Hi,
I’m working on a bachelor thesis, and part of it is about building Windows images for OpenNebula using HashiCorp Packer. I have forked the repository, and I have created some local changes. Before I commit them, I want to ask OpenNebula developers a few questions:
-
What should be the policy regarding Windows ISO installer images? They can’t be part of the project, and Microsoft does not provide an easy and official way to download them. They need to be referenced in packer build files for builds to work. Should I use a subfolder named ISO, where the user of this build system provides the ISO images? Another approach is that there is also a hacky, unofficial, probably maintenance-costly way of automating the downloads by generating temporary download links from Microsoft. For example, GitHub - ElliotKillick/Mido: The Secure Microsoft Windows Downloader, which is based on this: GitHub - pbatard/Fido: A PowerShell script to download Windows or UEFI Shell ISOs.
-
What should be the policy for naming the build (Makefile) options? I think this could work, but maybe you know better:
Edition names
- windows10Home
- windows10HomeN
- windows10Pro
- windows10ProN
- windows10ProEdu
- windows10ProEduN
- windows10Edu
- windows10EduN
- windows10ProWorkstations
- windows10ProWorkstationsN
- windows10Ent
- windows10EntLTSC2015
- windows10EntLTSC2016
- windows10EntLTSC2019
- windows10EntLTSC2021
- windows11Home
- windows11HomeN
- windows11Pro
- windows11ProN
- windows11ProEdu
- windows11ProEduN
- windows11Edu
- windows11EduN
- windows1ProWorkstations
- windows11ProWorkstationsN
- windows11Ent
- windows2016Essentials
- windows2016Standard
- windows2016Datacenter
- windows2016StandardCore
- windows2016DatacenterCore
- windows2019Essentials
- windows2019Standard
- windows2019Datacenter
- windows2019StandardCore
- windows2019DatacenterCore
- windows2022Standard
- windows2022Datacenter
- windows2022StandardCore
- windows2022DatacenterCore
- Should we mention somewhere that users should read Microsoft EULA before using this build tool because the build process skips the licence term and conditions page of the Windows installer and OOBE (Out-of-the-box experience)?
In the end, I want to mention that my build approach leverages only Windows Unattend.xml and Autounattend.xml files. I have set packer communicator to none.
Build process workflow:
- Import VirtIO storage drivers
- Partition the drive
- Bypass Windows 11 requirements checks
- Install Windows (apply Windows image to newly partitioned drive and make it bootable)
- Install rest of the VirtIO drivers, guest agent and spice agent (in Specialize configuration pass)
- Boot Windows into audit mode (not OOBE) and install Windows Updates via PowerShell module PSWindowsUpdate or by some other way (I’m currently evaulating ansible windows update module)
- Put Unattend file in C:\ so the OOBE will be skipped and Unattend files will be cleaned up on next boot
- Sysprep (generalize) the Windows and shutdown
When the user starts the new Windows image for the first time, the OOBE will be skipped, and the local Administrator will be disabled. This leaves the way for the Windows contextualization package to create the first user using context variables. This also needs to be discussed because Windows server editions have a default Administrator user, and there is also a possibility that the user of the images chooses the Administrator as their user. This needs to be reflected in the Contextualization package, which I plan to contribute as part of my thesis.