Minimalist’s guide to NetBoot

I recall my fourth grade teacher giving a lesson on issuing directions. He asked every student to write down, with exacting detail, the steps involved in making a peanut butter and jelly sandwich. Then he gathered all the ingredients and attempted to execute the directions. Of all the kids in the class, I came closest to directing him towards making an edible sandwich… but unfortunately I forgot to instruct him to remove the second piece of bread from the bag. The result was as you’d expect: he smeared the PB&J onto the slice of bread while it was still in the bag, going forward as if nothing was wrong. Hilarious at the time, but the point was made.

Turns out that lesson had an application that neither I nor the teacher realized at the time: as a metaphor for various types of programming, and computers in general; the most literal embodiment of “do what I say, not what I mean”. Many of my classmates might have gotten farther had they remembered to include their dependencies in the beginning (you can’t apply jelly if you don’t get jelly first).

And so it was with configuring a generic NetBoot server. There are many ‘NetBoot from a Linux box’ type documents out there, but it seems they all fail to mention at least one key thing you wouldn’t know if you didn’t have a machine running OS X Server to refer to. It was for that reason that I’d been shying away from configuring NetBoot on my network for quite some time.

Recently I came upon a situation where I needed to image a bunch of Macs in a hurry, and NetBoot was the only tool for the job. So I waded through the myriad of tools and documentation, and whittled it all down to the few steps below. Turns out it’s not so bad once you dig down to the right details.

All the most crucial, NetBoot-specific details are outlined below… no bells and whistles, just the things you need to get a Mac booting from your *NIX box. If you’re comfortable with the process of using PXE to feed bootloaders and kernels to PCs (as I am), you’ll have no problem getting NetBoot to work. If not, just follow the directions carefully.

 

tl;dr – There’s no magic in OS X Server that makes NetBoot work… just incorporate the config snippets below and you’re golden.

 

What you’ll need:

  • A DHCP server. I used ISC dhcpd; if you prefere something else, chances are you’ll be able to translate.
  • A TFTP server. From what I can tell, any one will do.
  • An NFS server. Again, nothing fancy is required. (HTTP can also be used, but isn’t covered here)
  • Mac OS X install media. I chose to use the DVD for 10.5, since it supports booting both PowerPC and Intel Macs.
  • Server Admin Tools. Freely available from Apple’s website – download the version which matches your install media (above).
  • A Mac. Used to gather the needed pieces and create images. (In the future I’d like to reverse-engineer the process, thus eliminating the need for a running Mac and make the process more flexible)

How to do it:

I’ll spare you all the details of prepping your *NIX box and installing the services above. You’re no idiot, and chances are you’re already running most of them anyways. The idea here is to integrate NetBoot into your (most likely) existing network, so we won’t waste time reinventing the wheel.

Make the NetBoot set. Download and install the Server Admin Tools. Once that’s done, look inside Applications -> Server for the System Image Utility. Mount your OS X install media, and run the utility.

Once the utility starts, you’re just a few clicks away from creating a NetBoot set – which will include the bootloader, kernel, driver cache, and disk image you need to boot a Mac over the network. So get clicking!

After a while, you’ll be left with a directory like this:

In my case, there’s one disk image and two sets of bootloader/kernel/drivers – one for PowerPC, and one for Intel. There’s also an XML property list, which I assume would provide the set description that an OS X Server would expect to find. (Since we have no such thing, this file is useless and can be ignored.)

TFTP prep. The contents of the “i386″ and/or “ppc” folders are retrieved by the Mac via TFTP. I made a folder called “mac” within my TFTP root, then placed the “i386″ and “ppc” folders within it. Make sure the permissions are correct, and you’re good to go.

NFS prep. Once the Mac has its bootloader, kernel, and drivers, it’s going to need to mount the disk image and finish booting from it. This image can be accessed via NFS – so we’ll make an NFS share and place the image within it. Edit your /etc/exports to add a line like this:

/export/nbi 10.22.0.0/24(async,ro,no_root_squash,insecure,no_subtree_check)

In my case, I wanted to limit access to just the local network. You can adjust yours to your liking.

Needless to say, this directory should contain the disk image (“NetInstall.dmg” in this example), and both it and its contents should be world readable.

DHCP changes. Below you’ll find the relevant portions of my dhcpd.conf – look it over, and modify yours as such.

ignore client-updates;
allow booting;
authoritative;

class "AppleNBI-i386" {
match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
option dhcp-parameter-request-list 1,3,17,43,60;
if (option dhcp-message-type = 1) { option vendor-class-identifier "AAPLBSDPC/i386"; }
if (option dhcp-message-type = 1) { option vendor-encapsulated-options 08:04:81:00:00:67; }
filename "mac/i386/booter";
option root-path "nfs:10.22.0.2:/export/nbi:NetInstall.dmg";
}

class "AppleNBI-ppc" {
match if substring (option vendor-class-identifier, 0, 13) = "AAPLBSDPC/ppc";
option dhcp-parameter-request-list 1,3,6,12,15,17,43,53,54,60;
option vendor-class-identifier "AAPLBSDPC";
if (option dhcp-message-type = 1) { option vendor-encapsulated-options 08:04:81:00:00:09; }
elsif (option dhcp-message-type = 8) { option vendor-encapsulated-options 01:01:02:08:04:81:00:00:09; }
else { option vendor-encapsulated-options 00:01:02:03:04:05:06:07; }
filename "mac/ppc/booter";
option root-path "nfs:10.22.0.2:/export/nbi:NetInstall.dmg";
}

Be sure to change the “filename” and “root-path” lines to reflect your configuration.

Ready to run. Once you’ve got everything set, plug a Mac into the network (NetBoot doesn’t work over AirPort for obvious reasons) and turn it on while holding the “N” key. If all goes well, it’ll boot. If not, double-check your configuration. You may also want to hold down Command-V while booting – if the issues are occurring after the kernel is loaded, you’ll be able to see the machine’s console output and possibly diagnose the problem.

 

Broadband meeting + ISP list

If you didn’t happen to visit the Kanabec Broadband Initiative booth at the Home Show, you missed out on untold measures of fun and excitement. And if you didn’t happen to attend their Community Broadband Forum, your chance to witness history in the making has passed.

But though all the fun may be over, the documentation lives on. This is the ISP list we created for said events – a very valuable one-page flyer that was passed out at both events. It has current info on various Internet service providers that operate in the Mora area, including available speeds, prices, and pros/cons for different access mediums. We created it in hopes that it’ll make your quest to obtain broadband Internet access easier. Enjoy!

Oh, and by the way: Kanabec Systems is a member of the Kanabec Broadband Initiative group. That means we’ll be there to bring our customers’ perspectives and point of view to the table when the decisions are being made. We’re happy to be involved, and plan to do our part in bringing the promise of broadband closer to reality in rural Kanabec County.

Tips for choosing an ISP

At the request of the Kanabec Broadband Initiative group, I was updating our List of ISPs for 2011. There wasn’t room for the lengthy advice section anymore, so I had to chop it off of the print version. But it’s still good info – so I’m making sure it gets preserved here.

Some of the info is a little dated (first written in 2007), but most of it still applies today.

Who do we recommend? Tough call – they’re all good. If you are already a customer of one of these companies, you’ll probably want to stay there. If you want to switch, remember that the two telcos (Qwest and NorthStar) will only give you the rates shown if you have their phone service. If you live more than a mile or so out of town, Qwest may be your only choice. If you have need for additional Web services (such as website hosting, co-location, or wireless broadband) or insist on giving your business to small businesses only, go with NCIS.

Choose the kind of provider – ISP, ILEC, or CLEC – that you’re most comfortable with. After all, it all goes into the same Internet.

What should I watch out for? Be sure to ask lots of questions, and make sure that you are comfortable with the service you’re choosing.

Ask what kind of modem you’ll get. We highly recommend avoiding internal modems and/or any modem whose only interface is USB. Don’t be too quick to judge, though – some providers’ modems will primarily discuss USB in their documentation, but will still support Ethernet (which is far more desirable, especially for use with older or multiple machines). Qwest’s new modems are a prime example of this.

Ask how the modem is paid for – do you buy it, lease it, or is it included in the service price? What happens if it should break down? Are there any restrictions on how you can or cannot use it (i.e., only on one computer at a time)?

Avoid services that require proprietary software be installed on your computer, as such a setup limits flexibility. It is our opinion that an Internet connection should not come with minimum requirements (outside of having an appropraite hardware interface and TCP/IP support) or force you to run extra software (other than a PPPoE client or similar). Having a connection that requires proprietary software may limit your ability to use the connection directly on your older computer, and will almost always prevent you from using off-the-shelf networking products (such as routers) directly with the connection.

Also, be aware that proprietary software is often (but not always) optional. For instance, Qwest’s MSN software only provides access to enhanced content, and is not required to get on the Internet.

Examples of GOOD modems would be: NCIS.com’s Netopia modem/router combination devices (the standard issue), Qwest’s new ActionTec modem/router combo devices (also standard), and NorthStar’s basic Ethernet-based modems.

You should also inquire about installation charges and any other non-obvious fees, as well as whether or not the price offered is part of a promotion, and how much the service fee will be after the promotion ends. Qwest is known for offering lots of promos (free installation, special pricing for the first year, etc). NorthStar isn’t a stranger to such deals either, but doesn’t use them quite as widely or frequently. NCIS.com does not typically run any promos, but they sometimes are willing to negotiate their pricing.

Be sure to read and understand the provider’s Acceptable Use Policy before signing the contract. Some providers may place restrictions on the amount of data you can transfer, what applications you may and may not run, and so forth. Also, find out how long your contract will be, and if there’s a trial period during which you may cancel the service if it doesn’t work as you expected.

If you will be using the connection in conjunction with any Kanabec server solutions, for running other servers of any sort, as a VPN endpoint, or to access a corporate network from home, ask whether or not you’ll get a static IP address, and if it costs extra. NCIS.com and NorthStar assign static IPs for all their customers at no additional cost; Qwest will lease them for $5.99/mo and charges a $25 fee to do the setup.

Once it’s complete, the List will also be linked here.

An icon you’ve never seen before

This would be the floppy disk icon on the Mac OS X desktop, as displayed on a brand-spankin’-new MacBook running 10.6.4.

We’ve seen this icon a few times back in the early days of OS X – you know, when beige Macs were still a common sight. (Yes, kids, Macs never used to be made out of aluminum.)

Back then, customers would routinely try and talk us into “tricking” the latest build of, say, 10.1.x, into running on their Power Mac 7300 with 128MB of RAM and a Sonnet Presto G3 card – and sometimes we would. Such machines actually had floppy drives built into them, so on the rare occasion when someone would insert a floppy disk, said icon would appear on their desktop. Even then we were a bit surprised not to see the generic “white drive” icon instead.

But today, as we connected a USB SuperDisk drive to a thoroughly modern Intel Mac, we were utterly shocked to see it. No AppleTalk, no Rosetta… but yet somehow the floppy icon lives on.

Now if only the Happy Mac would once again show its smiling face, or we could be lulled to the beat of a thousand flying toaster wings on these new Macs, all would be right in the world again.

Or maybe not. (But we still want to see After Dark get ported… hint, hint!)

iMac fan control: quick, dirty, effective

One of the Intel iMacs we use here at the shop needed a new hard drive this week. Turns out the old drive was one of those that contains a built-in temperature sensor, and the new drive wasn’t (see this for the complete lowdown). End result? The SMC no longer knew what the drive’s temp was, panicked, and ran the hard drive fan on full speed – continuously. The noise was bothersome at best, and deafening at worst.

If this had been a customer’s machine, we would’ve cracked it back open and installed one of the many sensors we’ve saved from junk iMac G5s and other such machines. But since ripping the Mac apart again just wasn’t high on our list, we opted to solve the problem in software instead.

First, we took the smc utility (included with various fan-monitoring apps) and crafted a set of arguments for it that would limit the fan to running at a much more tolerable 2000 RPM. Then we wrote an XML file for LaunchServices that would run our command four times a minute (since the fan speed is re-set every time the machine powers off or goes to sleep, we need to ensure it never runs at full-speed for long). Hey, we said it was quick and dirty!

All in all, our hack did the job. It’s by no means elegant, but at least we can stop shouting over the fan noise.

There’s a ZIP file, which contains smc and our launchd script, athttp://www.kanabec.net/blog/FanSpeed.zip. Feel free to use it at your own risk. Our settings are plenty safe for the machine in question, but could have unintended consequences if used with other models or configurations. You have been warned!