Red Cloud Windows Instances

From CAC Documentation wiki
Revision as of 13:37, 11 January 2019 by Pzv2 (talk | contribs) (Removed "under construction" warning to prepare for going live on Monday)
Jump to navigation Jump to search

Windows Instances can be created and maintained on Red Cloud using the OpenStack Web Interface. This documentation assumes a basic understanding of OpenStack, so please review that page as needed.


Creating A New Windows Instance

Currently Red Cloud offers VM images running the following versions of Windows:

  • Windows Server 2016

Steps

  1. Log in to the OpenStack Web Interface (check out how to log in if you need to)
  2. If you have not already, create a Key pair
  3. If you have not already, create a Security group. Note that your security group should include the inbound RDP port (3389) rule from at least your current IP address so you can connect to it.
  4. Optional: Set up a Private Network
  5. Select Launch Instance from the Instances page
  6. Follow the instructions about launching a new instance, and select one of the Windows images under the Source tab
  7. Optional: Create and attach a Volume
  8. Optional: Associate a Floating IP address

Now that you have created and launched an instance, your next steps will be to connect to it and set up a new user account. See the To Do On First Login section for more information on how to set up a new user, update, and other useful information. Also, consult the Working with Windows Instances section.

Accessing Instances

  • Make sure your security group allows access to RDP port (3389) from your current IP address.
  • The first time you start a Windows instance it may take up to 10 minutes or more from pushing the start button, depending on the size of the instance, before you can log in.
  • After your instance is running you should be able to Remote Desktop into it.
  • To log in to a Windows instance:
    1. Wait until the OpenStack Web Interface says the instance is running
    2. Select instance -> Actions -> Retrieve Password
    3. Select your Private Key File (that you created when you created a Key Pair) and select Decrypt Password. The password for user Administrator will be displayed.
    4. You can then log in to the Windows instance using Microsoft's Remote Desktop program for Windows or Mac, or with rdesktop for Linux. The name of the computer in Red Cloud is simply the public IP address of the instance (e.g., 128.84.8.42).
  • We highly recommend you create a new Administrative account. For more information, see the Create New Users section below.

Connect to Windows - This page details how to connect to Windows Instances using remote desktop.

To Do On First Login

After you have launched a Windows Instance, there are a few recommended steps you take when you first log in, which are included in the below sections: Create New Users, Windows Activation, and Security and Updates. The For Convenience section should also be considered as helpful suggestions, but not essential.

Create New Users

We highly recommend you at least create a new Administrative account which will persist if you stop and restart an instance. The default Administrator account password will change each time the instance is stopped and restarted. Accounts for users can also be created as you would normally do in Windows:

  1. Go to Control Panel > User Accounts > Add or remove user accounts
  2. Create accounts for all desired users as administrators using Cornell NetIDs
  3. For each account, assign a temporary password, such as "changeme"

If you create a new Admin or user account on the machine, the account and password are retained when stopping and starting the instance. If you stop the instance, the default Administrator account password gets reset when you start the instance. You can get the password the same way as previously described.

Windows Activation

The Windows instance is not activated by default, but it can be done for free through Cornell. Cornell provides free Windows license keys to members of its community via a server. You must tell Windows which server to use and then ask it to go get a license. If you attempt to activate Windows without using a Cornell license, you will most likely receive the following error: Activation Error: Code 0x8007232b. To avoid this, follow these steps:

  • To find a KMS server, from a windows computer in your current domain (not the instance), start the command prompt as administrator and issue the command:
    nslookup -type=all _vlmcs._tcp>kms.txt
  • The kms.txt file contains the information you need to activate windows in Red Cloud; there should be one or more entries for KMS servers.
    • Pick one entry and use the svr hostname and port in the next step. It will probably be something like kms01.cit.cornell.edu and 1688
  • Open a command prompt as administrator on the Windows instance and use the information from the kms.txt as follows:
    cscript \windows\system32\slmgr.vbs /skms <svr hostname>:<port>
    • For example, you might enter the following:
      cscript \windows\system32\slmgr.vbs /skms kms2.xyz.cornell.edu:1688
  • At this point, you should right click on Computer and select 'Properties' in your Windows instance, then activate it. Alternatively, you can enter the following command:
    cscript \windows\system32\slmgr.vbs /ato

If you have Activated Windows it does stay activated on stop and start of an instance.

Note: Please refer to Microsoft support for more information on activating Windows

Security and Updates

These steps help to keep your system up-to-date and secure, and are strongly recommended.

  • Turn on Automatic Updates in Settings > Updates & security and Check Updates
  • Turn on Real-time protection in Settings > Updates & security > Windows Defender
  • Open Windows Defender and Update definitions under the Update tab to get the latest virus definitions

For Convenience

  • Select "Work Network" when prompted by the network dialog
  • Turn off messages about not having performed a backup in Control Panel > System and Security > Action Center

Working with Windows Instances

Note: Anything installed or stored on the C: drive will be retained. If you want data other than the C: drive kept then use a storage volume.

Creating a Windows instance with a larger C: drive

If you're running Windows, you probably know the C: drive can fill up quickly with Windows security patches, etc. so you may want your Windows instance to have a larger C: drive than the default, which is 30GB. Before proceeding to do this, be sure to check the Red Cloud storage limit for your project.

This may be done in the OpenStack web portal when launching a new instance on the Source tab by setting the Volume size to a larger amount.

OR

If the instance has already been created and is currently running, this may be done by creating a new Volume and attaching it to the instance.