In '3 Provide certificates' provide the SSL certificate of the domain controller used. Run the command to gather the SSL certificate information from any Domain Controller desired: # openssl sclient -connect:636 -showcerts; When the openssl connect command completes, the full contents of the SSL certificate are displayed. For more information, see VMware Security Advisory VMSA-2019-0022. The following VMware Tools ISO images are bundled with ESXi601: windows.iso: VMware Tools 11.0.1 ISO image for Windows Vista (SP2) or later; linux.iso: VMware Tools 10.3.21 ISO image for Linux OS with glibc 2.5 or later.

• 3Installer
• 4Installation manuals
• 5Virtualization

Requirements

Before diving right into the installation of FOG you need to decide which server OS you are going to use. FOG is made to install on RedHat based distro CentOS, Fedora, RHEL amongst others as well as Debian, Ubuntu and Arch Linux. Choose whichever you like most and have knowledge about! FOG is known to work with any of the above noted systems. Many installation manuals are available.

This listing is for informational purposes only, as the required components will be automatically downloaded and installed by the FOG installation script: PHP 5/7, MySql 5+/MariaDB 10+, Apache 2+, DHCP (pretty much any!), TFTP, FTP, NFS

The LAMP setup can also be easily adjusted for a 'WAMP (Windows Apache MySQL PHP) system' though will require a bit more knowledge of what packages to use and how to integrate with the FOG system.

Please choose the distribution you have the most knowledge about, but the below list has the best support in FOG 1.3.0 right now. This list is by no means an absolute list to follow, though.

• Ubuntu 16 or higher

• Debian 8 or higher

• CentOS 7 or higher

• Red Hat 6 or higher

• Fedora 22 or higher

• Any version of Arch.

Download FOG

Please see: Getting_FOG

Installer

The FOG installer comes as a complex shell script that will handle all the package installs and configuring the services for you. It must be run as root (sudo works as well) to be able to set things up properly. Running the installer on a new system for the first time it will ask you a couple of questions regarding your network configuration and services you want to install.

Modes

FOG can be installed in two different modes. First is the normal FOG server which does all of the work. Choose this option if you only want have a single FOG server in your network. The second option is to install a FOG storage node which will serve as a second place to store images on and serve images to more clients (when doing unicast). Here you can find some more information about the two modes.

Command line options

The FOG installer has quite a few command line options. See the output below. You might want force FOG to setup the web interface via HTTPS, change the default PXE boot file or web root directory.

.fogsettings

Full article on the .fogsettings file can be found here: .fogsettings

Backups

TBD

Errorlog

TBD

Installation manuals

Setup Failed To Generate The Ssl Keys Vmware Workstation

CentOS

CentOS 7, CentOS 6.4 (CentOS 6.5 also works), CentOS 5.3 (CentOS 5.4 & 5.5 also covered)

Debian

Debian 8,Debian Wheezy, Debian Squeeze, Debian Lenny

Fedora

Fedora 25 Server,Fedora 24 Server,Fedora 23 Server, Fedora 21 Server, Fedora 13, Fedora 8,

RHEL

TBA

Ubuntu

Ubuntu 16.04(obsolete, just for the archive:Ubuntu 14.04, Ubuntu 13.10, Ubuntu 13.04, Ubuntu 12.10, Ubuntu 12.04, Ubuntu 11.04, Ubuntu 10.10, Ubuntu 10.04, Ubuntu 9.04, Ubuntu 8.10, Ubuntu 8.04, Ubuntu 7.10)

Virtualization

FOG can be used on bare metal as well as in most virtual server and client setups. Some of the virtualization techniques are really great when used with FOG, e.g. snapshots. Some people use virtualization to prepare and capture their 'golden (master / reference) images' all on one central location/server. Again like with the server OS we don't prefer any of the following or others that are out there. This is only a collection of hints and tricks plus maybe issues we know about.

Hyper-V

Using the New VM Wizard:

Ensure the virtual switch your VM is connected to has a route to FOG!

Create VM Wizard > Installation Options: Select 'Install an operating system from network-based installation server'

Existing VM:

Ensure the virtual switch your VM is connected to has a route to FOG!

Setup Failed To Generate The Ssl Keys Vmware Workspace

Right click VM > Settings > BIOS

Move 'Network Adapter' (sometimes labeled 'Legacy Network Adapter') to the top of the boot order.

UEFI:

Setup Failed To Generate The Ssl Keys Vmware Player

UEFI/Secure Boot is an option with Hyper-V on Server 2012 on Generation 2 VMs. It is enabled by default, and can be disabled in VM Settings -> Firmware: Uncheck secure boot.

Thanks to moses

KVM/QEMU

Can be used as kind of a lightweight desktop virtual environment to test FOG and master your images.Using this on the laptop as local test environment. Search forums and wiki but there is no valuable information about anyone using FOG on a KVM server. Asked user mxc as he seams to use it. Otherwise this will be a brief description on how to use this as I do it.

OpenVZ

OpenVZ (possibly within Proxmox) is mostly used to run the FOG server in a light weight kind of virtual environment. As OpenVZ is in nature similar to a chrooted environment you cannot actually PXE boot such a container. To install FOG as a server in OpenVZ you need to have NFS support on the host machine first and then add it to the container as well:

If you don't see the kernel module nfsd loaded you might need to install the nfs-kernel-server package and load the module (usually done by the nfs-kernel-server init script). As mentioned before you need to enable access to nfsd from within the container you want to install FOG to:

After that the installer should run through like it would installing on bare metal or any other virtual environment!

Wake on LAN:

To be able to send WOL and multicast packages the container needs a proper MAC address. This is only the case if you configure the container to use a network bridge (veth instead of venet!).

LXC

LXC (used in Proxmox for example) does need some manual configuration tweek - reference:

• Option 1 - Disable Apparmor:
  • Edit the container configuration file and add the line lxc.aa_profile: unconfined.
  • On Proxmox the configuration file is located at /etc/pve/lxc/CTID.conf, where CTID is the ID number of the container.
• Option 2 - Edit Apparmor profile to allows NFS:
  • Open /etc/apparmor.d/lxc/lxc-default-cgns and add the nfs/rpc lines:

• Reload Apparmor:

Important: The latest Proxmox update (around 23th of October 2018) broke NFS in LXC containers. Find a fix here: https://forum.proxmox.com/threads/mounting-nfs-in-lxc-not-working-since-latest-update.47815/

VirtualBox

Bridged network or host only.

Most versions seem to suffer from a bug where iPXE would only be able to get an IP from the DHCP if started cold (vs. reboot).

This can be fixed by changing the iPXE binary from undionly.kkpxe to ipxe.pxe in the DHCP server config.

VMWare ESXi

Running a FOG client within an ESXi server is pretty close to what you would do on a bare metal machine:

• Create VM as normal.
• Choose network adapter other than VMX3 (e.g. e1000) as we have seen loading issues with those virtual adapters.
• Open VM Console, start up the VM. Press F2 on Boot Logo to enter BIOS.
• Scroll over to boot tab, use + key to move Network boot to the top of the boot order.

You can also do an on-demand network boot by hitting F9 on startup, if you don’t want to change the boot order permanently.

UEFI:

UEFI is disabled by default for VMs in ESXI 6.0+. To enable it for a VM, go to VM Settings > Options Tab > Advanced: Boot Options and change the boot firmware from BIOS to EFI.

Thanks to moses

VMWare Player

Is this still in use?? Don't care if there is nothing about it in wiki or forums!

Xen/XenServer

See forums

Security

Troubleshooting

IMPORTANT, what to do when the installer fails? Where are the logs?

Below, you will find a listing of all FOG troubleshooting related articles.

• The vSphere Web Client displays this error:

• After an upgrading vCenter Server 6.0 to 6.5 editing a AD over LDAP or OpenLDAP Identity source fails if SSL protection is selected.
• The AD over LDAP or OpenLDAP Identity source has connect to any domain controller in the domain selected or two LDAPS servers are provided.
• With a single LDAPS server the issue does not occur.
  Note: If a loadbalancer is used with multiple LDAPS servers the issue may occur as well.
• After a fresh installation of vCenter Server 6.5 adding a AD over LDAP or OpenLDAP Identity source fails if SSL protection is selected.
• In the ssoAdminServer.log file, there are entries similar to: