I wanted to be able to use iPXE to boot Windows 7 over iscsi, This turned out to be a very very hard project, as the documentation is VERY sparse.
I am starting with a 60GB Ubuntu 15.04 server image in VMware Fusion, so have something similar to this ready to go.
First install the required Packages:
sudo su - root apt-get -y install tftpd-hpa isc-dhcp-server build-essential samba liblzma-dev mkisofs unzip iscsitarget |
Download syslinux as of 2015-10 (check syslinux site)
cd /usr/src mkdir pxe cd pxe wget https://www.kernel.org/pub/linux/utils/boot/syslinux/6.xx/syslinux-6.03.tar.gz tar -zxvf syslinux-6.03.tar.gz cd syslinux-6.0.3 make #this will fail, it's ok cp ./bios/core/pxelinux.0 /var/lib/tftpboot/ cp ./bios/com32/elflink/ldlinux/ldlinux.c32 /var/lib/tftpboot/ cp ./bios/com32/libutil/libutil.c32 /var/lib/tftpboot/ cp ./bios/com32/menu/menu.c32 /var/lib/tftpboot/ cp ./bios/memdisk/memdisk /var/lib/tftpboot/ |
So I have a second eth device because I need to run isc dhcp
First thing will be configuring eth1
auth eth1 iface eth1 inet static address 192.168.69.1 netmask 255.255.255.0 |
Turn up the interface
ifup eth1 |
Configure DHCP you will need to add these lines (/etc/dhcp/dhcpd.conf)
Right after
#authoritative; |
add
next-server 192.168.69.1; |
Then add a new range
subnet 192.168.69.0 netmask 255.255.255.0 { range 192.168.69.10 192.168.69.254; option routers 192.168.69.1; filename "pxelinux.0"; option domain-name-servers 192.168.69.1; } |
Start DHCP
/etc/init.d/isc-dhcp-server start |
install iPXE
cd /usr/src git clone git://git.ipxe.org/ipxe.git cd ipxe/src make cp ./bin/undionly.kpxe /var/lib/tftpboot/ |
Get wimboot
cd /usr/src wget http://git.ipxe.org/releases/wimboot/wimboot-latest.zip unzip wimboot-latest.zip cp wimboot-2.5.1-signed/wimboot /var/lib/tftpboot/ |
Create your iPXE script
cd /var/lib/tftpboot nano win7.ipxe |
Here is the file:
#!ipxe dhcp set keep-san 1 sanhook iscsi:192.168.69.1::::iqn.2013-10.net.thebugshop:windows7 set boot-url tftp://192.168.69.1 initrd ${boot-url}/distros/windows/winpe4_amd64.iso kernel ${boot-url}/memdisk iso raw boot |
create the distro directory:
cd /var/lib/tftpboot mkdir -p distros/windows cd distros/windows |
fix up tftpd-hpa
/etc/default/tftpd-hpa |
Make it look like this
# /etc/default/tftpd-hpa TFTP_USERNAME="tftp" TFTP_DIRECTORY="/var/lib/tftpboot" TFTP_ADDRESS=":69" TFTP_OPTIONS="--secure" |
Start the tftp service:
/etc/init.d/tftpd-hpa start |
Make our lkrn (kernel), this will take awhile
wget --no-check-certificate "https://rom-o-matic.eu/build.fcgi?BINARY=ipxe.lkrn&BINDIR=bin&REVISION=master&DEBUG=&EMBED.00script.ipxe=&general.h/PXE_STACK:=1&general.h/DOWNLOAD_PROTO_NFS:=1&general.h/SANBOOT_PROTO_ISCSI:=1&" -O /var/lib/tftpboot/ipxe.lkrn |
Create out default pxelinux.cfg
cd /var/lib/tftpboot mkdir pxelinux.cfg cd pxelinux.cfg nano default |
Here is the default file
DEFAULT menu.c32 LABEL Windows 7 Install MENU LABEL Windows 7 Install KERNEL ipxe.lkrn INITRD win7.ipxe |
If you were to boot now you would see this:
Create our empty Windows7 Image
cd /var/lib/tftpboot dd if=/dev/zero of=/var/lib/tftpboot/windows7.img bs=1M count=20000 |
Edit our iscsi target
nano /etc/default/iscsitarget |
Make the file look like this:
ISCSITARGET_ENABLE=true ISCSITARGET_MAX_SLEEP=3 # ietd options # See ietd(8) for details ISCSITARGET_OPTIONS="" |
edit the /etc/iet/ietd.conf
Target iqn.2013-10.net.thebugshop:windows7 IncomingUser OutgoingUser Lun 0 Path=/var/lib/tftpboot/windows7.img,Type=fileio Alias Windows7 |
Start the iscsitarget
/etc/init.d/iscsitarget start |
We are now ready for the Windows Part of our journey… Grab a beer, this is going to take awhile. From a fresh Windows install:
First Download and install the ADK
http://www.microsoft.com/en-US/download/details.aspx?id=39982 |
Now after your 6th beer you should be ready for the AIK, Download and Install it
http://www.microsoft.com/en-us/download/details.aspx?id=5753 |
I think.. You are probably 12 beers in now, best to take a break…
Right click on my computer > properties > Advanced system settings > Environment Variables > System Variables > Path > edit
Add this to the end of Variable value why didn’t Microsoft do this when they installed this… Email Satya@microsoft.com to ask why 🙂
;C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Windows Preinstallation Environment |
Open up: Deployment and Imaging Tools Environment Under “Windows Kits” > “Windows ADK”
I am using amd64 change to x86 when necessary
cd \ copype amd64 C:\WinPE_amd64 cd WinPE_amd64 mkdir ISO copy "c:\Program Files\Windows AIK\Tools\PETools\amd64\winpe.wim" c:\WinPE_amd64\ISO\ copy "C:\Program Files\Windows AIK\Tools\amd64\Imagex.exe" C:\Winpe_amd64\ISO\ MakeWinPEMedia /ISO C:\WinPE_amd64 C:\WinPE_amd64\winpe4_amd64.iso |
Get C:\WinPE_amd64\winpe4_amd64.iso to /var/lib/tftpboot/distros/windows/, I use WinSCP, and copy the file to the server.
Now if you boot your pxe machine you should see this:
Followed (after awhile) By this:
And then After awhile longer:
And then after awhile LONGER
Lets do our samba stuff:
First get your iso of Windows 7 on the Linux Server
mkdir -p /var/lib/tftpboot/windows/win7 mkdir /mnt/cdrom mount -o loop win7.iso /mnt/cdrom cp -R /mnt/cdrom/* |
Edit your smb file:
nano /etc/samba/smb.conf
[global] workgroup = WORKGROUP server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 panic action = /usr/share/samba/panic-action %d server role = standalone server passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user usershare allow guests = yes [win7] path = /var/lib/tftpboot/windows/win7 comment = Windows 7 Installation DVD valid users = "bugshop" writeable = no browseable = yes read only = yes |
Set a Password
useradd bugshop
smbpasswd -a bugshop |
Start the services
service smbd start service nmbd start |
Create a couple of new files:
nano /var/lib/tftpboot/win7.iscsi
#!ipxe dhcp set keep-san 1 sanboot iscsi:192.168.69.1::::iqn.2013-10.net.thebugshop:windows7 boot |
nano /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu.c32 LABEL Windows 7 MENU LABEL Windows 7 KERNEL ipxe.lkrn INITRD win7.iscsi LABEL Windows 7 Install MENU LABEL Windows 7 Install KERNEL ipxe.lkrn INITRD win7.ipxe |
Start the Windows Install:
The machine is going to reboot and do it’s thing… Let it… (More Beer?)
When the machine reboots select Windows 7 (Not Windows 7 Install)
There you have it a diskless PXE booting Windows 7, Next step might be to try and upgrade it to windows 10
Thanks!
–John