You are not logged in.

Announcement

[2017.09.08] DeployStudio build v1.7.8 (checksum, release note).
[2016.08.26] DeployStudio build v1.6.19 (release note).
[2013.02.23] DeployStudio last universal build v1.5.17 (release note).

#1 2014-06-18 17:18:54

jelockwood
Member
Registered: 2009-11-11

Problems with Mavericks NetBoot images

I am now using DeployStudio 1.6.9, I have created a fresh Mavericks 10.9.3 NetBoot image using DeployStudio 1.6.9. My DeployStudio (1.6.9) server is running Mavericks 10.9.3 also and Server.app 3.1.2.

Besides the Mavericks 10.9.3 NetBoot image I also have a 10.8.5 NetBoot Image containing the same DeployStudio 1.6.9 runtime.

When I NetBoot a MacBookPro6,2 15" using the 10.8.5 NetBoot image it boots and goes into DeployStudio Runtime 1.6.9 and connects to my repository on the 10.9.3 server with no problems or delays.

When I NetBoot the same MacBookPro6,2 15" using a Mavericks NetBook image including my latest attempt with 10.9.3, it boots successfully, goes in to DeployStudio Runtime 1.6.9 but then sits stuck for a couple of minutes or so while it tries to connect to the repository. It eventually gives up trying to connect and says "Unknown host, The address 'server.domain.com' is not valid or the host is unreachable" (obviously I am in reality using a proper server name). If I replace the DNS name with an IP address it works straight away.

Once connected to the repository I can run Terminal. Terminal says there is no nslookup command available but there is a dig command available. Dig says it can resolve my DeployStudio server. Ping says it cannot resolve the DNS name even though Dig still says it can. Obviously with no nslookup command I cannot try testing using nslookup to resolve the DNS name.

Doing the same tests with the 10.8.5 NetBoot image shows it also has no nslookup command, but does have Dig and Dig works, but unlike Mavericks Ping also works.

The DNS server is a Mac, the IP address of the MacBookPro is provided via DHCP (not a Mac server) along with the address of the DNS server. When booted via the 10.8.5 NetBoot image /etc/resolv.conf shows the expected DNS server addresses.

For what its worth my DeployStudio server is accessible via plain ordinary http, the NetBoot images are serve via NFS, and the repository is via AFP. The clocks on the MacBookPro and server are correct.

Ok tried the Mavericks NetBoot image again, again it initially failed and I had to use the IP address to get in, however this time ping worked and /etc/resolv.conf like the 10.8.5 NetBoot showed the expected DNS servers.

I believe from past tests with an older 1.6.4 DeployStudio that if I NetBoot from a Mavericks image 10.9.1 or 10.9.3 but leave it long enough (after the initial failure) it does start to do DNS lookups successfully including the login to the repository. However currently every single time it will fail initially. It seems that a Mavericks NetBoot image is therefore for some reason not getting the DNS server initially.

Just tried the 10.9.3 NetBoot yet again and while /etc/resolv.conf is still valid ping still fails. Strangely I can ping other servers. Again this suggests a timing issue, I tried these other servers after a delay.

Offline

#2 2014-06-18 17:33:46

jelockwood
Member
Registered: 2009-11-11

Re: Problems with Mavericks NetBoot images

If it helps here is a log for when booted from a Mavericks 10.9.3 NetBoot image. You can see the failures.

====================================================================================================
DeployStudio Runtime
DSCore.framework version 1.6.9 (b140613), Copyright 2014 The DeployStudio Team.
MAC address: 58:b0:gg:gg:94:d5
Network address: 192.168.108.213 (mac-w801724zagy.local)
Network interface speed: AUTOSELECT (1000BASET <FULL-DUPLEX,FLOW-CONTROL>)
Operating System: Mac OS X Version 10.9.3 (Build 13D65)
Date: 14/06/18 17:13:11
====================================================================================================
23 plugins were successfully loaded!
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
A server with the specified hostname could not be found. (-1003), retrying command in 5s...
error: A server with the specified hostname could not be found. (-1003)
Starting Bonjour lookup...
error: The operation couldn’t be completed. (NSURLErrorDomain error -1012.) (-1012)
Authentication failed for user 'deploystudioadmin'.
The user 'deploystudioadmin' was successfully authenticated.
Connected to server deploystudio.domain.com (1.6.9)
Checking server reachability (server=deploystudio.domain.com port=548) ...
deploystudio.gherson.com: unreachable host! (tested port=548, ip=0)
Checking server reachability (server=192.168.108.17 port=548) ...
Mounting repository share point...
/bin/mkdir /tmp/DSNetworkRepository 2>&1
/bin/chmod 777 /tmp/DSNetworkRepository 2>&1
/bin/chmod 777 /tmp/DSNetworkRepository 2>&1
Mount call...
Parsing result...
Checking repository content...
Checking host firmware version
Macintosh serial number: W8xxxxxxAGY
Macintosh model: MacBookPro6,2
Boot ROM version: MBP61.88Z.0057.B0F.1112091028
Firmware ok!

Offline

#3 2014-07-09 11:15:22

jelockwood
Member
Registered: 2009-11-11

Re: Problems with Mavericks NetBoot images

Just re-tested with DeployStudio 1.6.10 and Mavericks 10.9.4.

First time I NetBooted the client Mac with the Mavericks 10.9.4 NetBoot image and a DeployStudio 10.6.10 server and runtime it worked fine. The second time using the exact same client Mac and nothing at all changed, it failed as above with the same error.

EDIT: While DNS lookup failed the second (and third) attempts, I then tried a Bonjour address e.g. deploystudio.local on the third attempt and that worked. As a I recall originally Bonjour lookup also failed. Numeric IP addresses always work.

Last edited by jelockwood (2014-07-09 11:28:12)

Offline

#4 2014-07-10 10:13:17

jelockwood
Member
Registered: 2009-11-11

Re: Problems with Mavericks NetBoot images

With having recently done two upgrades of DeployStudio in rapid succession - 1.6.9 to 1.6.10 to 10.6.11, I did notice one additional fact. The first boot of a Mavericks NetBoot image after upgrading DeployStudio server works, that is it boots and successfully connects via DNS to the repository. The second and subsequent NetBoots of the same Mavericks NetBoot image using the same client Mac fail.

This led me to try stopping and starting the DeployStudio server (without an upgrade). The first Mavericks NetBoot after doing this also worked. So something is going wrong after the first use by a Mavericks NetBoot client, as a reminder the NetBoot process itself works each time, it is merely the second and subsequent connections to the repository via a DNS address that fail and only for Mavericks NetBoot images. (Mountain Lion and Lion NetBoot images are not affected.)

Offline

#5 2014-08-07 12:10:04

jelockwood
Member
Registered: 2009-11-11

Re: Problems with Mavericks NetBoot images

After further testing it seems that turning off the Application Firewall on the DeployStudio/NetBoot server has helped reduce this problem significantly. It looks like when DeployStudio is first installed or upgraded it is loaded 'fresh' in to memory and authorised to send/receive traffic via the firewall - hence why it works the first time, after a period it then looks like the Application Firewall 'expires' DeployStudio from the approved list and hence why subsequent attempts fail.

This maybe related to the fact that DeployStudio is not a signed application. Signed Applications are normally and automatically approved to send/receive traffic via the Application firewall.

I would still not consider this to be the full answer as it does not explain why this only seems to affect Mavericks NetBoot clients even to the same server. It therefore could be more of a coincidence of facts. There is also another possibility, it may also be the case that the first NetBoot and connection and run is ok, then if one leaves a long enough gap the second attempt is ok, but if you do two in rapid succession the second will fail.

As a reminder I am using the same client Mac for these tests as it is being used to test workflows before using them live. Hence why it may run several times in rapid succession.

Offline

#6 2014-08-09 03:06:55

blimvisible
Member
Registered: 2012-06-15
Website

Re: Problems with Mavericks NetBoot images

The Application Firewall is also giving me trouble (OS X 10.9.4 Mavericks Server). Upon reboot of the OS, the DeployStudioServer process is no longer allowed access through the firewall. I have to sign in to the server, manually stop the DeployStudioServer process (usually by using the On/Off switch under System Preferences), start it again, and then I'll get the Allow/Deny prompt for the firewall. Click Allow and everything's fine... until the next reboot.

Is there a particular reason the DeployStudioServer binary isn't signed? That would probably obviate the issue. Maybe use a self-signed cert, and include it in the DeployStudio installer to add to the local keychain as a trusted source? Or I can try to drum up $99 USD in donations for an Apple Developer account... =)

Offline

Board footer

Powered by FluxBB