In a previous post we showed how to leverage Cloudbase-Init to customize Windows guest instances provisioned by VMware Cloud Assembly in an Azure Cloud Account. Now it is time to show the power of Cloudbase-Init in vCenter Cloud Accounts.

Cloudbase-Init is the Cloud-Init equivalent for Windows. It provides tools for Windows guest customization, like user creation, password injection, hostname, SSH public keys and user-data scripts.

In this post I am going show how to use cloud agnostic blueprints to deploy and customize a Windows instance in a vCenter Cloud Account in VMware Cloud Assembly. I have divided the post in two parts: first, I will show how to setup a Windows image in vCenter and tailor the image for customization. In this part, I won’t go step by step through the image creation process, instead, I will focus on how to configure Cloudbase-Init. And second, I will show how to create a blueprint in VMware Cloud Assembly with some guest customization, deploy it and check that the customization is applied successfully.

Setup Cloudbase-Init in a vCenter Windows image

  1. Login to vCenter and create an image for the Windows version that you want to use.
  2. Create a Virtual Machine from the Windows image and power it on.
  3. Once the Virtual Machine is up and running, login with an RDP client and install Cloudbase-Init:
    • Download the Cloudbase-Init installation binaries from or downloads page. Ensure you are using version 0.9.12.dev72 or greater, which includes the OvfService metadata provider.
      Portable Multi-Cloud Initialization Service
    • Run the CloudbaseInitSetup_x64 installation binary and follow the on-screen instructions. Leave default values, and change Username to Administrator and check Run Cloudbase-Init service as LocalSystem.
      Cloudbase-Init Installation (1)Cloudbase-Init Installation (2)Cloudbase-Init Installation (3)Cloudbase-Init Installation (4)Cloudbase-Init Installation (5)
    • Click Install and after the installation completes, edit the configuration files.
    • Navigate to the chosen installation path, under the conf directory, and edit the file cloudbase-init-unattend.conf. Change metadata_services value to OvfService (with fully qualified class name):
      [DEFAULT]  username=Administrator  groups=Administrators  inject_user_password=true  config_drive_raw_hhd=true  config_drive_cdrom=true  config_drive_vfat=true  bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe  mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\  verbose=true  debug=true  logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\  logfile=cloudbase-init-unattend.log  default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN  logging_serial_port_settings=  mtu_use_dhcp_config=true  ntp_use_dhcp_config=true  local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\  plugins=cloudbaseinit.plugins.common.mtu.MTUPlugin,cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin,  allow_reboot=false  stop_service_on_exit=false  check_latest_version=false
    • In the same folder, edit the file cloudbase-init.conf. Change metadata_service to OvfService (with fully qualified class name), and also set first_logon_behaviour and plugins.
      [DEFAULT]  username=Administrator  groups=Administrators  inject_user_password=true  first_logon_behaviour=always  config_drive_raw_hhd=true  config_drive_cdrom=true  config_drive_vfat=true  bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe  mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\  verbose=true  debug=true  logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\  logfile=cloudbase-init.log  default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN  logging_serial_port_settings=  mtu_use_dhcp_config=true  ntp_use_dhcp_config=true  local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\,,cloudbaseinit.plugins.common.sshpublickeys.SetUserSSHPublicKeysPlugin,cloudbaseinit.plugins.common.userdata.UserDataPlugin
    • Finally, finish the Cloudbase-Init installation using the options below.
      Cloudbase-Init Installation (6)
    • After the Sysprep process completes, the Virtual Machine will shutdown automatically. Alternatively, it is possible to install Cloudbase-Init in silent mode (unattended).
  4. From vCenter, convert the Virtual Machine to Template.
    Additionally, before installing Cloudbase-Init, we can install any tool and make other configurations needed.

After these steps, we have a Windows image ready to use in VMware Cloud Assembly, with Cloudbase-Init prepared to customize our deployments. To customize the guest instance user experience, the user can change the properties shown the configuration files. Most of the properties have default suggested values, except:

  • username: in first boot after Sysprep, Administrator account is created with blank password. By choosing Administrator username + SetUserPasswordPlugin + remoteAccess password in the blueprint, Cloudbase-Init will change the blank password.
  • first_logon_behaviour: always, the user will be prompted to change the password after first logon.
  • metadata_services: by listing only OvfService, Cloudbase-Init won’t try the other metadata services that are not supported in vCenter, having cleaner logs (there won’t be logs of Cloudbase-Init iterating over other metadata services and failing to find them).
  • plugins: by listing only the plugins with capabilities supported by OvfService, logs will be cleaner. Also, Cloudbase-init will execute the plugins in this order.
  • Run Cloudbase-Init service as LocalSystem: some advanced scripts might require to run Cloudbase-Init service with a dedicated administrator user. If this is the case, it must be selected at installation time.

Deploy and customize Windows guest instance within VMware Cloud Assembly

Now I will show how to create a cloud agnostic blueprint to deploy and customize the Windows image from the previous step.

  1. Login to vRealize Automation Cloud as Cloud Assembly Administrator and select VMware Cloud Assembly.
  2. Navigate to Infrastructure tab and setup a vCenter Cloud Account.
    Configure vCenter Cloud Account
  3. Ensure that a new Cloud Zone is automatically created, which is associated with the vCenter Cloud Account from the previous step.
    Cloud Zone for vCenter Datacenter
  4. Create a new Project associated with the Cloud Zone from the previous step. Add users / user groups as Project Administrators / Members.
    Create Project
  5. Create a Flavor Mapping.
    Create Flavor Mapping
  6. Create an Image Mapping for the Windows image.
    Create Image Mapping
    If you don’t see the image created in the first part, go to Cloud Accounts and synchronize images. By default image collection runs automatically every 24 hours.
  7. Create a Storage Profile.
    Create Storage Profile
  8. Navigate to the Blueprints tab and create a Blueprint for the Project (these steps can be completed with any user added as Project Administrator / Member to the project created in step 4).
    Create Blueprint
    Blueprint example
    YAML code:

    formatVersion: 1  inputs: {}  resources:    Cloud_Machine_1:      type: Cloud.Machine      properties:        image: win2016        flavor: small        remoteAccess:          authentication: usernamePassword          username: Administrator          password: Password1234@$        cloudConfig: |          #cloud-config          write_files:            content: Cloudbase-Init test            path: C:\test.txt          set_hostname: demoname

    The blueprint deploys the Windows image and performs some customization: The remoteAccess properties will provide the username and password to the guest instance (the password must meet the password policy). The metadata service will pick up these values and expose them to CreateUserPlugin and SetUserPasswordPlugin. Other remoteAccess options are generatedPublicPrivatekey and publicPrivateKey, explained in How to use remote access authentication in your Cloud Assembly deployments.
    The cloudConfig property will set the user data and expose it to the guest instance. Again, the metadata service will pick it up and expose it to UserDataPlugin. The plugin will interpret the data based on the first line of the script. In this case, the first line indicates a Cloud-config YAML configuration.

  9. Click Deploy to provision the new Windows machine. Provide a Deployment Name and the Current Draft as version. The new machine will be customized by the Cloud Configuration script from the Blueprint (Cloud Assembly also allows Cloud Configuration scripts in the Image Mapping).
    Deployment example
  10. Once the deployment successfully finished, login to the new instance with an RDP client and the credentials specified in the blueprint to verify the customization.
    • After login, the instance prompts to change the password.
      User's password must be changed
    • Check the file created in C:\test.txt with the contents from the Cloud Configuration script.Local Disk (C:)
    • Check the customized machine hostname.
      View basic information about your computer


As you can see, Cloudbase-Init is the Cloud-Init solution for Windows. It gives a lot of flexibility for Windows guest customization, and provides seamless integration with VMware Cloud Assembly.

Visit the VMware Cloud Assembly page to learn more about it and give it a free try!