Based on the https://www.microsoft.com/en-ca/windows/windows-11-specifications?r=1#:~:text=System%20firmware-,UEFI,-%2C%20Secure%20Boot%20capable , we have gathered the following checklist and how-to to help deploying a new virtual machine running Microsoft Windows 11 with the ITS Private Cloud Command Line Interface aka vss-cli
:
--cpu 2
--memory 8
--disk 64
--firmware efi
--os windows9_64Guest
--tpm
--vbs
With the following command you will be deploying a Windows 11 virtual machine with the parameters listed above.
vss-cli --wait compute vm mk shell \ --description 'Windows 11 VM' --os windows9_64Guest \ --memory 8 --cpu 2 --folder MyFolder --disk 64 \ --net CGN --iso Microsoft_Windows_11_Enterprise_version_21H2_64-bit_English \ --tpm --vbs --firmware efi --client Client \ --power-on Windows11VM |
Another approach would be to use the vss-cli
deployment specification.
vss-cli
deployment specificationCreate the following file:
built: os_install # Required: Do not remove. machine: name: Windows11VM # Required: Target virtual machine name. os: windows9_64Guest # Required: Guest Operating System name or Id. cpu: 2 # Optional: CPU count (Default: 1). memory: 8 # Optional: Memory in GB (Default: 1GB). folder: MyFolder # Required: Folder name, path or ID. storage-type: hdd # Optional: Storage Type to use for this VM. ssd or hdd disks: - capacity_gb: 64 # Disk capacity in GB (Default: 40GB). iso: dae52f28-4ae9-4492-8ca2-691809006867 # Optional: ISO name or path to mount upon creation. firmware: efi # Optional: Firmware to use: Either bios or efi (Default: bios). # Additional (Uncomment to enable) power_on: true # Optional: Power on after successful deployment. tpm: true # Optional: Enable vTrusted Platform Module Device. vbs: true # Optional: Enable Virtualization Based Security. # template: false # Optional: Mark resulting vm as template. # domain: # Optional: Domain name or ID to deploy (Default: provided by API). # VM extra configuration (Uncomment to enable) # extra-config: # - disk.EnableUUID="TRUE" networking: interfaces: - network: CGN # Required: Network name or network ID. type: vmxnet3 # Optional: Defaults to vmxnet3 # metadata required metadata: client: Client # Required: Client department # Required: Description of virtual machine description: Testing windows 11 deployment usage: Test # Optional: Usage between Prod | Dev | QA | Test (default: Test) inform: # Optional: list of additional contact email addresses (default: user account) - user@utoronto.ca # admin: # Optional: VM Administrator (Default: user submitting request) # name: # (Admin) Required: VM Administrator full name # email: # (Admin) Required: VM Administrator email i.e. user@utoronto.ca # phone: # (Admin) Required: VM Administrator phone i.e. 416-123-2341 # Recommended Metadata (Uncomment to enable) # notes: # Optional: list of key-value items to be set in Key: value form. # - BillingCode: 12345 # - Documentation: https://uoft.me/service-docs # vss_service: N/A # Optional: VSS Service name or service id # vss_options: # Optional: VSS options reset_on_restore, reboot_on_restore # - reset_on_restore # - reboot_on_restore |
Save the file as win11.yaml
and deploy it as follows:
vss-cli --wait compute vm mk from-file win11.yaml |
By using this method, you could replicate this deployment in the future.
Starting from version 1.10.2, Cloud Portal introduces the capability to create virtual machines equipped with Windows 11. It's crucial to ensure you carefully select the appropriate operating system, ISO image, and activate both Trusted Platform Module and Virtualization-based Security for optimal performance and security.
If a step was missed, the Windows 11 installation process may display an error:
Please review all the steps outlined in the Checklist. Below are suggested steps to verify your virtual machine configuration using the vss-cli commands:
Verify the CPU cores (cpu) are 2 or more:
vss-cli compute vm get <VM_ID> cpu |
Verify the memory (memory_gb) is 8GB or more:
vss-cli compute vm get <VM_ID> memory |
Verify the disk space (capacity_gib) is 64GB or more:
vss-cli compute vm get <VM_ID> disk |
Verify the firmware selected is efi
vss-cli compute vm get <VM_ID> firmware |
Verify the Guest Operating System (guest.guest_id) is windows9_64Guest
vss-cli compute vm get <VM_ID> os |
Verify there is a Trusted Platform Module (vTPM) configured with label, summary and key.
vss-cli compute vm get <VM_ID> tpm |
Verify the Virtualization-Based Security (vbs_enabled) is enabled (True).
vss-cli compute vm get <VM_ID> vbs |
Frequently, users overlook creating a Trusted Platform Module or enabling the Virtualization-Based Security setting. Here are steps to create them using vss-cli commands:
Create a Trusted Platform Module (vTPM)
vss-cli compute vm set <VM_ID> tpm mk |
Enable Virtualization-Based Security setting
vss-cli compute vm set <VM_ID> vbs on |
After completing the virtual machine update, please proceed to reboot the system..
https://www.microsoft.com/en-in/windows/windows-11-specifications#table3
https://kb.vmware.com/s/article/86207