unable to create netboot image

sidhu_navdeep
New Contributor

Hi Folks,

I'm still learning Casper, so need your help. I'm trying to create a net boot image so that it can be uploaded at Net Boot server for Mac imaging.

I installed Mavericks OS X 10.9.5 on an external drive, did necessary customization so that the size of the net boot image can be reduced. After that, from another Mac (running on 10.9.5), I fired up System Image Utility, selected that external drive & tried to create net boot image. The wizard run & at step "Copying Source Volume" it gave below error

Image Creation failed - The operation couldn't be completed (system image utility error 2.)

Any help in this regard would be highly appreciated.

2 ACCEPTED SOLUTIONS

davidacland
Honored Contributor II
Honored Contributor II

Looking on the Apple support pages it might be a mismatch issue with the OS versions.

Alternatively it could be a problem with the source or target drive.

Have you tried using @bentoms AutoCasperNBI? It's worked every time for me.

View solution in original post

daz_wallace
Contributor III

Hi @sidhu_navdeep

That matches with my understanding.

At minimum, you need to add:
- the IP address / range the netSUS is on (possibly just IP Address and 255.255.255.255)
- the the IP address / range your netboot clients are on.

Hope that helps!

Darren

View solution in original post

36 REPLIES 36

Carlos
New Contributor

Hi Sidhu,

How did you install 10.9.5 on the external drive? From the install OS X application? If you installed from the combo update it will leave the recovery partition all messed up. Also, do you have enough free space on the Mac running SIU to save the image?

davidacland
Honored Contributor II
Honored Contributor II

Looking on the Apple support pages it might be a mismatch issue with the OS versions.

Alternatively it could be a problem with the source or target drive.

Have you tried using @bentoms AutoCasperNBI? It's worked every time for me.

sidhu_navdeep
New Contributor

Hi Carlos,

Many thanks for your response. Yes I did install 10.9.5 on external drive using combo update because I was under impression that both OS should be running on the same version. As now you are pointing out that combo update might have messed up with recovery partition, so what can be the solution in this case?

By the way, Mac has enough free space where SIU was running.

Looking forward for your support.

sidhu_navdeep
New Contributor

Hi David,

Thanks for your response. I'll give it a shot at AutoCasperNBI & will feedback the results very soon.

Cheers

sidhu_navdeep
New Contributor

Hi David,

One quick question though about AutoCasperNBI -

There is an option "Reduce Image Size" in this app & if selected, you would have 8GB net boot image (10.9.x) which I think it is too big in size. Although Ben mentioned that "NetBoot clients will only pull the data required to boot the OS" but I'm still concerned with the size of this net boot image because we have several locations/offices already suffering from network bandwidth issues & I don't want to add another one!

So what could be the best bet in this case?

Thanks

davidacland
Honored Contributor II
Honored Contributor II

That sounds about right. I made a 10.10.1 nbi last week and it was 10.75GB.

Ben is correct, the client only pulls the files it needs so the size of the nbi shouldn't really matter.

sidhu_navdeep
New Contributor

By any chance, do we know how much amount of data (in MBs/GBs) a Mac pulls from NetBoot server while loading this netboot image because I need to pass on this information to the network team.

May be I'm asking too much but if I get this information then it would be a great help.

Thanks

davidacland
Honored Contributor II
Honored Contributor II

No idea I'm afraid. If I had to guess I would say 2-4GB although assuming you're imaging a Mac you'll be pulling down lots more data than that.

Carlos
New Contributor

Hi Sidhu,

What you want to do is a clean install on the external drive using the "Install OS X Mavericks.app", then you would do any updates and customization. From there boot from another OS X source and run SIU...what I would also recommend is renaming the Hard Drive you are making an image from to Netboot or something along those lines, sometimes having the image hdd and the hard drive you are running SIU from with the same name may also cause an issue.

jpfromdc98
New Contributor III

I would use @bentoms AutoCasperNBI . Create a read-only DMG (in advanced options) then image the drive using disk utility.

bentoms
Release Candidate Programs Tester

@sidhu_navdeep, I'm not sure how much data is pulled via an NBI when booted.. But if you use AutoCasperNBI & tick "reduce image" it removes some items from the NBI which would in turn lessen the nw load as things that aren't there cannot be loaded.

I'd advise testing with your NW people via NetBoot & make sure that they are happy with the generated traffic.

If they feel that too much is being pulled then, as per what @jpwade31 suggested, tick "Create A Read-Only DMG" then restore that to an external drive & boot off of that.

BUT, if when imaging your pulling an OS (8ish GB) & something like an Adobe Suite installer (6-12 GB).. Then that may raise concerns either way & in fact the NBI would be much less than the overall load.

sidhu_navdeep
New Contributor

Thanks guys for the overwhelming response. Much appreciated.

I managed to create NetBoot image using AutoCasperNBI & size is 7.5GB. A big thanks to Ben for creating a wonderful app!

As far as imaging & its content is concerned, we are using WAN optimizer (Riverbed) to optimize WAN traffic. It caches all the data which passes through it & deliver to the machine like a LAN. However it is unable to optimize tftp traffic (UDP-69 port) which is being used by NetBoot process while delivering boot image to a Mac. That's why I was emphasizing more on the network traffic during booting process.

As Ben advised, NBI should be much less than the overall load, I'm going to test this in a test environment & will share my feedback.

Thanks again for all your help :-)

Cheers

sidhu_navdeep
New Contributor

Hi again,

I've another question regarding configuration of NetBoot server. After uploading NetBoot image at NetBoot server, it is asking below information

"Subnets on which to listen for the NetBoot image. One of the subnets must include the IP address of the NetBoot server"

There are two fields i.e. Subnet & Netmask. Do I really need to populate these two fields to get this working or DHCP relays at network L3 devices should do the trick for me or do I need to leverage "Network Segments" section to populate NetBoot server for a subnet?

Please suggest. Thanks

daz_wallace
Contributor III

Hi @sidhu_navdeep

It sounds like you're using the JAMF NetSUS appliance.

I've not got round to digging further but my understanding is that section is to do with the local firewall on the appliance and so is certainly required I'm afraid, in addition to passing the broadcast packets on.

If you're not too worried about the security, you could stick larger ranges in to cover your whole LAN.

Hope that helps!

Darren

sidhu_navdeep
New Contributor

Hi Darren,

Thanks for your reply. Yes I'm using JAMF NetSUS appliance & I should have mentioned this in my earlier post. Sorry for that. Anyways I'm certainly concerned with the security & not in a position to publish the larger range.

So what I understood from your response is that apart from publishing local subnet & netmask detail (where NetBoot server resides), I can add a smaller subnet & netmask so that it can start replying to the broadcast packets. Is my understanding correct, please?

daz_wallace
Contributor III

Hi @sidhu_navdeep

That matches with my understanding.

At minimum, you need to add:
- the IP address / range the netSUS is on (possibly just IP Address and 255.255.255.255)
- the the IP address / range your netboot clients are on.

Hope that helps!

Darren

sidhu_navdeep
New Contributor

Thanks Darren. It indeed helped me a lot.

One last question - Do I need to configure "Network Segments" section to populate NetBoot server for a subnet in JSS or is this option really helpful if I have multiple NetBoot servers in the environment?

daz_wallace
Contributor III

sorry @sidhu_navdeep for the lack of response over the holiday break! :)

It's the second one, and even then, thats only if you remotely / schedule kicking off a netboot of a client/s from Casper.

You can still override this by using 'Alt' during boot of the device.

Darren

sidhu_navdeep
New Contributor

No worries Darren :-) Wishing you a very happy new year!

We don't have any plans/requirements to remotely/schedule kicking off a NetBoot of a client from Casper. So I think it's not mandatory to configure this option even if we are going to have multiple NetBoot servers. Is my understanding correct, please?

Navdeep

daz_wallace
Contributor III

Hi Navdeep,

And a Happy New Year to you too!

Exactly, you don't have to configure it if you won't use multiple Netboot servers and / or remotely starting a netboot session.

Darren

sidhu_navdeep
New Contributor

Sorry mate, I think there is a confusion. We will definitely have multiple NetBoot servers at a later stage however there won't be any requirement for starting a netboot session remotely. So please suggest the appropriate approach & configuration.

Many thanks

Navdeep

daz_wallace
Contributor III

No worries.

That should also be fine. 

I meant if you only have one netboot server or if you don't care about remotely starting a Netboot then it doesn't matter.

Darren

sidhu_navdeep
New Contributor

Thanks Darren for all your support. Much appreciated!

calumhunter
Valued Contributor

hi @sidhu_navdeep

In regards to the size of your NBI created with AutoCasperNBI.

You can further reduce the size of the image by converting the image to a sparse image.

I have found that it reduces the NBI from aroun 7.5Gb to 4.5Gb. This is easier to push around to remote sites. As for how much data gets pulled down the line from the server to the client during netboot operations - this is not much of a concern for me. But getting that NBI out to our remote sites is and saving 3GB is worthwhile for us.

In my testing i have found no significant speed differences between the sparseimage and the original image. If anything the sparseimage actually seems to be a little bit faster to netboot.

I follow a similar method to how DeployStudio creates its NBI set

First step is to create a spare image from the original image

hdiutil convert -format UDSP /path/to/your/NBI/NetBoot.reduced.dmg -o /path/to/your/NBI/NetBoot.reduced.sparseimage.dmg

Second step is to remove (or move) the original image

rm /path/to/your/NBI/NetBoot.reduced.dmg

Third step is to now create a symlink to point any reference to the old NetBoot.reduced.dmg to our new sparse image

cd /path/to/your/NBI
ln -s NetBoot.reduced.dmg.sparseimage NetBoot.reduced.dmg

sidhu_navdeep
New Contributor

Hi, thanks for your post.

I'm bit confused/concerned about 2nd & 3rd step where we are removing & creating a symlink. I'm not sure about the purpose of these steps. Are they really required to make this working?

By the way, I've created sparse image & now the size is reduced to 4.4 GB which looks good.
But please let me know whether my NetBoot server going to entertain this sparse image & will the clients boot from this sparse image?

calumhunter
Valued Contributor

First up, when you do the hdiutil convert command, that actually creates a brand new disk image with the contents of the original. This is why you can remove the original once the new one has been created.

the third point with the sym link, if you look in the ImageInfo.plist you will note that it has a key with the name of the image file. ie NetBoot.reduced.dmg. This is what is used by the netboot server so that it knows the path of the netboot image so it can provide that path to the client machine in order for the client to boot from that image.
Now you could modify this file and replace the old name with the new name, but I've had mixed results doing that.

The sym link method works and DeployStudio uses it and Casper NetImage creator uses it, and I've had 100% success using it. So thats why I am recommending it.

If you follow the above steps, you will be fine.

The netboot server will provide your netboot image to the client via NFS or HTTP depending on which your using. The server doesn't care about the format of the image so you don't have to worry

The client also has no problem using a sparse diskimage as a netboot source.

Good luck :)

daz_wallace
Contributor III

Hi @calumhunter

Would you not just be able to delete the original Netboot.dmg and rename your new sparse one to be the same?

Darren

calumhunter
Valued Contributor

Kind of like renaming a .doc to a .xls no?

daz_wallace
Contributor III

Sorry, I wasn't clear.

I meant carry out the conversion and instead of using the symlink, rename the newly created file?

Darren

calumhunter
Valued Contributor

No, I understand what you are saying. But we are converting a .dmg into a compressed .sparseimage
Different file types, different file extensions.

daz_wallace
Contributor III

Sure, but I would have thought the plist file would only care about the full filename and not the extension verses file type?

Just kinda thinking out loud and checking it holds up :P

Darren

calumhunter
Valued Contributor

I'm not sure i understand?
the full filename of the newly created image is NetBoot.reduced.dmg.sparseimage
the extension is .sparseimage
the file type is defined by the extension .sparseimage if you change the .sparseimage extension to .dmg then the system thinks that the file type is now .dmg and not .sparseimage
So like i said its kind of like taking a .doc file and renaming it .xls
I haven't tried it but it doesn't sound like a good idea.

daz_wallace
Contributor III

.... My Monday pre-coffee ramblings. Don't worry about it 

Darren

sidhu_navdeep
New Contributor

Hi calumhunter,
you mentioned below
"The sym link method works and DeployStudio uses it and Casper NetImage creator uses it, and I've had 100% success using it. So thats why I am recommending it"

However I'm not using any of these tools. All I'm using JAMF NetSUS appliance, so I'm not sure whether sym link works with NetSUS appliance or not!

calumhunter
Valued Contributor

@sidhu_navdeep
My intent with mentioning those tools is that they are both created by developers with a very long history of working with Apple, so when I see developers such as JAMF and the DeployStudio Team using the sym link method it adds a lot of credibility to it, if it was easier or "better" to rename the disk image or update the imageinfo.plist then I would expect to see these developers do that. But instead they are doing the sym link.

As I have said before, you will be fine doing this. To be clearer; Yes this method will work with NetSUS. It will also work with any other netboot server ie. Mac OS X Server, bsdpy

I would encourage you to learn more about the NetBoot process in general, the communications between server and client, its capabilities in general and its limitations. This will help you build out your infrastructure and also make troubleshooting later on down the track a lot easier.

The resources here are still a good starting point
https://static.afp548.com/mactips/bootpd.html

Pascal_Sherman
New Contributor

Hi sidhu_navdeep,

Have you gotten Riverbed optimizing https traffic? Are you using Client Certificate Support?