[ipxe-devel] Script embedding in EFI environment
Lukas Zapletal
lukas at zapletalovi.com
Fri Dec 2 10:52:54 UTC 2016
Well, the purpose of this what we call bootdisk provisioning is actually
avoid PXE and also DHCP. Users download bootdisks with embedded scripts
that contain network IP/GW/DNS so no PXE or DHCP is actually required.
I was pointed to a commit that should allow such an integration via command
line (
https://git.ipxe.org/ipxe.git/commit/9913a405ea151706770559d42e758bc2c1da8525)
but I struggle to verify this. I am getting "error: invalid magic number"
when I attempt to boot it via linuxefi:
menuentry "Chainload iPXE B" {
search --no-floppy --set=root -f /ipxe.efi
linuxefi ($root)/ipxe.efi chain file:script
}
Am I doing this right?
If I remove Grub2 and try to boot directly (e.g. creating a FAT32 image
putting it into correct CDROM section), I don't believe there is any chance
to inject the script dynamically and the only option would be to embed the
script when building, which is exactly what I want to avoid :-(
LZ
2016-12-02 11:26 GMT+01:00 Hummel Frank <F.Hummel at ads-tec.de>:
> I do that via DHCP server configuration.
> Legacy (Syslinux) and IPXE clients use different user-classes.
> Legacy and UEFI use different architectures.
> As IPXE initiates a new DHCP request you have to break the boot-loop by
> detecting the iPXE user-class
>
> Shortened code snippet from my dhcpd.conf:
> *.ipxe files are the scripts for iPXE.
> No scripts embedded in ipxe.lkrn
> -----------------------------------------------------------------
>
> filename "/pxelinux.0"; # user selects in Syslinux
> menu "default" to continue in Syslinux mode or chain to iPXE via
> # KERNEL ipxe/ipxe.lkrn
> # APPEND dhcp &&
> chain http://111.222.333.444/ipxe/boot.ipxe
> if exists user-class {
> if option user-class = "iPXE" {
> # legacy menu ipxe
> filename "http://111.222.333.444/boot.ipxe";
> }
> }
> # UEFI menu ipxe
> if option arch = 00:07 {
> if exists user-class {
> if option user-class = "iPXE" {
> filename "/ipxe/efi/bootefi.ipxe";
> }
> }
> }
>
>
> mit freundlichen Grüßen
> with kind regards
>
> i. A. Dipl.Ing. (FH) Frank Hummel
> Systementwicklung
> System development
>
> ads-tec GmbH
> Heinrich-Hertz Str. 1
> 72622 Nürtingen
> Germany
>
> Tel.: +49 7022 2522-2412
> Fax: +49 7022 2522-400
> E-Mail: F.Hummel at ads-tec.de
> Web: www.ads-tec.de
>
> -----Ursprüngliche Nachricht-----
> Von: ipxe-devel-bounces at lists.ipxe.org [mailto:ipxe-devel-bounces@
> lists.ipxe.org] Im Auftrag von Martin Habets
> Gesendet: Freitag, 2. Dezember 2016 10:28
> An: ipxe-devel at lists.ipxe.org
> Betreff: Re: [ipxe-devel] Script embedding in EFI environment
>
> Maybe you could use DHCP option 209?
> https://tools.ietf.org/html/rfc5071#section-4
>
> Martin
>
> On 01/12/16 15:49, Lukas Zapletal wrote:
> > Hello,
> >
> > our project (www.theforeman.org <http://www.theforeman.org>) provides
> functionality to generate bootdisk for individual hosts. These are either
> iPXE or SYSLINUX based. The iPXE version does load the kernel/initramdisk
> directly via HTTP, the SYSLINUX has embedded linux kernel.
> >
> > Now, we had no UEFI support, until now. I am able to implement SYSLINUX
> bootdisk type (we call it Full host image) with Grub2 and that was pretty
> simple.
> >
> > I would like to add ipxe.efi into the image and be able to boot it,
> which is also doable either directly, or via chainbooting from Grub2. But
> the problem is, with SYSLINUX we've been able to provide the script via
> initramdisk (it's call embedding in iPXE terms I believe):
> >
> > default ipxe
> > label ipxe
> > kernel /ipxe
> > initrd /script
> >
> > This worked fine, but I am unable to do the same with ipxe.efi.
> >
> > set default=0
> > set timeout=1
> > menuentry "Chainload iPXE - this does not work" {
> > linuxefi /ipxe.efi
> > initrdefi /script
> > }
> > menuentry "Chainload iPXE - this loads iPXE but no script" {
> > search --no-floppy --set=root -f /ipxe.efi
> > chainloader /ipxe.efi + 1
> > }
> >
> > Is there a way to embed a script? What I want to avoid is building iPXE
> from scratch (with embedded script), I don't want to make our application
> complex and compiler and tools are not usually available on production
> installations.
> >
> > If there is no way of doing that from Grub2, I am fine booting iPXE
> directly, that's just more work when generating the ISO (hybrid) image for
> me, but feasible too.
> >
> > Tried to post into the user forum, but it did not work (form was
> submitted but no post appeared). Later on, I saw a PostgreSQL error page,
> so sending to the dev list if you don't mind. Thanks for help!
> >
> > --
> > S pozdravem / Best regards
> > Lukas Zapletal
> >
> >
> > _______________________________________________
> > ipxe-devel mailing list
> > ipxe-devel at lists.ipxe.org
> > https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel
> >
> The information contained in this message is confidential and is intended
> for the addressee(s) only. If you have received this message in error,
> please notify the sender immediately and delete the message. Unless you are
> an addressee (or authorized to receive for an addressee), you may not use,
> copy or disclose to anyone this message or any information contained in
> this message. The unauthorized use, disclosure, copying or alteration of
> this message is strictly prohibited.
> _______________________________________________
> ipxe-devel mailing list
> ipxe-devel at lists.ipxe.org
> https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel
> _______________________________________________
> ads-tec GmbH
> Sitz: 72622 Nürtingen
> Registergericht Stuttgart HRB 224527
>
> Geschaeftsfuehrer:
> Dipl.-Ing. Thomas Speidel
> _______________________________________________
> Diese E-Mail enthaelt vertrauliche und/oder rechtlich
> geschuetzte Informationen. Wenn Sie nicht der richtige
> Adressat sind oder diese E-Mail irrtuemlich erhalten
> haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese E-Mail. Das unerlaubte Kopieren,
> jegliche anderweitige Verwendung sowie die unbefugte
> Weitergabe dieser Mail sind nicht gestattet.
> _______________________________________________
>
> This e-mail may contain confidential and/or privileged
> information. If you are not the intended recipient (or have
> received this e-mail in error) please notify the sender
> immediately and destroy this e-mail. Any unauthorized
> copying, disclosure, distribution or other use of the
> material or parts thereof are strictly forbidden.
> _______________________________________________
>
> _______________________________________________
> ipxe-devel mailing list
> ipxe-devel at lists.ipxe.org
> https://lists.ipxe.org/mailman/listinfo.cgi/ipxe-devel
>
--
S pozdravem / Best regards
Lukas Zapletal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20161202/765064e1/attachment.htm>
More information about the ipxe-devel
mailing list