ThreadStates

• Articles
• Code
• Photos

Imaging a Mac Lab with Netboot and NetRestore

NetRestore is no longer supported. DeployStudio seems to be the successor.

NetRestore is an open source OS X system imaging solution. It can be used for imaging single computers via a firewire boot drive, or it can be combined with Apple's Netboot service included in OS X Server to image computers over the network. This article covers the latter use.

The basic idea is that you boot the clients to a minimal OS X install over the network, using the bootp based netboot service from an OS X server. The sole purpose of this minimal image is to launch NetRestore and restore your full image to the client's hard drive.

Preparing the Server

You will need an OS X server for this system to work. For security reasons we will create a special imaging user and an AFP share accessible only to that user. Alternatively, you could use NFS or HTTP to share the image; this document does not cover those options.

Create an Imaging User and Group

1. Launch the Workgroup Manager on the server.
2. Create a new group named "imaging".
3. Create a new user named "image", give him a password, and set his primary group to "imaging".

Set up an AFP Share Point

1. Create a folder for storing the images; name it something like "Disk Images".
   
2. Set the folder's owner and group to the imaging user and group you created above, and the permissions to 640 (Owner read/write, group read, others none).
   
3. Set the folder to be shared by AFP in the Workgroup Manager.
   
4. Ensure that you can mount the Disk Image folder from a client computer using the imaging user's credentials.

Create an Image to Deploy

First, you need to prepare an image to distribute. Select a master machine. Install and configure the OS and any additional software you need. Run all updates and configure all of the user accounts.

Next, you will need to boot from an external drive and use NetRestore Helper to create the image. The image must be stored on the server in the Disk Image share created earlier before continuing. NetRestore allows you to save the image to a mounted network share, or you can save it to the external drive and transfer it manually.

Distribution Preparation

Now we must create the minimal install that will actually restore the image created earlier. This is done with NetRestore Helper, which is bundled with NetRestore.

1. Launch NetRestore Helper on the master machine.
   • Click on the "Create NetInstall Set" tab.
   • Give the set a name (e.g. NetInstall-Restore), a unique ID, and (optionally) a description.
   • Save the NetInstall set somewhere; the desktop is fine.

2. Select "Configure NetRestore Now" when NetRestore Helper finishes saving the NetInstall set.
   • Select "Edit Configurations" from the NetRestore menu.
   • Set up a configuration that references the image on the server. Be sure to supply the proper credentials for the imaging user and the correct path to the share.
   • Save the configuration and click "Test". This attempts to mount the share using the configuration. If the share mounts correctly then the configuration is ok.
   • Copy the image set (both the NetInstall-Restore.nbi folder and the Resources folder) to /Library/NetBoot/NetBootSP0 on the server. Create it if it doesn't exist.

Configure NetBoot on the Server

NetBoot is the service that allows the clients to boot over the network.

1. Configure the netboot service on the server to look for images and client data on the volume where you stored the NetRestore set.
   
2. Start the netboot service on the server.
3. Set the NetRestore image set as the default netboot image and enable it.
4. Start the netboot service on the server.

Image the Clients

If everything went well we should be able to set the clients to boot from the network and they will boot the NetInstall image set, which will immediately begin imaging the client's hard drive, without any intervention on your part.

You can set the clients to boot from the network in one of the following ways:

1. Hold down the 'N' key while rebooting.
2. Use Apple Remote Desktop to set the startup disk to the network.
3. From the command line with the following command:

sudo bless --netboot --server bsdp://your.netboot.server

Troubleshooting

The only problems I've had with this process occur when the server is not on the same subnet as the clients. Many routers and switches are configured not to pass bootp traffic across subnets.

Feel free to contact me (pete dot morris at gmail) with any questions or suggestions.