Logging / Debugging Guidance - Minimize work done by Autounattend.xml

[brendanjerwin]

I'm having some problems where, if I watch the install happen I see flashes of red text.

How can I find out what actually happened? I don't see any logging of the various commands anywhere.

Is there any guidance on debugging issues with the provisioning?

[joefitzgerald]

I do think we should ensure each step of the provisioning process (particularly the portion which occurs in Autounattend.xml; Packer logs everything done via provisioners) logs output to the filesystem so that it can be investigated in a post-mortem.

In the interim, I've used the hacky approach of inserting sleeps, watching the install in the GUI, and inspecting the command prompts (told you - hacky!).

I'm open to ideas on how to consistently log the output from provisioning steps in Autounattend.xml.

[rasa]

@joefitzgerald: Check out https://github.com/misheska/basebox-packer/blob/master/template/windows2012r2/floppy/win2012r2-standard/Autounattend.xml#L89 We moved the FirstLogonCommands commands out of Autounatted.xml, to separate scripts, for just that reason: so we can view (with optional pausing) and log the results.

[misheska]

FYI: The approach was all rasa's idea - and a great improvement for logging Windows box creation! Essentially stub out Sysprep's Autounattend.xml to do as little as possible, delegating as much to secondary scripts. As I recall, the only issue we had was configuring the Execution Policy correctly in order to run Powershell scripts under this scheme, but the workaround is encoded in the current set of scripts. (We just ended up removing most of the Powershell from the box creation process. rasa discovered that it makes upgrades/patch management in the box creation more difficult using PowerShell - when a Powershell script runs, it pins all the Powershell support exes/dlls and they can't be upgraded without a reboot. So we removed most of the Powershell so that we wouldn't have to do any tricky controlled reboot logic in the box creation scripts).

[kensykora]

I'd like to get some of the items out of the autounattend.xml -- I think the biggest hurdle right now though is the windows updates which require a reboot that Packer doesn't deal with at all.

Looking at the 2012r2 unattend xml file, there are these things happening:

1. Set Powershell Execution Policy
2. Configure WinRM (set authentication, timeout settings, open up firewall port, etc)
3. Show file extensions in Explorer
4. Enable quick edit
5. Show run command in start menu (not even relevant in 2012r2)
6. Show administrative tools in start menu
7. Disable hibernation mode
8. Disable password expiration
9. Install MS Updates OR Install OpenSSH (comment/uncomment for functionality)

I think this can be reduced to:

1. Set execution policy
2. Install MS Updates OR Install OpenSSH

The rest should be able to be moved to a separate, secondary script as described.

[icnocop]

For reference, I've submitted a feature request to allow packer to support reboots here: https://github.com/mitchellh/packer/issues/1981

[masaeedu]

Has there been any progress on this? There's still about 25 scripts in the Autounattend.xml file, whereas the essentials are only to enable WinRM (and possibly disable Windows update). Everything else can be done using provisioner scripts running over the WinRM communicator.

Any steps that require reboots can be dealt with by adding windows-restart provisioners.

[jhg03a]

https://technet.microsoft.com/en-us/library/ee851579(v=ws.10).aspx