Difference between revisions of "FOG on a MAC"

From FOG Project
Jump to: navigation, search
m (Known issues)
(Using stones)
Line 7: Line 7:
 
Intel Macintoshs all use (U)EFI  - where common PCs have a  BIOS - to bootstrap and to some extent talk to hardware. Several different ways exist to make those Macs boot from network. Depending on your preference and setup choose whichever suites you.
 
Intel Macintoshs all use (U)EFI  - where common PCs have a  BIOS - to bootstrap and to some extent talk to hardware. Several different ways exist to make those Macs boot from network. Depending on your preference and setup choose whichever suites you.
  
====Using stones====
+
====Using stones (aka startup keys)====
On startup (when you hear the sound, before Apple sign on the screen) you can hold down 'n' to boot from network. Apple uses a kind of special protocoll called NetBoot which is partly similar or includes DHCP protocol. But there is more to it. Find a detailed explanation [http://web.archive.org/web/20090215233615/http://www.bombich.com/mactips/bootpd.html here] if you want to dig into it.
+
On startup (when you hear the sound, before Apple sign comes up) you can hold down different keys to make the Mac boot from network. Apple uses a kind of special protocol called BSDP which is partly similar to the well known DHCP protocol. But there is more to it. Find a detailed explanation [https://static.afp548.com/mactips/bootpd.html here] if you want to dig into it.
To get this up and running you don't really need to know all this. Setup your DHCP server properly and off you go...
 
=====ISC DHCP=====
 
Edit /etc/dhcp/dhcpd.conf and add the following lines:
 
  
<code>
+
=====ISC DHCP Server=====
# Important with apple macintosh!
+
To make a Mac client boot from network you need to extend your DHCP server configuration. Add the following option to your subnet section:
authoritative;
+
subnet ... {
allow booting;
+
    authoritative;
+
    ...
class "AppleNBI-i386" {
 
        match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
 
        option dhcp-parameter-request-list 1,3,17,43,60;
 
        if (option dhcp-message-type = 8) { option vendor-class-identifier "AAPLBSDPC"; }
 
        if (option dhcp-message-type = 8) { option vendor-encapsulated-options 08:04:01:00:0b:7e:82:0a:4e:65:74:42:6f:6f:74:30:30:31; }
 
        next-server <your-tftp-server-ip>;
 
        filename "ipxe.efi";
 
 
  }
 
  }
</code>
 
  
This is just one example on how to do this. There are a lot of great tutorials about this on the web. Help yourself of you want to have an advanced setup of NetBoot...
+
To issue special answers to Mac clients you also need to define a class:
 +
class "Apple-Intel-Netboot" {
 +
    match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
 +
    option dhcp-parameter-request-list 1,3,17,43,60;
 +
    if (option dhcp-message-type = 1) {
 +
        option vendor-class-identifier "AAPLBSDPC/i386";
 +
        option vendor-encapsulated-options 08:04:81:00:00:67;
 +
    }
 +
    filename "ipxe.efi";
 +
    next-server x.x.x.x;
 +
}
 +
 
 +
Restart the DHCP server after saving the configuration. Then booting up your Mac client hold down the 'n' key and you will see a globe spinning instead of the usual apple sign. The Mac requests an IP from the DHCP server which advises it to load iPXE via TFTP and boot that up.
 +
 
 +
 
 +
======fancy======
 +
Newer Macs also have a fancy version of network booting. Hold down the 'alt' key and you will see different disks and network images to boot from. To make this work you need to modify the class definition:
 +
class "Apple-Intel-Netboot" {
 +
    match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
 +
    option dhcp-parameter-request-list 1,3,17,43,60;
 +
    if (option dhcp-message-type = 8) {
 +
        option vendor-class-identifier "AAPLBSDPC";
 +
        if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {
 +
            # BSDP List
 +
            option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;
 +
        }
 +
        elsif (substring(option vendor-encapsulated-options, 0, 3) = 01:01:02) {
 +
            option vendor-encapsulated-options 01:01:02:08:04:81:00:05:2a:82:0a:4e:65:74:42:6f:6f:74:30:30:31;
 +
            filename "ipxe.efi";
 +
            next-server 192.168.11.11;
 +
        }
 +
    }
 +
}
  
 +
For more information about the rows of hex numbers see this excellent [http://brandon.penglase.net/index.php?title=Getting_*nix_to_Netboot_Macs example].
 +
                                                                               
 
=====DNSmasq=====
 
=====DNSmasq=====
 
So far untested but seems pretty straight forward: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q1/003638.html
 
So far untested but seems pretty straight forward: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q1/003638.html
 
Edit /etc/dnsmasq.conf and add the following lines:
 
Edit /etc/dnsmasq.conf and add the following lines:
<code>
 
 
  dhcp-boot=net:#apple-boot,ipxe.efi,,<your-tftp-server-ip>
 
  dhcp-boot=net:#apple-boot,ipxe.efi,,<your-tftp-server-ip>
 
  dhcp-vendorclass=apple-boot,AAPLBSDPC/i386
 
  dhcp-vendorclass=apple-boot,AAPLBSDPC/i386
 
  dhcp-option-force=net:apple-boot,43,08:04:01:00:0b:7e:82:0a:4e:65:74:42:6f:6f:74:30:30:31
 
  dhcp-option-force=net:apple-boot,43,08:04:01:00:0b:7e:82:0a:4e:65:74:42:6f:6f:74:30:30:31
 
  dhcp-option-force=net:apple-boot,60,"AAPLBSDPC/i386"
 
  dhcp-option-force=net:apple-boot,60,"AAPLBSDPC/i386"
</code>
 
  
 
Restart your DHCP server after the config change and try booting one of your Macintoshs holding down the 'n' key while it comes up. You should see a globe - instead of the apple - on the screen!
 
Restart your DHCP server after the config change and try booting one of your Macintoshs holding down the 'n' key while it comes up. You should see a globe - instead of the apple - on the screen!
  
This method is called 'Using stones' as people use stones or other simliar objects to boot a whole lab into NetBoot... but there are other ways to achieve this too!
+
This method is called 'Using stones' as people use stones or other similar objects to boot a whole lab full of Mac clients but there are other ways to achieve this too!
  
 
====Using bless====
 
====Using bless====

Revision as of 00:55, 19 September 2015

Server Install

It has been reported that the FOG server will run on a MAC without any issues.

Client Tutorial

Netbooting Apple Mac

Intel Macintoshs all use (U)EFI - where common PCs have a BIOS - to bootstrap and to some extent talk to hardware. Several different ways exist to make those Macs boot from network. Depending on your preference and setup choose whichever suites you.

Using stones (aka startup keys)

On startup (when you hear the sound, before Apple sign comes up) you can hold down different keys to make the Mac boot from network. Apple uses a kind of special protocol called BSDP which is partly similar to the well known DHCP protocol. But there is more to it. Find a detailed explanation here if you want to dig into it.

ISC DHCP Server

To make a Mac client boot from network you need to extend your DHCP server configuration. Add the following option to your subnet section:

subnet ... {
    authoritative;
    ...
}

To issue special answers to Mac clients you also need to define a class:

class "Apple-Intel-Netboot" {
    match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
    option dhcp-parameter-request-list 1,3,17,43,60;
    if (option dhcp-message-type = 1) {
        option vendor-class-identifier "AAPLBSDPC/i386";
        option vendor-encapsulated-options 08:04:81:00:00:67;
    }
    filename "ipxe.efi";
    next-server x.x.x.x;
}

Restart the DHCP server after saving the configuration. Then booting up your Mac client hold down the 'n' key and you will see a globe spinning instead of the usual apple sign. The Mac requests an IP from the DHCP server which advises it to load iPXE via TFTP and boot that up.


fancy

Newer Macs also have a fancy version of network booting. Hold down the 'alt' key and you will see different disks and network images to boot from. To make this work you need to modify the class definition:

class "Apple-Intel-Netboot" {
    match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
    option dhcp-parameter-request-list 1,3,17,43,60;
    if (option dhcp-message-type = 8) {
        option vendor-class-identifier "AAPLBSDPC";
        if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {
            # BSDP List
            option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;
        }
        elsif (substring(option vendor-encapsulated-options, 0, 3) = 01:01:02) {
            option vendor-encapsulated-options 01:01:02:08:04:81:00:05:2a:82:0a:4e:65:74:42:6f:6f:74:30:30:31;
            filename "ipxe.efi";
            next-server 192.168.11.11;
        }
    }
}

For more information about the rows of hex numbers see this excellent example.

DNSmasq

So far untested but seems pretty straight forward: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q1/003638.html Edit /etc/dnsmasq.conf and add the following lines:

dhcp-boot=net:#apple-boot,ipxe.efi,,<your-tftp-server-ip>
dhcp-vendorclass=apple-boot,AAPLBSDPC/i386
dhcp-option-force=net:apple-boot,43,08:04:01:00:0b:7e:82:0a:4e:65:74:42:6f:6f:74:30:30:31
dhcp-option-force=net:apple-boot,60,"AAPLBSDPC/i386"

Restart your DHCP server after the config change and try booting one of your Macintoshs holding down the 'n' key while it comes up. You should see a globe - instead of the apple - on the screen!

This method is called 'Using stones' as people use stones or other similar objects to boot a whole lab full of Mac clients but there are other ways to achieve this too!

Using bless

Other then PC (BIOS) an Apple Mac can be 'blessed' to boot from whichever source you want. This setting is saved in NVRAM and not changed by cloning your Macs via FOG. I'd suggest activating SSH on your Macs and use clusterssh to bless all of them without having walk to and login to each and every client.

bless --netboot --booter tftp://<your-tftp-server-ip>/ipxe.efi

No special DHCP configuration is needed for this! BUT if your server ip changes for example you'd have to run this command on all your clients again.

iPXE for Macintosh

As noted earlier there is a fundamental difference between Mac-EFI and PC-BIOS. Not just with configuring network boot but also when it comes to the actual binary that gets downloaded from the TFTP and executed on the client. To make iPXE work on Macs a lot of work has been done in 2014. Check out this thread if you are interested in the details: http://forum.ipxe.org/showthread.php?tid=7323

The mentioned DHCP class should point the client to the correct iPXE binary (ipxe.efi). FOG includes this binary in current SVN development tree or you can download a binary from the server https://svn.code.sf.net/p/freeghost/code/trunk/packages/tftp/

Depending on the hardware you have this might work for you straight away. If not, please get in contact with os on the forums so we can work on it to find a solution!!

Working

Macmini5,2 (C07G3W4ADJD1), Broadcom NetXtreme BCM57765 (PCI ID 14e4:16b4) - http://www.everymac.com/systems/apple/mac_mini/specs/mac-mini-core-i5-2.5-mid-2011-specs.html

Known issues

Macmini6,2 (C07LR0UQDY3H), Broadcom NetXtreme BCM57766 (PCI ID 14e4:1686) - http://www.everymac.com/systems/apple/mac_mini/specs/mac-mini-core-i7-2.6-late-2012-specs.html Is not supported by iPXE yet. A simple patch exists to make it work. We try to get this patch integrated into the official ipxe source tree. Contact us if you have issues with this particular NIC.