The goal of this project is to deploy a ready-to-go windows server environment. This includes a domain controller, a replica domain controller, a DHCP server, and a fileserver. Additionally setting up users, groups, and OUs for the respective users within the domain.
To complete this project, 3 steps are taken.
- Use Packer to spin up a sys prepped and fully updated windows server 2022 iso for the environemnt
- Use Terraform to deploy 4 virtual machines into a vSphere environment
- Use Ansible to configure these 4 virtual machines as desired
Create a Windows Server 2022 .iso that is updated and has VMTools installed by default using Packer. In this solution, it will be geared to usage with vSphere, a VMware product.
First: Packer uses autounattend.xml and sysprep-autounattend.xml to automate Windows Settings
- It pulls Windows Server 2022 Datacenter Eval Edition (Desktop Experience) from Microsoft's site
- Installs & configure OpenSSH Client & Server for remote connection
- Installs VMware tools from ISO provided from the build ESX server
Packer Provisioner Steps
- Updating OS via Windows Update
- Doing some OS adjustments
- Set Windows telemetry settings to minimum
- Show file extentions by default
- Install Chocolatey - a Windows package manager
- Install Microsoft Edge (Chromium)
- Install Win32-OpenSSH-Server
- Install PowerShell Core
- Install 7-Zip
- Install Notepad++
- Enable Powershell-Core (
pwsh) to be the default SSHD shell
- Cleanup tasks
- Remove CDROM drives from VM template (otherwise there would be 2)
Main role: Deploy the Virtual Machines
- Setup the four Windows Servers (Primary Domain Controller, Replica Domain Controller, DHCP, Fileshare)
- Using the vSphere provider:
- Assign appropriate resources to each machine
- Using the vSphere provider:
- Once prepared with appropriate values and the networking is in place:
- Navigate to the Terraform directory and run these commands
terraform initPull proper Terraform providers and modules usedterraform validateThis will return whether the configuration is valid or notterraform apply...yesActually apply the configuration
- variables.tf
- Declare variables that will be used with the Terraform configuration
- terraform.tfvars
- Assign variables that will be used with the Terraform configuration
Main role: Configure the deployed Virtual Machines.
- Setup Windows Server Feature: Domain
- Primary Domain Controller
- Replica Domain Controller
- Auto-Join the Virutal Machines to the respective Domain created
- Create a few users and groups within Active Directory
- Setup Windows Ssrver Feature: DHCP
- Setup DHCP Scope
- Authorize it to the Domain.
- Setup Windows Server Feature: File Sharing
- Create two shares
- An employee share and administrator share. These shares are assigned group permissions.
- Create two shares
- Common Configurations
- Enable RDP and allow it through the firewall on all windows servers created
- inventory.yml
- Modify hosts associated with the playbook. Assign the IP addressing.
- winlab.yml
- Associate 'roles' to the hosts identified in the inventory file.
- These 'roles' are folders within the directory containing a set of code to configure per host
- ansible.cfg
- Tells ansible variable information. In this scenario, identifies to use inventory.yml file.
- ./group_vars/all.yml
- Contains specific variable information used within the ./roles/* Ansible code.
- Linux machine with the following
- Ansible
sudo apt updatesudo apt install software-properties-commonsudo add-apt-repository --yes --update ppa:ansible/ansiblesudo apt install ansible
- Terraform
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curlcurl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"sudo apt-get update && sudo apt-get install terraform
- Packer
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"sudo apt-get update && sudo apt-get install packer
- Git
sudo apt-get install git
- Ansible
- A Code Interprester
- I recommend Visual-Studio-Code
- vSphere Lab Environment
- vSphere --- Note: This project is using vSphere version 7.0.0
- First setup Packer environment
packer init -upgrade ws2022.pkr.hcl
- Then apply the Packer configuration to create the Windows Server 2022 Image
packer build -timestamp-ui -force -var-file=myvarfile.json ws2022.pkr.hcl
- This packer execute pulls the newest windows server datacenter 2022 eval .iso from microsoft populates it into the vSphere environment, in the specified datacenter/cluster/host/datastore
- It then runs commands to: Grab DHCP, Updates the image, Enables SSH, Enables RDP, Configures necessary firewall settings, sets passwords/usernames, & installs VMware Tools to base image
- Additionally, it will install Chocolatey for packages, notepad++, Edge, & 7-zip
- Go into your vSphere and turn the resulting VM into a Template
- Ensure this mimics the variables you have set in the terraform.tfvars file. This will be our next step.
- Setup Terraform Environemnt
terraform init
- Format terraform to ensure it meets criteria required
terraform fmt
- Do a terraform plan to detect any potential errors in code and to see potential end result. Read over this
terraform plan
- Finally, if all the above appears correct, perform a terraform apply
terraform apply...yes- This may take awhile, once it is done, double check in vSphere all necessary Virtual Machines were created properly (For me this took 20 minutes to fully complete)
- Once you have allowed Terraform to finish its configuraiton:
- Navigate to your Ansible Directory,
cd <path-to-Ansible> - Run your ansible playbook
ansible-playbook winlab.yml- This should run through and detail each change as it plays out
- Navigate to your Ansible Directory,
- Tutorials for Terraform, Packer, and others Hashicorp-Tutorials
- Ansible Documentation
- Terraform Documentation
- Packer Documentation