Windows guest VM with cloudbase init

itvietnam

Active Member
Aug 11, 2015
121
4
38
Hello,

Anyone success config IP, computer, inject user password via cloudbase init?

I tried tuning conf few days but no luck to get it works.
 
Jul 31, 2018
94
8
8
57
haha looks like you are doing the same as me from your username you in Vietnam if so we are nearly neighbors as we are in Singapore

Any way I got a few things to work
User and password not working
I get like
Cannot set the password in the metadata as it is not supported by this service maybe a Clear text one will work

Networking IP and Gateway is
DNS servers I don't think are working

I first thing is you need to change Proxmox
/usr/share/perl5/PVE/QemuServer/Cloudinit.pm

change
run_command([['genisoimage','-iso-level', '3', '-R', '-V', $label, $path],
e.g add that '-iso-level', '3'
systemctl restart pvedaemon

Now the CD will work as long as you set the OS to windows proxmox will use the Configdrive 2

That is the first part now some things will work
I m trying to work out the user and pass but this is so Painful
As I hate windows and so hard to work with
I also found on the windows server Remove KEY_LOCAL_MACHINE\SOFTWARE Cloudbase Solutions\Cloudbase-Init
Restart-Service cloudbase-init is you want to reset the init before restarting the maching for testing
And make sure you have a serial device in your hardware so you can use the term,.js to look at the debug out

If you can work it out let me know I have spent too much time
 

itvietnam

Active Member
Aug 11, 2015
121
4
38
haha looks like you are doing the same as me from your username you in Vietnam if so we are nearly neighbors as we are in Singapore
lol, same work here in Vietnam. I (personally) usually move to Singapore every month. May i know your company?

I will check back cloud-init Windows soon. Thanks,
 

chengkinhung

Member
Feb 11, 2016
8
3
8
19
Hi, Thanks for your tips. I changed Cloudinit.pm, but only succeed to change IP address, can not change DNS/Hostname, and seems password always change with random one, so after reboot windows will always not able to login again.
 

chengkinhung

Member
Feb 11, 2016
8
3
8
19
Thanks. I finally succeed to setup IP/Hostname/Password with Windows2016/CoudbaseInit through Proxmox/CloudInit.
I have to modify the CoudbaseInit python code and Proxmox/CloudInit perl code. Here are the changing I had done:

(1) Change roxmox/CloudInit perl code to support configdrive2 format(as proxmox default use ncloud format):
# vi /usr/share/perl5/PVE/QemuServer/Cloudinit.pm
Code:
run_command([['genisoimage','-iso-level', '3', '-R', '-V', $label, $path],
(2) Change roxmox/CloudInit perl code to save cleartext password for windows type VM:
# vi /usr/share/perl5/PVE/API2/Qemu.pm
Code:
...
+   my $conf = PVE::QemuConfig->load_config($vmid);
+   my $ostype = $conf->{ostype};
   if (defined(my $cipassword = $param->{cipassword})) {
       # Same logic as in cloud-init (but with the regex fixed...)
+       if (!(PVE::QemuServer::windows_version($ostype))) {
           $param->{cipassword} = PVE::Tools::encrypt_pw($cipassword)
               if $cipassword !~ /^\$(?:[156]|2[ay])(\$.+){2}/;
+       }
...
(3) Change roxmox/CloudInit perl code to add hostname/admin_password fields into meta_data.json
# vi /usr/share/perl5/PVE/QemuServer/Cloudinit.pm
Code:
...
sub configdrive2_metadata {
    my ($uuid) = @_;
+   my ($conf, $vmid, $uuid) = @_;
+   my ($hostname, $fqdn) = get_hostname_fqdn($conf, $vmid);
+   my $password = $conf->{cipassword};
...
    "uuid": "$uuid",
+   "hostname": "$hostname",
+   "admin_pass": "$password",
    "network_config": { "content_path": "/content/0000" }
...
sub generate_configdrive2 {
...
-   my $meta_data = configdrive2_metadata($uuid_str);
+   my $meta_data = configdrive2_metadata($conf, $vmid, $uuid_str);
...
(4) Change CoudbaseInit python code to disable generate_random_password
Modify C:\Program Files\Cloudbase Solutions\Cloudbase-Init\Python\Lib\site-packages\cloudbaseinit\plugins\common\setuserpassword.py and common out the following lines and add "return None" line:
Code:
...
       password, injected = self._get_password(service, shared_data)
       if not password:
           return None
           # LOG.debug('Generating a random user password')
           # maximum_length = osutils.get_maximum_password_length()
           # password = osutils.generate_random_password(
           #    maximum_length)
...
 
Last edited:
Jul 31, 2018
94
8
8
57
Thanks for that also now we have lost of options lol

you should not have needed to change the cloudbase init just set
like
username=Admin
groups=Administrators

inject_user_password=true
there is another variable also
  • first_logon_behaviour
first_logon_behaviour=no should do it

also your DNS may not be working unless you changed to
dns-nameservers and they but be under the interface settings for that interface eg like this


Code:
my ($addr, $mask) = split_ip4($net->{ip});
                $content .= "iface $id inet static\n";
                $content .= "        address $addr\n";
                $content .= "        netmask $mask\n";
                $content .= "        gateway $net->{gw}\n" if $net->{gw};
                $content .= "        dns-nameservers $nameservers\n";
 

chengkinhung

Member
Feb 11, 2016
8
3
8
19
@Craig St George
Hi, thanks.

In my case, the DNS is not important, i can setup in the windows template directly, however changing password of Administrator is my main goal, that also mens I need to set first_logon_behaviour=no. Disable the generate_random_password is very very important for using cloudbase-init in windows, as any time the cloudbase-init can not find the password, they will set the password with a random password, there is not way to know this random password unless you are using openstack's HttpService, and I found the both Proxmox/Cloud-init and Windows/Cloudbase-Init are not quite stable, cause my windows VM fail to login due to the Administrator been set to random password.
 

encore

Member
May 4, 2018
95
0
6
31
thanks @chengkinhung and @Craig St George for your hints! I managed to setup networking including nameservers with your suggestions.
Did not manage to modify the Administrator password yet.
When I have a look into the USER_DATA file it looks good:

Code:
#cloud-config
hostname: windows2016-de-image
manage_etc_hosts: true
user: Administrator
password: myPlainTextPassword
chpasswd:
  expire: False
users:
  - default
package_upgrade: true
After starting the cloud init service again or rebooting the VPS, the password stays like it was before.

cloudbase-init.conf:

Code:
[DEFAULT]
username=Admin
groups=Administratoren
inject_user_password=true
bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\
verbose=true
debug=true
logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\
logfile=cloudbase-init.log
default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
logging_serial_port_settings=
mtu_use_dhcp_config=true
ntp_use_dhcp_config=true
local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\
plugins=cloudbaseinit.plugins.common.networkconfig.NetworkConfigPlugin,
        cloudbaseinit.plugins.common.setuserpassword.SetUserPasswordPlugin
[config_drive]
raw_hhd=true
cdrom=true
vfat=true
any ideas?

What does the User "Admin" in my cloudbase-init.conf stands for? Do I need to create this user so cloud-init is able to modify the Administrator password? Did not understand this thing yet.
 
Jul 31, 2018
94
8
8
57
you can open the VM have a look at the cd drive for cloud init and see if the password is there should be under a key called

admin_pass in /openstack/latest/meta_data.json
 
Jul 31, 2018
94
8
8
57
OH btw it will only change that password for the that created user eg the
[DEFAULT]
username=Admin

and you would have to have the create user plugin enabled also cloudbaseinit.plugins.windows.createuser.CreateUserPlugin
 

encore

Member
May 4, 2018
95
0
6
31
I have upgraded to 5.3 - then executed your patch from hrere https://forum.proxmox.com/threads/finally-cloudbase-init-windows-servers.48823/#post-235155
worked fine, thanks mate!!

Adjusted
Code:
[DEFAULT]
username=Admin
to Administrator
in the cloudinit config, Administrator password changing works fine too! Had to add
Code:
first_logon_behaviour=no
to the config to workaround the change password at first login prompt, works too!

Last thing:
I am still struggling modifiing proxmox to save password when it is a Windows VM in plaintext to cloudinit:

(2) Change roxmox/CloudInit perl code to save cleartext password for windows type VM:
# vi /usr/share/perl5/PVE/QemuServer/Cloudinit.pm
Code:
...
+ my $conf = PVE::QemuConfig->load_config($vmid);
+ my $ostype = $conf->{ostype};
if (defined(my $cipassword = $param->{cipassword})) {
# Same logic as in cloud-init (but with the regex fixed...)
+ if (!(PVE::QemuServer::windows_version($ostype))) {
$param->{cipassword} = PVE::Tools::encrypt_pw($cipassword)
if $cipassword !~ /^\$(?:[156]|2[ay])(\$.+){2}/;
+ }
...
Where exactly I need to place this in the Cloudinit.pm?
 

encore

Member
May 4, 2018
95
0
6
31
(2) Change roxmox/CloudInit perl code to save cleartext password for windows type VM:
# vi /usr/share/perl5/PVE/QemuServer/Cloudinit.pm
Code:
...
+ my $conf = PVE::QemuConfig->load_config($vmid);
+ my $ostype = $conf->{ostype};
if (defined(my $cipassword = $param->{cipassword})) {
# Same logic as in cloud-init (but with the regex fixed...)
+ if (!(PVE::QemuServer::windows_version($ostype))) {
$param->{cipassword} = PVE::Tools::encrypt_pw($cipassword)
if $cipassword !~ /^\$(?:[156]|2[ay])(\$.+){2}/;
+ }
...
ahh, wrong file mate.
It is /usr/share/perl5/PVE/API2/Qemu.pm
Works fine! Password will be put in plain text into the META_DATA.json from proxmox.
 

chengkinhung

Member
Feb 11, 2016
8
3
8
19
  • Like
Reactions: encore

alebeta

New Member
Mar 20, 2018
12
0
1
29
gonkar.com
Hello friends,

after we had this solution since few months ago, there is not a plan to be integrated in proxmox by default?

all the best
 

dcsapak

Proxmox Staff Member
Staff member
Feb 1, 2016
4,087
368
88
31
Vienna
Jul 31, 2018
94
8
8
57
Like Dominik says only a couple of weeks but now since is seems that its working based on peoples feedback let me do that procedure
I just need to find some time
 

chengkinhung

Member
Feb 11, 2016
8
3
8
19
Just found Proxmox change code Cloudinit.pm and cause Cloudbase-Init failed to set IP address:
Cloudbase-Init error messages: C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\cloudbase-init.log
Code:
plugin 'NetworkConfigPlugin' failed with error '('Cannot set static IP address on network adapter (%d)', 70)'
Network configuration content: D:\OPENSTACK\CONTENT\0000
Code:
iface eth0 inet static
        address '192.168.92.102'
        netmask '255.255.255.0'
        gateway '192.168.92.1'
Modify code:
Code:
# diff Cloudinit.pm.patched.5.3-11 /usr/share/perl5/PVE/QemuServer/Cloudinit.pm
177,179c177,179
<               $content .= "        address '$addr'\n";
<               $content .= "        netmask '$mask'\n";
<               $content .= "        gateway '$net->{gw}'\n" if $net->{gw};
---
>               $content .= "        address $addr\n";
>               $content .= "        netmask $mask\n";
>               $content .= "        gateway $net->{gw}\n" if $net->{gw};
Fixed network configuration content should look like this: D:\OPENSTACK\CONTENT\0000
Code:
iface eth0 inet static
        address 192.168.92.102
        netmask 255.255.255.0
        gateway 192.168.92.1
# pveversion
pve-manager/5.3-11/d4907f84 (running kernel: 4.15.18-10-pve)
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!