packer-cn/website/source/docs/builders/hyperv-iso.html.md.erb

1010 lines
49 KiB
Plaintext

---
modeline: |
vim: set ft=pandoc:
description: |
The Hyper-V Packer builder is able to create Hyper-V virtual machines and
export them.
layout: docs
page_title: 'Hyper-V ISO - Builders'
sidebar_current: 'docs-builders-hyperv-iso'
---
# Hyper-V Builder (from an ISO)
Type: `hyperv-iso`
The Hyper-V Packer builder is able to create
[Hyper-V](https://www.microsoft.com/en-us/server-cloud/solutions/virtualization.aspx)
virtual machines and export them, starting from an ISO image.
The builder builds a virtual machine by creating a new virtual machine from
scratch. Typically, the VM is booted, an OS is installed, and software is
provisioned within the OS. Finally the VM is shut down. The result of the
Hyper-V builder is a directory containing all the files necessary to run
the virtual machine portably.
## Basic Example
Here is a basic example. This example is not functional. It will start the OS
installer but then fail because we don't provide the preseed file for Ubuntu
to self-install. Still, the example serves to show the basic configuration:
``` json
{
"type": "hyperv-iso",
"iso_url": "http://releases.ubuntu.com/12.04/ubuntu-12.04.5-server-amd64.iso",
"iso_checksum": "769474248a3897f4865817446f9a4a53",
"iso_checksum_type": "md5",
"ssh_username": "packer",
"ssh_password": "packer",
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now"
}
```
By default Packer will perform a hard power off of a virtual machine.
However, when a machine is powered off this way, it is possible that
changes made to the VMs file system may not be fully synced, possibly
leading to corruption of files or lost changes. As such, it is important to
add a `shutdown_command`. This tells Packer how to safely shutdown and
power off the VM.
<%= partial "partials/builders/iso-config" %>
## Configuration Reference
There are many configuration options available for the Hyper-V builder. They
are organized below into two categories: required and optional. Within each
category, the available options are alphabetized and described.
In addition to the options listed here, a
[communicator](/docs/templates/communicator.html) can be configured for this
builder.
### Optional:
- `boot_command` (array of strings) - This is an array of commands to type
when the virtual machine is first booted. The goal of these commands
should be to type just enough to initialize the operating system
installer. Special keys can be typed as well, and are covered in the
section below on the boot command. If this is not specified, it is assumed
the installer will start itself.
- `boot_wait` (string) - The time to wait after booting the initial virtual
machine before typing the `boot_command`. The value specified should be
a duration. For example, setting a duration of "1m30s" would cause
Packer to wait for 1 minute 30 seconds before typing the boot command.
The default duration is "10s" (10 seconds).
- `configuration_version` (string) - This allows you to set the vm version when
calling New-VM to generate the vm.
- `cpus` (number) - The number of CPUs the virtual machine should use. If
this isn't specified, the default is 1 CPU.
- `differencing_disk` (boolean) - If true enables differencing disks. Only
the changes will be written to the new disk. This is especially useful if
your source is a VHD/VHDX. This defaults to `false`.
- `disk_additional_size` (array of integers) - The size or sizes of any
additional hard disks for the VM in megabytes. If this is not specified
then the VM will only contain a primary hard disk. Additional drives
will be attached to the SCSI interface only. The builder uses
expandable rather than fixed-size virtual hard disks, so the actual
file representing the disk will not use the full size unless it is
full.
- `disk_block_size` (string) - The block size of the VHD to be created.
Recommended disk block size for Linux hyper-v guests is 1 MiB. This
defaults to "32 MiB".
- `disk_size` (number) - The size, in megabytes, of the hard disk to create
for the VM. By default, this is 40 GB.
- `enable_dynamic_memory` (boolean) - If `true` enable dynamic memory for
the virtual machine. This defaults to `false`.
- `enable_mac_spoofing` (boolean) - If `true` enable MAC address spoofing
for the virtual machine. This defaults to `false`.
- `enable_secure_boot` (boolean) - If `true` enable secure boot for the
virtual machine. This defaults to `false`. See `secure_boot_template`
below for additional settings.
- `enable_virtualization_extensions` (boolean) - If `true` enable
virtualization extensions for the virtual machine. This defaults to
`false`. For nested virtualization you need to enable MAC spoofing,
disable dynamic memory and have at least 4GB of RAM assigned to the
virtual machine.
- `floppy_dirs` (array of strings) - A list of directories to place onto
the floppy disk recursively. This is similar to the `floppy_files` option
except that the directory structure is preserved. This is useful for when
your floppy disk includes drivers or if you just want to organize it's
contents as a hierarchy. Wildcard characters (\*, ?, and \[\]) are
allowed. The maximum summary size of all files in the listed directories
are the same as in `floppy_files`.
- `floppy_files` (array of strings) - A list of files to place onto a floppy
disk that is attached when the VM is booted. This is most useful for
unattended Windows installs, which look for an `Autounattend.xml` file on
removable media. By default, no floppy will be attached. All files listed
in this setting get placed into the root directory of the floppy and the
floppy is attached as the first floppy device. Currently, no support
exists for creating sub-directories on the floppy. Wildcard characters
(`*`, `?`, and `[]`) are allowed. Directory names are also allowed, which
will add all the files found in the directory to the floppy.
- `generation` (number) - The Hyper-V generation for the virtual machine. By
default, this is 1. Generation 2 Hyper-V virtual machines do not support
floppy drives. In this scenario use `secondary_iso_images` instead. Hard
drives and DVD drives will also be SCSI and not IDE.
- `guest_additions_mode` (string) - If set to `attach` then attach and
mount the ISO image specified in `guest_additions_path`. If set to
`none` then guest additions are not attached and mounted; This is the
default.
- `guest_additions_path` (string) - The path to the ISO image for guest
additions.
- `headless` (boolean) - Packer defaults to building Hyper-V virtual
machines by launching a GUI that shows the console of the machine being
built. When this value is set to true, the machine will start without a
console.
- `http_directory` (string) - Path to a directory to serve using Packers
inbuilt HTTP server. The files in this directory will be available
over HTTP to the virtual machine. This is useful for hosting kickstart
files and so on. By default this value is unset and the HTTP server is
not started. The address and port of the HTTP server will be available
as variables in `boot_command`. This is covered in more detail below.
- `http_port_min` and `http_port_max` (number) - These are the minimum and
maximum port to use for the HTTP server started to serve the
`http_directory`. Since Packer often runs in parallel, a randomly
available port in this range will be repeatedly chosen until an
available port is found. To force the HTTP server to use a specific
port, set an identical value for `http_port_min` and `http_port_max`.
By default the values are 8000 and 9000, respectively.
- `mac_address` (string) - This allows a specific MAC address to be used on
the default virtual network card. The MAC address must be a string with
no delimiters, for example "0000deadbeef".
- `output_directory` (string) - This setting specifies the directory that
artifacts from the build, such as the virtual machine files and disks,
will be output to. The path to the directory may be relative or
absolute. If relative, the path is relative to the working directory
`packer` is executed from. This directory must not exist or, if
created, must be empty prior to running the builder. By default this is
"output-BUILDNAME" where "BUILDNAME" is the name of the build.
- `memory` (number) - The amount, in megabytes, of RAM to assign to the
VM. By default, this is 1 GB.
- `secondary_iso_images` (array of strings) - A list of ISO paths to
attach to a VM when it is booted. This is most useful for unattended
Windows installs, which look for an `Autounattend.xml` file on removable
media. By default, no secondary ISO will be attached.
- `secure_boot_template` (string) - The secure boot template to be
configured. Valid values are "MicrosoftWindows" (Windows) or
"MicrosoftUEFICertificateAuthority" (Linux). This only takes effect if
`enable_secure_boot` is set to "true". This defaults to "MicrosoftWindows".
- `shutdown_command` (string) - The command to use to gracefully shut down
the machine once all provisioning is complete. By default this is an
empty string, which tells Packer to just forcefully shut down the
machine. This setting can be safely omitted if for example, a shutdown
command to gracefully halt the machine is configured inside a
provisioning script. If one or more scripts require a reboot it is
suggested to leave this blank (since reboots may fail) and instead
specify the final shutdown command in your last script.
- `shutdown_timeout` (string) - The amount of time to wait after executing
the `shutdown_command` for the virtual machine to actually shut down.
If the machine doesn't shut down in this time it is considered an
error. By default, the time out is "5m" (five minutes).
- `skip_compaction` (boolean) - If `true` skip compacting the hard disk for
the virtual machine when exporting. This defaults to `false`.
- `skip_export` (boolean) - If `true` Packer will skip the export of the VM.
If you are interested only in the VHD/VHDX files, you can enable this
option. The resulting VHD/VHDX file will be output to
`<output_directory>/Virtual Hard Disks`. By default this option is `false`
and Packer will export the VM to `output_directory`.
- `switch_name` (string) - The name of the switch to connect the virtual
machine to. By default, leaving this value unset will cause Packer to
try and determine the switch to use by looking for an external switch
that is up and running.
- `switch_vlan_id` (string) - This is the VLAN of the virtual switch's
network card. By default none is set. If none is set then a VLAN is not
set on the switch's network card. If this value is set it should match
the VLAN specified in by `vlan_id`.
- `temp_path` (string) - The location under which Packer will create a
directory to house all the VM files and folders during the build.
By default `%TEMP%` is used which, for most systems, will evaluate to
`%USERPROFILE%/AppData/Local/Temp`.
The build directory housed under `temp_path` will have a name similar
to `packerhv1234567`. The seven digit number at the end of the name is
automatically generated by Packer to ensure the directory name is
unique.
- `use_fixed_vhd_format` (boolean) - If true, creates the boot disk on the
virtual machine as a fixed VHD format disk. The default is `false`, which
creates a dynamic VHDX format disk. This option requires setting
`generation` to `1`, `skip_compaction` to `true`, and
`differencing_disk` to `false`. Additionally, any value entered for
`disk_block_size` will be ignored. The most likely use case for this
option is outputing a disk that is in the format required for upload to
Azure.
- `vlan_id` (string) - This is the VLAN of the virtual machine's network
card for the new virtual machine. By default none is set. If none is set
then VLANs are not set on the virtual machine's network card.
- `vm_name` (string) - This is the name of the new virtual machine,
without the file extension. By default this is "packer-BUILDNAME",
where "BUILDNAME" is the name of the build.
- `use_legacy_network_adapter` (bool) - If true use a legacy network adapter as the NIC.
This defaults to false. A legacy network adapter is fully emulated NIC, and is thus
supported by various exotic operating systems, but this emulation requires
additional overhead and should only be used if absolutely necessary.
## Boot Command
The `boot_command` configuration is very important: it specifies the keys to
type when the virtual machine is first booted in order to start the OS
installer. This command is typed after `boot_wait`, which gives the virtual
machine some time to actually load the ISO.
As documented above, the `boot_command` is an array of strings. The strings
are all typed in sequence. It is an array only to improve readability within
the template.
The boot command is "typed" character for character over the virtual keyboard
to the machine, simulating a human actually typing the keyboard.
<%= partial "partials/builders/boot-command" %>
The example shown below is a working boot command used to start an Ubuntu
12.04 installer:
``` json
[
"<esc><esc><enter><wait>",
"/install/vmlinuz noapic ",
"preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg ",
"debian-installer=en_US auto locale=en_US kbd-chooser/method=us ",
"hostname={{ .Name }} ",
"fb=false debconf/frontend=noninteractive ",
"keyboard-configuration/modelcode=SKIP keyboard-configuration/layout=USA ",
"keyboard-configuration/variant=USA console-setup/ask_detect=false ",
"initrd=/install/initrd.gz -- <enter>"
]
```
For more examples of various boot commands, see the sample projects from our
[community templates page](/community-tools.html#templates).
## Integration Services
Packer will automatically attach the integration services ISO as a DVD drive
for the version of Hyper-V that is running.
## Generation 1 vs Generation 2
Floppy drives are no longer supported by generation 2 machines. This requires
you to take another approach when dealing with preseed or answer files. Two
possible options are using virtual DVD drives or using Packers built in web
server.
When dealing with Windows you need to enable UEFI drives for generation 2
virtual machines.
## Creating an ISO From a Directory
Programs like mkisofs can be used to create an ISO from a directory. There is
a [windows version of
mkisofs](http://opensourcepack.blogspot.co.uk/p/cdrtools.html) available.
Below is a working PowerShell script that can be used to create a Windows
answer ISO:
``` powershell
$isoFolder = "answer-iso"
if (test-path $isoFolder){
remove-item $isoFolder -Force -Recurse
}
if (test-path windows\windows-2012R2-serverdatacenter-amd64\answer.iso){
remove-item windows\windows-2012R2-serverdatacenter-amd64\answer.iso -Force
}
mkdir $isoFolder
copy windows\windows-2012R2-serverdatacenter-amd64\Autounattend.xml $isoFolder\
copy windows\windows-2012R2-serverdatacenter-amd64\sysprep-unattend.xml $isoFolder\
copy windows\common\set-power-config.ps1 $isoFolder\
copy windows\common\microsoft-updates.ps1 $isoFolder\
copy windows\common\win-updates.ps1 $isoFolder\
copy windows\common\run-sysprep.ps1 $isoFolder\
copy windows\common\run-sysprep.cmd $isoFolder\
$textFile = "$isoFolder\Autounattend.xml"
$c = Get-Content -Encoding UTF8 $textFile
# Enable UEFI and disable Non EUFI
$c | % { $_ -replace '<!-- Start Non UEFI -->','<!-- Start Non UEFI' } | % { $_ -replace '<!-- Finish Non UEFI -->','Finish Non UEFI -->' } | % { $_ -replace '<!-- Start UEFI compatible','<!-- Start UEFI compatible -->' } | % { $_ -replace 'Finish UEFI compatible -->','<!-- Finish UEFI compatible -->' } | sc -Path $textFile
& .\mkisofs.exe -r -iso-level 4 -UDF -o windows\windows-2012R2-serverdatacenter-amd64\answer.iso $isoFolder
if (test-path $isoFolder){
remove-item $isoFolder -Force -Recurse
}
```
## Example For Windows Server 2012 R2 Generation 2
Packer config:
``` json
{
"builders": [
{
"vm_name":"windows2012r2",
"type": "hyperv-iso",
"disk_size": 61440,
"floppy_files": [],
"secondary_iso_images": [
"./windows/windows-2012R2-serverdatacenter-amd64/answer.iso"
],
"http_directory": "./windows/common/http/",
"boot_wait": "0s",
"boot_command": [
"a<wait>a<wait>a"
],
"iso_url": "http://download.microsoft.com/download/6/2/A/62A76ABB-9990-4EFC-A4FE-C7D698DAEB96/9600.16384.WINBLUE_RTM.130821-1623_X64FRE_SERVER_EVAL_EN-US-IRM_SSS_X64FREE_EN-US_DV5.ISO",
"iso_checksum_type": "md5",
"iso_checksum": "458ff91f8abc21b75cb544744bf92e6a",
"communicator":"winrm",
"winrm_username": "vagrant",
"winrm_password": "vagrant",
"winrm_timeout" : "4h",
"shutdown_command": "f:\\run-sysprep.cmd",
"memory": 4096,
"cpus": 4,
"generation": 2,
"switch_name":"LAN",
"enable_secure_boot":true
}
],
"provisioners": [
{
"type": "powershell",
"elevated_user":"vagrant",
"elevated_password":"vagrant",
"scripts": [
"./windows/common/install-7zip.ps1",
"./windows/common/install-chef.ps1",
"./windows/common/compile-dotnet-assemblies.ps1",
"./windows/common/cleanup.ps1",
"./windows/common/ultradefrag.ps1",
"./windows/common/sdelete.ps1"
]
}
],
"post-processors": [
{
"type": "vagrant",
"keep_input_artifact": false,
"output": "{{.Provider}}_windows-2012r2_chef.box"
}
]
}
```
autounattend.xml:
``` xml
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
</SetupUILanguage>
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- Start Non UEFI -->
<DiskConfiguration>
<Disk wcm:action="add">
<CreatePartitions>
<CreatePartition wcm:action="add">
<Type>Primary</Type>
<Order>1</Order>
<Size>350</Size>
</CreatePartition>
<CreatePartition wcm:action="add">
<Order>2</Order>
<Type>Primary</Type>
<Extend>true</Extend>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Active>true</Active>
<Format>NTFS</Format>
<Label>boot</Label>
<Order>1</Order>
<PartitionID>1</PartitionID>
</ModifyPartition>
<ModifyPartition wcm:action="add">
<Format>NTFS</Format>
<Label>Windows 2012 R2</Label>
<Letter>C</Letter>
<Order>2</Order>
<PartitionID>2</PartitionID>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME </Key>
<Value>Windows Server 2012 R2 SERVERSTANDARD</Value>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>2</PartitionID>
</InstallTo>
</OSImage>
</ImageInstall>
<!-- Finish Non UEFI -->
<!-- Start UEFI compatible
<DiskConfiguration>
<Disk wcm:action="add">
<CreatePartitions>
<CreatePartition wcm:action="add">
<Order>1</Order>
<Size>300</Size>
<Type>Primary</Type>
</CreatePartition>
<CreatePartition wcm:action="add">
<Order>2</Order>
<Size>100</Size>
<Type>EFI</Type>
</CreatePartition>
<CreatePartition wcm:action="add">
<Order>3</Order>
<Size>128</Size>
<Type>MSR</Type>
</CreatePartition>
<CreatePartition wcm:action="add">
<Order>4</Order>
<Extend>true</Extend>
<Type>Primary</Type>
</CreatePartition>
</CreatePartitions>
<ModifyPartitions>
<ModifyPartition wcm:action="add">
<Order>1</Order>
<PartitionID>1</PartitionID>
<Label>WINRE</Label>
<Format>NTFS</Format>
<TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID>
</ModifyPartition>
<ModifyPartition wcm:action="add">
<Order>2</Order>
<PartitionID>2</PartitionID>
<Label>System</Label>
<Format>FAT32</Format>
</ModifyPartition>
<ModifyPartition wcm:action="add">
<Order>3</Order>
<PartitionID>3</PartitionID>
</ModifyPartition>
<ModifyPartition wcm:action="add">
<Order>4</Order>
<PartitionID>4</PartitionID>
<Label>Windows</Label>
<Format>NTFS</Format>
</ModifyPartition>
</ModifyPartitions>
<DiskID>0</DiskID>
<WillWipeDisk>true</WillWipeDisk>
</Disk>
<WillShowUI>OnError</WillShowUI>
</DiskConfiguration>
<ImageInstall>
<OSImage>
<InstallFrom>
<MetaData wcm:action="add">
<Key>/IMAGE/NAME </Key>
<Value>Windows Server 2012 R2 SERVERSTANDARD</Value>
</MetaData>
</InstallFrom>
<InstallTo>
<DiskID>0</DiskID>
<PartitionID>4</PartitionID>
</InstallTo>
</OSImage>
</ImageInstall>
Finish UEFI compatible -->
<UserData>
<!-- Product Key from http://technet.microsoft.com/en-us/library/jj612867.aspx -->
<ProductKey>
<!-- Do not uncomment the Key element if you are using trial ISOs -->
<!-- You must uncomment the Key element (and optionally insert your own key) if you are using retail or volume license ISOs -->
<!--<Key>D2N9P-3P6X9-2R39C-7RTCD-MDVJX</Key>-->
<WillShowUI>OnError</WillShowUI>
</ProductKey>
<AcceptEula>true</AcceptEula>
<FullName>Vagrant</FullName>
<Organization>Vagrant</Organization>
</UserData>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OEMInformation>
<HelpCustomized>false</HelpCustomized>
</OEMInformation>
<ComputerName>vagrant-2012r2</ComputerName>
<TimeZone>Coordinated Universal Time</TimeZone>
<RegisteredOwner />
</component>
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
</component>
<component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<IEHardenAdmin>false</IEHardenAdmin>
<IEHardenUser>false</IEHardenUser>
</component>
<component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
</component>
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
</settings>
<settings pass="oobeSystem">
<!-- Start Setup cache proxy during installation
<component name="Microsoft-Windows-IE-ClientNetworkProtocolImplementation" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<POLICYProxySettingsPerUser>0</POLICYProxySettingsPerUser>
<HKLMProxyEnable>true</HKLMProxyEnable>
<HKLMProxyServer>cache-proxy:3142</HKLMProxyServer>
</component>
Finish Setup cache proxy during installation -->
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Enabled>true</Enabled>
<Username>vagrant</Username>
</AutoLogon>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 64 Bit</Description>
<Order>1</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
<Description>Set Execution Policy 32 Bit</Description>
<Order>2</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine>
<Description>winrm quickconfig -q</Description>
<Order>3</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine>
<Description>winrm quickconfig -transport:http</Description>
<Order>4</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine>
<Description>Win RM MaxTimeoutms</Description>
<Order>5</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"}</CommandLine>
<Description>Win RM MaxMemoryPerShellMB</Description>
<Order>6</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine>
<Description>Win RM AllowUnencrypted</Description>
<Order>7</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine>
<Description>Win RM auth Basic</Description>
<Order>8</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine>
<Description>Win RM client auth Basic</Description>
<Order>9</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine>
<Description>Win RM listener Address/Port</Description>
<Order>10</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine>
<Description>Win RM adv firewall enable</Description>
<Order>11</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow</CommandLine>
<Description>Win RM port open</Description>
<Order>12</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow</CommandLine>
<Description>Win RM port open</Description>
<Order>13</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c net stop winrm </CommandLine>
<Description>Stop Win RM Service </Description>
<Order>14</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c sc config winrm start= disabled</CommandLine>
<Description>Win RM Autostart</Description>
<Order>15</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine>
<Order>16</Order>
<Description>Show file extensions in Explorer</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine>
<Order>17</Order>
<Description>Enable QuickEdit mode</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine>
<Order>18</Order>
<Description>Show Run command in Start Menu</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine>
<Order>19</Order>
<Description>Show Administrative Tools in Start Menu</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine>
<Order>20</Order>
<Description>Zero Hibernation File</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine>
<Order>21</Order>
<Description>Disable Hibernation Mode</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine>
<Order>22</Order>
<Description>Disable password expiration for vagrant user</Description>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxShellsPerUser="30"}</CommandLine>
<Description>Win RM MaxShellsPerUser</Description>
<Order>23</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxProcessesPerShell="25"}</CommandLine>
<Description>Win RM MaxProcessesPerShell</Description>
<Order>24</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\System\CurrentControlSet\Services\Netlogon\Parameters" /v DisablePasswordChange /t REG_DWORD /d 1 /f</CommandLine>
<Description>Turn off computer password</Description>
<Order>25</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow</CommandLine>
<Description>ICMP open for ping</Description>
<Order>26</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<!-- WITH WINDOWS UPDATES -->
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c IF EXIST a:\set-power-config.ps1 (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\set-power-config.ps1) ELSE (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File f:\set-power-config.ps1)</CommandLine>
<Order>97</Order>
<Description>Turn off all power saving and timeouts</Description>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c IF EXIST a:\microsoft-updates.ps1 (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\microsoft-updates.ps1) ELSE (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File f:\microsoft-updates.ps1)</CommandLine>
<Order>98</Order>
<Description>Enable Microsoft Updates</Description>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd.exe /c IF EXIST a:\win-updates.ps1 (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1) ELSE (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File f:\win-updates.ps1)</CommandLine>
<Description>Install Windows Updates</Description>
<Order>100</Order>
<RequiresUserInput>true</RequiresUserInput>
</SynchronousCommand>
<!-- END WITH WINDOWS UPDATES -->
</FirstLogonCommands>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Work</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
</OOBE>
<UserAccounts>
<AdministratorPassword>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Group>administrators</Group>
<DisplayName>Vagrant</DisplayName>
<Name>vagrant</Name>
<Description>Vagrant User</Description>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<RegisteredOwner />
<TimeZone>Coordinated Universal Time</TimeZone>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:c:/projects/baseboxes/9600.16384.winblue_rtm.130821-1623_x64fre_server_eval_en-us-irm_sss_x64free_en-us_dv5_slipstream/sources/install.wim#Windows Server 2012 R2 SERVERDATACENTER" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>
```
sysprep-unattend.xml:
``` xml
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="generalize">
<component language="neutral" name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipRearm>1</SkipRearm>
</component>
</settings>
<settings pass="oobeSystem">
<!-- Setup proxy after sysprep
<component name="Microsoft-Windows-IE-ClientNetworkProtocolImplementation" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<POLICYProxySettingsPerUser>1</POLICYProxySettingsPerUser>
<HKLMProxyEnable>false</HKLMProxyEnable>
<HKLMProxyServer>cache-proxy:3142</HKLMProxyServer>
</component>
Finish proxy after sysprep -->
<component language="neutral" name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>0809:00000809</InputLocale>
<SystemLocale>en-GB</SystemLocale>
<UILanguage>en-US</UILanguage>
<UILanguageFallback>en-US</UILanguageFallback>
<UserLocale>en-GB</UserLocale>
</component>
<component language="neutral" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<NetworkLocation>Work</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
<SkipUserOOBE>true</SkipUserOOBE>
<SkipMachineOOBE>true</SkipMachineOOBE>
</OOBE>
<UserAccounts>
<AdministratorPassword>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>vagrant</Value>
<PlainText>true</PlainText>
</Password>
<Group>administrators</Group>
<DisplayName>Vagrant</DisplayName>
<Name>vagrant</Name>
<Description>Vagrant User</Description>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<DisableAutoDaylightTimeSet>true</DisableAutoDaylightTimeSet>
<TimeZone>Coordinated Universal Time</TimeZone>
<VisualEffects>
<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor>
</VisualEffects>
</component>
</settings>
</unattend>
```
-> **Warning:** Please note that if you're setting up WinRM for provisioning, you'll probably want to turn it off or restrict its permissions as part of a shutdown script at the end of Packer's provisioning process. For more details on the why/how, check out this useful blog post and the associated code:
https://cloudywindows.io/post/winrm-for-provisioning-close-the-door-on-the-way-out-eh/
## Example For Ubuntu Vivid Generation 2
If you are running Windows under virtualization, you may need to create a
virtual switch with an `External` connection type.
### Packer config:
``` json
{
"variables": {
"vm_name": "ubuntu-xenial",
"cpus": "2",
"memory": "1024",
"disk_size": "21440",
"iso_url": "http://releases.ubuntu.com/16.04/ubuntu-16.04.6-server-amd64.iso",
"iso_checksum_type": "sha1",
"iso_checksum": "056b7c15efc15bbbf40bf1a9ff1a3531fcbf70a2"
},
"builders": [
{
"vm_name":"{{user `vm_name`}}",
"type": "hyperv-iso",
"disk_size": "{{user `disk_size`}}",
"guest_additions_mode": "disable",
"iso_url": "{{user `iso_url`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"communicator":"ssh",
"ssh_username": "packer",
"ssh_password": "packer",
"ssh_timeout" : "4h",
"http_directory": "./",
"boot_wait": "5s",
"boot_command": [
"<esc><wait10><esc><esc><enter><wait>",
"set gfxpayload=1024x768<enter>",
"linux /install/vmlinuz ",
"preseed/url=http://{{.HTTPIP}}:{{.HTTPPort}}/hyperv-taliesins.cfg ",
"debian-installer=en_US auto locale=en_US kbd-chooser/method=us ",
"hostname={{.Name}} ",
"fb=false debconf/frontend=noninteractive ",
"keyboard-configuration/modelcode=SKIP keyboard-configuration/layout=USA ",
"keyboard-configuration/variant=USA console-setup/ask_detect=false <enter>",
"initrd /install/initrd.gz<enter>",
"boot<enter>"
],
"shutdown_command": "echo 'packer' | sudo -S -E shutdown -P now",
"memory": "{{user `memory`}}",
"cpus": "{{user `cpus`}}",
"generation": 2,
"enable_secure_boot": false
}
]
}
```
### preseed.cfg:
``` text
## Options to set on the command line
d-i debian-installer/locale string en_US.utf8
d-i console-setup/ask_detect boolean false
d-i console-setup/layout string us
d-i netcfg/get_hostname string nl-ams-basebox3
d-i netcfg/get_domain string unassigned-domain
d-i time/zone string UTC
d-i clock-setup/utc-auto boolean true
d-i clock-setup/utc boolean true
d-i kbd-chooser/method select American English
d-i netcfg/wireless_wep string
d-i base-installer/kernel/override-image string linux-server
d-i debconf debconf/frontend select Noninteractive
d-i pkgsel/install-language-support boolean false
tasksel tasksel/first multiselect standard, ubuntu-server
## Partitioning
d-i partman-auto/method string lvm
d-i partman-lvm/confirm boolean true
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-auto/choose_recipe select atomic
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# Write the changes to disks and configure LVM?
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-partitioning/no_bootable_gpt_biosgrub boolean false
d-i partman-partitioning/no_bootable_gpt_efi boolean false
d-i partman-efi/non_efi_system boolean true
# Default user
d-i passwd/user-fullname string packer
d-i passwd/username string packer
d-i passwd/user-password password packer
d-i passwd/user-password-again password packer
d-i user-setup/encrypt-home boolean false
d-i user-setup/allow-password-weak boolean true
# Minimum packages
d-i pkgsel/include string openssh-server ntp linux-tools-$(uname -r) linux-cloud-tools-$(uname -r) linux-cloud-tools-common
# Upgrade packages after debootstrap? (none, safe-upgrade, full-upgrade)
# (note: set to none for speed)
d-i pkgsel/upgrade select none
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i finish-install/reboot_in_progress note
d-i pkgsel/update-policy select none
choose-mirror-bin mirror/http/proxy string
```