi/i386/mach.macosx tftpd: adding RRQ to cache: 192.168.1.108,/private/tftpboot/NetBoot/NetBootSP0/ NetRestore Test.nbi/i386/mach.macosx.mkext tftpd: adding RRQ to cache: 192.168.1.108,/private/tftpboot/NetBoot/NetBootSP0/ NetRestore Test.nbi/i386/mach.macosx.mkext
If you get something like this interspersed through your log:
Jan 14 13:04:58 Mothra com.apple.launchd (com.apple.tftpd): Stray process with PGID equal to this dead job: PID 414 PPID 1 tftpd+
it’s probably okay. From what I’ve seen, it’s mostly harmless. If you can still netboot fine, then it’s probably not worth trying to fix. At this point, your client machine should be booted into your netboot image.
Boring details about NetBoot
NetBoot uses a combination of different protocols (NFS, TFTP, DHCP, and BSDP) to get the job done. I don’t want to go into gross detail because, frankly, it’s kind of boring and unnecessary. If you want a really good look at what’s going on, Mike Bombich has written a good article.
The beginning of the NetBoot processs is a series of DHCP and BSDP calls. The client finds the NetBoot server, and they exchange information. Once the server knows what architecture the client is (i386 or ppc) and what image it wants, it begins transfering the necessary files over TFTP. It sends the booter, followed by mach.macosx, followed by mach.macosx.mkext. These files take care of booting the basic OS X kernel. You can verify these are being transfered by the system log (see the above tftp log). From here, the machine mounts your netboot image via NFS, and finishes the boot process.
BSDP (Boot Service Discovery Protocol) relies on the .clients and .sharepoint files (located in /Library/NetBoot) to know where to find NetBootSP0 and NetBootClients0. Since these folders aren’t hard-coded, you could really put your NetBoot images anywhere; you just have to make .sharepoint point to the right folder. A few other options must be enabled so bootpd knows it’s supposed to be netbooting. In Tiger, this is all taken care of under NetInfo Manager, but in Leopard, this is handled by the file /etc/bootpd.plist.
TFTP (Trivial FTP) only seems to need one file, /private/tftpboot/NetBoot, to do what it needs. This file is a symlink, like .clients or .sharepoint, and it points to /Library/NetBoot.
NFS (Network File System) needs to know what folders it’s sharing, and what permissions to give these folders. In our case, it needs to export /Library/NetBoot/NetBootSP0 with read-only capabilities. In Tiger, this is tied (like BSDP) to NetInfo Manager. However, in Leopard, it uses an exports file (/etc/exports), which seems to be more like how the rest of the Unix world works.
And that’s the basics of NetBooting.
(title image courtesy of Beho, of Stock.xchng)
Trackback from your site.