In a previous post we showed how to leverage Cloudbase-Init to customize Windows guest instances provisioned by VMware Cloud Assembly in an Azure Cloud Account. Now it is time to show the power of Cloudbase-Init in vCenter Cloud Accounts.
Cloudbase-Init is the Cloud-Init equivalent for Windows. It provides tools for Windows guest customization, like user creation, password injection, hostname, SSH public keys and user-data scripts.
In this post I am going show how to use cloud agnostic blueprints to deploy and customize a Windows instance in a vCenter Cloud Account in VMware Cloud Assembly. I have divided the post in two parts: first, I will show how to setup a Windows image in vCenter and tailor the image for customization. In this part, I won’t go step by step through the image creation process, instead, I will focus on how to configure Cloudbase-Init. And second, I will show how to create a blueprint in VMware Cloud Assembly with some guest customization, deploy it and check that the customization is applied successfully.
Setup Cloudbase-Init in a vCenter Windows image
- Login to vCenter and create an image for the Windows version that you want to use.
- Create a Virtual Machine from the Windows image and power it on.
- Once the Virtual Machine is up and running, login with an RDP client and install Cloudbase-Init:
- Download the Cloudbase-Init installation binaries from https://github.com/cloudbase/cloudbase-init or downloads page. Ensure you are using version 0.9.12.dev72 or greater, which includes the OvfService metadata provider.
- Run the CloudbaseInitSetup_x64 installation binary and follow the on-screen instructions. Leave default values, and change Username to Administrator and check Run Cloudbase-Init service as LocalSystem.
- Click Install and after the installation completes, edit the configuration files.
- Navigate to the chosen installation path, under the conf directory, and edit the file cloudbase-init-unattend.conf. Change metadata_services value to OvfService (with fully qualified class name):
[DEFAULT] username=Administrator groups=Administrators inject_user_password=true config_drive_raw_hhd=true config_drive_cdrom=true config_drive_vfat=true bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\ verbose=true debug=true logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\ logfile=cloudbase-init-unattend.log default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN logging_serial_port_settings= mtu_use_dhcp_config=true ntp_use_dhcp_config=true local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\ metadata_services=cloudbaseinit.metadata.services.ovfservice.OvfService plugins=cloudbaseinit.plugins.common.mtu.MTUPlugin,cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin,cloudbaseinit.plugins.windows.extendvolumes.ExtendVolumesPlugin allow_reboot=false stop_service_on_exit=false check_latest_version=false
- In the same folder, edit the file cloudbase-init.conf. Change metadata_service to OvfService (with fully qualified class name), and also set first_logon_behaviour and plugins.
[DEFAULT] username=Administrator groups=Administrators inject_user_password=true first_logon_behaviour=always config_drive_raw_hhd=true config_drive_cdrom=true config_drive_vfat=true bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\ verbose=true debug=true logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\ logfile=cloudbase-init.log default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN logging_serial_port_settings= mtu_use_dhcp_config=true ntp_use_dhcp_config=true local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\ metadata_services=cloudbaseinit.metadata.services.ovfservice.OvfService plugins=cloudbaseinit.plugins.windows.createuser.CreateUserPlugin,cloudbaseinit.plugins.windows.setuserpassword.SetUserPasswordPlugin,cloudbaseinit.plugins.common.sshpublickeys.SetUserSSHPublicKeysPlugin,cloudbaseinit.plugins.common.userdata.UserDataPlugin
- Finally, finish the Cloudbase-Init installation using the options below.
- After the Sysprep process completes, the Virtual Machine will shutdown automatically. Alternatively, it is possible to install Cloudbase-Init in silent mode (unattended).
- Download the Cloudbase-Init installation binaries from https://github.com/cloudbase/cloudbase-init or downloads page. Ensure you are using version 0.9.12.dev72 or greater, which includes the OvfService metadata provider.
- From vCenter, convert the Virtual Machine to Template.
Additionally, before installing Cloudbase-Init, we can install any tool and make other configurations needed.
After these steps, we have a Windows image ready to use in VMware Cloud Assembly, with Cloudbase-Init prepared to customize our deployments. To customize the guest instance user experience, the user can change the properties shown the configuration files. Most of the properties have default suggested values, except:
- username: in first boot after Sysprep, Administrator account is created with blank password. By choosing Administrator username + SetUserPasswordPlugin + remoteAccess password in the blueprint, Cloudbase-Init will change the blank password.
- first_logon_behaviour: always, the user will be prompted to change the password after first logon.
- metadata_services: by listing only OvfService, Cloudbase-Init won’t try the other metadata services that are not supported in vCenter, having cleaner logs (there won’t be logs of Cloudbase-Init iterating over other metadata services and failing to find them).
- plugins: by listing only the plugins with capabilities supported by OvfService, logs will be cleaner. Also, Cloudbase-init will execute the plugins in this order.
- Run Cloudbase-Init service as LocalSystem: some advanced scripts might require to run Cloudbase-Init service with a dedicated administrator user. If this is the case, it must be selected at installation time.
Deploy and customize Windows guest instance within VMware Cloud Assembly
Now I will show how to create a cloud agnostic blueprint to deploy and customize the Windows image from the previous step.
- Login to vRealize Automation Cloud as Cloud Assembly Administrator and select VMware Cloud Assembly.
- Navigate to Infrastructure tab and setup a vCenter Cloud Account.
- Ensure that a new Cloud Zone is automatically created, which is associated with the vCenter Cloud Account from the previous step.
- Create a new Project associated with the Cloud Zone from the previous step. Add users / user groups as Project Administrators / Members.
- Create a Flavor Mapping.
- Create an Image Mapping for the Windows image.
If you don’t see the image created in the first part, go to Cloud Accounts and synchronize images. By default image collection runs automatically every 24 hours. - Create a Storage Profile.
- Navigate to the Blueprints tab and create a Blueprint for the Project (these steps can be completed with any user added as Project Administrator / Member to the project created in step 4).
YAML code:formatVersion: 1 inputs: {} resources: Cloud_Machine_1: type: Cloud.Machine properties: image: win2016 flavor: small remoteAccess: authentication: usernamePassword username: Administrator password: Password1234@$ cloudConfig: | #cloud-config write_files: content: Cloudbase-Init test path: C:\test.txt set_hostname: demonameThe blueprint deploys the Windows image and performs some customization: The remoteAccess properties will provide the username and password to the guest instance (the password must meet the password policy). The metadata service will pick up these values and expose them to CreateUserPlugin and SetUserPasswordPlugin. Other remoteAccess options are generatedPublicPrivatekey and publicPrivateKey, explained in How to use remote access authentication in your Cloud Assembly deployments.
The cloudConfig property will set the user data and expose it to the guest instance. Again, the metadata service will pick it up and expose it to UserDataPlugin. The plugin will interpret the data based on the first line of the script. In this case, the first line indicates a Cloud-config YAML configuration. - Click Deploy to provision the new Windows machine. Provide a Deployment Name and the Current Draft as version. The new machine will be customized by the Cloud Configuration script from the Blueprint (Cloud Assembly also allows Cloud Configuration scripts in the Image Mapping).
- Once the deployment successfully finished, login to the new instance with an RDP client and the credentials specified in the blueprint to verify the customization.
- After login, the instance prompts to change the password.
- Check the file created in C:\test.txt with the contents from the Cloud Configuration script.
- Check the customized machine hostname.
- After login, the instance prompts to change the password.
Summary
As you can see, Cloudbase-Init is the Cloud-Init solution for Windows. It gives a lot of flexibility for Windows guest customization, and provides seamless integration with VMware Cloud Assembly.
Visit the VMware Cloud Assembly page to learn more about it and give it a free try!
