Windows Image with Cloudbase-Init

Conduit supports provisioning Windows images with Cloudbase-init to set user data, network setting and other data at boot time. The following is an example of how to prepare a Windows image with cloudbase-init and optionally sysprep it.

Setup

1. On your Windows VM download and install Cloudbase-init from https://cloudbase.it/cloudbase-init/

2. Use the default settings, and do not run sysprep at the end of the install.

3. Under C:Program FilesCloudbase SolutionsCloudbase-Initconf, edit the cloudbase-init.conf file, referring to the sample configuration below. If the image will be sysprepped, edit cloudbase-init-unattend.conf and unattend.xml as well.

   Note

   Sample configurations only, user configurations may vary.

   cloudbase-init.conf

   [DEFAULT]
   # username=Admin
   # groups=Administrators
   # inject_user_password=true
   inject_user_password=false
   first_logon_behaviour=no
   config_drive_raw_hhd=true
   config_drive_cdrom=true
   config_drive_vfat=true
   bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
   mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\
   verbose=true
   debug=true
   logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\
   logfile=cloudbase-init.log
   default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
   logging_serial_port_settings=
   mtu_use_dhcp_config=true
   ntp_uce_dhcp_config=true
   local_script_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\
   
   # servers - tried in order until success
   metadata_services=cloudbaseinit.metadata.services.configdrive.ConfigDriveService,
           cloudbaseinit.metadata.services.httpservice.HttpService,
           cloudbaseinit.metadata.services.ec2service.EC2Service,
           cloudbaseinit.metadata.services.maasservice.MaaSHttpService
   
   # What plugins to execute.
   plugins=cloudbaseinit.plugins.common.mtu.MTUPlugin,
           cloudbaseinit.plugins.windows.extendvolumes.ExtendVolumesPlugin,
     cloudbaseinit.plugins.common.userdata.UserDataPlugin,
     cloudbaseinit.plugins.common.networkconfig.NetworkConfigPlugin
   
   # disabled plugins
   # cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin
   # cloudbaseinit.plugins.windows.createuser.CreateUserPlugin
   # cloudbaseinit.plugins.windows.setuserpassword.SetUserPasswordPlugin
   # cloudbaseinit.plugins.common.networkconfig.NetworkConfigPlugin
   # cloudbaseinit.plugins.common.sshpublickeys.SetUserSSHPublicKeysPlugin
   # cloudbaseinit.plugins.windows.winrmlistener.ConfigWinRMListenerPlugin
   # cloudbaseinit.plugins.windows.licensing.WindowsLicensingPlugin
   # cloudbaseinit.plugins.windows.ntpclient.NTPClientPlugin
   # cloudbaseinit.plugins.common.userdata.UserDataPlugin
   
   # Miscellaneous.
   allow_reboot=false    # allow the service to reboot the system
   # stop_service_on_exit=false
   

   cloudbase-init-unattend.conf

   [DEFAULT]
   username=Admin
   groups=Administrators
   inject_user_password=true
   config_drive_raw_hhd=true
   config_drive_cdrom=true
   config_drive_vfat=true
   bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
   mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\
   verbose=true
   debug=true
   logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\
   logfile=cloudbase-init-unattend.log
   default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
   logging_serial_port_settings=
   mtu_use_dhcp_config=true
   ntp_use_dhcp_config=true
   local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\
   metadata_services=cloudbaseinit.metadata.services.configdrive.ConfigDriveService,cloudbaseinit.metadata.services.httpservice.HttpService,cloudbaseinit.metadata.services.ec2service.EC2Service,cloudbaseinit.metadata.services.maasservice.MaaSHttpService
   plugins=cloudbaseinit.plugins.common.mtu.MTUPlugin,cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin,cloudbaseinit.plugins.windows.extendvolumes.ExtendVolumesPlugin
   allow_reboot=false
   stop_service_on_exit=false
   check_latest_version=false
   

   unattend.xml

   <?xml version="1.0" encoding="utf-8"?>
   <unattend xmlns="urn:schemas-microsoft-com:unattend">
     <settings pass="generalize">
       <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
         <SkipRearm>1</SkipRearm>
       </component>
       <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
         <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls>
         <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices>
       </component>
     </settings>
     <settings pass="oobeSystem">
       <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
         <InputLocale>en-US</InputLocale>
         <SystemLocale>en-US</SystemLocale>
         <UILanguage>en-US</UILanguage>
         <UserLocale>en-US</UserLocale>
       </component>
       <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
         <OOBE>
           <HideEULAPage>true</HideEULAPage>
           <ProtectYourPC>1</ProtectYourPC>
           <NetworkLocation>Home</NetworkLocation>
           <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
         </OOBE>
         <TimeZone>UTC</TimeZone>
         <UserAccounts>
           <AdministratorPassword>
             <Value>administratorPassword</Value>
             <PlainText>true</PlainText>
           </AdministratorPassword>
           <LocalAccounts>
             <LocalAccount wcm:action="add">
               <Password>
                 <Value>password</Value>
                 <PlainText>true</PlainText>
               </Password>
               <Group>administrators</Group>
               <DisplayName>conduit</DisplayName>
               <Name>conduit</Name>
               <Description>Conduit User</Description>
             </LocalAccount>
           </LocalAccounts>
         </UserAccounts>
       </component>
     </settings>
     <settings pass="specialize"></settings>
   </unattend>
   

4. Save and changes to cloudbase-init.conf, cloudbase-init-unattend.conf, and unattend.xml files.

   Note

   The Administrator password is being set in the unattend.xml file to be set upon boot after sysprep. This is not required if sysprep is not being used, and may not be preferred. Other mechanisms such as requiring the Administrator password to be reset or randomly generated can be used. Conduit can also securely via the user_data file at provision time.

5. To run a sysprep using the cloudbase-init configuraiton, run the following in a command prompt:

   cd C:\Program Files\Cloudbase Solutions\Cloudbase-Init\conf
   
   C:\Windows\System32\sysprep\sysprep.exe /generalize /oobe /unattend:Unattend.xml
   

6. Sysprep will run and Windows will be powered down. The VM can now be converted to an Image/Blueprint and synced or uploaded to Conduit and used for Provisioning.

Important

Upon upload or sync of the Virtual Image, ensure cloudbase enable is checked in the Virtual Image config, and the existing or unattend.xml credentials when using sysprep are populated.