openstack实战之使用sysprep工具封装windows7镜像

openstack实战之使用sysprep工具封装windows7镜像

在openstack云平台环境下，使用sysprep封装windows7系统主要目的是清理虚拟机的SID，避免使用同一windows7镜像克隆出的虚拟机出现相同的SID，导致同一虚拟网络下多个windows系统出现NetBIOS广播风暴。

具体操作如下：

查看虚拟机的SID信息如下：

C:\Users\yanv>whoami  /user

USER INFORMATION

----------------

User Name    SID

============ =============================================

yanv-pc\yanv S-1-5-21-3215200373-763857622-2283004860-1000

如果主机的SID相同即会引发NetBIOS广播风暴。

使用sysprep可以将虚拟机相关信息重新注册，从而保证系统的纯洁。

在使用sysprep封装以前，需定制一些自动化执行脚本，以保证系统启动以后不需要人为的再次选择一些基本信息，定制的脚本文件为：c:\windows\panther\attend.xml

windows7相关的attend.xml脚本文件内容如下:

<?xml version='1.0' encoding='utf-8'?>

<unattend xmlns="urn:schemas-microsoft-com:unattend">

    <settings pass="oobeSystem" wasPassProcessed="true">

        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <InputLocale>zh-CN</InputLocale>

            <SystemLocale>zh-CN</SystemLocale>

            <UILanguage>zh-CN</UILanguage>

            <UILanguageFallback>zh-CN</UILanguageFallback>

            <UserLocale>zh-CN</UserLocale>

        </component>

        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <AutoLogon>

                <Password>*SENSITIVE*DATA*DELETED*</Password>

                <Enabled>true</Enabled>

                <LogonCount>1</LogonCount>

                <Username>administrator</Username>

            </AutoLogon>

            <OOBE>

                <HideEULAPage>true</HideEULAPage>

                <NetworkLocation>Work</NetworkLocation>

                <ProtectYourPC>3</ProtectYourPC>

                <SkipMachineOOBE>true</SkipMachineOOBE>

                <SkipUserOOBE>true</SkipUserOOBE>

            </OOBE>

            <UserAccounts>

                <AdministratorPassword>*SENSITIVE*DATA*DELETED*</AdministratorPassword>

            </UserAccounts>

        </component>

    </settings>

    <settings pass="specialize" wasPassProcessed="true">

        <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <SkipAutoActivation>true</SkipAutoActivation>

        </component>

        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <SkipAutoActivation>true</SkipAutoActivation>

        </component>

    </settings>

    <cpi:offlineImage cpi:source="catalog:g:/iso/windows_server_2008_r2_cn_x64/sources/install_windows server 2008 r2 serverdatacentercore.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi"></cpi:offlineImage>

</unattend>

attend.xml此文件为sysprep默认使用的自动化安装脚本，很多时候我们希望做一些定制化的信息，此时可以新建一个XML文件，用于定制的脚本文件，为了方便我们将文件放到sysprep工作目录下：

C:\Windows\System32\sysprep。文件名可以自己定制，此处我命名为Untitled.xml。

Untitled.xml文件内容如下：

<?xml version="1.0" encoding="utf-8"?>

<unattend xmlns="urn:schemas-microsoft-com:unattend">

    <settings pass="oobeSystem">

        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <InputLocale>zh-CN</InputLocale>

            <SystemLocale>zh-CN</SystemLocale>

            <UILanguage>zh-CN</UILanguage>

            <UILanguageFallback>zh-CN</UILanguageFallback>

            <UserLocale>zh-CN</UserLocale>

        </component>

        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <AutoLogon>

                <Password>

                    <Value>TgBlAHcAbQBlAGQAIQBAAHMAMABiAGUAeQBQAGEAcwBzAHcAbwByAGQA</Value>

                    <PlainText>false</PlainText>

                </Password>

                <Enabled>true</Enabled>

                <LogonCount>1</LogonCount>

                <Username>administrator</Username>

            </AutoLogon>

            <OOBE>

                <HideEULAPage>true</HideEULAPage>

                <NetworkLocation>Work</NetworkLocation>

                <ProtectYourPC>3</ProtectYourPC>

                <SkipMachineOOBE>true</SkipMachineOOBE>

                <SkipUserOOBE>true</SkipUserOOBE>

            </OOBE>

            <UserAccounts>

                <AdministratorPassword>

                    <Value>TgBlAHcAbQBlAGQAIQBAAHMAMABiAGUAeQBBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAFAAYQBzAHMAdwBvAHIAZAA=</Value>

                    <PlainText>false</PlainText>

                </AdministratorPassword>

            </UserAccounts>

        </component>

    </settings>

    <settings pass="specialize">

        <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <SkipAutoActivation>true</SkipAutoActivation>

        </component>

        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

            <SkipAutoActivation>true</SkipAutoActivation>

        </component>

    </settings>

    <cpi:offlineImage cpi:source="catalog:g:/iso/windows_server_2008_r2_cn_x64/sources/install_windows server 2008 r2 serverdatacentercore.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi" />

</unattend>

注：由于配置文件内容涉及的adminitrator用户的密码，此处密文对应的密码为：Newmed!@s0bey。

完成配置文件以后，皆可启动sysprep服务来封装windows7的镜像。启动sysprep命令如下：

进入配置文件目录

C:\Users\yanv>cd c:\Windows\system32\sysprep

查看命令帮助：

C:\Windows\System32\sysprep>sysprep --help

执行sysprep命令

C:\Windows\System32\sysprep>sysprep /generalize /oobe /reboot /unattend:Untitled.xml

此处命令信息为封装以后，直接重启系统，若希望封装以后关机可以使用shutdown替换reboot。

参考文档：

http://www.cnblogs.com/dreamer-fish/p/3476921.html

https://technet.microsoft.com/en-us/library/cc732280(v=ws.10).aspx

https://msdn.microsoft.com/en-us/library/dd799240(v=ws.10).aspx

https://social.technet.microsoft.com/Forums/zh-CN/3ea12f44-7492-4b38-8ca5-ca6fc7bc6af7/sysprep-windows-7?forum=w7itproinstall

http://www.win7china.com/html/6489.html