4

I have a Problem and a Question around the same deployment

First, We have a regular campus environment ... various windows clients and departments and vlans and Active Directory, NPS, you know the drill.

Now I have a bunch of computers (approximately 20) that I need to operate disk-less for various security reasons. The PCs all have iSCSI Compliant NICs and from the BIOS I was able to connect to the targets and assign the required LUNS ... I removed the HDDs, ran a fresh windows 10 installation and all went well until it was time to reboot. I removed the installation USB,rebooted, the BIOS connected the iSCSI target, Windows started loading, then after 3 mins of the Windows icon and just the loading circle I got an error message saying BOOT_DEVICE_INACCESSIBLE. Can someone please tell me what to do in that particular situation ? I believe that Windows has already passed the boot loader stage and the OS itself should be loading, I dont know why its still looking for a boot device. If the actual boot device was missing (since its disk-less, and no installation media) then it should get stuck in BIOS and NOT during the OS loading.

Now for the Question: I was rather expecting the iSCSI SAN Configuration in the BIOS to Support VLANS, the option is there (HP Compaq 6200 pro sff) but disable. Does this mean that I will have to run the SAN traffic and User Traffic all on the same VLAN ? This is going to be a huge problem as the machine changes ip address frequently from User VLAN to Service VLAN (upon user login and logoff with 802.1x AAA on a catalyst Switch). Or will the original native vlan be abstracted from the OS (since its used by the PC hardware) and later will be presented with the option to configure another vlan (encapsulated) for user data from within Windows? Am I better off just adding an extra NIC for data and have a dedicated Layer 1 Interface for SAN ? ... Please Advise !!

Thanks alot !! Any feedback and experience is much appreciated

a.atlam
  • 261
  • 2
  • 6
  • 1
    For diskless, never thought to use xendesktop or vmware view? the data stay in your datacenter that way – yagmoth555 Mar 20 '17 at 23:36
  • Yes true, but I dont have licenses ... and I already have a nice SAN with extra space – a.atlam Mar 21 '17 at 02:33
  • It's an design error in my opinion, as it mean your iSCSI traffic will be send to all distribution switch in your LAN, thus you open a door direct to your storage from rj45 that are outside your server room. – yagmoth555 Mar 21 '17 at 13:08
  • Valid Point yagmoth555, however I am not exposing any of the operational data-center SAN. I am trying to address a situation in 2 departments only (thus not all access switches) using hardware that will otherwise be decommissioned ... I am aware that are much more elegant solutions but as you can tell, I am very tight on budget. How would you do it? – a.atlam Mar 21 '17 at 13:27
  • Same way as you did, but please try on a switch near the SAN, I wonder if its a timeout that cause you the error – yagmoth555 Mar 21 '17 at 13:39
  • Perhaps that IS the case ... I saw the throughput go extremely high on the SAN dashboard so I didn't suspect timeouts ... I will try again with a demo unit right by the SAN and let you know ... Thanks alot ! – a.atlam Mar 21 '17 at 14:11
  • Leaky data can be fixed with VLAN's – Piotr Kula Apr 24 '17 at 21:56

1 Answers1

6

I can suggest you two options. First option is to use Linux gPXE. It is PXE client implementation and bootloader derived from Ethernet. I’ve heard about this solution a couple of times already, but haven't tried it myself yet. If you’re interested, just check it: https://jonmccune.wordpress.com/2011/12/19/diskless-windows-7-with-iscsi-and-gpxe/ https://www.youtube.com/watch?v=xDI86ZUDA9g

Second option is Aclouda. It’s a hardware device which imitates a SATA hard disk. You can spawn a Microsoft iSCSI Target or Starwind Free iSCSI target and create corresponding virtual disks, configure Aclouda devices to connect to those targets, deploy OS and continue working in a diskless mode. http://aclouda.com/

Stuka
  • 5,445
  • 14
  • 13
  • 1
    Thanks alot for the AcloudA suggestion !! Have been using all sorts of scripts to synchronize backups and snapshots to cloud storage ... if I can plug this in a HARD secondary node for automatic cloud synchronization that would be the best thing since sliced bread !! I just figured out what the problem was ... apparently MS changed the PXE in the 3 Windows 10 Versions it released, removing iSCSI support and adding it again in the latest build. Had to change the Windows 10 Version and it worked like a charm! ... Will post the specifics later today – a.atlam Mar 23 '17 at 09:37
  • 2
    You are always welcome:) Hope it will help with your project. – Stuka Mar 24 '17 at 17:04
  • gPXE as abondoned since several years now, iPXE is what you would use today instead but the basics is the same – NiKiZe Aug 03 '17 at 15:20