NetInstall service is built upon protocols, files, and folder structures that are described below.
The NetBoot, NetInstall, and NetRestore features of OS X offer you alternatives for managing the operating system and apps that your Macintosh clients (or even other servers) require in order to start and do their work. Instead of going from computer to computer to install operating system and apps from CDs, you can prepare an installation image that installs on each computer when it starts up. You can also choose to not install software and have client computers start up (or boot) from an image stored on the server. (In some cases, clients don’t even need their own hard disk.)
Using NetBoot and NetInstall, your client computers can start from a standardized OS X configuration suited to specific tasks. Because the client computers start from the same image, you can quickly update the operating system for users by updating a single boot image.
NetInstall requires an installation image.
NetBoot requires a boot image (.dmg) file which looks and acts like a mountable disk or volume. NetBoot images contain the system software needed to act as a startup disk for client computers over the network.
NetInstall requires an installation image (.nbi) file which starts up the client computer long enough to install software from the image. The client can then start up from its own hard disk.
Boot images and installation images are disk images. The main difference is that a .dmg file is a proper disk image and a .nbi folder is a bootable network volume (which contains a .dmg disk image file). Disk images are files that behave like disk volumes.
You can set up multiple NetBoot or NetInstall images to suit the needs of groups of clients or you can provide copies of the same image on multiple NetBoot servers to distribute the client startup load. You can also use a NetRestore image to quickly restore a volume.
NetBoot service can be used with NetBoot and NetInstall images along with OS X client management services to provide a personalized work environment for each user.
Disk images
The disk images contain the system software and apps used over the network by client computers. The name of a disk image file typically ends in .img or .dmg. Disk Utility—part of OS X Yosemite—can mount disk image files as volumes on the desktop.
You use System Image Utility to create OS X Yosemite NetBoot or NetInstall images, using an OS X Yosemite installation volume or an existing system volume as the source. For information about creating images, see System Image Utility Help.
NetBoot share points
NetInstall service sets up share points to make images and shadow files available to clients. Shadow files are used for NetBoot clients that don’t use their local hard disks to write out data when booted.
NetInstall service creates share points for storing NetBoot and NetInstall images in /Library/NetBoot/ on each volume you enable and names them NetBootSPn, where n is 0 for the first share point and increases by 1 for each extra share point.
For example, if you decide to store images on three server disks, NetInstall service sets up three share points named NetBootSP0, NetBootSP1, and NetBootSP2.
The share points for client shadow files are also created in /Library/NetBoot/ and are named NetBootClientsn, where n is the share point number.
You can create and enable NetBootSPn and NetBootClientsn share points on other server volumes using the NetInstall pane in the Server app.
WARNING: Don’t rename a NetBoot share point or the volume it resides on. Don’t stop sharing a NetBoot share point unless you first deselect the share point for images in the Server app.
Use NetBoot and NetInstall images on other servers
You can also specify the path of a NetBoot image residing on a different NFS server. When creating image files, you can specify which server the image will reside on.
Client information file
NetInstall service gathers information about a client the first time a client selects a NetBoot or NetInstall volume to start from the Startup Disk. NetInstall service stores this information in the /var/db/bsdpd_clients file.
Shadow files
Many clients can read from the same NetBoot image, but when a client must write back to its startup volume (such as print jobs and other temporary files), NetInstall service redirects the written data to the client’s shadow files, which are separate from regular apps and system software.
Shadow files preserve the unique identity of each client while it’s running from a NetBoot image. NetInstall service transparently maintains changed user data in shadow files while reading unchanged data from the shared system image. Shadow files are re-created at startup, so changes made to a user’s startup volume are lost at restart.
For example, if a user saves a document to the startup volume, after a restart that document is gone. This behavior preserves the condition of the environment the administrator set up. Therefore, users must have accounts on a file server on the network to save documents.
Balance the shadow file load
NetInstall service creates an AFP share point on each server volume you specify and distributes client shadow files across them as a way of balancing the load for NetBoot clients. There’s no performance gain if the volumes are partitions on the same disk. See Distribute shadow files.
Allocation of shadow files for OS X Yosemite NetBoot clients
When a client computer starts from an OS X Yosemite NetBoot image, it creates shadow files on a server NetBootClientsnshare point or, if no share point is available, on a drive local to the client.
NetBoot image folder
When you create an OS X Yosemite NetBoot image with System Image Utility, the utility creates a NetBoot image folder whose name ends with .nbi and stores it in the NetBoot image with other files (see the following table) required to start a client computer over the network.
File | Description |
|---|---|
booter | Startup file that the firmware uses to begin the startup process |
mach.macosx | UNIX kernel |
mach.macosx.mkext | Drivers |
System.dmg | Startup image file (can include apps) |
NBImageInfo.plist | Property list file |
System Image Utility stores the folder whose name ends with .nbi on the NetInstall server in /Library/NetBoot/NetBootSPn/image.nbi (where nis the volume number and image is the name of the image). You can save directly to this folder or you can create the image elsewhere (even on another computer) and copy it to the /Library/NetBoot/NetBootSPn folder later.
You use System Image Utility to set up NetBoot image folders. The utility lets you:
Name the image
Choose the image type (NetBoot or NetInstall)
Provide an image ID
Choose the default language
Choose the computer models the image supports
Create unique sharing names
Specify a default user name and password
Enable automatic installation for installation images
Add package or preinstalled apps
For information about creating images, see Create NetBoot images.
Property list file
The property list file NBImageInfo.plist stores image properties. The following table gives more information about the property list file for OS X Yosemite image files.
Property | Type | Description |
|---|---|---|
Architectures | Array | An array of strings of the architectures the image supports. |
BootFile | String | Name of boot file: booter. |
Index | Integer | 1–4095 indicates a local image unique to the server. 4096–65535 is a duplicate, identical image stored on multiple servers for load balancing. |
IsDefault | Boolean | True specifies this image file as the default boot image on the subnet |
IsEnabled | Boolean | Sets whether the image is available to NetBoot (or Network Image) clients. |
IsInstall | Boolean | True specifies a Network Install image; False specifies a NetBoot image. |
Name | String | Name of the image as it appears in the OS X Yosemite preferences pane. |
RootPath | String | Specifies the path to the disk image on the server, or the path to an image on another server. |
Type | String | NFS or HTTP. |
SupportsDiskless | Boolean | True directs the NetInstall server to allocate space for the shadow files needed by diskless clients. |
Description | String | Text describing the image. |
Language | String | A code specifying the language to be used while starting from the image. |
Initial values in NBImageInfo.plist are set by System Image Utility and you usually don’t need to change the property list file directly. Some values are set by the Server app. If you must edit a property list file, you can use TextEdit or Property List Editor.
Boot Server Discovery Protocol (BSDP)
NetInstall service uses an Apple-developed protocol based on DHCP known as Boot Server Discovery Protocol (BSDP). This protocol provides a way of discovering NetInstall servers on a network.
NetBoot clients obtain their IP information from a DHCP server and their NetBoot information from BSDP. BSDP offers built-in support for load balancing. See Performance and load balancing.
BootP server
NetInstall service uses a BootP server (bootpd) to provide necessary information to client computers when they try to start from an image on the server.
If BootP clients on your network request an IP address from the NetBoot BootP server, this request fails because the NetBoot BootP server doesn’t have addresses to offer. To prevent the NetBoot BootP server from responding to requests for IP addresses, use the dscl command-line tool to open the local folder on the NetInstall server and add a key named bootp_enabled with no value to the /config/dhcp/ folder
Boot files
When you create an OS X Yosemite NetBoot image with System Image Utility, the utility generates the following boot files and stores them on the NetInstall server in /Library/NetBoot/NetBootSPn/image.nbi (where n is the volume number and image is the name of the image):
booter
mach.macosx
mach.macosx.mkext
If you turn on NetInstall service while installing OS X Yosemite, the installer creates the NetBootSP0 share point on the server boot volume. Otherwise, you can set up NetBootSPn share points by choosing where to store NetBoot images from the list of volumes in the NetInstall pane of the Server app.
Trivial File Transfer Protocol (TFTP)
NetInstall service uses Trivial File Transfer Protocol (TFTP) to send boot files from the server to the client. When you start a NetBoot client, the client sends a request for startup software. The NetInstall server then delivers the boot file to the client using TFTP default port 69.
Client computers access the startup software on the NetInstall server from the location where the image was saved.
These files are typically stored in the /private/tftpboot/NetBoot/NetBootSPn/ folder. This path is a symbolic link to Library/NetBoot/NetBootSPn/image.nbi (where n is the volume number and image is the name of the image).
Use images stored on other servers
You can store OS X Yosemite NetBoot or NetInstall images on NFS servers other than the NetInstall server.
Security
You can restrict access to NetInstall service on a case-by-case basis by listing the hardware addresses (also known as the Ethernet or MAC addresses) of computers that you want to permit or deny access to.
The hardware address of a client computer is added to the NetBoot Filtering list when the client starts up using NetBoot and is, by default, enabled to use NetInstall service. You can specify other services. See Provide NetInstall service.
NetInstall images
A NetInstall image starts up the client computer long enough to install software from the image. The client can then start up from its own hard disk. In the same way that a NetBoot image replaces the role of a hard disk, a NetInstall image is a replacement for an installation image.
Like a bootable CD, NetInstall is a convenient way to reinstall the operating system, apps, or other software onto the local hard disk. For system administrators deploying large numbers of computers with the same version, NetInstall can be very useful. NetInstall doesn’t require the insertion of a DVD into each NetBoot client because startup and installation information is delivered over the network.
When you create a NetInstall image with System Image Utility, you can automate the installation process by limiting interaction at the client computer.
Because you can configure an automatic network installation to erase the contents of the local hard disk before installation, data loss can occur. You must control access to this type of NetInstall image and must communicate the implications of using them to those using these images. Before using automatic network installations, it’s always wise to inform users to back up critical data.
You can perform software installations through NetInstall using a collection of packages or an entire disk image (depending on the source used to create the image).
For more information about preparing NetInstall images to install software over the network, see Create NetInstall images.
Apps for setting up and managing images
You use the following OS X Server apps to set up and manage NetBoot, NetInstall, and NetRestore:
System Image Utility, to create OS X NetBoot, NetInstall, and NetRestore disk images. This utility is installed with OS X in the /System/Library/CoreServices/ folder.
PackageMaker, to create package files you use to add software to disk images.
Property List Editor, to edit property lists such as NBImageInfo.plist.
To create an image, you must have valid OS X image sources or volumes. You cannot create an image of the startup disk you’re running on.