Site icon BLOGS

Configure iPXE for a Nutanix Environment – Part 1

by Matthias Schlimm, CTA

Nutanix uses the Acropolis Hypervisor (AHV) based on KVM, the open source Hypervisor. iPXE is open source boot firmware, checkout https://ipxe.org/ also used on AHV. I found many links on the web, and these are helpful to start, but I need some tools and knowledge in addition to address all needs. I hope this blog can help you to easily setup your own iPXE environment.
 
iPXE is very powerful. You can easily create your own bootmenu, and automate it in the backend (I’m a big automation fan). In this blog, I will use a WinPE-Boot ISO pointing to my Ivanti DSM infrastructure to install my VM from scratch on a automatic basis. You can replace the content of the ISO with your own, like MDT, or point it to your SCCM TFTP Server for example.
 
First of all, iPXE uses http instead of tftp. This much faster and can easily be used in hosted cloud environments instead of native PXE environments. I have installed a fresh new standard IIS Server on one of my backendserver.
 
Create a new folder in the IIS rootpath c:\inetpub\wwwroot\winpe with the following subfolders.

FolderDescription
customFrom automation basis, a file from the templates folder is copied to this folder and renamed to the client mac-address, like AA-BB-CC-DD-EE-FF.php. this boots the client automatically without prompt to the right target, like DSM, SCCM, MDT or other TFTP boots 
templatesPrepared templates that copied during automation to the custom folder and renamed it to the client mac-address.
winpeboot-V1Content of the Ivanti DSM ISO
winpeboot-V2Content of the Ivanti DSM TEST or other like MDT
winpeboot-V99Content of a Standard WinPE for troubleshooting

IIS Settings
Please check if you have set this 2 options on your IIS:
·      Enable Browsing

With the following settings:

Test the IIS browsing and open up http://localhost/winpe/winpeboot-V2. You can test it with some other folders. In addition, the browser must show the content of the folder or the file that you entered in url.

·      MIME Types
 

It’s necessary to define all file name extensions like .* to MIME type application/octet-stream, otherwise you are not able to use the iPXE server to boot your images. Please define the mime type of the top of your IIS Server, that’s why I’m using an separated IIS Server.

Copy WinPE ISO:
Mount the WinPE ISO for Ivanti DSM, MDT or your preferred WinPE ISO, and copy the content of the ISO File to the folder winpeboot-v1, for example.

PHP Scripts:
each iPXE php-Script must start at the first line with #!ipxeto identify the script, save the init.phpand boot.phpin the winpe folder.

Init.php

#!ipxe

# change: 06.12.2018 M.Schlimm: Script created

# change:

# change:

# example: booting custom/50-6B-8D-D7-94-06.php if exist or boot.php

##########################################################################

chain custom\${mac:hexhyp}.php || chain boot.php

boot.php

#!ipxe

# default iPXE boot menu

# change: 06.12.2018 M.Schlimm: Script created

# change:

# change:

# example: ##########################################################################

set menu-timeout 5000

set submenu-timeout ${menu-timeout}

set pvs-server 10.46.128.1

isset ${menu-default} || set menu-default exit

####### Boot Menu #######

:start

menu Default iPXE’s Boot Menu

item –gap —             ———————- System Information —————————-

item –gap —             Manufacturer: ${manufacturer}

item –gap —             Product name: ${product}

item –gap —             Bootfile: ${net0/filename}

item –gap —             Menufile: boot.php

item –gap —             MAC address: ${net0/mac}

item –gap —             IP address: ${net0/ip}

item –gap —             DHCP: ${net0/dhcp-server}

item –gap —             ——————– Production Boot Options ————————-

item localHDDboot-ID0 01 – Boot from local Disk

item winpeboot-V1 02 – Reinstall Computer – Boot Ivanti DSM Prod

item pvstftpboot-v1 03 – Citrix PVS TFTP Boot from ${pvs-server}

item –gap —             ————- Test and Troubleshooting Boot Options ——————

item winpeboot-V2 10 – Reinstall Computer – Boot Ivanti DSM TEST

item winpeboot-V99 11 – WinPE x64 english Standard only

item –gap —             —————————- System ———————————-

item reboot 98 – Reboot System                                                                   

item exit 99 – Exit iPXE

choose –default localHDDboot-ID0 –timeout 10000 target && goto ${target}

####### Boot Ivanti DSM Prod #######

:winpeboot-V1

kernel wimboot

initrd winpeboot-V1/bootmgr                      bootmgr

initrd winpeboot-V1/boot/BCD                    BCD

initrd winpeboot-V1/boot/boot.sdi              boot.sdi

initrd winpeboot-V1/boot/WINPE40.WIM     WINPE40.wim

imgstat

boot

####### PVS TFTP Boot ######

:pvstftpboot-v1

chain tftp://${pvs-server}/ARDBP32.BIN

####### Boot Ivanti DSM TEST #######

:winpeboot-V2

kernel wimboot

initrd winpeboot-V2/bootmgr                     bootmgr

initrd winpeboot-V2/boot/BCD                    BCD

initrd winpeboot-V2/boot/boot.sdi               boot.sdi

initrd winpeboot-V2/boot/WINPE40.WIM     WINPE40.wim

imgstat

boot

####### WinPE x64 English #######

:winpeboot-V99

kernel wimboot

initrd winpeboot-V99/bootmgr                    bootmgr

initrd winpeboot-V99/boot/BCD                  BCD

initrd winpeboot-V99/boot/boot.sdi             boot.sdi

initrd winpeboot-V99/sources/boot.WIM      boot.wim

imgstat

boot

:localHDDboot-ID0

chain grub.exe –config-file=”rootnoverify (hd0);chainloader +1″

:reboot

reboot

:exitexit


DHCP:
To boot your Images with iPXE, it’s necassary to configure DHCP option 67 to http://<iPXE-WebServer>/winpe/init.php. For the PVS/MCS Master images, I am using DHCP reservations only to overwrite the scope options for the iPXE Server.

MasterImage reservation with DHCP Option 66/67:

Scope DCHP Options 66/67 to boot from PVS TFTP LoadBalancer:

Nutanix Boot Options:
With Nutanix AOS 5.5.7 LTS you can’t change the boot priority, you can set the first boot medium only, like network, CD-ROM or local disk. The last 2 options can be set via PRISM GUI, to boot from the network card you must start a putty session to one of the CVM and enter the following command (VM Name is MasterImage01 and mac-address is 56:8A:3E:5F:89:B2)
 
acli vm.update_boot_device <VM Name> mac_addr=aa:bb:cc:dd:ee:ff
 
acli vm.update_boot_device MasterImage01 mac_addr=56:8A:3E:5F:89:B2
 
Additional Tools:
 
·      wimboot: To boot windows images via iPXE, you need the wimboot file, which you can get here http://git.ipxe.org/releases/wimboot/wimboot-latest.zip. The complete documentation, if needed (RTFM), can found here https://ipxe.org/wimboot. Download the complete ZIP-File, but you need the wimboot file only, and copy it to your winpe folder (see screenshot below)
·      grub.exe: (GRand Unified Bootloader)to boot from local disk with the iPXE bootloader, you need the grub.exe in the winpe folder too, get it here: http://ipxe.org/appnote/work_around_bios_halting_on_ipxe_exit

The iPXE Bootmenu (boot.php) – detail description:

Screenshot of the BootmenuDescription of the boot.php script
Complete Screen of the iPXE Bootmenu from the boot.php script        
Shows the header of the bootmenuemenu Default iPXE’s Boot Menuitem –gap —             ———————- System Information —————————-item –gap —             Manufacturer: ${manufacturer}item –gap —             Product name: ${product}item –gap —             Bootfile: ${net0/filename}item –gap —             Menufile: boot.phpitem –gap —             MAC address: ${net0/mac}item –gap —             IP address: ${net0/ip}item –gap —             DHCP: ${net0/dhcp-server}
Shows the menu to select the bootoption itself. The last line defines the default option to boot from local Disk with a counter of 10 seconds. During this countdown you can choose another bootoption otherwise the image booting up from local disk item –gap —             ——————– Production Boot Options ————————-item localHDDboot-ID0 01 – Boot from local Diskitem winpeboot-V1 02 – Reinstall Computer – Boot Ivanti DSM Proditem pvstftpboot-v1 03 – Citrix PVS TFTP Boot from ${pvs-server}item –gap —             ————- Test and Troubleshooting Boot Options ——————item winpeboot-V2 10 – Reinstall Computer – Boot Ivanti DSM TESTitem winpeboot-V99 11 – WinPE x64 english Standard onlyitem –gap —             —————————- System ———————————-item reboot 98 – Reboot Systemitem exit 99 – Exit iPXE choose –default localHDDboot-ID0 –timeout 10000 target && goto ${target}

Content in the bootmenu script to show this lineitem localHDDboot-ID0 01 – Boot from local Disk Jump marker in the boot.php script :localHDDboot-ID0chain grub.exe –config-file=”rootnoverify (hd0);chainloader +1″ Note: You need the grub.exe, this is explained in chapter Tools in this blog
Content in the bootmenu script to show this lineitem winpeboot-V1 02 – Reinstall Computer – Boot Ivanti DSM Prod Jump marker in the boot.php script ####### Boot Ivanti DSM Prod #######:winpeboot-V1kernel wimbootinitrd winpeboot-V1/bootmgr                                    bootmgrinitrd winpeboot-V1/boot/BCD                                  BCDinitrd winpeboot-V1/boot/boot.sdi                           boot.sdiinitrd winpeboot-V1/boot/WINPE40.WIM               WINPE40.wimimgstatboot Note: Please check if the files like bootmgr,BCD, boot.sdi,WINPE40.WIM does exist in the folder or change the script. You need the wimboot file, this is explained in chapter Tools in this blog 
Content in the bootmenu script to show this lineitem pvstftpboot-v1 03 – Citrix PVS TFTP Boot from ${pvs-server} Jump marker in the boot.php script ####### PVS TFTP Boot ######:pvstftpboot-v1chain tftp://${pvs-server}/ARDBP32.BIN Variable defined at the beginning of the boot.php scriptset pvs-server 10.46.128.1 IF you using PVS It’s recommended to use a LB for the PVS TFTP Server. iPXE used it on my master images only, the PVS Target are using DHCP Scope options 66 (LB IP) and 67 (ARDBP32.BIN) to point it to the LB-IP instead of the iPXE Server. 
Content in the bootmenu script to show this lineitem winpeboot-V2 10 – Reinstall Computer – Boot Ivanti DSM TEST  Jump marker in the boot.php script ####### Boot Ivanti DSM TEST #######:winpeboot-V2kernel wimbootinitrd winpeboot-V2/bootmgr                                    bootmgrinitrd winpeboot-V2/boot/BCD                                  BCDinitrd winpeboot-V2/boot/boot.sdi                           boot.sdiinitrd winpeboot-V2/boot/WINPE40.WIM               WINPE40.wimimgstatboot Note: Please check if the files like bootmgr,BCD, boot.sdi,WINPE40.WIM does exist in the folder or change the script. You need the wimboot file, this is explained in chapter Tools in this blog.
Content in the bootmenu script to show this lineitem winpeboot-V99 11 – WinPE x64 english Standard only Jump marker in the boot.php script ####### WinPE x64 English #######:winpeboot-V99kernel wimbootinitrd winpeboot-V99/bootmgr                                  bootmgrinitrd winpeboot-V99/boot/BCD                                BCDinitrd winpeboot-V99/boot/boot.sdi                         boot.sdiinitrd winpeboot-V99/sources/boot.WIM                boot.wimimgstatboot Note: Please check if the files like bootmgr, BCD, boot.sdi, boot.wim does exist in the folder or change the script. You need the wimboot file, this is explained in chapter Tools in this blog.
Content in the bootmenu script to show this lineitem reboot 98 – Reboot System Jump marker in the boot.php script :rebootReboot
Content in the bootmenu script to show this lineitem exit 99 – Exit iPXE Jump marker in the boot.php script :exitExit

iPXE templates:
The templates will be used for a complete automation of the Citrix PVS/MCS MasterImages to switch the boot order in a automtic way without userinteraction on the console. This will be described in Part II at a later time, but here my thoughts:

I prefer 2 templates, one for booting up the Ivanti DSM Prod, SCCM or MDT environment and one in addition to boot from PVS TFTP Server.

The template that is needed are copied to the custom folder and renamed to the client MAC-adresss.

The DHCP reservation points to the init.php file, this checks if a file with the client-mac address exists in the custom folder, otherwise it shows the boot.php and after 10 seconds, it’s booting up from the local disk.

Content of the init.php:
Boot the macaddress.php file if exists or boot the boot.php
chain custom\${mac:hexhyp}.php || chain boot.php

dsmprod.php

#!ipxe

# change: 06.12.2018 M.Schlimm: Script created

# change:

# change:

#########################################################################

echo Bootfile: ${net0/filename}

echo Menufile: custom/${mac:hexhyp}.php

echo Booting up from Ivanti DSM Prod

####### Boot Ivanti DSM Prod #######

kernel wimboot

initrd winpeboot-V1/bootmgr                                    bootmgr

initrd winpeboot-V1/boot/BCD                                  BCD

initrd winpeboot-V1/boot/boot.sdi                boot.sdi

initrd winpeboot-V1/boot/WINPE40.WIM     WINPE40.wim

imgstat

boot

pvstftbppt.php

#!ipxe

# change: 06.12.2018 M.Schlimm: Script created

# change:

# change:

##########################################################################

set pvs-server 10.46.128.1

echo Bootfile: ${net0/filename}

echo Menufile: custom/${mac:hexhyp}.php

echo Booting up from Citrix PVS ${pvs-server}

### connect to PVS Server

chain tftp://${pvs-server}/ARDBP32.BIN

You can download the complete scripts and the origin folder structure from my github account, check out https://github.com/EUCweb/iPXE.

Exit mobile version