Setting up an image factory, part 1: Using MDT 2010 Lite Touch with SCVMM 2008 R2
Yes, I’ve been promising this blog posting for quite some time. And I’ve been working on this for quite some time, but kept getting distracted either by new releases (Windows 7, Windows Server 2008 R2, MDT 2010, SCVMM 2008 R2, etc.) or by the addition of new features to the PowerShell scripts that I’ve been using. But I’m determined to get this first part finished today. Shame sometime can be a motivator :-)
First you need some additional background information. I did a presentation at the Microsoft Management Summit, TechEd US, and TechEd Australia where I talked about how to use MDT 2010, ConfigMgr 2007, and SCVMM together for two main purposes:
- Creating an image factory.
- Perform unattended installation and configuration of operating systems (including patches, applications, etc.)
- Sysprep and capture images for distribution/cloning
- Create WIM files for deployment to physical hardware, VHD files for use with Virtual Machine Manager and Hyper-V
- Virtual Machine Customization
- Rather than having lots of special-purpose VHDs, have a smaller number with the ability to apply specific roles or configuration at the time of deployment
So this posting is covering the first part, using MDT 2010 Lite Touch together with SCVMM to create an image factory. Here’s more of a logical picture of what I am talking about:
So imagine that you have created a deployment share in MDT 2010 Deployment Workbench, imported your operating systems and all the other required files, and created multiple task sequences to build your reference images. Now you want a quick and easy way to run all of those task sequences, without having a pile of hardware (so virtual machines are good) and without needing to manually initiate the process on each machine (automating the wizard). That’s where the “image factory” comes in.
To implement this, I created a set of PowerShell scripts to initiate the step-by-step process above. The scripts and their purpose:
- MDTImageFactory.ps1. This is the main PowerShell script that drives the whole process (although the bulk of the logic is in the other scripts).
- MDTDB.psm1. This is a PowerShell module that is used to manipulate the MDT database (more on that later).
- ImageFactory.psm1. This is a PowerShell module that handles the interaction with SCVMM 2008 R2.
These scripts need to know some details from your environment. Rather than hard-coding that information in the scripts themselves, this information is stored in a separate XML file named “MDTImageFactorySettings.xml.” This file contains the following settings:
- DeploymentShare. This specifies the path to the MDT 2010 deployment share containing the task sequences that should be executed.
- VMMServer. This specifies the name of the SCVMM server.
- VMMLibrary. This specifies the name of the SCVMM library on the specified SCVMM server.
- HyperVHost. All virtual machines will be created on this server, which is being managed by the SCVMM server. (It could be the SCVMM server, if that server is also running Hyper-V, or it could be a different machine.)
- HyperVHostNetwork. The Hyper-V host may have multiple networks defined; this specifies the name of the network that should be used when creating each virtual machine. This network must have access to the specified deployment share.
- HardwareProfile. A hardware profile specifies the settings that should be used when creating a new virtual machine. This specifies things like the amount of RAM to allocate to the machine (1GB is suggested), the network adapter type (a legacy adapter is recommended since the drivers are available in most OSes), and other hardware settings.
- VHD. This specifies the template VHD that should be used when creating the virtual machine. (SCVMM provides two templates initially, a small one and a large one, but since these dynamically grow it makes sense to always use the “Blank Disk - Large” template.)
- MaximumRunning. Your Hyper-V host might not have the capacity to run all the task sequences (one per VM) at one time, so this specifies a throttling value: the script will ensure that only this number of VMs is activate at one time. (For example, if your Hyper-V server has 8GB of RAM with no VMs running, you might choose to run 6-7 VMs at one time, so specify 6 or 7 as the value to use.)
- TaskSequenceFolder. This specifies the folder in Deployment Workbench containing the task sequences that should be executed. Normally, all task sequences are selected by specifying “MDT:\Task Sequences” but if you wanted to process only the task sequences in a subfolder you could change this to something like “MDT:\Task Sequences\My Subfolder”. (Only enabled task sequences that deployment an operating system will be selected, so if you want to skip one while you are working on it just uncheck the “Enabled” checkbox in the properties for that task sequence.)
- UseDelegation. Setting this to “True” enables an optimization in the process: the virtual machines can be configured to use a ISO on the SCVMM library share, instead of copying that ISO to the Hyper-V host using BITS. This is optional, but if you want to enable it be sure to review the requirements for doing this at http://technet.microsoft.com/en-us/library/ee340124.aspx.
So what is required to set this up in your environment? First, make sure that your environment is functional, as these scripts won’t magically fix things:
- Make sure SCVMM 2008 R2 can create and operate VMs on the Hyper-V host.
- Create your MDT 2010 deployment share and task sequences and make sure they run fine on a Hyper-V VM when manually started through the Deployment Wizard.
- Make sure PowerShell v2 is installed on the server where you expect to run these scripts. (SCVMM 2008 R2 works with PowerShell v2; SCVMM 2008 technically only supports PowerShell v1.)
- If you want to run the scripts on a machine that isn’t the SCVMM server, make sure that the SCVMM console is installed so that the SCVMM PowerShell cmdlets are available.
- If you want to run the scripts on a machine that isn’t the MDT 2010 server, install MDT 2010 so that the MDT PowerShell cmdlets are available.
Once that’s done, you can perform the following setup steps:
Set up the MDT database, as this is required for the image factory to work. There are two steps involved: running the wizard to create the database, and then running another wizard to configure the query rules in CustomSettings.ini.
Make sure that x86 and x64 are enabled for the MDT deployment share. (The script assumes both ISOs will be available. The name of the ISO doesn’t matter as the PowerShell script will get the name configured in the deployment share properties.)
Create a SCVMM hardware profile. This should specify a reasonable amount of RAM (I typically use 1GB) and to use a legacy NIC (as the driver is available in most OSes); all VMs will be created using this hardware profile.
Configure Bootstrap.ini on the deployment point properties so that no user interaction is required to start the deployment process:
Make sure the SCVMM library server is in the Internet Explorer “Local intranet” zone (add \\server-name), or make sure the machine you are running the PowerShell scripts on has the UNCAsInternet registry setting configured. If you see messages like “While scripts from the internet can be useful, this script can potentially harm your computer. Do you want to run <script>?” when trying to run the PowerShell scripts, you’ll understand why you need to worry about this. (See http://www.leeholmes.com/blog/PowerShellExecutionPoliciesInStandardImages.aspx for some background.)
Create a folder called “PowerShell scripts” in the SCVMM library share.
Copy the attached scripts (after extracting them from the CAB file) into the “PowerShell scripts” folder on the deployment share.
Edit the MDTImageFactorySettings.xml file to specify your server names and settings as described above.
In the SCVMM console, refresh the library share to see the PowerShell scripts that were added.
Right click on the MDTImageFactory.ps1 script to run the process.
You should then see that connections are made to the MDT deployment share, the MDT database (the settings for the database are retrieved from the deployment share), and the SCVMM server. A virtual machine will be created for each enabled OS deployment task sequence in the specified folder (and subfolders, recursively), and then the specified number of VMs will be started. As the first VMs complete they will shut down (as long as the task sequence finishes successfully) and new ones will be started, until all task sequences are finished.
As part of the VM creation process, new MDT database entries are created specifying the computer settings, associated to the MAC address of the network adapter for that VM. These settings include:
TaskSequenceID=<the ID of the task sequence to run>
ComputerBackupLocation=<deployment share UNC>\Captures
BackupFile=<task sequence ID>.wim
So that specifies to skip all the wizards, run a specific task sequence, use a constant local admin password, capture an image to the deployment share using the task sequence ID to name the WIM file, and to shut down the VM when the whole process is complete.
Here’s what you might expect to see while the VMs are being created:
and while they are running:
That display will keep repeating until all task sequences are complete and the virtual machines shut down.
As the virtual machines complete, there will be two “outputs”: the WIM file that is written to the “Captures” directory of the deployment share, and the VHD file that is still attached to the VM. You can turn that VHD into an SCVMM template and use that when creating new VMs. If you do that, be sure to disconnect the ISO file from the virtual DVD drive and to configure the NIC to specify a dynamic MAC address. (More on that topic in a future blog post when we talk about virtual machine customization.)
That’s pretty much the whole process, but it is worth mentioning a few things in closing:
- The script could be enhanced to add the logic to detach the ISO file and reconfigure the NIC once the VM shuts down, but if I kept delaying while adding more script features this blog posting would never get completed :-)
- You can monitor the VMs inside the SCVMM console – just click on each one and see the thumbnail of the server display. This lets you quickly scan through each of the VMs looking for ones that had errors or were just taking too long.
- These scripts were only tested with a Hyper-V host. They should work with VMware ESX and Virtual Server, but might require some simple customization to make everything work. Proceed at your own risk, let me know if you get it to work.
The “Part 2” blog posting will describe how to perform the same scenario using System Center Configuration Manager 2007 (with or without MDT), but it will take me some time to recover from this posting before I get to that one.
If I messed up the instructions or left something out, please let me know via e-mail, firstname.lastname@example.org . The scripts attached to this blog entry are provided as-is, and are not supported by Microsoft. See the scripts for the full disclaimer.