X

Windows Custom Startup Scripts and Cloud-Init on Oracle Cloud Infrastructure

Andy Corran
Principal Product Manager

We are excited to announce an easy way to configure and customize Microsoft Windows Server compute instances on Oracle Cloud Infrastructure using Cloudbase-Init - the Windows equivalent of Linux Cloud-Init. With the new integrated Cloud-Init experience for Windows Server, you can easily bootstrap an instance with more applications, host configurations, and custom setups. This capability is taken care of by a Cloud-Init custom user data startup script, a feature that is now available on Oracle Cloud Infrastructure compute instances running either Linux or Windows Server.

What is User Data?

User data is a mechanism to inject a script or custom metadata when a compute instance is initializing on Oracle Cloud Infrastructure. This data is passed to the instance at provisioning time to customize the instance as needed. Instance user data can be implemented using variety of scripting languages. See Windows Cloudbase-Init for more information.

Windows Instance User Data Startup Script

The Windows Cloudbase-Init experience is available for bare metal and virtual machine Windows Server compute instances, across all regions. There is no additional cost for this feature and all Windows Server OS images now come with Cloudbase-Init installed by default.

Cloudbase-Init also comes with a feature that fully automates the Windows Remote Management (WinRM) configuration, without any manual user setup.

Getting Started

The first step is to create your user data script. The following content-type formats as supported:

PEM Certificate / Batch / PowerShell / Bash / Python / EC2 Format / Cloud config.

For more detailed information, see Cloudbase-Init user data.

See the following example of a simple PowerShell script that changes the hostname and writes an output to a custom file on the local boot volume.

  1. The Sysnative parameter is required and must be on the first line. For PowerShell, use:

    #ps1_sysnative

  2. Copy the following script and save it as a .ps1 file. (This script changes the compute name to ‘WIN_OCI_INSTANCE_AD1_FE1’)

    #ps1_sysnative

    function Get-TimeStamp {   

        return "[{0:MM/dd/yy} {0:HH:mm:ss}]" -f (Get-Date)   

    }

    $computerName='WIN_OCI_INSTANCE_AD1_FE1'

    $path = $env:SystemRoot + "\Temp\"

    $logFile = $path + "CloudInit_$(get-date -f yyyy-MM-dd).log"

    Write-Host -fore Green "Creating Log File"

    New-Item $logFile -ItemType file

    Write-Output "$(Get-TimeStamp) Logfile created..." | Out-File -FilePath $logFile -Append

    Write-Host -fore yellow "Changing ComputerName"

    Rename-Computer -NewName $computerName

    Write-Host -fore green "Changed ComputerName"

    Write-Output "$(Get-TimeStamp) Changed ComputerName" | Out-File -FilePath $logFile -Append

 

Custom user data startup script is implemented as part of the Create Instance setup, via either the Console or CLI (Command Line Interface).

Steps via Console 

  1. Log in to the Oracle Cloud Infrastructure Console.
  2. Select Menu, then Compute, followed by Instances.

  3. Click Create Instance and complete the required instance section fields. The Startup Script option can be found under Show Advanced Options.

    OCI Cloud-Init Startup Script

  4. Browse for the PS1 script created in step 2.

  5. Complete the Networking section and click Create Instance.

After your instance is provisioned, Cloudbase-Init will execute your script and configure WinRM automatically.

Steps via CLI

The CLI provides the same functionality as the Console, to install the CLI follow these installation options.

  1. First obtain the values for required parameters using the CLI command in the table  (This is run from a PowerShell command line)

    Parameter CLI Command
    --compartment-id [CompartmentOCID]  

    ./oci iam compartment list

    $C = 'ocid1.compartment.oc1..aaaaaaaa....'

    --availability-domain [ADName]  ./oci iam availability-domain list
    --shape [ShapeName]  ./oci compute shape list --compartment-id $C
    --image-id

    ./oci compute image list -c $C | ConvertFrom-Json | ForEach-Object{$_.data} | where -Property display-name -Match 'Windows-Server-2016' | fl -Property display-name, id

    --subnet-id [SubnetOCID] 

    ./oci network vcn list -c $C 

    Select Subnet OCID that matches chosen AD above: 

    ./oci network subnet list -c $C --vcn-id ocid1.vcn.oc1.iad.aaaaaaa….

    --user-data-file [filename]  enter path and filename for user data startup script
    --display-name [StringinstanceName]  enter free form Instance display name
    --assign-public-ip true
  2. Syntax to launch a compute instance

    ./oci compute instance launch --availability-domain [ADName] --compartment-id [CompartmentOCID] --shape [ShapeName] --subnet-id [SubnetOCID] --user-data-file [filename] --display-name [StringinstanceName] --assign-public-ip 

    example:

    ./oci compute instance launch --availability-domain mgRc:US-ASHBURN-AD-3 --compartment-id $C --shape VM.Standard2.1 --image-id ocid1.image.oc1.iad.aaaaaaaag.... --subnet-id ocid1.subnet.oc1.iad.aaaaaaaar....
    --user-data-file PScloudbaseinit1.ps1 --display-name MyCloudInitInstance

  3. Query instance state, take the instance id from the previous command successful output.

    ./oci compute instance get --instance-id ocid1.instance.oc1.iad.abuwcljr32gb5....

 

Typical User Data Custom Script Use Cases:

  • Update server host configuration, including the registry
  • Enable GPU support – custom script to install GPU driver
  • Add and change local user accounts
  • Join instance to domain controller
  • Install certificates into the certificate store
  • Enable more Windows features, like IIS
  • Copy any required application workload files from Object Storage directly to the local instance
  • Download and install client agents, like Chef, Puppet or SCOM agents

WinRM

Windows Remote Management (WinRM) is a native Windows alternative to SSH that provides you with the capability to remotely manage a Windows Host.  Windows PowerShell command line has a benefit of integrated WinRM cmdlets, this provides full functionality via a single tool for all Windows management tasks.

How to use WinRM on Oracle Cloud Infrastructure Windows instance

  1. Open the Console.

  2. Add an ingress rule to the VCN security list used by the instance.

    OCI Ingress Security List Rule

    a. In the Console, navigate to the newly launched instance with startup script to view instance details.

    b. Under Subnet Settings, click the subnet name.

    c. Under Resources, navigate to Security Lists and open the security list.

    d. Click Edit All Rules.

    e. Under Allow Rules for Ingress, click Add Rule

    i. Destination Port Range: 5986
    ii. SOURCE PORT RANGE: All
    iii. IP Protocol: TCP
    iv. Source CDIR: 0.0.0.0/0 
    (Recommend Source is from your authorized CIDR block)

    v. Source Type: CIDR

    f. Save Security List Rules

  3. Get the public IP of your instance from the instance details screen.

  4. On your Windows client, open PowerShell command window.

  5. Use the following PowerShell snippet to connect to your instance:

    # Get the public IP from your OCI running windows instance
    $ComputerName = "USE PUBLIC IP OF INSTANCE"

    # Store your username and password credentials (default username is opc)
    $c = Get-Credential

    # Options
    $opt = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck

    # Create new PSSession (Pre-requisite: ensure security list has Ingress Rule for port 5986) 
    $PSSession = New-PSSession -ComputerName $ComputerName -UseSSL -SessionOption $opt -Authentication Basic -Credential $c

    # Connect to Instance PSSession
    Enter-PSSession $PSSession

    # To close connection use: Exit-PSSession

You can now remotely manage your Windows Server compute instance from your local PowerShell client.

Windows Server users now have two great options to setup a custom compute instance. They also benefit from being able to use WinRM to remotely manage and securely access a Windows instance.

For more information, see the following documentation:

(There will also be additional documented script examples in the future)

 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha