856 lines
40 KiB
Plaintext
856 lines
40 KiB
Plaintext
---
|
|
modeline: |
|
|
vim: set ft=pandoc:
|
|
description: |
|
|
The Hyper-V Packer builder is able to create Hyper-V virtual machines and
|
|
export them.
|
|
layout: docs
|
|
page_title: Hyper-V ISO - Builders
|
|
sidebar_title: ISO
|
|
---
|
|
|
|
# Hyper-V Builder (from an ISO)
|
|
|
|
Type: `hyperv-iso`
|
|
|
|
The Hyper-V Packer builder is able to create
|
|
[Hyper-V](https://www.microsoft.com/en-us/server-cloud/solutions/virtualization.aspx)
|
|
virtual machines and export them, starting from an ISO image.
|
|
|
|
The builder builds a virtual machine by creating a new virtual machine from
|
|
scratch. Typically, the VM is booted, an OS is installed, and software is
|
|
provisioned within the OS. Finally the VM is shut down. The result of the
|
|
Hyper-V builder is a directory containing all the files necessary to run
|
|
the virtual machine portably.
|
|
|
|
## Basic Example
|
|
|
|
Here is a basic example. This example is not functional. It will start the OS
|
|
installer but then fail because we don't provide the preseed file for Ubuntu
|
|
to self-install. Still, the example serves to show the basic configuration:
|
|
|
|
```json
|
|
{
|
|
"type": "hyperv-iso",
|
|
"iso_url": "http://releases.ubuntu.com/12.04/ubuntu-12.04.5-server-amd64.iso",
|
|
"iso_checksum": "769474248a3897f4865817446f9a4a53",
|
|
"iso_checksum_type": "md5",
|
|
"ssh_username": "packer",
|
|
"ssh_password": "packer",
|
|
"shutdown_command": "echo 'packer' | sudo -S shutdown -P now"
|
|
}
|
|
```
|
|
|
|
By default Packer will perform a hard power off of a virtual machine.
|
|
However, when a machine is powered off this way, it is possible that
|
|
changes made to the VMs file system may not be fully synced, possibly
|
|
leading to corruption of files or lost changes. As such, it is important to
|
|
add a `shutdown_command`. This tells Packer how to safely shutdown and
|
|
power off the VM.
|
|
|
|
## ISO Configuration Reference
|
|
|
|
@include 'common/ISOConfig.mdx'
|
|
|
|
### Required:
|
|
|
|
@include 'common/ISOConfig-required.mdx'
|
|
|
|
### Optional:
|
|
|
|
@include 'common/ISOConfig-not-required.mdx'
|
|
|
|
## Configuration Reference
|
|
|
|
There are many configuration options available for the Hyper-V builder. They
|
|
are organized below into two categories: required and optional. Within each
|
|
category, the available options are alphabetized and described.
|
|
|
|
In addition to the options listed here, a
|
|
[communicator](/docs/templates/communicator) can be configured for this
|
|
builder.
|
|
|
|
### Optional:
|
|
|
|
- `output_directory` (string) - This setting specifies the directory that
|
|
artifacts from the build, such as the virtual machine files and disks,
|
|
will be output to. The path to the directory may be relative or
|
|
absolute. If relative, the path is relative to the working directory
|
|
`packer` is executed from. This directory must not exist or, if
|
|
created, must be empty prior to running the builder. By default this is
|
|
"output-BUILDNAME" where "BUILDNAME" is the name of the build.
|
|
|
|
@include 'builder/hyperv/iso/Config-not-required.mdx'
|
|
|
|
@include 'builder/hyperv/common/CommonConfig-not-required.mdx'
|
|
|
|
## Http directory configuration reference
|
|
|
|
@include 'common/HTTPConfig.mdx'
|
|
|
|
### Optional:
|
|
|
|
@include 'common/HTTPConfig-not-required.mdx'
|
|
|
|
## Shutdown configuration reference
|
|
|
|
### Optional:
|
|
|
|
@include 'common/shutdowncommand/ShutdownConfig-not-required.mdx'
|
|
|
|
## Floppy configuration reference
|
|
|
|
@include 'common/FloppyConfig.mdx'
|
|
|
|
### Optional:
|
|
|
|
@include 'common/FloppyConfig-not-required.mdx'
|
|
|
|
## Communicator configuration reference
|
|
|
|
### Optional common fields:
|
|
|
|
@include 'helper/communicator/Config-not-required.mdx'
|
|
|
|
### Optional SSH fields:
|
|
|
|
@include 'helper/communicator/SSH-not-required.mdx'
|
|
|
|
### Optional WinRM fields:
|
|
|
|
@include 'helper/communicator/WinRM-not-required.mdx'
|
|
|
|
## Boot Configuration Reference
|
|
|
|
@include 'common/bootcommand/BootConfig.mdx'
|
|
|
|
### Optional:
|
|
|
|
@include 'common/bootcommand/BootConfig-not-required.mdx'
|
|
|
|
## Integration Services
|
|
|
|
Packer will automatically attach the integration services ISO as a DVD drive
|
|
for the version of Hyper-V that is running.
|
|
|
|
## Generation 1 vs Generation 2
|
|
|
|
Floppy drives are no longer supported by generation 2 machines. This requires
|
|
you to take another approach when dealing with preseed or answer files. Two
|
|
possible options are using virtual DVD drives or using Packers built in web
|
|
server.
|
|
|
|
When dealing with Windows you need to enable UEFI drives for generation 2
|
|
virtual machines.
|
|
|
|
## Creating an ISO From a Directory
|
|
|
|
Programs like mkisofs can be used to create an ISO from a directory. There is
|
|
a [windows version of
|
|
mkisofs](http://opensourcepack.blogspot.co.uk/p/cdrtools.html) available.
|
|
|
|
Below is a working PowerShell script that can be used to create a Windows
|
|
answer ISO:
|
|
|
|
```powershell
|
|
$isoFolder = "answer-iso"
|
|
if (test-path $isoFolder){
|
|
remove-item $isoFolder -Force -Recurse
|
|
}
|
|
|
|
if (test-path windows\windows-2012R2-serverdatacenter-amd64\answer.iso){
|
|
remove-item windows\windows-2012R2-serverdatacenter-amd64\answer.iso -Force
|
|
}
|
|
|
|
mkdir $isoFolder
|
|
|
|
copy windows\windows-2012R2-serverdatacenter-amd64\Autounattend.xml $isoFolder\
|
|
copy windows\windows-2012R2-serverdatacenter-amd64\sysprep-unattend.xml $isoFolder\
|
|
copy windows\common\set-power-config.ps1 $isoFolder\
|
|
copy windows\common\microsoft-updates.ps1 $isoFolder\
|
|
copy windows\common\win-updates.ps1 $isoFolder\
|
|
copy windows\common\run-sysprep.ps1 $isoFolder\
|
|
copy windows\common\run-sysprep.cmd $isoFolder\
|
|
|
|
$textFile = "$isoFolder\Autounattend.xml"
|
|
|
|
$c = Get-Content -Encoding UTF8 $textFile
|
|
|
|
# Enable UEFI and disable Non EUFI
|
|
$c | % { $_ -replace '<!-- Start Non UEFI -->','<!-- Start Non UEFI' } | % { $_ -replace '<!-- Finish Non UEFI -->','Finish Non UEFI -->' } | % { $_ -replace '<!-- Start UEFI compatible','<!-- Start UEFI compatible -->' } | % { $_ -replace 'Finish UEFI compatible -->','<!-- Finish UEFI compatible -->' } | sc -Path $textFile
|
|
|
|
& .\mkisofs.exe -r -iso-level 4 -UDF -o windows\windows-2012R2-serverdatacenter-amd64\answer.iso $isoFolder
|
|
|
|
if (test-path $isoFolder){
|
|
remove-item $isoFolder -Force -Recurse
|
|
}
|
|
```
|
|
|
|
## Example For Windows Server 2012 R2 Generation 2
|
|
|
|
Packer config:
|
|
|
|
```json
|
|
{
|
|
"builders": [
|
|
{
|
|
"vm_name": "windows2012r2",
|
|
"type": "hyperv-iso",
|
|
"disk_size": 61440,
|
|
"floppy_files": [],
|
|
"secondary_iso_images": [
|
|
"./windows/windows-2012R2-serverdatacenter-amd64/answer.iso"
|
|
],
|
|
"http_directory": "./windows/common/http/",
|
|
"boot_wait": "0s",
|
|
"boot_command": ["a<wait>a<wait>a"],
|
|
"iso_url": "http://download.microsoft.com/download/6/2/A/62A76ABB-9990-4EFC-A4FE-C7D698DAEB96/9600.16384.WINBLUE_RTM.130821-1623_X64FRE_SERVER_EVAL_EN-US-IRM_SSS_X64FREE_EN-US_DV5.ISO",
|
|
"iso_checksum_type": "md5",
|
|
"iso_checksum": "458ff91f8abc21b75cb544744bf92e6a",
|
|
"communicator": "winrm",
|
|
"winrm_username": "vagrant",
|
|
"winrm_password": "vagrant",
|
|
"winrm_timeout": "4h",
|
|
"shutdown_command": "f:\\run-sysprep.cmd",
|
|
"memory": 4096,
|
|
"cpus": 4,
|
|
"generation": 2,
|
|
"switch_name": "LAN",
|
|
"enable_secure_boot": true
|
|
}
|
|
],
|
|
"provisioners": [
|
|
{
|
|
"type": "powershell",
|
|
"elevated_user": "vagrant",
|
|
"elevated_password": "vagrant",
|
|
"scripts": [
|
|
"./windows/common/install-7zip.ps1",
|
|
"./windows/common/install-chef.ps1",
|
|
"./windows/common/compile-dotnet-assemblies.ps1",
|
|
"./windows/common/cleanup.ps1",
|
|
"./windows/common/ultradefrag.ps1",
|
|
"./windows/common/sdelete.ps1"
|
|
]
|
|
}
|
|
],
|
|
"post-processors": [
|
|
{
|
|
"type": "vagrant",
|
|
"keep_input_artifact": false,
|
|
"output": "{{.Provider}}_windows-2012r2_chef.box"
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
autounattend.xml:
|
|
|
|
```xml
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
<unattend xmlns="urn:schemas-microsoft-com:unattend">
|
|
<settings pass="windowsPE">
|
|
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<SetupUILanguage>
|
|
<UILanguage>en-US</UILanguage>
|
|
</SetupUILanguage>
|
|
<InputLocale>en-US</InputLocale>
|
|
<SystemLocale>en-US</SystemLocale>
|
|
<UILanguage>en-US</UILanguage>
|
|
<UILanguageFallback>en-US</UILanguageFallback>
|
|
<UserLocale>en-US</UserLocale>
|
|
</component>
|
|
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<!-- Start Non UEFI -->
|
|
<DiskConfiguration>
|
|
<Disk wcm:action="add">
|
|
<CreatePartitions>
|
|
<CreatePartition wcm:action="add">
|
|
<Type>Primary</Type>
|
|
<Order>1</Order>
|
|
<Size>350</Size>
|
|
</CreatePartition>
|
|
<CreatePartition wcm:action="add">
|
|
<Order>2</Order>
|
|
<Type>Primary</Type>
|
|
<Extend>true</Extend>
|
|
</CreatePartition>
|
|
</CreatePartitions>
|
|
<ModifyPartitions>
|
|
<ModifyPartition wcm:action="add">
|
|
<Active>true</Active>
|
|
<Format>NTFS</Format>
|
|
<Label>boot</Label>
|
|
<Order>1</Order>
|
|
<PartitionID>1</PartitionID>
|
|
</ModifyPartition>
|
|
<ModifyPartition wcm:action="add">
|
|
<Format>NTFS</Format>
|
|
<Label>Windows 2012 R2</Label>
|
|
<Letter>C</Letter>
|
|
<Order>2</Order>
|
|
<PartitionID>2</PartitionID>
|
|
</ModifyPartition>
|
|
</ModifyPartitions>
|
|
<DiskID>0</DiskID>
|
|
<WillWipeDisk>true</WillWipeDisk>
|
|
</Disk>
|
|
</DiskConfiguration>
|
|
<ImageInstall>
|
|
<OSImage>
|
|
<InstallFrom>
|
|
<MetaData wcm:action="add">
|
|
<Key>/IMAGE/NAME </Key>
|
|
<Value>Windows Server 2012 R2 SERVERSTANDARD</Value>
|
|
</MetaData>
|
|
</InstallFrom>
|
|
<InstallTo>
|
|
<DiskID>0</DiskID>
|
|
<PartitionID>2</PartitionID>
|
|
</InstallTo>
|
|
</OSImage>
|
|
</ImageInstall>
|
|
<!-- Finish Non UEFI -->
|
|
<!-- Start UEFI compatible
|
|
<DiskConfiguration>
|
|
<Disk wcm:action="add">
|
|
<CreatePartitions>
|
|
<CreatePartition wcm:action="add">
|
|
<Order>1</Order>
|
|
<Size>300</Size>
|
|
<Type>Primary</Type>
|
|
</CreatePartition>
|
|
<CreatePartition wcm:action="add">
|
|
<Order>2</Order>
|
|
<Size>100</Size>
|
|
<Type>EFI</Type>
|
|
</CreatePartition>
|
|
<CreatePartition wcm:action="add">
|
|
<Order>3</Order>
|
|
<Size>128</Size>
|
|
<Type>MSR</Type>
|
|
</CreatePartition>
|
|
<CreatePartition wcm:action="add">
|
|
<Order>4</Order>
|
|
<Extend>true</Extend>
|
|
<Type>Primary</Type>
|
|
</CreatePartition>
|
|
</CreatePartitions>
|
|
<ModifyPartitions>
|
|
<ModifyPartition wcm:action="add">
|
|
<Order>1</Order>
|
|
<PartitionID>1</PartitionID>
|
|
<Label>WINRE</Label>
|
|
<Format>NTFS</Format>
|
|
<TypeID>de94bba4-06d1-4d40-a16a-bfd50179d6ac</TypeID>
|
|
</ModifyPartition>
|
|
<ModifyPartition wcm:action="add">
|
|
<Order>2</Order>
|
|
<PartitionID>2</PartitionID>
|
|
<Label>System</Label>
|
|
<Format>FAT32</Format>
|
|
</ModifyPartition>
|
|
<ModifyPartition wcm:action="add">
|
|
<Order>3</Order>
|
|
<PartitionID>3</PartitionID>
|
|
</ModifyPartition>
|
|
<ModifyPartition wcm:action="add">
|
|
<Order>4</Order>
|
|
<PartitionID>4</PartitionID>
|
|
<Label>Windows</Label>
|
|
<Format>NTFS</Format>
|
|
</ModifyPartition>
|
|
</ModifyPartitions>
|
|
<DiskID>0</DiskID>
|
|
<WillWipeDisk>true</WillWipeDisk>
|
|
</Disk>
|
|
<WillShowUI>OnError</WillShowUI>
|
|
</DiskConfiguration>
|
|
<ImageInstall>
|
|
<OSImage>
|
|
<InstallFrom>
|
|
<MetaData wcm:action="add">
|
|
<Key>/IMAGE/NAME </Key>
|
|
<Value>Windows Server 2012 R2 SERVERSTANDARD</Value>
|
|
</MetaData>
|
|
</InstallFrom>
|
|
<InstallTo>
|
|
<DiskID>0</DiskID>
|
|
<PartitionID>4</PartitionID>
|
|
</InstallTo>
|
|
</OSImage>
|
|
</ImageInstall>
|
|
Finish UEFI compatible -->
|
|
<UserData>
|
|
<!-- Product Key from http://technet.microsoft.com/en-us/library/jj612867.aspx -->
|
|
<ProductKey>
|
|
<!-- Do not uncomment the Key element if you are using trial ISOs -->
|
|
<!-- You must uncomment the Key element (and optionally insert your own key) if you are using retail or volume license ISOs -->
|
|
<!--<Key>D2N9P-3P6X9-2R39C-7RTCD-MDVJX</Key>-->
|
|
<WillShowUI>OnError</WillShowUI>
|
|
</ProductKey>
|
|
<AcceptEula>true</AcceptEula>
|
|
<FullName>Vagrant</FullName>
|
|
<Organization>Vagrant</Organization>
|
|
</UserData>
|
|
</component>
|
|
</settings>
|
|
<settings pass="specialize">
|
|
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<OEMInformation>
|
|
<HelpCustomized>false</HelpCustomized>
|
|
</OEMInformation>
|
|
<ComputerName>vagrant-2012r2</ComputerName>
|
|
<TimeZone>Coordinated Universal Time</TimeZone>
|
|
<RegisteredOwner />
|
|
</component>
|
|
<component name="Microsoft-Windows-ServerManager-SvrMgrNc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<DoNotOpenServerManagerAtLogon>true</DoNotOpenServerManagerAtLogon>
|
|
</component>
|
|
<component name="Microsoft-Windows-IE-ESC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<IEHardenAdmin>false</IEHardenAdmin>
|
|
<IEHardenUser>false</IEHardenUser>
|
|
</component>
|
|
<component name="Microsoft-Windows-OutOfBoxExperience" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<DoNotOpenInitialConfigurationTasksAtLogon>true</DoNotOpenInitialConfigurationTasksAtLogon>
|
|
</component>
|
|
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<SkipAutoActivation>true</SkipAutoActivation>
|
|
</component>
|
|
</settings>
|
|
<settings pass="oobeSystem">
|
|
<!-- Start Setup cache proxy during installation
|
|
<component name="Microsoft-Windows-IE-ClientNetworkProtocolImplementation" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<POLICYProxySettingsPerUser>0</POLICYProxySettingsPerUser>
|
|
<HKLMProxyEnable>true</HKLMProxyEnable>
|
|
<HKLMProxyServer>cache-proxy:3142</HKLMProxyServer>
|
|
</component>
|
|
Finish Setup cache proxy during installation -->
|
|
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<AutoLogon>
|
|
<Password>
|
|
<Value>vagrant</Value>
|
|
<PlainText>true</PlainText>
|
|
</Password>
|
|
<Enabled>true</Enabled>
|
|
<Username>vagrant</Username>
|
|
</AutoLogon>
|
|
<FirstLogonCommands>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
|
|
<Description>Set Execution Policy 64 Bit</Description>
|
|
<Order>1</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine>
|
|
<Description>Set Execution Policy 32 Bit</Description>
|
|
<Order>2</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm quickconfig -q</CommandLine>
|
|
<Description>winrm quickconfig -q</Description>
|
|
<Order>3</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm quickconfig -transport:http</CommandLine>
|
|
<Description>winrm quickconfig -transport:http</Description>
|
|
<Order>4</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config @{MaxTimeoutms="1800000"}</CommandLine>
|
|
<Description>Win RM MaxTimeoutms</Description>
|
|
<Order>5</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300"}</CommandLine>
|
|
<Description>Win RM MaxMemoryPerShellMB</Description>
|
|
<Order>6</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/service @{AllowUnencrypted="true"}</CommandLine>
|
|
<Description>Win RM AllowUnencrypted</Description>
|
|
<Order>7</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/service/auth @{Basic="true"}</CommandLine>
|
|
<Description>Win RM auth Basic</Description>
|
|
<Order>8</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/client/auth @{Basic="true"}</CommandLine>
|
|
<Description>Win RM client auth Basic</Description>
|
|
<Order>9</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/listener?Address=*+Transport=HTTP @{Port="5985"} </CommandLine>
|
|
<Description>Win RM listener Address/Port</Description>
|
|
<Order>10</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes </CommandLine>
|
|
<Description>Win RM adv firewall enable</Description>
|
|
<Order>11</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow</CommandLine>
|
|
<Description>Win RM port open</Description>
|
|
<Order>12</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow</CommandLine>
|
|
<Description>Win RM port open</Description>
|
|
<Order>13</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c net stop winrm </CommandLine>
|
|
<Description>Stop Win RM Service </Description>
|
|
<Order>14</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c sc config winrm start= disabled</CommandLine>
|
|
<Description>Win RM Autostart</Description>
|
|
<Order>15</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f</CommandLine>
|
|
<Order>16</Order>
|
|
<Description>Show file extensions in Explorer</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\Console /v QuickEdit /t REG_DWORD /d 1 /f</CommandLine>
|
|
<Order>17</Order>
|
|
<Description>Enable QuickEdit mode</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Start_ShowRun /t REG_DWORD /d 1 /f</CommandLine>
|
|
<Order>18</Order>
|
|
<Description>Show Run command in Start Menu</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v StartMenuAdminTools /t REG_DWORD /d 1 /f</CommandLine>
|
|
<Order>19</Order>
|
|
<Description>Show Administrative Tools in Start Menu</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f</CommandLine>
|
|
<Order>20</Order>
|
|
<Description>Zero Hibernation File</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f</CommandLine>
|
|
<Order>21</Order>
|
|
<Description>Disable Hibernation Mode</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c wmic useraccount where "name='vagrant'" set PasswordExpires=FALSE</CommandLine>
|
|
<Order>22</Order>
|
|
<Description>Disable password expiration for vagrant user</Description>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxShellsPerUser="30"}</CommandLine>
|
|
<Description>Win RM MaxShellsPerUser</Description>
|
|
<Order>23</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c winrm set winrm/config/winrs @{MaxProcessesPerShell="25"}</CommandLine>
|
|
<Description>Win RM MaxProcessesPerShell</Description>
|
|
<Order>24</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>%SystemRoot%\System32\reg.exe ADD "HKLM\System\CurrentControlSet\Services\Netlogon\Parameters" /v DisablePasswordChange /t REG_DWORD /d 1 /f</CommandLine>
|
|
<Description>Turn off computer password</Description>
|
|
<Order>25</Order>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow</CommandLine>
|
|
<Description>ICMP open for ping</Description>
|
|
<Order>26</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<!-- WITH WINDOWS UPDATES -->
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c IF EXIST a:\set-power-config.ps1 (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\set-power-config.ps1) ELSE (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File f:\set-power-config.ps1)</CommandLine>
|
|
<Order>97</Order>
|
|
<Description>Turn off all power saving and timeouts</Description>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c IF EXIST a:\microsoft-updates.ps1 (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\microsoft-updates.ps1) ELSE (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File f:\microsoft-updates.ps1)</CommandLine>
|
|
<Order>98</Order>
|
|
<Description>Enable Microsoft Updates</Description>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<CommandLine>cmd.exe /c IF EXIST a:\win-updates.ps1 (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File a:\win-updates.ps1) ELSE (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File f:\win-updates.ps1)</CommandLine>
|
|
<Description>Install Windows Updates</Description>
|
|
<Order>100</Order>
|
|
<RequiresUserInput>true</RequiresUserInput>
|
|
</SynchronousCommand>
|
|
<!-- END WITH WINDOWS UPDATES -->
|
|
</FirstLogonCommands>
|
|
<OOBE>
|
|
<HideEULAPage>true</HideEULAPage>
|
|
<HideLocalAccountScreen>true</HideLocalAccountScreen>
|
|
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
|
|
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
|
|
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
|
|
<NetworkLocation>Work</NetworkLocation>
|
|
<ProtectYourPC>1</ProtectYourPC>
|
|
</OOBE>
|
|
<UserAccounts>
|
|
<AdministratorPassword>
|
|
<Value>vagrant</Value>
|
|
<PlainText>true</PlainText>
|
|
</AdministratorPassword>
|
|
<LocalAccounts>
|
|
<LocalAccount wcm:action="add">
|
|
<Password>
|
|
<Value>vagrant</Value>
|
|
<PlainText>true</PlainText>
|
|
</Password>
|
|
<Group>administrators</Group>
|
|
<DisplayName>Vagrant</DisplayName>
|
|
<Name>vagrant</Name>
|
|
<Description>Vagrant User</Description>
|
|
</LocalAccount>
|
|
</LocalAccounts>
|
|
</UserAccounts>
|
|
<RegisteredOwner />
|
|
<TimeZone>Coordinated Universal Time</TimeZone>
|
|
</component>
|
|
</settings>
|
|
<settings pass="offlineServicing">
|
|
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<EnableLUA>false</EnableLUA>
|
|
</component>
|
|
</settings>
|
|
<cpi:offlineImage cpi:source="wim:c:/projects/baseboxes/9600.16384.winblue_rtm.130821-1623_x64fre_server_eval_en-us-irm_sss_x64free_en-us_dv5_slipstream/sources/install.wim#Windows Server 2012 R2 SERVERDATACENTER" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
|
|
</unattend>
|
|
```
|
|
|
|
sysprep-unattend.xml:
|
|
|
|
```xml
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
<unattend xmlns="urn:schemas-microsoft-com:unattend">
|
|
<settings pass="generalize">
|
|
<component language="neutral" name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<SkipRearm>1</SkipRearm>
|
|
</component>
|
|
</settings>
|
|
<settings pass="oobeSystem">
|
|
<!-- Setup proxy after sysprep
|
|
<component name="Microsoft-Windows-IE-ClientNetworkProtocolImplementation" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<POLICYProxySettingsPerUser>1</POLICYProxySettingsPerUser>
|
|
<HKLMProxyEnable>false</HKLMProxyEnable>
|
|
<HKLMProxyServer>cache-proxy:3142</HKLMProxyServer>
|
|
</component>
|
|
Finish proxy after sysprep -->
|
|
<component language="neutral" name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<InputLocale>0809:00000809</InputLocale>
|
|
<SystemLocale>en-GB</SystemLocale>
|
|
<UILanguage>en-US</UILanguage>
|
|
<UILanguageFallback>en-US</UILanguageFallback>
|
|
<UserLocale>en-GB</UserLocale>
|
|
</component>
|
|
<component language="neutral" name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<OOBE>
|
|
<HideEULAPage>true</HideEULAPage>
|
|
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
|
|
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
|
|
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
|
|
<NetworkLocation>Work</NetworkLocation>
|
|
<ProtectYourPC>1</ProtectYourPC>
|
|
<SkipUserOOBE>true</SkipUserOOBE>
|
|
<SkipMachineOOBE>true</SkipMachineOOBE>
|
|
</OOBE>
|
|
<UserAccounts>
|
|
<AdministratorPassword>
|
|
<Value>vagrant</Value>
|
|
<PlainText>true</PlainText>
|
|
</AdministratorPassword>
|
|
<LocalAccounts>
|
|
<LocalAccount wcm:action="add">
|
|
<Password>
|
|
<Value>vagrant</Value>
|
|
<PlainText>true</PlainText>
|
|
</Password>
|
|
<Group>administrators</Group>
|
|
<DisplayName>Vagrant</DisplayName>
|
|
<Name>vagrant</Name>
|
|
<Description>Vagrant User</Description>
|
|
</LocalAccount>
|
|
</LocalAccounts>
|
|
</UserAccounts>
|
|
<DisableAutoDaylightTimeSet>true</DisableAutoDaylightTimeSet>
|
|
<TimeZone>Coordinated Universal Time</TimeZone>
|
|
<VisualEffects>
|
|
<SystemDefaultBackgroundColor>2</SystemDefaultBackgroundColor>
|
|
</VisualEffects>
|
|
</component>
|
|
</settings>
|
|
</unattend>
|
|
```
|
|
|
|
-> **Warning:** Please note that if you're setting up WinRM for provisioning, you'll probably want to turn it off or restrict its permissions as part of a shutdown script at the end of Packer's provisioning process. For more details on the why/how, check out this useful blog post and the associated code:
|
|
https://cloudywindows.io/post/winrm-for-provisioning-close-the-door-on-the-way-out-eh/
|
|
|
|
## Example For Ubuntu Vivid Generation 2
|
|
|
|
If you are running Windows under virtualization, you may need to create a
|
|
virtual switch with an `External` connection type.
|
|
|
|
### Packer config:
|
|
|
|
```json
|
|
{
|
|
"variables": {
|
|
"vm_name": "ubuntu-xenial",
|
|
"cpus": "2",
|
|
"memory": "1024",
|
|
"disk_size": "21440",
|
|
"iso_url": "http://releases.ubuntu.com/16.04/ubuntu-16.04.6-server-amd64.iso",
|
|
"iso_checksum_type": "sha1",
|
|
"iso_checksum": "056b7c15efc15bbbf40bf1a9ff1a3531fcbf70a2"
|
|
},
|
|
"builders": [
|
|
{
|
|
"vm_name": "{{user `vm_name`}}",
|
|
"type": "hyperv-iso",
|
|
"disk_size": "{{user `disk_size`}}",
|
|
"guest_additions_mode": "disable",
|
|
"iso_url": "{{user `iso_url`}}",
|
|
"iso_checksum_type": "{{user `iso_checksum_type`}}",
|
|
"iso_checksum": "{{user `iso_checksum`}}",
|
|
"communicator": "ssh",
|
|
"ssh_username": "packer",
|
|
"ssh_password": "packer",
|
|
"ssh_timeout": "4h",
|
|
"http_directory": "./",
|
|
"boot_wait": "5s",
|
|
"boot_command": [
|
|
"<esc><wait10><esc><esc><enter><wait>",
|
|
"set gfxpayload=1024x768<enter>",
|
|
"linux /install/vmlinuz ",
|
|
"preseed/url=http://{{.HTTPIP}}:{{.HTTPPort}}/hyperv-taliesins.cfg ",
|
|
"debian-installer=en_US auto locale=en_US kbd-chooser/method=us ",
|
|
"hostname={{.Name}} ",
|
|
"fb=false debconf/frontend=noninteractive ",
|
|
"keyboard-configuration/modelcode=SKIP keyboard-configuration/layout=USA ",
|
|
"keyboard-configuration/variant=USA console-setup/ask_detect=false <enter>",
|
|
"initrd /install/initrd.gz<enter>",
|
|
"boot<enter>"
|
|
],
|
|
"shutdown_command": "echo 'packer' | sudo -S -E shutdown -P now",
|
|
"memory": "{{user `memory`}}",
|
|
"cpus": "{{user `cpus`}}",
|
|
"generation": 2,
|
|
"enable_secure_boot": false
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
### preseed.cfg:
|
|
|
|
```text
|
|
## Options to set on the command line
|
|
d-i debian-installer/locale string en_US.utf8
|
|
d-i console-setup/ask_detect boolean false
|
|
d-i console-setup/layout string us
|
|
|
|
d-i netcfg/get_hostname string nl-ams-basebox3
|
|
d-i netcfg/get_domain string unassigned-domain
|
|
|
|
d-i time/zone string UTC
|
|
d-i clock-setup/utc-auto boolean true
|
|
d-i clock-setup/utc boolean true
|
|
|
|
d-i kbd-chooser/method select American English
|
|
|
|
d-i netcfg/wireless_wep string
|
|
|
|
d-i base-installer/kernel/override-image string linux-server
|
|
|
|
d-i debconf debconf/frontend select Noninteractive
|
|
|
|
d-i pkgsel/install-language-support boolean false
|
|
tasksel tasksel/first multiselect standard, ubuntu-server
|
|
|
|
## Partitioning
|
|
d-i partman-auto/method string lvm
|
|
|
|
d-i partman-lvm/confirm boolean true
|
|
d-i partman-lvm/device_remove_lvm boolean true
|
|
d-i partman-lvm/confirm boolean true
|
|
|
|
d-i partman-auto-lvm/guided_size string max
|
|
d-i partman-auto/choose_recipe select atomic
|
|
|
|
d-i partman/confirm_write_new_label boolean true
|
|
d-i partman/choose_partition select finish
|
|
d-i partman/confirm boolean true
|
|
d-i partman/confirm_nooverwrite boolean true
|
|
|
|
# Write the changes to disks and configure LVM?
|
|
d-i partman-lvm/confirm boolean true
|
|
d-i partman-lvm/confirm_nooverwrite boolean true
|
|
|
|
d-i partman-partitioning/no_bootable_gpt_biosgrub boolean false
|
|
d-i partman-partitioning/no_bootable_gpt_efi boolean false
|
|
d-i partman-efi/non_efi_system boolean true
|
|
|
|
# Default user
|
|
d-i passwd/user-fullname string packer
|
|
d-i passwd/username string packer
|
|
d-i passwd/user-password password packer
|
|
d-i passwd/user-password-again password packer
|
|
d-i user-setup/encrypt-home boolean false
|
|
d-i user-setup/allow-password-weak boolean true
|
|
|
|
# Minimum packages
|
|
d-i pkgsel/include string openssh-server ntp linux-tools-$(uname -r) linux-cloud-tools-$(uname -r) linux-cloud-tools-common
|
|
|
|
# Upgrade packages after debootstrap? (none, safe-upgrade, full-upgrade)
|
|
# (note: set to none for speed)
|
|
d-i pkgsel/upgrade select none
|
|
|
|
d-i grub-installer/only_debian boolean true
|
|
d-i grub-installer/with_other_os boolean true
|
|
d-i finish-install/reboot_in_progress note
|
|
|
|
d-i pkgsel/update-policy select none
|
|
|
|
choose-mirror-bin mirror/http/proxy string
|
|
```
|
|
|
|
-> **Note for \*nix guests:** Please note that packer requires the VM to be
|
|
running a hyper-v KVP daemon in order to detect the IP address of the guest VM.
|
|
On RHEL based machines this may require installing the package `hyperv-daemons`
|
|
and ensuring the `hypervkvpd` service is started at boot. On Debian based
|
|
machines, you may need `linux-cloud-tools-common` for `hv_kvp_daemon`. Failure
|
|
to do this may cause packer to wait at `Waiting for SSH to become available...`
|
|
before eventually timing out.
|
|
|
|
Also note that while the operating system is still being installed by a preseed
|
|
file, it is normal to see `Waiting for SSH/WinRM to be available` and
|
|
`Error getting SSH/WinRM host: No ip address` error messages until the system
|
|
is actually installed and ready to be connected to.
|