[TUTORIAL] HOWTO: Scripts to make cloudbase work like cloudinit for your windows based instances

G

Geco-iT

Member
Mar 24, 2021
17
22
8
France
www.geco-it.fr
Hi,

we are a small compagny ( Geco-iT ) from France that strongly relies on Proxmox PVE every day and as we find proxmox more and more powerfull, we want to give back to the community by providing some of our tools for PVE.

We made tools to use cloudbase on windows like cloudinit on linux instances !

CloudBase is an open-source project provided by Cloudbase Solutions to enable initialization of a new instance on Windows machines. The purpose is to be the equivalent of the Cloud-Init project which is used on Linux images.

Cloudbase-Init works with different services to provide the meta data that will be used to parse information needed to below functionalities. In our case the service that will be used is the OpenStack Config Drive service which parses information from the cloud-init drive that is already generated by Proxmox but misses the needed data in its actual state.

It is deployed as a service in Windows to take care of all guest initialization actions, such as :

  • Disk volume expansion
  • User creation
  • Password generation and injection
  • Custom script execution with Powershell,CMD,Bash or Python
  • Static network configurations
  • Hostname modification
  • Public SSH key deployment
  • and other functionalities that you can see at Cloudbase-Init documentation.

We have found a few missing functionalities that we think should be included in the product. Which are the DHCP network configuration when we want to modify a static adapter back to DHCP and the activation of the Administrator user if we provide it's name in the meta data. So we included in this document two python scripts to deploy alongside Cloudbase-Init to do those actions.

Full explanation is here on our wiki : https://wiki.geco-it.net/public:cloudbase-init
Source code can be seen here: https://git.geco-it.net/GECO-IT-PUBLIC/Geco-Cloudbase-Init

Hope it will help someone !

Thanks to all the Proxmox Staff and forum members, and special thanks to @kenzim ! Because this post helped us : https://forum.proxmox.com/threads/windows-cloud-init-working.83511/

Have a nice day !
 
  • Like
Reactions: Gilberto Ferreira, SpawnkillerQC, NojuHD and 7 others
Thanks for the extensive guide! Really appreciate it.

However, I followed it to the letter. Did the Proxmox patching (used the patch files I am on the correct version) but whatever I do the password set in cloud-init never works. Network settings are set though. I just can't login to the machine. I tried with Windows Server 2022.
 
martijnk said:
Thanks for the extensive guide! Really appreciate it.

However, I followed it to the letter. Did the Proxmox patching (used the patch files I am on the correct version) but whatever I do the password set in cloud-init never works. Network settings are set though. I just can't login to the machine. I tried with Windows Server 2022.
Click to expand...
Can you share with us the meta data file generated by the patched Proxmox and the logs you get from xterm.js console please.
 
cansoylu said:
Can you share with us the meta data file generated by the patched Proxmox and the logs you get from xterm.js console please.
Click to expand...

Hi here is the console log, sorry it's a bit messy: https://pastebin.com/PBALuqqK

My patched qemu: https://pastebin.com/tPRTuxHZ
My patched cloudinit: https://pastebin.com/mfN4Y5VC

I did repeat the entire process, but still the password is denied. I'm pretty sure my files are patched as they should.

I do see this message: 10.948 3148 INFO cloudbaseinit.osutils.windows [-] Skipping password reset, service running as a built-in account: LocalSystem

But don't know if that is how it should be.

Thanks for the help!
 
martijnk said:
Hi here is the console log, sorry it's a bit messy: https://pastebin.com/PBALuqqK

My patched qemu: https://pastebin.com/tPRTuxHZ
My patched cloudinit: https://pastebin.com/mfN4Y5VC

I did repeat the entire process, but still the password is denied. I'm pretty sure my files are patched as they should.

I do see this message: 10.948 3148 INFO cloudbaseinit.osutils.windows [-] Skipping password reset, service running as a built-in account: LocalSystem

But don't know if that is how it should be.

Thanks for the help!
Click to expand...
Cloudinit has a user called cloudinit and it changes its password at every run. Since our version uses System user for the service and deletes the cloudinit user, it is normal that it shows that message. Can you provide more details; meta data contents, proxmox version, is the computer connected to a domain etc.
 
cansoylu said:
Cloudinit has a user called cloudinit and it changes its password at every run. Since our version uses System user for the service and deletes the cloudinit user, it is normal that it shows that message. Can you provide more details; meta data contents, proxmox version, is the computer connected to a domain etc.
Click to expand...
Right that makes sense.

Version says: Version: 7.1-4. It's not connected to a domain, just local Administrator (it's a standard clean install).

I just tried the same with Windows 11. And same thing, password is not set. I followed the tut 4 times now I'm not sure what I'm doing wrong. I can't get to the metadata contents because I can't logon / access the machine.

So my procedure is:

- Install clean Windows 2022/11 English version.
- Add Cloudinit drive and Serial port 0
- Install Cloudbase Continious built (All default settings, so checkbox metadata password enabled).
- Copy localscripts from repo.
- Copy conf files from repo
- Run Powershell scripts, Fixuserservice and modifyconf.
- Launch sysprep from conf dir.
- Convert VM to template > Clone template to new machine.
- Set cloudinit details > boot machine > Password fails.
 
Ok I created a 2nd admin user so I could check and it looks like the Administrator password is fully encrypted. So I guess that's the issue. I will try to re-patch those files again. Something must be wrong there.
 
Ok so I restarted proxmox after doing the patching.

Now it's a bit different, after running sysprep and deploying the image I get this:

1645530385939.png

Same thing with Windows 11 and 2022. Anybody any idea?
 
Last edited:
martijnk said:
Hurray I finally got it working!

So I had to restart the pve daemon service (omg) before the patched files would work. That has to be added to the tutorial.

Then I got the above error message which I solved with this: https://bugs.launchpad.net/cloudbase-init/+bug/1407842/comments/5

I think that has to be added to the tut as well.

Anyway, thanks for the tutorial I can finally go on my way :)
Click to expand...
Happy for you that it worked. Will be adding the restart proxmox part in the tutorial so nobody else misses it :D.
 
I found couple of more issue, just reporting them.

First of all your cloudbase-init.conf has a line locations=cdroom, which I think should be cdrom. Not sure how this will influence the process. I think not since we're using the unattended file.

For the unattended file it has allow_reboot=true. I think this should be false. Otherwise it's causing the error I posted above.

Then the eject drive is not working all the time. It only works when you change the cloud-init settings, e.g. the IP address and then reboot the machine. It will set the new IP and eject the drive. But if you reboot the server without changing the settings the drive will not be ejected.
 
  • Like
Reactions: cansoylu
martijnk said:
I found couple of more issue, just reporting them.

First of all your cloudbase-init.conf has a line locations=cdroom, which I think should be cdrom. Not sure how this will influence the process. I think not since we're using the unattended file.

For the unattended file it has allow_reboot=true. I think this should be false. Otherwise it's causing the error I posted above.

Then the eject drive is not working all the time. It only works when you change the cloud-init settings, e.g. the IP address and then reboot the machine. It will set the new IP and eject the drive. But if you reboot the server without changing the settings the drive will not be ejected.
Click to expand...
Will check on the first two ones, the eject drive is an issue with cloudbase-init which only runs when metadata has changed. I will see for a workaround on this. Thanks for reporting! :)
 
  • Like
Reactions: martijnk
cansoylu said:
Will check on the first two ones, the eject drive is an issue with cloudbase-init which only runs when metadata has changed. I will see for a workaround on this. Thanks for reporting! :)
Click to expand...

Would it be possible to force the cloudbase-init to run with every reboot even though nothing was changed?

Because now users can change the IP in Windows manually. Next reboot it will stick and it won't be changed back to what's defined in cloud-init.
 
martijnk said:
Would it be possible to force the cloudbase-init to run with every reboot even though nothing was changed?

Because now users can change the IP in Windows manually. Next reboot it will stick and it won't be changed back to what's defined in cloud-init.
Click to expand...
Cloudbase-Init relies on the UUID, Instance ID, that we give it in order to decide if it needs to run or not. If the given instance already exist in its cache files it won't run, if not it will run.

I don't recommend patching cloudbase-init since it has lots of inheritances between files, and it's not always clear what is depending on what, so the only way I can see this working is to randomize the UUID generation in Cloudinit.pm file so each time cloudinit runs, it will give a different instance id so cloudbase init will run again.
 
  • Like
Reactions: martijnk
cansoylu said:
Cloudbase-Init relies on the UUID, Instance ID, that we give it in order to decide if it needs to run or not. If the given instance already exist in its cache files it won't run, if not it will run.

I don't recommend patching cloudbase-init since it has lots of inheritances between files, and it's not always clear what is depending on what, so the only way I can see this working is to randomize the UUID generation in Cloudinit.pm file so each time cloudinit runs, it will give a different instance id so cloudbase init will run again.
Click to expand...

Yeah I guess it's not too big of a deal. It's even beneficial I think in case people want to change DNS servers or something else, it won't be overwritten every time with cloudinit settings. Plus I could easily eject the cdrom with a scheduled startup task.

Thanks anyway for the help!
 
  • Like
Reactions: cansoylu
gecoit said:
we are a small compagny ( Geco-iT ) from France that strongly relies on Proxmox PVE every day and as we find proxmox more and more powerfull, we want to give back to the community by providing some of our tools for PVE.
Click to expand...
gecoit said:
Full explanation is here on our wiki : https://wiki.geco-it.net/public:cloudbase-init
Source code can be seen here: https://git.geco-it.net/GECO-IT-PUBLIC/Geco-Cloudbase-Init
Click to expand...
If you already have the patches and want to contribute back, why not upstream it?
https://pve.proxmox.com/wiki/Developer_Documentation
 
  • Like
Reactions: gurubert
  • Like
Reactions: Bruno Garcia
hi gecoit.
I will recive error with dir "Program Files (x86) " not found ,when i run ModifyConf.ps1 on x86 system.
QQ20220519-143433.png
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back