In this part, I will be covering how to setup a template. This was one of the post which I really enjoyed just because lot many things worked well today… 😀
In fact, I was experimenting on templates for more than a week with different combinations – But stuck on just one single issue. VMs are not getting joined to Active Directory as expected. I had similar experience with SCVMM 2012 and the twist was adjusting the image with some tweaks. However, I forgot what I did to fix this with SCVMM 2012 and continuing with troubleshooting. Today, I made it successful !
So lets do it before I forget 😀
Creating a Window Server 2012 R2 STD Gen 1 Template
The first stage is to prepare a VM for the templage
- Create a Gen 1 VM – I will name it as Golden Image
- Windows Patch Updates
- Install HyperV Integration Component
- Antivirus/Agents or any of the custom software required on all servers deployed using this image
- Enable RDP
- Disable Firewall
- Set Administrator password blank
- Export the VM – This is required if we need to update template on a later stage
- SysPrep and Shutdown
The second stage is to configure the per-requisites on Hyper-V for template / deployment using template
- Create Run As account for Local Administrator
- Create Run As account to be used with ADJoin which has the rights to Join Computers on AD
- Create Gust OS Profile
- Create Hardware Profiles
- If the HyperV Data Network is on trunk, Configure IP Pool for the Subnet which the VMs will be placed while deploying
The final stage is to create the template.
So lets go back to Stage 1. The first few steps are very direct and straight. So I will skip these steps and jump to the 7th step.
Set the Administrator password to blank
The default local policy have complexity enabled – due to which we are forced to give a password as the last step of installation. So lets adjust the local password policy so that we can have a blank password.
MMC ->File -> Add Remove SnapIn -> Select “Group Policy Object Editor” and click Add
By Default, Local Computer Policy will be selected. Click on Finish and then OK
Navigate to Local Computer Policy -> Computer Configuration -> Windows Setting -> Security Settings -> Account Policies -> Password Policy
Double click on “Password must meet complexity requirement” policy.
This policy is enabled now. We just need to make it disable it.
Now we can reset the local users password to blank.
Next step is to export the VM.. Yea – Its a live export 😉 . This will be used in case if we need to do further update or the template creation failed in between. The VM which is used for creating the template will get destroyed. So its better to export and keep a copy safe.
Now we are ready for Sysprep
Once Sysprep is completed, the VM will be shut down.
The run as accounts which we are creating this are optional, how ever – I prefer that.
The first run as account is for the local administrator. Once the VM is deployed, we need to have a local administrator with password. I know – you should be thinking who wants to keep the administrator password blank on a server 😀
From SCVMM -> Settings -> Security -> Run As Accounts
Click on “Create Run As Account”
In the same way, Create one more run as account for AD Joining process. For this Account, the user name should be domainname\domainuser.
This Active Directory account should have the permission to join computers in AD.
I also recommend to keep the “Validate domain credentials” checked to ensure that the password stored is correct.
The next step is Gust OS Profile. Here we define the OS details, Local Admin Password, Time Zone, Roles and features, Domain Join etc.
Navigate to SCVMM -> Library -> Profiles -> Gust OS Profiles
Click on the Drop Down Menu – Create and select Gust OS Profile
In General, Enter the OS Name and Compatibility details.
In Gust OS Profile, Choose the OS Details first from the drop down menu.
No need to change identity information.
On Admin Password, We need to make use of the Run As Account we created for Local Administrator.
If the environment don’t have a KMS, You can manually enter the Product Key.
Set the Time Zone according to your requirement.
If you need to have any Roles or Features in Common on these VM, You can select the required roles and features.
In Domain/WorkGroup, Enter the domain name and the Run As account for performing AD Join task.
If you are using a legacy OS, You may need to make use of an Answer File.
GUIRunOnce command can be used to perform onetime activity along with the deployment.
The next step is to create the hardware profile. Hardware profiles are used to provision VMs with a pre-defined, standard hardware configuration. Its like defining different offering plans. I usually create Gold-Silver-Bronze Plans.
Navigate to SCVMM -> Library -> Profiles -> Hardware Profiles
From the “Create” drop down menu, Select Hardware Profile.
Define the Processor, Memory, Other hardware components as per your requirement. Define if the VM using this hardware profile needs to be highly available.
One important setting here is the configuration in Network Adapter. We need to ensure that the profile is connected to the correct VM Network which is available on the destination HyperV Cluster / Server.
If we have multiple VLANs configured as trunk, We will be selecting the specific VLAN we required while configuring the network. I dont see such option to select the specific VLAN while we deploy from a template. The work around I got from various forums/blogs is to use an IP Pool in SCVMM for the desired VLANs.
We defined a Logical Network for VM Network in the Part-1 of this series. In LN-VM-Network, We defined only one subnet as I made it as a demo. However, In the real world scenario – We will have have multiple VLANs which will be configured as TRUNK and we may need to tag the right VLAN for each VM. This part is important as we expect the VM to be joined into our domain along with the deployment. For ADJOIN to happen, the network needs to be working fine. And once we trigger a VM creation from template, We dont have an option to edit the configuration before the deployment is complete.
Here is a quick look of the different VLANs currently linked with Logical Network – LN-VM-Network.
While deploying from the template, SCVMM will chose one of those VLAN from this group. In order force the template to use one of the VLAN among this, the workaround is to create an IP Pool for the VLANs and then select this IP Pool to be used while creating VM from the template.
So lets do that.
Navigate to SCVMM -> Fabric -> Networking -> Logical Network
Right Click on LN-VM-Network and select Create IP POOL
Enter the name for the IP POOL and the Logical Network which should be linked.
I am planning to create an IP POOL for 10.66.66.0/24 which is already defined the the Logical Network – LN-VM-Network.
Specify the IP Range to be used. We will just give a few IPs available for this purpose.
Define the Gateway address for the IP Subnet.
Enter the DNS Servers
If you have WINS still in your infrastructure, you can define the WINS Servers.
Review the Summary and click on finish.
So we are done with Staeg 2. Good to start the template creation.
Creating VM Template
Navigate to SCVMM -> VMs and Services -> All Hosts
Identify the Golden Image VM which we created and performed SYSPREP.
Right Click on the VM and select Properties.
Ensure that the Operating System and Integration Service is properly updated in SCVMM.
If Operating System is displayed as unknown, Select the right Operating system and Click on OK.
Right Click on the VM and Select Create -> Create VM Template
Oh.. WARNING – Creating a template will destroy the source virtual machine VM Name.
Always read warning and understand correctly before proceeding with YES or NO.. 😀
Enter the name for this Template
No need to change anything on the Hardware.. Just click NEXT.
Configure Operating System – Select the GUST OS Profile which we created for Windows Server 2012 R2 Std.
Select the VMM Library Server
Select the path where you need to store this on Library. I will usually put under the Templates folders inside. You can even create a foldersturcture as you wish.
Review the summary and click on Finish.
The whole process will take 5 t0 10 minutes usually – depending on the mode of file transfer (Network or Fast Transfer if ODX is enabled), Size of the VHDX file etc.
We are good to deploy a VM from a template.
Select “Use existing Virtual Machine, VM Template or Virtual Hardisk” which is the default option and click on Browse.
Navigate the to Type : VM Template and select the Template which got created now.
On the Identity – Key in the Virtual Machine Name and Description.
On Configure Hardware – Select the Hardware Profile which we created.
As I mentioned earlier, If the environment is having TRUNK on the HyperV Data Traffic, You need to select Static IP (From a static IP POOL) in the Network Adapter properties.
On Configuring Operating System, Select the GUST OS Profile which we created.
Select the Destination to deploy the Virtual Machine.
On the Networking, Click on the Network Adapter. On the Address Pool, the IP Address Pool which we created is selected.
In the Machine Resources, Enter the Destination PATH – the location where to save the VHDX, VHDX File Name etc.
Make sure that a Folder exists in the destination path if you are pointing a folder in the destination path.
On Add Properties, Select the Automatic Action and action to take when HyperV Servers stops.
Review the summary and proceed.