Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of...
-
Upload
andra-marshall -
Category
Documents
-
view
217 -
download
1
Transcript of Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of...
Leveraging WinPE and Linux Preboot for Effective Provisioning
Jonathan Richey | Director of Development | Altiris, Inc.
© Altiris Inc.
Agenda
Terminology Preboot Technology Linux and WinPE
Pros & Cons Preboot Demo Questions and
Answers
© Altiris Inc.
Terminology
Preboot Automation An OS environment other than Production OS
― Control hardware w/o OS interference― Deployment Solution automation
Primary use – Hard Disk Manipulation― “Bare Metal” provisioning― Partitioning― Imaging― Repairing or Healing production OS― Recovery from offline storage
© Altiris Inc.
Terminology
Production Environment Primary User OS
― Windows
― Linux
― Solaris
Production Agent― AClient
― ADLAgent
© Altiris Inc.
Terminology
Automation Environment X86 Processor Only Automation OS
― DOS
― WinPE
― Linux
Automation Agent― Bootwork.exe
― AClient -winpe
― ADLAgent
© Altiris Inc.
Previous Preboot Technology
Bootwork partitions Floppy disks PXE (Preboot eXecution Environment) DOS based
© Altiris Inc.
DS 6.5 Preboot Technology
Automation partitions Boot Media
Floppy disks CD USB Flash
PXE (Preboot eXecution Environment) Supported OS’s
DOS Linux WinPE
© Altiris Inc.
Automation Partitions
Previously called Bootwork Partitions Patented Altiris technology Hidden or embedded partitions Controls boot to automation or production Pros and Cons?
© Altiris Inc.
Automation Partitions – Pros
Always available Configured specifically for system Production agents can modify boot order Faster than floppies More secure than PXE Keyboard/Screen lock technology (DOS)
© Altiris Inc.
Automation Partitions – Cons
Must be installed Embedded – relatively easy Hidden – generally very painful
Does not work for “Bare Metal” provisioning Third Party imaging tools can’t handle
Embedded partitions
© Altiris Inc.
6.5 Automation Partition Enhancements
Both WinPE and Linux supported New automation partition structure
Compatible with Recovery Solution, Local Recovery
More compatible with other boot loaders Allows for larger embedded partitions
― DOS 5 MB― Linux 30 MB― WinPE 200 MB
Fastest way to boot WinPE
© Altiris Inc.
DS 6.1 Bootwork Partition Architecture
Hard Disk
MBRBoot Code
Partition Table
Extended MBRboot codeCopy of
partition table
PBRBoot Code
EmbeddedAutomation Partition
(DOS only)
© Altiris Inc.
DS 6.5 Automation Partition Architecture
Hard Disk
MBRBoot Code
Ptr to Ext MBRPartition Table
Extended MBRAdditonal CodePart Table copy
PBRBoot Code
EmbeddedAutomation Partition(DOS, Linux WinPE)
© Altiris Inc.
PXE Automation
Intel standard since 1998 Piggybacks on DHCP extensions Three components
PXE Server TFTP/MTFTP server Client PXE ROM
Pros and Cons?
© Altiris Inc.
PXE Automation – Pros
DS can control PXE boot choice Fastest automation decision Best remote management No “hidden” code or data on disk Only reasonable option for “Bare Metal” Can use multicast to minimize network traffic
© Altiris Inc.
PXE Automation – Cons
Has security problems Susceptible to rogue PXE servers
Requires network infrastructure support Additional open ports Multicast ports DHCP helper in routers
Manual synchronization of 6.1 PXE servers Solved in DS 6.5
© Altiris Inc.
PXE 6.5 Enhancements
DS job specific PXE boot images Centralized PXE management Enhanced security Support for TFTP file transfers > 94MB
© Altiris Inc.
PXE Modules
PXE TFTPServer
PXEServer
PXE ConfigService
PXEConfig
PXE ManagerDS Server(Axengine)
DSMiddleman
© Altiris Inc.
PXE Manager
Centralized PXE management Coordinates & configures multiple PXE servers
― All PXE boot images on one machine
― All PXE BDC configurations on one machine
― New directory structure and naming
Shared & server specific configurations Communicates w/ PXEConfig, DS engine, and
Config Helper Service BIS support for complex installations Service on same box as DS server
© Altiris Inc.
PXE Manager
Secure Management Two way authentication with DS Uses DB Management encrypted session Supports DS role based security for PXE
Config utility
© Altiris Inc.
PXE Boot Sequence
DS Job scheduled Using MAC address and boot image ID, DS
engine tells PXE server to how to boot specific managed clients Boot image ID identifies Preboot OS type
PXE Server receives boot request and automatically selects specified boot image
Boot image is downloaded and executed
© Altiris Inc.
PXE Boot Sequence
PXE Server
DHCP Server
PXE EnabledWorkstation
DHCP/PXE Boot Request
DisplayBootMenu
PXE Boot Menu
DHCP Address
PXE TFTP Server
TFTPMTFTPDwnLd
TFTP Download Request
TFTP Download.0 File
Execute.0
Other Download
CheckMACcache
© Altiris Inc.
Preboot OS Options
Altiris pre-boot Linux distribution RedHat Fedora core 3 based Altiris customized Source available from:
http://www.altiris.com/eval on DS page
Microsoft Windows PE Select & Volume WinPE toolkit or OPK Altiris WinPE Installer
95/98 DOS still supported
© Altiris Inc.
New Preboot OS Options Benefits
Powerful OS’ Improved imaging performance Security
Microsoft NT network authentication
Improved availability of NIC drivers
© Altiris Inc.
Linux Preboot OS
Pros Powerful OS Free availability Ram disk boot
― Leaves hard disk unmounted
Better NIC driver support than DOS
© Altiris Inc.
Linux Preboot OS, cont.
Cons Drivers lag Windows counterpart Disk and video drivers required Version/distribution executable mismatch Relative unfamiliarity in many IT depts.
© Altiris Inc.
WinPE Preboot OS
Pros Powerful OS Best driver availability Fastest imaging with RDeploy Ram disk boot
― Leaves hard disk unmounted
Scripted install of 2003 server for x64 platforms
© Altiris Inc.
WinPE Preboot OS, cont.
Cons Must use WinPE 2005
― Previous versions will not work
Big… Huge… Hard to get from Microsoft
― MS select or volume agreement
Additional, though minimal, cost from Altiris― Altiris WinPE installer
© Altiris Inc.
DS 6.5 Preboot Demo
Create a Linux PXE boot image Minimal PXE job to copy a file
© Altiris Inc.
Summary
Preboot technology is one of the pillars of DS power
DS 6.5 fully supports Linux and WinPE for Preboot OS
Associated Lab: System Provisioning using Linux and WinPE
PreBoot― Wed. 3:00 pm, S. China Sea (classroom 40)― Thur. 2:00 pm, S. China Sea
© Altiris Inc.
Thank You
Questions & Answers