ISCSI diskless boot
I'll start from far away. How often do you find organizations using Remote Desktop Connection as their primary way to work in the office? I began to meet such more and more often and my personal opinion is convenient! Convenient for employees, convenient for system administrators, and the company itself can reduce IT costs. And often it’s even a necessity for comfortable multi-user work in some programs (for example, 1C software).
And how often do you see that as clients they use normal full-fledged PCs, sometimes even quite productive ones for local work.
We will talk about the wonderful iSCSI technology, and how we can use it to reduce the total cost of ownership, and will help those who want to get to know the technology better.
Wiki says:
iSCSI (Internet Small Computer System Interface) is a protocol that is based on TCP / IP and is designed to establish the interaction and management of storage systems, servers and clients.
To understand what is happening, let us define the terminology:
iSCSI Target: (iSCSI Target) - a program or hardware controller (HBA) that emulates the disk and performs iSCSI requests. more
iSCSI Initiator: (iSCSI Initiator) - A client program or hardware controller that interacts with iSCSI Target.
IQN: (iSCSI Qualified Name) - Unique identifier (name) of iSCSI Target or iSCSI Initiator.
LUN: (Logical Unit Number) - The address of the block device in the range 0-127. more details
The beauty is that Windows 7, Windows Server 2008 and anything older can install directly on the iSCSI target. The only problem is how to initialize the remote block device when you turn on the PC.
All modern network cards can work using PXE technology, but only expensive server network cards such as intel are friends with iSCSI.
However, there are at least two open source projects gPXE and iPXE that I know of , the latter, by the way, fork of the first, with a slightly improved error output system and a few additional options.
Personally, I use gPXE, I found it first, and besides, they have a very convenient rom-o-matic generator on the site
There are many ways to boot through gPXE. For the working version, I sewed its ROM instead of the PXE bootloader in the BIOS of the meter. A risky option, you can stay without a motherboard, looking ahead, this will reduce the boot time by ~ 10 seconds.
I’ll tell you better about a simple and safe method for equipment called PXE chainloading in detail . The bottom line is - using the PXE bootloader, load gPXE, which in turn acts as the iSCSI initiator and transfers control to the disk. To do this, we need a TFTP server (I did not resort to third-party software, I did it here ) and correctly configure the DHCP server.
This is what the DHCP parameters look like for me:
Pay attention to the parameter “175 gPXE_Options”, the encapsulated value “08 01 01 ff” means the option keep_san = 1, which forces gPXE not to delete the registration of the disk if it fails to boot from it (this is necessary to install the operating system).
In parameter “017 Root Path” the simplest syntax is iscsi: <IP iSCSI target> :::::
The iSCSI initiator settings are now complete.
As a goal, I used Microsoft iSCSI Software Target 3.3. Target
settings are extremely simple and intuitive.
Create a new or import an existing VHD disk:
Next, create a target:
Add a created or imported wound disk:
This is almost done. It remains only to add the IQN (or any other type of identifier: MAC, IP) of the initiator (s) that has access to this target.
If after this, when loading the client PC in gPXE the inscriptions flash:
Registered as BIOS drive 0x80
Booting from BIOS drive 0x80
So, we did it. And you can start installing the OS.
Already with nostalgia I remember the moment when the first time I reached this stage and ... at first a lot of disappointments befell me. Looking ahead, I will say that the reason for many was the unsuccessful motherboard GYGABYTE GA-425TUD .
What did I see when I reached the disc selection point? Right. Nothing. I thought, yeah, I need to load the network drivers. The anomalously long search ~ 30-40 minutes on an empty USB flash drive, where only firewood was copied for the desired network card, made me think that the OS was hanging and 5-10 times I did not wait until the search ended, turned off, rebooted, changed the gPXE options. It so happened that one day I still waited until the drivers were found, and rejoiced like a child when I discovered that the drive I so desired appeared in the selection menu.
The joy was immediately overshadowed by the fact that the OS informed me about the impossibility to install on this disk and kindly asked me to check whether the controller of this disk is included in my BIOS.
The solution was found quite quickly right here at the very bottom. In short, the guys advised turning the SATA controller on / off, changing the IDE, ACHI mode of operation, and even trying to connect a real disk during installation, but install it on an iSCSI disk. For me, connecting a real disk in ACHI mode worked. Now the installation went to iSCSI disk without any problems. However, after rebooting the OS (one of the installation steps), I constantly caught BSOD on classpnp.sys.
The reason is still not entirely clear to me.
Great effort was found clue
The solution was to disable the LWF filter in the OS on the network card.
Open HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Class \ {4D36E972-E325-11CE-BFC1-08002BE10318}
Find and open the subfolder for NIC (eg. 0007)
Opens the Linkage subfolder
Edit the FilterList. Delete the line that refers to the LWF driver UUID {B70D6460-3635-4D42-B866-B8AB1A24454C}. In my case, this is the second line of the ball.
To:
{158B0494-2576-4DE5-9E32-98DB9E177DD8} - {B5F4D659-7DAA-4565-8E41-BE220ED60542} -0000
{158B0494-2576-4DE5-9E32-98DB9E177DD8} - {B70D6460-368-44842-442-442-44842-448-442-442-442-44842-44842-44848442-44842-44844248442-442-44248442-442-44248442-442-44242424544544248442 -0000
After:
{158B0494-2576-4DE5-9E32-98DB9E177DD8} - {B5F4D659-7DAA-4565-8E41-BE220ED60542} -0000
In this option, I even worked on a problem motherboard.
After that, I tried another 2 or 3 motherboards, the installation went smoothly initially (it was only necessary to load the network drivers).
I wonder how much it will be noticeable that my HDD is somewhere there 100 meters from me? It’s impossible to tell by eye! But I did not even hope that you would believe my eye on this will give the test results.
Seagate ST500DM002 - will work locally, like in humans; D
iSCSI SSD Patriot 128 PYROSE - on the server, will work through iSCSI, a 1GB network channel.
iSCSI RAID 10 4xSeagate ST500DM002 - on the server, it will work through iSCSI, a 1GB network channel.
In my opinion, the technology is quite noteworthy, as can be seen from the tests, even on a 1GB network it has good efficiency. At current prices for HDD, it will allow saving at least 2500r from a workstation and simplifies the task of data backup. In my organization, all the employees work in the terminal, they just opened a training class for 8 jobs, and it was there that I introduced this technology as a test.
I will be happy to answer questions.
And how often do you see that as clients they use normal full-fledged PCs, sometimes even quite productive ones for local work.
We will talk about the wonderful iSCSI technology, and how we can use it to reduce the total cost of ownership, and will help those who want to get to know the technology better.
Wiki says:
iSCSI (Internet Small Computer System Interface) is a protocol that is based on TCP / IP and is designed to establish the interaction and management of storage systems, servers and clients.
To understand what is happening, let us define the terminology:
iSCSI Target: (iSCSI Target) - a program or hardware controller (HBA) that emulates the disk and performs iSCSI requests. more
iSCSI Initiator: (iSCSI Initiator) - A client program or hardware controller that interacts with iSCSI Target.
IQN: (iSCSI Qualified Name) - Unique identifier (name) of iSCSI Target or iSCSI Initiator.
LUN: (Logical Unit Number) - The address of the block device in the range 0-127. more details
ISCSI Initiator
The beauty is that Windows 7, Windows Server 2008 and anything older can install directly on the iSCSI target. The only problem is how to initialize the remote block device when you turn on the PC.
All modern network cards can work using PXE technology, but only expensive server network cards such as intel are friends with iSCSI.
However, there are at least two open source projects gPXE and iPXE that I know of , the latter, by the way, fork of the first, with a slightly improved error output system and a few additional options.
Personally, I use gPXE, I found it first, and besides, they have a very convenient rom-o-matic generator on the site
There are many ways to boot through gPXE. For the working version, I sewed its ROM instead of the PXE bootloader in the BIOS of the meter. A risky option, you can stay without a motherboard, looking ahead, this will reduce the boot time by ~ 10 seconds.
I’ll tell you better about a simple and safe method for equipment called PXE chainloading in detail . The bottom line is - using the PXE bootloader, load gPXE, which in turn acts as the iSCSI initiator and transfers control to the disk. To do this, we need a TFTP server (I did not resort to third-party software, I did it here ) and correctly configure the DHCP server.
This is what the DHCP parameters look like for me:
Pay attention to the parameter “175 gPXE_Options”, the encapsulated value “08 01 01 ff” means the option keep_san = 1, which forces gPXE not to delete the registration of the disk if it fails to boot from it (this is necessary to install the operating system).
In parameter “017 Root Path” the simplest syntax is iscsi: <IP iSCSI target> :::::
The iSCSI initiator settings are now complete.
ISCSI target
As a goal, I used Microsoft iSCSI Software Target 3.3. Target
settings are extremely simple and intuitive.
Create a new or import an existing VHD disk:
Next, create a target:
Add a created or imported wound disk:
This is almost done. It remains only to add the IQN (or any other type of identifier: MAC, IP) of the initiator (s) that has access to this target.
If after this, when loading the client PC in gPXE the inscriptions flash:
Registered as BIOS drive 0x80
Booting from BIOS drive 0x80
So, we did it. And you can start installing the OS.
Install OS or Epic Fail
Already with nostalgia I remember the moment when the first time I reached this stage and ... at first a lot of disappointments befell me. Looking ahead, I will say that the reason for many was the unsuccessful motherboard GYGABYTE GA-425TUD .
What did I see when I reached the disc selection point? Right. Nothing. I thought, yeah, I need to load the network drivers. The anomalously long search ~ 30-40 minutes on an empty USB flash drive, where only firewood was copied for the desired network card, made me think that the OS was hanging and 5-10 times I did not wait until the search ended, turned off, rebooted, changed the gPXE options. It so happened that one day I still waited until the drivers were found, and rejoiced like a child when I discovered that the drive I so desired appeared in the selection menu.
The joy was immediately overshadowed by the fact that the OS informed me about the impossibility to install on this disk and kindly asked me to check whether the controller of this disk is included in my BIOS.
The solution was found quite quickly right here at the very bottom. In short, the guys advised turning the SATA controller on / off, changing the IDE, ACHI mode of operation, and even trying to connect a real disk during installation, but install it on an iSCSI disk. For me, connecting a real disk in ACHI mode worked. Now the installation went to iSCSI disk without any problems. However, after rebooting the OS (one of the installation steps), I constantly caught BSOD on classpnp.sys.
The reason is still not entirely clear to me.
Great effort was found clue
The solution was to disable the LWF filter in the OS on the network card.
Open HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Class \ {4D36E972-E325-11CE-BFC1-08002BE10318}
Find and open the subfolder for NIC (eg. 0007)
Opens the Linkage subfolder
Edit the FilterList. Delete the line that refers to the LWF driver UUID {B70D6460-3635-4D42-B866-B8AB1A24454C}. In my case, this is the second line of the ball.
To:
{158B0494-2576-4DE5-9E32-98DB9E177DD8} - {B5F4D659-7DAA-4565-8E41-BE220ED60542} -0000
{158B0494-2576-4DE5-9E32-98DB9E177DD8} - {B70D6460-368-44842-442-442-44842-448-442-442-442-44842-44842-44848442-44842-44844248442-442-44248442-442-44248442-442-44242424544544248442 -0000
After:
{158B0494-2576-4DE5-9E32-98DB9E177DD8} - {B5F4D659-7DAA-4565-8E41-BE220ED60542} -0000
In this option, I even worked on a problem motherboard.
After that, I tried another 2 or 3 motherboards, the installation went smoothly initially (it was only necessary to load the network drivers).
Tests
I wonder how much it will be noticeable that my HDD is somewhere there 100 meters from me? It’s impossible to tell by eye! But I did not even hope that you would believe my eye on this will give the test results.
Our heroes:
Seagate ST500DM002 - will work locally, like in humans; D
iSCSI SSD Patriot 128 PYROSE - on the server, will work through iSCSI, a 1GB network channel.
iSCSI RAID 10 4xSeagate ST500DM002 - on the server, it will work through iSCSI, a 1GB network channel.
(Local) Seagate ST500DM002
iSCSI SSD Patriot 128 PYROSE
iSCSI RAID 10 4xSeagate ST500DM002
Summary and conclusions
In my opinion, the technology is quite noteworthy, as can be seen from the tests, even on a 1GB network it has good efficiency. At current prices for HDD, it will allow saving at least 2500r from a workstation and simplifies the task of data backup. In my organization, all the employees work in the terminal, they just opened a training class for 8 jobs, and it was there that I introduced this technology as a test.
I will be happy to answer questions.