Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

Based on the https://www.microsoft.com/en-ca/windows/windows-11-specifications?r=1#:~:text=System%20firmware-,UEFI,-%2C%20Secure%20Boot%20capable , we have gathered the following checklist and how-to to help deploying a new virtual machine running Microsoft Windows 11 with the ITS Private Cloud Command Line Interface aka vss-cli:

Checklist

  • CPU: at least 2 CPUs: --cpu 2
  • Memory: at least 8GB: --memory 8
  • Disk: at least 64GB: --disk 64
  • UEFI and Secure Boot: --firmware efi
  • Guest Operating System: --os windows9_64Guest
  • vTPM. vTrusted Platform Module (TPM) should be added to virtual instance. --tpm
  • VBS. Virtualization-Based Security enabled. --vbs

Command Line Commands

Raw cli

With the following command you will be deploying a Windows 11 virtual machine with the parameters listed above.

vss-cli --wait compute vm mk shell \
--description 'Windows 11 VM' --os windows9_64Guest \
--memory 8 --cpu 2 --folder MyFolder --disk 64 \
--net CGN --iso Microsoft_Windows_11_Enterprise_version_21H2_64-bit_English \
--tpm --vbs --firmware efi --client Client \
--power-on Windows11VM

Another approach would be to use the vss-cli deployment specification.

vss-cli deployment specification

  1. Create the following file: 

    built: os_install         # Required: Do not remove.
machine:
    name: Windows11VM         # Required: Target virtual machine name.
    os: windows9_64Guest           # Required: Guest Operating System name or Id.
    cpu: 2                # Optional: CPU count (Default: 1).
    memory: 8             # Optional: Memory in GB (Default: 1GB).
    folder: MyFolder      # Required: Folder name, path or ID.
    storage-type: hdd     # Optional: Storage Type to use for this VM. ssd or hdd
    disks:
       -  capacity_gb: 64          # Disk capacity in GB (Default: 40GB).
    iso: dae52f28-4ae9-4492-8ca2-691809006867           # Optional: ISO name or path to mount upon creation.
    firmware: efi         # Optional: Firmware to use: Either bios or efi (Default: bios).
# Additional (Uncomment to enable)
    power_on: true         # Optional: Power on after successful deployment.
    tpm: true              # Optional: Enable vTrusted Platform Module Device.
    vbs: true              # Optional: Enable Virtualization Based Security.
#   template: false        # Optional: Mark resulting vm as template.
#   domain:                # Optional: Domain name or ID to deploy (Default: provided by API).
# VM extra configuration (Uncomment to enable)
# extra-config:
#  - disk.EnableUUID="TRUE"
networking:
    interfaces:
       -  network: CGN    # Required: Network name or network ID.
          type: vmxnet3   # Optional: Defaults to vmxnet3
# metadata required
metadata:
    client: Client       # Required: Client department
  # Required: Description of virtual machine
    description: Testing windows 11 deployment
    usage: Test           # Optional: Usage between Prod | Dev | QA | Test (default: Test)
    inform:               # Optional: list of additional contact email addresses (default: user account)
       -  user@utoronto.ca
#  admin:                  # Optional: VM Administrator (Default: user submitting request)
#    name:                 # (Admin) Required: VM Administrator full name
#    email:                # (Admin) Required: VM Administrator email i.e. user@utoronto.ca
#    phone:                # (Admin) Required: VM Administrator phone i.e. 416-123-2341
# Recommended Metadata (Uncomment to enable)
# notes:                  # Optional: list of key-value items to be set in Key: value form.
#   - BillingCode: 12345
#   - Documentation: https://uoft.me/service-docs
#    vss_service: N/A        # Optional: VSS Service name or service id
# vss_options:            # Optional: VSS options reset_on_restore, reboot_on_restore
#   - reset_on_restore
#   - reboot_on_restore

  2. Save the file as win11.yaml and deploy it as follows: 

    vss-cli --wait compute vm mk from-file win11.yaml

  3. By using this method, you could replicate this deployment in the future.

Troubleshooting

If a step was missed, the Windows 11 installation process may display an error:

image (1).png

Please review all the steps outlined in the Checklist. Below are suggested steps to verify your virtual machine configuration using the vss-cli commands:

  1. Verify the CPU cores (cpu) are 2 or more:

    vss-cli compute vm get <VM_ID> cpu

  2. Verify the memory (memory_gb) is 8GB or more:

    vss-cli compute vm get <VM_ID> memory

  3. Verify the disk space (capacity_gib) is 64GB or more:

    vss-cli compute vm get <VM_ID> disk

  4. Verify the firmware selected is efi

    vss-cli compute vm get <VM_ID> firmware

  5. Verify the Guest Operating System (guest.guest_id) is windows9_64Guest

    vss-cli compute vm get <VM_ID> os

  6. Verify there is a Trusted Platform Module (vTPM) configured with label, summary and key.

    vss-cli compute vm get <VM_ID> tpm

  7. Verify the Virtualization-Based Security (vbs_enabled) is enabled (True).

    vss-cli compute vm get <VM_ID> vbs

Frequently, users overlook creating a Trusted Platform Module or enabling the Virtualization-Based Security setting. Here are steps to create them using vss-cli commands:

  1. Create a Trusted Platform Module (vTPM)

    vss-cli compute vm set <VM_ID> tpm mk

  2. Enable Virtualization-Based Security setting

    vss-cli compute vm set <VM_ID> vbs on

After completing the virtual machine update, please proceed to reboot the system..

References:

https://www.microsoft.com/en-in/windows/windows-11-specifications#table3

https://kb.vmware.com/s/article/86207

  • No labels