Documentation ¶
Overview ¶
The ePoxy boot server is the first point of contact for managed machines as they boot. The boot server serves all client connections over TLS. And, the boot server restricts all state-changing requests to administrative users (any machine) and managed machines (only itself).
Managed machines progress through three boot stages:
stage1) local boot media like an iPXE ROM, or an immutable CD image stage2) a minimal, linux-based network boot environment stage3) the final system image.
Managed machines are treated as stateless. So, the ePoxy boot server acts as an external state manager that mediates the transition of successive boot stages. Managed machines positively acknowlege every stage transition using session ids generated on the first request and known only to the ePoxy boot server and the remote machine.
So, if a managed machine acknowleges the final stage successfully, then we know that this machine is the same one that first contacted the ePoxy boot server.