Jump to content

- - - - -

RFI - Widnows 10 Iscsi sysprep.

ipxe iscsi windows 10 sysprep target

  • Please log in to reply
2 replies to this topic

#1 moriarty

  • Members
  • 4 posts
    United States

Posted 06 May 2020 - 01:22 AM

Short version:

How do you add iscsi boot to sysprep offline image?


Longer version:


I need assistance on a project. My current system supports installing windows 10 to an iscsi target and works with:


lio (targetcli-fb) linux iscis host - block mode. 1 lun per hard disk (works uefi and bios mode)

ipxe, apache, wimboot - booting winpe v1903 (customizations addition of drivers only)

Samba, running Windows 10 1909 setup (customizations: install.wim injected drivers, pagefile disabled)

second state boot is just ipxe with sanboot to iscsi target. It works fine.


Becasue my iscsi server supports snapshots and generating a new iqn per client. I wish to optimize this process further. As now it is generating full disk images on the iscsi server. Using sysprep master image with snaps per client should use much less space. It won't be perfect but it will be better than full images per target. And I wish to boot unfamiliar hardware to sysprep.


I have the backend working, but I must be missing part of the windows setup process. How it ensures iscsi installation has boot critical, non lwf, network adapter and iscsi initiator.


During setup to iscsi, setup does this (rather undocumented) dism function:

dism.exe  /logpath:E:\$WINDOWS.~BT\Sources\Panther\iscsi_boot_net.log /Image:E:\ /Add-NetAdapter /HostAdapter:{76A614E4-1167-4C66-89B9-2A76C663C547} /BootDriver:ms_tcpip /BootDriver:ms_tcpip6

But I am not running setup, so to get the info I need for the first winpe boot instance I need:

wmic nic get guid,name,servicename

which does appear to generate a network adapter in the sysprep image.

After which a regedit of the offline system to promote the network adapter servicename to boot critical and disable the paging file to help the 1909 pagefile bug.


But when the sysprep machine is sanbooted (stage 2) I get BSOD IRQL NOT LESS OR EQUAL.


Apologies for any mismatching terminology I am not windows guy.

Edited by moriarty, 06 May 2020 - 01:24 AM.

#2 rollercoaster

  • Members
  • 1 posts

Posted 11 July 2020 - 07:02 AM

We have a very similar setup. Win10 on my machines (including VMs) are installed directly via iSCSI. I haven't tried sysprep'ing any of those yet. That is something I can try and see if the generalized image can actually boot no prob. I presume you are using zfs as backing store.


Another thing I was quite curious is if we can create a backing parent image for all the LUNs where each machines maintain their own delta copy of the parent image. Windows server supports that I think. In Linux, you have to use a distributed fs eg, ceph or gluster as backing store.

Edited by rollercoaster, 11 July 2020 - 07:02 AM.

#3 moriarty

  • Members
  • 4 posts
    United States

Posted 14 August 2020 - 04:16 PM

A community help request.

I need to learn about the early process of bootmgr.efi and winload.exe,  how it knows which drivers to use for what MS used to call boot critical devices. Specifically I need to inject a network driver into an offline generalized sysprep'd image and add it to the boot time/critical/early driver load process. The method of injection will be a simple winpe boot with the sysprep'd image staged as an iscsi target.


What I really need are reference resources and correct terminology. I am probably using the wrong terminology for half the windows functions I describe as I'm primarily a linux user. From what I've learned I can inject drivers to an offline image. What I can't figure out, is how to make them avaiable to the early boot process.


Let's recap.

I have a server that can successfully build and boot a fully updated windows 10 diskless client. The client pxe boots then pulls winpe while mounting an iscsi disk from the same server. I have to do the setup /noreboot option to regit out pagefile.sys but that's fine. Pagefile on diskless systems doesn't make sense anyway. In addition a custom default sysprep'd image will install if run through the above process using setup /installfrom custom.wim .


The iscsi backend image is full sized and unique to the machine that requested the ipxe boot. IPXE can use client variable like mac to generate a unique reguest for a particular iscsi target. Meaning the server can contain multiple iscsi targets for multiple diskless clients. Good so far.


The server supports block level snapshots, these snapshots can be iscsi targets. Therefore individual diskless machines can retain persistance. The goal is to optimize my server to store a single generalized sysprep'd image and have the snapshots act as differencing disks per diskless client.


The problem with doing this the optimized way is simply drivers. The sysprep image will not contain network drivers for unknown hardware after a sysprep /generalize has run. I am trying to learn how to patch a sysprep image the same way setup does on /installfrom to be iscsi. Without having to do the full install. The reason being your storing too much data per client. See the backend individually unique systems are block level different, therefore the block level deduplicate function of the snapshot engine is useless here. The block level storage simply doesn't see the file level storage of the ntfs volumes to realize they are 99.9% similar.

Also tagged with one or more of these keywords: ipxe, iscsi, windows 10, sysprep, target

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users