ZCM imaging megapost – part 6 (PXE boot menu)

windows 7 novell blog banner

So as it stands we have the base image, drivers and software side of things sorted – the final step is a deployment method that meets the original criteria of being light-touch but controlled. Using out-the-box ZCM we have two choices:

1) use hardware rules to automatically push an Imaging Bundle to new \ unknown machines
Unsuitable as a generic rule could catch staff machines that aren’t yet ready for imaging (ouch!)

2) install the ZCM Agent then link the Bundle to groups \ folders
Unsuitable as the upgrade to ZCM 11 would break existing ZDM bundles and policies 

With neither of the options really appealing I looked to see if there’s a way of using the Imaging Maintenance Menu to do the job. In the current setup we often use it in manual mode and point to an image to use so automating this seemed to be a way forward. Of course with the layered image scenario we need to apply 6 images in total so typing anything in manually is definitely not an option!

Imaging using bash script

Fortunately the imaging engine hasn’t changed much over the years so there’s some previous examples out there that helped point to the solution… bash scripting. The script I’ve customised will ask for confirmation before doing anything, wipe the ISD then apply thebase image + appropriate driver pack based on machine model type. If it doesn’t find anything suitable the technician is warned about this and given the chance to back out of the process. There’s also a bit of ASCII art to brighten things up thanks to http://www.network-science.de/ascii/

If you want to use the script download it from SkyDrive rather than copy \ pasting (never trust HTML formatted text!)

Tip: the echo -en “33c”  line clears the screen before the script starts

#! /bin/bash
echo -en "33c"
echo -e "${NC} ZENWorks Imaging"
echo -e "${NC}*********************************************"
echo -e "${NC}Active ZCM imaging proxy address is" $PROXYADDR
echo -e "${NC}*********************************************"
PRODUCT=$(zisview -s | grep SMBIOS_PRODUCT)
PRODUCT=${PRODUCT:$(expr index "$PRODUCT" '"')}
echo -e "${YELLOW}This machine has been detected as a" $PRODUCT
echo "zisedit data will be cleared before new image is applied"
read -s -n1 -p "Continue to image machine? (y/n)" confirm
if [ "$confirm" = "y" ] ; then
 zisedit -c
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/BASE.zmg
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/SCRIPTS.zmg


 if [ $PRODUCT = "HARDWARE1" ] 
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/DRV_HARDWARE1.zmg
elif [ $PRODUCT = "HARDWARE2" ] 
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/DRV_HARDWARE2.zmg
 echo -e "${RED}<---- NO drivers found ---->${NC}"
 read -p "Press [Enter] key to continue or power off now to abort..."
img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/NOVELL_CLIENT.zmg
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/ZCM_AGENT.zmg
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/ANTIVIRUS.zmg
 reboot -f
 echo -e "${RED}<---- Image NOT applied! ---->${NC}"
 read -p "Press [Enter] key to reboot..."
 # reboot -f

To test the script copy it to a USB stick then on a test machine boot into imaging maintenance mode (aka bash prompt) via PXE and run the following commands:

  • lsusb

    (check if the USB stick has been detected)

  • fdisk -l

    (find the device mount point)

  • mkdir /mnt/stick

    (create a mount point for your USB stick)

  • mount /dev/sdb /mnt/stick

    (mount USB device at /dev/sdb – substitute sdb for whatever shows up in fdisk -l)

  • cd /mnt/stick

    (change to USB stick directory now it’s mounted)

  • ls

    (show all files)

  • ./win7image2013.sh

    (run script)

Copy the script to PXE server

Once you’re happy with your script rename it so the extension is .s (in this example the script I’m using is called win7image2013.s)

  • Either use WinSCP (from a Windows machine)
    or on a Linux workstation use the file manager and the Connect to Server option
  • you need to connec to whichever ZCM server is running the PXE services for your network
  • The script file needs to be placed in the /srv/tftp/ directory
  • Once copied set permissions to match the other files in the directory (owner \ group = zenworks, chmod 0755)

Edit PXE menu

If everything works as expected the next step is to modify the PXE menu to include a new option that will start our imaging script.

Edit the file/srv/tftp/pxemenu.txt using your text editor of choice (make a copy first!) Look under the [Main] section and basically copy \ paste one of the lines but change the last part (where a .cfg file is specified) e.g.

option = execute ; "Windows 7 Image (2013)" ; "Windows 7 Image plus addons - 2013 release" ; pxelinux.0 ; z_image2013.cfg

This will add an additional entry into your ZCM PXE boot menu, obviously tweak to your preferences for where you want it in the list (you can even add some colours to it if you feel that way inclined)

Now you’ve specified the .cfg file to use you’ll need to create it. Easiest way to do it is to copy one of the existing files such as z_auto.cfg and duplicate it with the new name (in this example z_image2013.cfg) The .cfg file is actually telling the PXE server how to launch the preboot environment Linux boot loader, what we add is an additional IMGCMD parameter to specify which script to launch.

#====================== WARNING! ======================#
# Modifying this file is unsupported and can have 
# unpredictable results on ZENworks Preboot Services
DEFAULT imaging
LABEL imaging
 kernel boot\linux
 append 5 initrd=boot\initrd mode=2 rootimage=/root install=tftp://$PXESERVER/boot splash=silent vga=0x314 tftptimeout=50 $KERNEL_PARMS IMGCMD="win7image2013.s"

Important: one change that’s very easy to miss is the mode=2 setting, without this your script won’t run!
Ref: http://forums.novell.com/novell-product-discussions/endpoint-management/zenworks/configuration-management/zcm-10/zcm10-imaging/400764-starting-scripts-pxe-menu.html

Edit boot settings.txt

Although editing yet another file might look a bit of a pain at first it actually saves us a lot of time in the long run. Initially we used the method outlined here http://sysdocs.stu.qmul.ac.uk/sysdocs/StudentSystem/Linux/zen-imaging.html to add the custom imaging script file to the preboot environment. This entailed decompressing initrd, adding any additional scripts to the bin folder and then zipping it back up. Although it works well the process could get a bit arduous if you need to make a lot of changes to the script (new driver options etc).

Fortunately MickD2 on the Novell forums suggests a neater method that (as far as I can tell) copies the file from the TFTP server into the correct folder on the local machine. This makes it a lot easier to change the script file as it’s easily accessible in /srv/tftp rather than zipped up inside initrd.

To do this you need to edit the file settings.txt which can be found in the /srv/tftp/boot folder (make a copy of the file, if not the whole folder first!) and add the following lines at the bottom

tftp $TFTPIP -c get makeimage.s
 chmod +x *.s
 mv *.s bin

Test, rinse and repeat

At this point you can start a test machine from PXE, hold down CTRL+ALT and the imaging menu should now have an additional option available. Select it, hit enter and you should see PXELinux start loading up. Once you see the splash screen you can either a) be patient or b) press F2 to view the boot process. You should also be able to notice the boot loader mention that it’s using the custom .cfg file you configured earlier. Once the boot completes your script should fire up and away you go 🙂

If you have multiple PXE servers at other sites you’ll need to do all the steps above on each one (that said once you’ve done the first one it’s only a copy \ paste job so should make life a bit easier)


6 Responses to ZCM imaging megapost – part 6 (PXE boot menu)

  1. Kory says:

    For users running Windows Satellite servers, the script needs to use the proper commands for windows:

    img -rp BASE.zmg
    img -rp SCRIPTS.zmg
    img -rp /addon-image/DRIVERS.zmg
    img -rp /addon-image/NOVELL_CLIENT.zmg
    img -rp /addon-image/ZCM_AGENT.zmg

  2. bjornkelsen says:

    I can see the usage of addon zmg files in the script, but also that the zenagent is in these addon scripts – as I have seen it is not possible to apply addon zmg files if the agent is not installed in the base image – or at least that there should be some kind of zenagent file structure for img to dump the cache files into – How did you Go about solving this ?

    • gshaw0 says:

      Hi Bjorn,

      Yes you’re correct, these aren’t add-on images generated by ZCM but rather ones I’ve created manually using Image Explorer – for more info see this post https://gshaw0.wordpress.com/2013/03/08/zcm-11-imaging-megapost-part-2-drivers/

      I found that the ZCM created add-on images weren’t much use as there was no way to automatically run an Install action directly using the content in the add-on image; on ZCM 11.2.3a I read that the content gets copied twice on the C: drive (in the add-on image location then again into the local Agent cache) which seemed a bit pointless. Might be fixed in the new 11.3 update though.

      I like to keep my base image clean and install the ZCM Agent later on via script, that way there’s no chance of any GUID issues and it’s then possible to swap the Agent files out for newer ones when ZCM gets upgraded (e.g. from 11.2 to 11.3 and a newer version of the Agent needs to be installed instead)

      • bjornkelsen says:

        ah – that makes sense – and doubling the space/time used to cache a large bundle is what I don’t want as I am trying to bring down the time it actually takes to download and install a large bundle. Best fix is probably to re-engineer the bundle either using upload as single file or do some bits as network installs.
        Also the zcm generated addon files creates it’s content in partition 1 and that might create another issue as the win7 C drive files are in partition 2.
        Reg the zcm agent I use a small vbs script during imaging that downloads the preagent directly off the zen server and then installs it – works fine and always gives me the newest version – just need to get rid of that pesky 5 minute extra wait before reboot (maybe autoit ?)

  3. gshaw0 says:

    Yes we do all ours as the single file upload type, has worked pretty well for the Office 2013 update Bundle we pushed out recently.

    Good point on the partition issue on the ZCM Bundle add-on images, seems like an area Novell need to re-design (or just bite the bullet and buy out ENGL…)

  4. Chad Sutton says:

    I just found your site and I love your documentation. Your imaging is very similar to what I’ve setup at my College. One thing that we do differently that saves some time when we get new PC models is that the bash script we use just grabs the bios Product name and uses that as the ZMG file name. When we get a new PC model all we have to do is name its hardware ZMG exactly the same as its BIOS product name and we are good to go. Below is the script we use.

    img rp $PROXYADDR “addons/generic.zmg” a1:p2
    img rp $PROXYADDR “addons/$(dmidecode -s system-product-name).zmg” a1:p2

    I really like how you have broken your base products into smaller ZMG files. That is something we may have to add in the future. There are sections of our “generic.zmg” image that haven’t changed in a long time. Other parts, like the Novell client change on a fairly regular basis.

    Thank you. Great site! I am going to devour everything on it!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: