Difference between revisions of "Cool Solution - Using UCC as Image-Distribution-Server for other Univention Corporate Clients"

From Univention Wiki

Jump to: navigation, search
(Initial release - not yet reviewed)
 
Line 62: Line 62:
 
  service nfs-kernel-server restart
 
  service nfs-kernel-server restart
  
== Configure the Image ==
+
== Configure the image ==
  
 
Change the assigned server of the image LDAP object:
 
Change the assigned server of the image LDAP object:

Revision as of 10:20, 30 September 2013

Note: This article is not yet reviewed.
Produktlogo UCC Version 1.0

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.


Introduction

The default partitioning of a Univention Corporate Client separates user data and system data. This allows a complete replacement of the system image with a newer one without loosing user data or the domain join status. Usually, these images are distributed through an automatically created NFS share on the Univention Corporate Server that has the UCC-App installed.

In some cases one might not want to use a Univention Corporate Server to provide the NFS share. E.g. in a small branch office with very poor connection to the main office. Using a Univention Corporate Client as NFS server for the other UCCs, might be an alternative that is described in this article. Since the free space is always limited on a thinclient, one probably wants to use a USB pendrive containing the images.

Please note that this article does not take care of the PXE configuration. As this article adresses scenarios with small branch offices, we assume that the Univention Corporate Clients boot directly from harddisk and not via PXE. If that is not the case in your scenario, you need to adjust the PXE settings: UCC PXE rollout

Recommended Procedure

The following steps need to be completed:

  • Install the designated UCC-NFS-Image-Server with a normal UCC-Image
  • Create the NFS share and mount the USB pendrive
  • Specify the UCC-NFS-Image-Server as server that holds the UCC-Image for the other Univention Coprorate Clients
  • Optionally: configure security settings to limit access to the NFS share
  • Optionally: configure PXE-Settings
  • Make the UCC-thinclients update their system image from the UCC-NFS-Image-Server

Install a UCC as Image-Distribution-Server

At first, we need to install the designated UCC-NFS-Image-Server with a standard UCC-Image. This should be done according to the UCC manual. In the following we will assume that the official UCC thin client image is used.

After the installation finished, log in to the UCC via ssh:

ssh root@ucc-image-server.univention.test

We need to disable the overlay filesystem and the read-only mode:

ucr set ucc/thinclientoverlayfs=false
ucr set ucc/boot/mount=rw

We assume that a USB pendrive is used to contain the image(s). So we need to create a directory to mount the USB pendrive and copy the images from the Univention Corporate Server that holds the original UCC images:

mkdir /var/lib/univention-client-boot
umount /dev/sdb
mount /dev/sdb1 /var/lib/univention-client-boot
scp root@ucs-ucc-server.univention.test:/var/lib/univention-client-boot/ucc-1.0-rev2-thinclient-image.img* /var/lib/univention-client-boot/

For upcoming reboots you probably want to add this to your /etc/fstab to make sure the USB pendrive gets mounted automatically:

/dev/sdb1       /var/lib/univention-client/boot ext4    defaults        0       0

Now we can install the NFS server components:

apt-get install nfs-common nfs-kernel-server

To configure the desired NFS share, append the following to /etc/exports:

"/var/lib/univention-client-boot"  *(ro,no_root_squash,sync,no_subtree_check)

Then export (= publish) the share:

exportfs -ra

Alternatively, restarting the NFS server will do the same:

service nfs-kernel-server restart

Configure the image

Change the assigned server of the image LDAP object:

udm settings/ucc_image modify \
--dn univentionCorporateClientImageName=ucc-1.0-rev2-thinclient-image.img,cn=Images,cn=UCC,cn=univention,dc=univention,dc=test \
--set server=ucc-image-server.univention.test

If you changed/updated the image, do not forget to change the md5 file as well:

md5sum /var/lib/univention-client-boot/ucc-1.0-rev2-thinclient-image.img > /var/lib/univention-client-boot/ucc-1.0-rev2-thinclient-image.img.md5

Configure the clients

Now set the clients to check for an update on next boot:

Set UCC to check for updated image.png

See also

UCC manual: Image rollout

Personal tools