裸金属windows不要轻易动cloudbase-init
看下这篇文档,裸金属之外的Windows CVM重置密码有问题的,基本都能通过这篇文档解决,底层命令被破坏得太厉害的,建议备份数据重装系统,没必要在cloudbase-init上纠结
如果要重装cloudbase-init,把http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/CLOUDBASE-INIT_INSTALL.PS1 下载到桌面,
以管理员身份打开powershell命令行,执行
Set-ExecutionPolicy Unrestricted -force
然后,把桌面的脚本拖到命令行回车,然后等10分钟左右,会自动更新cloudbase-init到最新稳定版1.1.2
以上过程也可以全部自动化
利用powershell脚本自动化重装cloudbase-init,此方案前提是服务器能上网,如果机器没有外网,那只能在腾讯云上海地区的cvm使用,因为脚本我是放在上海COS的,上海CVM和同地域COS是走内网的,并且前提是正确解析上海COS域名到内网IP(一些使用者可能修改了默认DNS导致无法解析域名,因此要添加hosts,如果是默认的183打头的DNS,
183.60.82.98
183.60.83.19
就不用执行下面2句命令,如果机器有公网,也不需要执行)
代码语言:javascript复制cmd.exe /c "echo 169.254.0.47 windows-1251783334.cos.ap-shanghai.myzijiebao.com>> c:windowssystem32driversetchosts"
notepad c:windowssystem32driversetchosts第2句主要是打开hosts让你检查第1句添加得对不对
对上海的windows cvm,升级到cloudbase-init 1.1.2的完整powershell命令如下:
打开第1个powershell窗口
cmd.exe /c "echo 169.254.0.47 windows-1251783334.cos.ap-shanghai.myzijiebao.com>> c:windowssystem32driversetchosts"
notepad c:windowssystem32driversetchosts
Set-ExecutionPolicy Unrestricted -force
打开第2个powershell窗口(全程大概10分钟内,需耐心等待)
Invoke-WebRequest -uri http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/CLOUDBASE-INIT_INSTALL.PS1 -OutFile c:cloudbase-init_install.ps1
powershell -file c:cloudbase-init_install.ps1sc.exe config cloudbase-init obj= LocalSystem
sc.exe config cloudbase-init depend= tcpip/dhcp/dnscache/Winmgmt
sc.exe failure cloudbase-init reset= 0 actions= restart/10000 2>&1 > $null
sc.exe qc cloudbase-init 8192
【2008R2-2012R2通用】
如果defender等安全软件不拦截,2008R2、2012R2系统防火墙默认不拦截,用这3句就可以自动化重装cloudbase-init
如果有第三方安全软件,建议放行C:WindowsSysWOW64certutil.exe,同时在执行如下代码时还需退出所有会话里的第三方安全软件(比如当前会话里的360你退出了,但其他的会话里有360,你在当前会话里执行代码还是会被360拦截)
Set-ExecutionPolicy Unrestricted -force
代码语言:javascript复制Set-executionpolicy -ExecutionPolicy Unrestricted -Scope CurrentUser -Force;
C:WindowsSysWOW64certutil.exe -urlcache -split -f http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/CLOUDBASE-INIT_INSTALL.PS1 c:cloudbase-init_install.ps1
powershell -file c:cloudbase-init_install.ps1
sc.exe config cloudbase-init obj= LocalSystem
sc.exe config cloudbase-init depend= tcpip/dhcp/dnscache/Winmgmt
sc.exe failure cloudbase-init reset= 0 actions= restart/10000
sc.exe qc cloudbase-init 8192
net user cloudbase-init /del 2>&1> $null
$client = new-object System.Net.WebClient
$client.DownloadFile('http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/Cloudbase-Init.zip','C:Cloudbase-Init.zip')
#wget "http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/ec2service.py" -Outfile "C:Program FilesCloudbase SolutionsCloudbase-InitPythonLibsite-packagescloudbaseinitmetadataservicesec2service.py"
#wget "http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/ec2service.py" -Outfile "C:Program FilesCloudbase SolutionsCloudbase-InitPythonLibsite-packagescloudbaseinitmetadataservicesec2service.py"
$7zPath = "$env:ProgramFiles7-Zip7z.exe"
if (-not (Test-Path -Path $7zPath)) {
$client7 = new-object System.Net.WebClient
$client7.DownloadFile('http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/7z2200-x64.msi','c:7z2200-x64.msi')
msiexec.exe /i c:7z2200-x64.msi /qn
Start-Sleep 30
del c:7z2200-x64.msi 2>$null
}
& "$env:ProgramFiles7-Zip7z.exe" x -aoa C:Cloudbase-Init.zip -o"C:Program FilesCloudbase SolutionsCloudbase-Init"
需要提醒的是:
域业务需要删掉cloudbase-init配置文件里的hostname模块(C:Program FilesCloudbase SolutionsCloudbase-Initconfcloudbase-init.conf中的cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin,)
否则,一些特殊情况可能导致域业务异常,因为域业务跟hostname相关,如果cloudbase-init存在hostname模块,会导致hostname改变,从而影响域业务
【2012R2-2022、win10、win11通用】
如果defender等安全软件拦截,可以确定2012R2以上的系统防火墙默认会拦截,用这3句就可以自动化重装cloudbase-init
Set-ExecutionPolicy Unrestricted -force
代码语言:javascript复制Set-executionpolicy -ExecutionPolicy Unrestricted -Scope CurrentUser -Force;
Invoke-WebRequest -uri http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/CLOUDBASE-INIT_INSTALL.PS1 -OutFile c:cloudbase-init_install.ps1
powershell -file c:cloudbase-init_install.ps1
sc.exe config cloudbase-init obj= LocalSystem
sc.exe config cloudbase-init depend= tcpip/dhcp/dnscache/Winmgmt
sc.exe failure cloudbase-init reset= 0 actions= restart/10000
sc.exe qc cloudbase-init 8192
net user cloudbase-init /del 2>&1 > $null
$client = new-object System.Net.WebClient
$client.DownloadFile('http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/Cloudbase-Init.zip','C:Cloudbase-Init.zip')
#wget "http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/ec2service.py" -Outfile "C:Program FilesCloudbase SolutionsCloudbase-InitPythonLibsite-packagescloudbaseinitmetadataservicesec2service.py"
#wget "http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/ec2service.py" -Outfile "C:Program FilesCloudbase SolutionsCloudbase-InitPythonLibsite-packagescloudbaseinitmetadataservicesec2service.py"
$7zPath = "$env:ProgramFiles7-Zip7z.exe"
if (-not (Test-Path -Path $7zPath)) {
$client7 = new-object System.Net.WebClient
$client7.DownloadFile('http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/7z2200-x64.msi','c:7z2200-x64.msi')
msiexec.exe /i c:7z2200-x64.msi /qn
Start-Sleep 30
del c:7z2200-x64.msi 2>$null
}
& "$env:ProgramFiles7-Zip7z.exe" x -aoa C:Cloudbase-Init.zip -o"C:Program FilesCloudbase SolutionsCloudbase-Init"
需要提醒的是:
域业务需要删掉cloudbase-init配置文件里的hostname模块(C:Program FilesCloudbase SolutionsCloudbase-Initconfcloudbase-init.conf中的cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin,)
否则,一些特殊情况可能导致域业务异常,因为域业务跟hostname相关,如果cloudbase-init存在hostname模块,会导致hostname改变,从而影响域业务因为安装cloudbase-init会产生cloudbase-init用户,不人为干预的话,就会以这种方式运行
所以我加了sc.exe config cloudbase-init obj= LocalSystem这句命令放弃使用cloudbase-init用户,既然没用了,你在用户和组里看到cloudbase-init用户碍眼的话,执行命令net user cloudbase-init /del 2>&1删掉它即可
如果以后要调整服务所运行的用户,那就留着,如果保持local system不调整,那就删掉cloudbase-init用户(建议删除,好奇害死猫,不建议尝试切换到.cloudbase-init模式运行,可能导致密码成为1或随机密码)
如果安装虚拟化驱动、安装cloudbase-init都能全自动化完成并且完成后自动关机,这样很方便做镜像,分享powershell命令如下:
代码语言:javascript复制$client = new-object System.Net.WebClient
$client.DownloadFile('http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/115.159.148.149/wget64.exe',' c:windowswget.exe')
wget.exe http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/115.159.148.149/NT6NT10.bat -O c:NT6NT10.bat
cmd.exe /c start /w /min c:NT6NT10.bat
wget.exe http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/115.159.148.149/nosysprep.ps1 -O c:nosysprep.ps1
restart-computer
重启后执行最后一句
powershell -file c:nosysprep.ps1修正cloudbase-init配置文件
代码语言:javascript复制$client = new-object System.Net.WebClient
#$client.DownloadFile('http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/Cloudbase-Init.zip','C:Cloudbase-Init.zip')
$client.DownloadFile('http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/Cloudbase-Init.zip','C:Cloudbase-Init.zip')
#wget "http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/ec2service.py" -Outfile "C:Program FilesCloudbase SolutionsCloudbase-InitPythonLibsite-packagescloudbaseinitmetadataservicesec2service.py"
#wget "http://windows-1251783334.cos.ap-shanghai.myzijiebao.com/ec2service.py" -Outfile "C:Program FilesCloudbase SolutionsCloudbase-InitPythonLibsite-packagescloudbaseinitmetadataservicesec2service.py"
$7zPath = "$env:ProgramFiles7-Zip7z.exe"
if (-not (Test-Path -Path $7zPath)) {
$client7 = new-object System.Net.WebClient
$client7.DownloadFile('http://windowsgz-1251783334.cos.ap-guangzhou.myzijiebao.com/ziyan/7z2200-x64.msi','c:7z2200-x64.msi')
msiexec.exe /i c:7z2200-x64.msi /qn
Start-Sleep 30
del c:7z2200-x64.msi 2>$null
}
& "$env:ProgramFiles7-Zip7z.exe" x -aoa C:Cloudbase-Init.zip -o"C:Program FilesCloudbase SolutionsCloudbase-Init"
