NetSUS 4.1.0

greg_munson
New Contributor

Hey NetSUS users,
Version 4.1.0 of the NetSUS Appliance is here (https://github.com/jamf/NetSUS/releases)! This version fixes a few bugs that have been hanging out for a long time as well as brings a number other improvements and extensions. You can see the changeling here (https://github.com/jamf/NetSUS/blob/master/CHANGELOG.md).

One change that you'll notice as soon as you run the appliance is a new user interface. This change was done for two reasons. First is just to refresh the application. Second, we have employed the bootstrap framework (http://getbootstrap.com) to make it easier to maintain and change the UI going forward.

We've also converted all the documentation to markdown and it now lives in the github repository instead of on JAMFNation. So now the community can help make improvements to the documentation, too. We hope this will make it easier for you to participate in improving this open source project.

Speaking of this as an open source project, we'd like to ask for your help. You may have noticed that we (JAMF Software) are not always super fast about getting bugs fixed or approving pull requests. We don't have the bandwidth to have someone assigned to be constantly watching over the NetSUS. We're working hard to bring you new features in the Casper Suite! We do this mostly in our spare time, which we don't have much of. Currently only JAMF personnel are able to approve and merge pull requests. We don't feel that is serving the needs of the community very well at this point. So we'd like to open that up to some of you in the NetSUS community. This is a community appliance and we need to start acting in that way. Obviously we need people who are competent programmers and are trusted by the community. But we think there are many of you that fulfill that requirement. Our ask is that you contact me (greg.munson@jamfsoftware.com) if you're interested in taking on a stronger role with the NetSUS. We'll make sure you get the information you need to help the community make this tool better than it has ever been before, and do it faster.

31 REPLIES 31

Jakov
New Contributor III

Nice new version!
I really like the new look and the 'Purge Deprecated' is a much appreciated feature. Also nice you made the Software open source, that will definitely help to make NetSUS an even better product.

rharms
New Contributor

Potential problem with the 4.1.0 appliance download. When I try to deploy the OVA to one of my VMware ESXi 5.1 hosts, I get the following error:

Line 25: Unsupported hardware family 'virtualbox-2.2'

I've re-downloaded the OVA just in case something got corrupted the first time, but got the same error. Not sure if it's the OVA or the version of ESXi I'm running (an update is in the works), but thought I would mention it just in case.

Looking forward to trying the new version out though. I had pretty much given up on NetSUS when I couldn't keep my 3.0.2 box from filling its hard drive and crapping out.

nigelg
Contributor

We are having the same issue uploading version 4.1 to VMware ESXi5.5.

Line 25: Unsupported hardware family 'virtualbox-2.2'

MikeF
Contributor II

I just tried on ESX 6 and got the same error.

dan-snelson
Valued Contributor II

Confirming identical error in our ESX 6 environment.


--
Dan

cgolds8
New Contributor

Regarding the issues with VMWare ESX; There is a solution to getting the new OVA working. The reason it does not work with ESX is that it was created with VirtualBox instead of VMWare. This was changed to ensure the NetSUS project is maintainable by the community therefor using open source third party software like VirtualBox to create the OVA. I confirmed the new OVA does work with VMWare Fusion but not in ESX.

How I got the 4.1.0 OVA working in ESX:
1. Unzip the .ova file into a folder containing the .ovf and and .vmdk files. I was able to do this on a mac by first compressing the .ova file and then unzipping the compressed folder (there's probably a better way of doing that)
2. Open the .ofv file in a text editor and change the line where it says

<vssd:VirtualSystemType>virtualbox-2.2</vssd:VirtualSystemType>

to

<vssd:VirtualSystemType>vmx-07</vssd:VirtualSystemType>

3. Import that .ovf file into ESX
4. It should work now!

I followed the instructions found here http://www.baconapplications.com/export-a-virtualbox-machine-to-vmware/

I've been looking into seeing if there is a way to export an OVA through virtualbox that is compatible with ESX without having to make this change, but I have not been able to find anything. I would love to know if someone has a solution for this.

zinkotheclown
Contributor II

I upgraded my NetSUS 4.0 instances and now the SMB NetBoot uploads are hanging when I try to upload a dmg with Finder. Has anyone experienced this? This was not happening before I upgraded.

I ended up uninstalling samba and re-installing the update which fixed the samba issue.

MikeF
Contributor II

So i have this working fine with the OVA file. As my systems team here would rather this run on CentOS 7.2 I brought up a new server and ran the install. All looked like it was working fine. The update server started pulling in updates from our main nestsus and I uploaded out nbi file and it shows up on the boot menu and all looks great.

Problem is that when I go to netbook off this it does not load the nbi file but loads from the hard drive instead. It looks like the dhcp part is working properly but bootpd is not working. I have tried this an a couple different servers with that same result.

Has anyone actually got this working on a new CentOS 7.2 server ?

Jun 9 11:22:10 NetSUSLP2 dhcpd: DHCPACK to (00:0c:29:3d:62:0e) via eno16777984
Jun 9 11:23:12 NetSUSLP2 dhcpd: DHCPINFORM from
via eno16777984
Jun 9 11:23:12 NetSUSLP2 dhcpd: JAMF-DHCP change
Jun 9 11:23:12 NetSUSLP2 dhcpd: N Key or encapsulated
Jun 9 11:23:12 NetSUSLP2 dhcpd: 68
Jun 9 11:23:12 NetSUSLP2 dhcpd: DHCPACK to
(00:0c:29:3d:62:0e) via eno16777984

jtrutwin
New Contributor

We are having the same problems on RHEL 7.2 as described above. Very frustrating... Our network engineer looked into it and he believes it has something to do with the local firewall and possibly tftp. We are also having issues with the appliance, trying to resolve by putting the netsus server in the same firewall zone as the clients.

MikeF
Contributor II

I have been playing around with this. I have also installed on Ubuntu with the same results. Seems like the only way to get this working is use the ova install. I have a problem with that as my systems team does not want ubuntu to be used.

jfeller
New Contributor

For those with problems on RHEL7.2 or Centos7.2 it looks like it might be because the xinetd package is missing on a minimal install.

I ran the following commands to get things going:

yum install xinetd
service xinetd start
service tftp restart >> if it isn't started, it seems to turn off by itself so not sure it is needed as it works with or without it running

I tracked it down because tftpd wasn't behaving properly and I couldn't manually get to the files that were supposed to be served by tftpd.

That seemed to do the trick.

MikeF
Contributor II

Yes that did it. Thanks for finding that

etippett
Contributor II

@cgolds8 I'm trying to import the OVA into my VMWare ESXi environment and am running into the same problem. Your instructions say to import the modified OVF, but this means that the all-important VMDK will not be imported and the VM will have a blank hard disk. How did you get the VMDK into place?

Thanks,
Eric

cgolds
New Contributor

@etippett Sorry, I no longer have access to the VMWare ESXi I used before. If I remember correctly I think it finds the VMDK file in the folder with the OVF and imports that along with it at some point. But I may be wrong about that, all I know is that I never actively imported the VMDK separately.

etippett
Contributor II

For anyone else's future reference, here's how I ended up making this work with VMWare ESXi 5.5:

  • Use tar to unzip the downloaded file tar –xvf /path/to/NetSUSLP_4.1.0.ova.zip (I would recommend unzipping into an empty folder)
  • Use the VMware Open Virtualization Format Tool to unpack the OVA into its component files /Applications/VMware OVF Tool/ovftool –lax /path/to/ova /path/to/ovf
  • Modify the OVF file as described above
  • Use the VMWare OVF Tool to repack components into an OVA /Applications/VMware OVF Tool/ovftool /path/to/ovf /path/to/ova (this complained about the lack of a manifest file (.mf) for the VMDK but completed successfully otherwise)
  • Imported OVA into vSphere

I did all this before seeing @cgolds response, so perhaps using the OVF Tool was entirely unnecessary.

Eric

itupshot
Contributor II

I'm having trouble getting the page to load after installation in CentOS 6.8. As far as I could tell, it said that it populated all necessary entries in iptables.

Anyone know where the log file for the installation gets saved?

EDIT: Never mind. The page wanted port 443, not 8443 to load. For some reason I thought it said to use 8443 in the terminal when it was done installing.

itupshot
Contributor II

I'm having trouble mounting the SMB share so I can upload the NBI to the Netboot server when I click the "Upload Netboot Image" button. I keep getting the error message:
cde0e0c3bdc1404cb0c4fb713a9959ef

The server has a reserved IP address in our DHCP server, and a pointer record in our DNS server. So whether I use a DNS name or an IP, I'm able to connect to the webadmin page. I'm able to use "Connect to server" from the Finder to mount the AFP share, but it fails on SMB.

Any ideas?

itupshot
Contributor II

The new Netboot/SUS server I set up is not listing all the updates that my XServe is listing from Apple. When I tested the previous version of the software, it looked like it was getting everything. Any ideas how I can get these to match?

77e67bd9707f48d0940d76aec7b88527
efa389c002044ba2a2129c0955a7cd00

andykang
New Contributor

@itupshot

I'm getting the same error. Did you figure this out by any chance?

itupshot
Contributor II

No, I haven't. It's still missing a lot of updates, including the more important ones, like the El Capitan 10.11.6, and the Yosemite security update. I did a manual sync, and it still didn't work.

andykang
New Contributor

@itupshot

Re the SMB Share:

So my smb.conf was getting overwritten and deleting the NetBoot share, which is why I wasn't able to mount. I had to re-enter the NetBoot share info into smb.conf and it works now.

[NetBoot]
comment = NetBoot
path = /srv/NetBoot/NetBootSP0
browseable = no
guest ok = no
read only = yes
create mask = 0755
write list = smbuser
valid users = smbuser

itupshot
Contributor II

@andykang My smb.conf file seems to be pointing to netboot.conf, which has that information. I guess that isn't working.

#Netboot Share
      include = /etc/samba/conf.d/netboot.conf

I'll just put those settings in the smb.conf file itself.

BTW, which Linux distro are you using? I'm doing this on CentOS 6.8. When I first tested Netboot/SUS server, it was version 4.0 running on Ubuntu Server 14.04.3, and that worked without a hitch. But since we've standardized on CentOS for our Linux servers, then I set up the "real" Netboot/SUS on this distro.

I'm just wondering if it's less glitchy on Ubuntu.

EDIT: I realized when I edited the smb.conf file that SMB service wasn't running. That's why I couldn't mount the share before. I edited it anyway, and started SMB service. Now, I have to figure out why the server is still not downloading all the updates from Apple.

itupshot
Contributor II

I just keep hitting roadblocks with this set up. Now, I'm getting this error message when I try to Enable NetBoot:

8d0f7e4e080040fa8aa9c1a6fb72162d

As I said in my previous post, everything seemed to work without issues when I tested v. 4.0 of this software. I have followed the instructions from the documentation on this current version, but I think there are some gaps.

I'm getting very discouraged.

andykang
New Contributor

I'm using RHEL 6.6. It was running a very old NetSUS (3.0?) when I inherited it. I overwrote it with 4.1.0 and didn't realize puppet was changing a lot of the conf files. Once I figured all that out, I had to patch it back together. It would have been easier to just start new, but that would involve getting a new VM setup by other workgroups. It was easier to just piece it back together.

Does your NetBoot share show when you do a:

sudo testparm

itupshot
Contributor II

@andykang Yes, it appears.

I haven't been able to mount the share if I use the webadmin website link. If I use the Mac's Finder, and just put in the IP address and share, it'll mount.

Again, these are all issues that I didn't see when I first tested Netboot/SUS. I'm not sure what the deal is.

jamfnc
New Contributor II

Setting up Ubuntu 14.04.5 on VMWARE 5.5, imported NetSUSLP_4.1.0.ova, error : "Unsupported hardware family 'virtualbox-2.2"
Used ovftool to convert NetSUSLP_4.1.0.ova to NetSUSLP_4.1.0.ovf and imported to VMWARE 5.5 , still not working.
Has anyone successfully have it working on VMWARE 5.5 ? Thank you

itupshot
Contributor II

I'm beginning to think that v. 4.1.0 is very buggy.

itupshot
Contributor II

I ran a couple of experiments with different Linux distros hosted on KVM, and it looks like NetSUSLP 4.1 only wants to work on Ubuntu Server 14.04.5 for me.

With CentOS 6.8 and 7.x, I keep running into problems where smb service does not get started, so I can't mount the NetBoot share. Even after I edit the smb.conf file and start smb service, it doesn't want to mount. I also made sure that I installed and activated xinetd ahead of installing NetSUSLP, based on @jfeller's finding.

Also, the Software Update service just doesn't sync with Apple properly, and it's missing a lot of updates from the list. In the attached screen shots, I marked all the software updates that appear in Ubuntu but are missing from the CentOS hosted NetSUSLP server.

Our Linux hardware servers are all RHEL or CentOS since they have longer support cycles, so this is a bit of a bummer. I'm not in a big hurry to set up a NetSUSLP server, but it's discouraging that I can't use the server OS we standardized on, and that supposedly works with v. 4.1.

If there are additional steps for getting this running properly on RHEL/CentOS, they need to be included in the documentation pages as part of the initial setup.

When I installed the software on the Ubuntu 14.04.5 vm, everything worked with no errors.

15fc32de5bb6446991dfa99affed48f2
93ff4efaf2c943ce8a7c31c680ff8063
82c23c0e7f874fa4b2c34e181d8a903b

andykang
New Contributor

That's bad news... I haven't played around with it lately, but I did notice that ours wasn't "quite" working right either.

We're in the middle of re-doing our JSS servers with RHEL 7 and JSS v9.96 but once that's done, I plan on taking another look.

tvdham81
New Contributor

I got a NetSUS 4.1.0 running on a testvm with Ubuntu 14.04.5, which "appears" to be running fine, as in no errors. However, when selecting updates for branches I created, it is added in de webgui, but when looking at the branch catalog it is still empty (except the modify date is changed to the date/time I added the update packages to the branch). Anyone else seeing that behaviour?

On production I still run NetSUS 3, which is working as intended.

DLewtheCEO
New Contributor II

Has anyone experienced this?

https://www.jamf.com/jamf-nation/discussions/22231/mac-temporarily-frozen-when-selecting-nbi-after-netsus-4-1-0-upgrade