Versions Compared

Old Version 5

changes.mady.by.user Andy Kurth

Saved on

compared with

New Version Current

changes.mady.by.user Josh Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Excerpt

This page describes how to create a Windows base image.

These instructions should work regardless of the provisioning engine being used (KVM, VMware, etc.).


Requirements

You will need the following:

  • Windows installation ISO file
  • Windows product key or KMS server address

 The following must be done before an image can be captured:

  • The web, database, and management node has been installed and the management node is checking into the database.
  • A computer for the machine being captured has already been added to the VCL database
  • A VM host computer on which the guest is running as been added to the VCL database
  • The guest VM has been assigned to the VM host via the Virtual Hosts link on the VCL website

These instructions assume you have root access and are using a bash shell.

Create a Virtual Machine

KVM, VMware ESXi, vCenter

The instructions assume that the VM host has been configured with the following bridged networks:

  • Private: bridged to private interface: eth0
  • Public: bridged to public interface: eth1

Use an interactive client for your hypervisor to create a VM with

  • 2 NICs (use MAC addresses from a VM you've already assigned to the VM host under Virtual Hosts in the VCL web interface)
    • use e1000 as the adapter type
  • disk image large enough for the OS install, updates, and any desired software (typically 50-100 GB)
  • 1 to 2 cores (typically)
  • 4 to 8 GB RAM (typically)
  • ensure all devices are configured to be attached at power on

Example instructions specifically for VMware vSphere:

  • Click File New Virtual Machine
  • Configuration: Custom
  • Name: win10
  • Datastore: datastore
  • Virtual Machine Version: 7
  • Guest Operating System: Windows
    • Version: Microsoft Windows 10 (64-bit)
  • Number of virutal sockets: 2
  • Number of cores per virtual socket: 1
  • Memory Size: 4 GB
  • How many Nics: 2
    • NIC 1: Private, Adapter: E1000, Connect at Power On: Yes
    • NIC 2: Public, Adapter: E1000, Connect at Power On: Yes
  • SCSI controller: LSI Logic SAS
  • Disk: Create a new virtual disk
    • Capacity: 50 GB
    • Disk Provisioning: Thin Provision
    • Location: Specify a datastore or datastore cluster
      • Click Browse
      • Select the local datastore
      • Click OK
  • Virtual Device Node: SCSI (0:0)
    • Mode: Not Independent (unchecked)
  • Edit the virtual machine settings before completion: Yes
  • In the Hardware pane, select Add...
    • Device Type: CD/DVD Drive
    • Select CD/DVD Media: Use ISO image
    • Select ISO Image:
      • Click Browse
      • Select the location datastore (were the ISO is located) 
      • Click Open
      • Select Windows10.iso
      • Click Open
    • Connect at power on: Yes (checked)

Select the New NIC (adding) entry with Private listed next to it** Under MAC Address, select Manual

    • Enter the private MAC address you retrieved earlier
    • Click Finish
  • Click Finish

Start the VM and Install Windows

  • Start the VM
  • Follow the installation process for Windows
  • When asked for an initial user
    • use root as the username
      • ensure root is an admin user
    • use a password you will remember (VCL will change it later to what is configured in /etc/vcl/vcld.conf on the management node
  • Complete the installation process
  • Log in as the root user

Enable RDP

  • Right click on the Windows start icon
  • Open Control Panel > System and Security > System
  • Click Remote settings
  • Select Allow remote connections to this computer
  • Click OK

Connect via RDP

  • Find the IP address assigned to your VM on the Public port:
    • Start->Search
    • Enter cmd
    • Run cmd
    • type ipconfig and look your public IPv4 address x.x.x.x address
  • Connect to the computer using Remote Desktop
  • Login to the RDP session as root

Disable User Account Control

 

User Account Control (UAC) is the mechanism that causes may of the pop-up windows to appear when you attempt to run programs on Windows. VCL will disable it when the image is captured but you can disable it while configuring the base image to make things a little easier.

  1. Open the Control Panel
  2. Click System and Security > Change User Account Control settings (Under Security and Maintenance)
  3. Move the slider to the bottom: Never notify
  4. Click OK
  5. Reboot the computer

Addition Windows install notes (mostly outdated):

Install Windows for a Base Image

VMware Only: Install VMware Tools

  1. Power on the VM if it is not already powered on
  2. Install VMWare Tools  (Note: you must have a CD-ROM drive configured for the VM in order to install VMware Tools)
    1. Click on the VM menu and select "Install VMWare Tools"
    2. Select Typical and proceed through the setup pages accepting the defaults
    3. Reboot the VM when installation is complete

Install Cygwin SSHD

Follow the steps: Install and Configure Cygwin SSHD

Capture the Base Image

Include Page
Capture A Base Image
Capture A Base Image

  1. Retrieve the VMWare server RPM file
  2. Install VMWare Server
    1. Establish root access:
      No Format
      
sudo bash
    2. Install the VMWare Server RPM:
      No Format
      
rpm -i  VMware-server-1.0.8-126538.i386.rpm
  3. Launch the VMWare Server console 
  4. Copy a Windows XP ISO image to the VMWare Server machine 
  5. Create a new VM
    1. Configure the VM to use the Window XP ISO image as a CD drive
  6. Boot the VM and begin installing Windows XP
    1. Press ESC as soon as VM begins to start to display the boot menu
    2. Boot from the CD-ROM drive
    3. Press a key to boot from the CD
  7. Proceed through Windows installation
    1. Create a new partition of at least 12 GB
    2. Format the partition using NTFS (Quick)
    3.  
  8. Install Microsoft updates
  9. Create root user account
    1. Either use the user management GUI or execute the following commands:
      No Format
      
net user root /ADD
net user root <PASSWORD>
    2. Add root to the Administrators group using the user management GUI or execute the following command:
      No Format
      
net localgroup Administrators root /ADD
  10. Log on as root
  11. Install Cygwin
    1. Download and run the Cygwin installer: setup.exe
    2. Install from Internet
    3. Root Directory: C:\Cygwin
    4. Install For: Just Me
    5. Default Test File Type: DOS/text
    6. Local Package Directory: C:\
    7. Internet Connection: Direct Connection
    8. Download Site: .edu FTP sites seem the fastest
    9. Select Packages: Net: openssh
    10. Create icon on Desktop: No
    11. Add icon to Start Menu: No
    12. Delete local package directory: C:\ftp%...cygwin...
  12. Configure Cygwin SSH service
    1. Launch C:\Cygwin\Cygwin.bat
  13. Create an SSH key pair on the management node
  14. Copy the public key to the authorized_keys file in the Windows XP image

Shell script to configure the Cygwin SSHD service, to be run on Windows XP computer:

No Format

if [ $# -ne 1 ]
then
  echo "Usage: $0 '<root password>'"
  exit 1
fi
PASSWORD=$1echo Stopping sshd service if it is running
net stop sshd 2>/dev/null
echo ----------echo Deleting sshd service if it already exists
$SYSTEMROOT/system32/sc.exe delete sshd
echo ----------echo Deleting the sshd user if it already exists
net user sshd /DELETE
echo ----------echo Deleting '/etc/ssh*'
rm -fv /etc/ssh*
echo ----------echo Deleting /var/log/sshd.log if it exists
rm -fv /var/log/sshd.log
echo ----------echo Setting root:Administrators as owner of '/etc' and '/var'
chown -R root:Administrators /etc /var
echo ----------echo Adding ug+rwx permissions to '/etc' and '/var'
chmod -v ug+rwx /etc /var
echo ----------echo Adding read permission on /etc/passwd and /etc/group
chmod -v +r /etc/passwd /etc/group
echo ----------echo Adding ug+w permission on /etc/passwd and /etc/group
chmod -v ug+w /etc/passwd /etc/group
echo ----------echo Recreating /etc/group
mkgroup -l > /etc/group
echo ----------echo Recreating /etc/passwd
mkpasswd -l > /etc/passwd
echo ----------echo Configuring mount points
umount -u /usr/bin 2>/dev/nul
mount -f -s -b C:/cygwin/bin /usr/bin
umount -u /usr/lib 2>/dev/nul
mount -f -s -b C:/cygwin/lib /usr/lib
umount -u / 2>/dev/nul
mount -f -s -b C:/cygwin /
echo ----------echo Adding execute permission on /var
chmod -v +x /var
echo ----------echo Running ssh-host-config
ssh-host-config -y
echo ----------echo Creating /var/empty directory if it does not exist
mkdir /var/empty 2>/dev/NULL
echo ----------echo Setting root:Administrators as owner of /var/empty
chown -Rv root:Administrators /var/empty
echo ----------echo Setting permissions to 755 on /var/empty
chmod -Rv 755 /var/empty
echo ----------echo Setting permissions to 775 on /var/log
chmod -Rv 775 /var/log
echo ----------echo Creating /var/log/sshd.log file if it does not exist
touch /var/log/sshd.log
echo ----------echo Setting root:Administrators as owner of '/etc/ssh*' and /var/log/sshd.log
chown -Rv root:Administrators /etc/ssh* /var/log/sshd.log
echo ----------echo Setting permissions to ug+rw on '/etc/ssh*' and /var/log/sshd.log
chmod -Rv ug+rw /etc/ssh* /var/log/sshd.log
echo ----------echo Setting permissions to 600 on '/etc/ssh*key'
chmod -v 600 /etc/ssh*key
echo ----------echo Setting permissions to ug+rwx on /etc
chmod -v ug+rwx /etc
echo ----------echo Configuring /etc/sshd_config
echo LogLevel VERBOSE
sed -i -r -e "s/.?(LogLevel).*/\1 VERBOSE/" /etc/sshd_config
echo PermitRootLogin yes
sed -i -r -e "s/.?(PermitRootLogin).*/\1 yes/" /etc/sshd_config
echo MaxAuthTries 15
sed -i -r -e "s/.?(MaxAuthTries).*/\1 15/" /etc/sshd_config
echo PasswordAuthentication yes
sed -i -r -e "s/.?(PasswordAuthentication).*/\1 yes/" /etc/sshd_config
echo Banner none
sed -i -r -e "s/.?(Banner).*/\1 none/" /etc/sshd_config
echo UsePrivilegeSeparation yes
sed -i -r -e "s/.?(UsePrivilegeSeparation).*/\1 yes/" /etc/sshd_config
echo StrictModes no
sed -i -r -e "s/.?(StrictModes).*/\1 no/" /etc/sshd_config
echo ----------echo Configuring the sshd service to log to /var/log/sshd.log
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Services\sshd\Parameters" /v AppArgs /d "-D -e" /t REG_SZ /f
echo ----------echo Configuring the sshd service to use the root account: $PASSWORD
$SYSTEMROOT/system32/sc.exe config sshd obj= ".\root" password= "$PASSWORD"
echo ----------echo Configuring firewall port 22 exception
netsh firewall set portopening name = "Cygwin SSHD" protocol = TCP port = 22 mode = ENABLE profile = ALL scope = ALL
echo ----------echo Starting the sshd service
net start sshd
echo ----------echo /var/log/sshd.log ending:
tail -n 10 /var/log/sshd.log
echo ----------echo Done

 Shell script to create an SSH key pair on the management node:

...