Install Applications in Azure Image Builder with PowerShell!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this video we install apps in Azure image Builder with Powershell [Music] hello everyone I'm Travis and this is ceraldos this is a continuation of a previous video I'm using Azure image Builder portal integration if you're new to image Builder be sure to check that out before we get started please like subscribe and click the Bell icon for notifications of new content check out my courses on Azure virtual Desktop Windows 365 and hybrid identities at udemy.com the links are below and thank you channel members your support is appreciated back to it in the last video we built an image with Azure image Builders new portal integration in this video we take it a step further by using Powershell tasks to install applications image Builder runs automated tasks to install software when it creates an image to succeed those tasks have to run silently with no user interaction we use Powershell commands to start software installation tasks in silent mode but how do we test those installation commands it takes 15 or more minutes for image Builder to run testing each install command in image Builder could take a long time instead we use a test VM with the same OS we log in and run the silent install commands interactively to verify the command succeeds without error or user intervention once we have our commands built and tested we create a script that image Builder will run as a Powershell customizer we also need application packages to build the image these are software installation files we should have those files as part of the testing we zip those files into an installation archive used for the deployment both the script and archives are hosted in a blob storage account once we have our script and installation archive we go into the portal and create the image template image Builder has to download the software archive before it can install the software there's a file customizer but that won't work for files over 20 Megs so we'll use inline commands to download and install AZ copy AZ copy is a command line application that lets us download files from Azure storage accounts we use an inline command to download and extract AZ copy after that we use inline commands and AZ copy to download The Source archive file to the image build VM then we extract it to that build VM finally we configure the script customizer to run the Powershell script created previously that installs the software we use a SAS URL for both the zip archive and the script tab security to the files hosted in the Azure storage account a few things to keep in mind the application has to have a silent install option we can't respond to prompts when the image Builder creates the image also if the application requires a reboot don't restart the Powershell script split the commands into multiple scripts and use the restart customizer to reboot after the reboot customizer call the second script to continue the installation if you restart from within Powershell image Builder will think there's a problem and the build will fail to follow along you'll need a VM built with the same image you plan to use as the source for image Builder we test our installation commands on that you'll also need a publicly available storage account we're not using private endpoints for this example the script and the commands used in this video are available at the links below let's jump into the test VM to get started here we are on the test computer the idea with this is that we run through the steps in the script to make sure that the silent install runs without errors before we run it as part of the image build process that way we can address any issues interactively I have a couple example packages we're using foxit reader and notepad plus plus one is an MSI and the other is about exe based installer let's add a new folder under the C drive called image Builder next we'll add our install packages to the image Builder folder there it is we have our installer packages uploaded to our test computer I have vs code installed on this computer as well so we can view the installation script I'll have a link to the script below at the top we've got the location where you can get the installation files I can't distribute them you'll need to download them from the software site if you want to follow along this file will run as part of the image build process coming up you'll see we have a couple inline commands ahead of this script that actually downloads a zip archive file we're going to build the zip archive file in a couple steps when the script runs the first thing you'll do is run a command that sets up logging this is a simple logging function I added to the script let's run the logging region to add it to memory next is the foxit reader region there are a couple steps it's an MSI package so we start with the MSI exec process passing in the install location with the Quiet switch you can also add other supported command line install options make sure the name of the MSI matches the one you downloaded this is in a try catch block if there is an error it will get caught and logged with a login function I also added a step that test to see if the executable is in the installation location these steps are optional but it's helpful to have some logging if something goes wrong all that's really needed though is the command line that does the silent install let's run this region we'll give it a minute to finish okay that's done once finished go into the image Builder directory and we can see that we already have a shortcut on the desktop that's a good sign the logging shows Fox it was installed and there it is under recently added we'll go back to vs code if there was a problem troubleshoot the installation and then uninstall and run the command again it took me a couple tries to get this right it's important that it does a silent install without any user prompts or errors next let's go to the notepad plus plus region this is another start process command that passes in the installer location and file name only this time it's an executable make sure the file version you downloaded matches the command that's a problem I ran into a couple times I downloaded newer versions of the application and didn't update the installer package name different installer packages can have different command line Arguments for silent installs you'll need to consult with the software documentation for notepad plus plus it's a slash S and we could also add additional commands here if we wanted to copy a file or modify a registry setting we just add the commands like we would with any other script let's highlight and run the region that finish let's go back to the image Builder directory and the logging shows that the executable was found and there's a notepad plus plus it shows it's installed and we can even open up the application there it is let's go back to vs code good those are installed and those are examples of a DOT exe and an MSI application install we also added some logging in there as well next we're going to modify an existing file on the image build VM here's the problem that this is going to solve if you followed along in the last video you may have had to wait 15 minutes or longer for that test VM we built from the final image to start it hangs at a waiting for Windows modules installer message what's happening is the OS is doing a hardware scan this is common after running sysprep because we generalize the image it's looking for new devices and drivers but we're using a virtualized VM and as long as we're creating the image and deploying the image to the same hypervisor and VM type we can tell sysprep to skip that step at the first boot if we look at a VM that was created with an image Builder image not this one because we used a gallery image to build this I took some screen grabs from the last VM I created here we have a de-provisioning script again this is not the VM that I'm installing software on these are screen grabs from a computer I build with an image Builder image if we look at that script here we can see what image Builder runs when it de-provisions the VM look at the sysprep command it's running sysprep.exe with the out of box experience generalized run quiet and quit let's go back to my Powershell script here we're modifying the sysprep command we replace the sysprep command with out of box experience generalized it runs quiet and we add the mode colon VM switch mode equals VM tells sysprep that the image we output will be on the same type of hypervisor it's telling it it doesn't need to scan for Hardware changes so it can skip that at the first boot this is a good example of the flexibility we have with modifying the base image Beyond just adding software we can't run this section on the local computer because it doesn't have that deep provisioning script let's look at the next example here we're enabling Time Zone redirection by adding a registry value we also check to make sure the value exists let's run that next and we'll go to the log file and the test we ran shows that the registry key exists software install script that we'll use for image Builder next we need to create an archive for the install files and any other assets required for our customizations in case you're wondering yes I did switch computers just for recording but the process is still the same let's add foxit reader and notepad plus plus to a zip file thank you this will be our software archive file let's give it the name software dot zip once we have the archive we need to upload the file to a blob storage container let's go to the Azure portal I have a storage account in my image Builder Resource Group already let's open that we'll go to containers add a container we'll call it archive and create open it and let's upload that software.zip file we'll upload once it's uploaded we can close next the image Builder automation has to download this file to the build computer when it's building an image to add some security we need a shared access signature for that archive file so on the way right we've got three dots and we're going to generate a SAS I'm going to set this to expire in a year and we'll generate a SAS token and URL the SAS token acts as a password to authenticate access to the blob container we'll leave it read only keep in mind that in production you'll have to renew the key before this one expires or image Builder will fail when it tries to download the software archive I'll copy that I'm going to save it for later I'll just open up Notepad you can see it shows that it's for the software.zip we'll need this URL in an upcoming step once you close you can't access that same key but you can create a new one so that's our software archive next we need to upload the Powershell script to a publicly accessible location the VM image Builder uses to create the image is on its own network it needs to download the script so the script has to be accessible to that VM there is an option to use pre-configured v-nets with image builder in that case you could host a script on an internal Network that's not the option we're using here let's go back and create another blob container for the scripts we'll call this one Scripts we'll click create we'll go in and upload our script this is the one we just walked through on our test computer and again these scripts will be available just check the link below and just because it's on the public network doesn't mean we can't have some security around it if we scroll to the right we'll generate a SAS so we do have to have a SAS key to access this file I'll set this for a year as well and generate the SAS token and URL notice too we just need read permission for this so I'll copy that to clipboard now we have a SAS URL for our script okay good now we have our archive and we have our script let's create the image template next by going to Azure image templates we'll create a new one and we covered most of these steps in the previous video so I'll just kind of go through it fast we need to set the resource Group we'll use the same one that we configured previously that's the one our managed identity has rights to we'll give it a name win10 multi for this example the region is Central U.S uh Marketplace image is our source and for our image we're going to select windows 10. Enterprise version 22 H2 Gen 2 multi-session we'll scroll down we're going to Output this to a managed image we'll give it a name win10 multi for this we can leave the rest we'll select our identity and again that's the identity we assigned to the resource Group we're using now go to customizations here we'll set the VM size to the same family we're deploying to sometimes it defaults to a single core VM I like to go at least two cores because we are working with Windows after all now we'll go down to customizers and we'll add our first customizer this one is a Powershell command and let's take a look at the command we're going to enter in vs code this first block of code creates the image Builder directory on the C drive then it downloads AZ copy after that it extracts AZ copy and moves the AZ copy.exe file to the root of the image Builder folder we'll copy that go back to the portal and we'll add that inline command the formatting looks bad but it will run click ok the whole purpose of that step is we're downloading that zip file using AZ copy there is a file customizer but that's only good up to 20 Megs by First downloading AZ copy we can then use that application to download our bigger files this step also creates that image Builder directory at the root of the C drive let's add another one and this two will be an inline command let's go back to vs code to see what that command is this command uses AZ copy to download the archive file with the shared access signature and then expands it in the image Builder folder let's replace archive URL with our SAS URL for the archive file that was the first one here we'll copy that and go back to the portal and add the command we can leave exit codes and permissions and click ok next we need to run a script so let's go to add a customizer this time we'll select Powershell script and we need the URL for that script and again the VM image Builder uses to create the image is on its own network so the path has to be public we place that script into a publicly accessible blob storage account but we still need that SAS key to access it let's grab that key and here's a little trick if you want to test either one of these URLs open up a new web browser Tab and we'll paste in that URL you can see it was able to download the file so image Builder should have no problem with that we'll paste in that URL there are optional settings such as exit codes and you can provide checksum we are installing applications so set the permissions to elevated we don't need to run them as a system but that is an option click ok if you have to restart as part of your script you'll need to create multiple scripts and insert the restart commands between each don't restart within the script if you restart within the script that will cause image Builder to lose connection to the VM and the build will fail restarts should only take place with the restart customizer you can run other customizers as well update the VM for example let's go to review and create once validation passes click create this will take a minute I'll pause here and come back once it's finished that didn't take too long now that we have the image template let's build our image we'll go to image templates open the image template we just built and we'll start the build this starts the build process it can take 15 minutes or even longer depending on the amount of customizations you've added we can keep an eye on the status by viewing the notifications this will take a while I'll pause here and come back once it's finished that finished and if we go to the resource Group we have our image that's a good sign let's open that and build a VM from that image look great and just like in the last video I'm going to go through this kind of quick we'll give it a name win10 test we'll add a local username and password be sure to set the licensing type and confirm we'll go to review and create and create I'll pause here and come back once it's finished and I've logged in I'm logging in and it's going to be much faster than my previous video where we had to wait for the windows modules installer that's because we modified the sysprep command okay here we are logged in and we can see Fox at PDF reader that's a good sign let's go into File Explorer we'll go into the C drive there's our image Builder directory and here we have all of our zip files as well as our extracted application files that's good and if we go into software install it looks like our applications were installed and our settings applied we can also just go in and open up one of the applications that looks good and if we go back to the root of the C drive we can look at that deep provisioning script that's the one image Builder adds here you can see the modified sysprep command that uses mode colon VM that's good that indicates our scripts ran successfully and all of our customizations have been added I hope that helps you better understand how to use Powershell to add software with image Builder please don't forget to like And subscribe and thanks for watching

Info

Channel: Travis Roberts

Views: 4,122

Rating: undefined out of 5

Keywords: AVD, Azure, ARM, Template, Pipeline, PowerShell, Image Builder, automation, VS Code, VSCode, tutorial, devops tutorial, git, infrastructure as code, IaC, CI/CD, cloud computer, Microsoft azure, azure devops tutorial, azure devops for beginners, Azure virtual desktop, Windows 365, W365, azure image builder, VHD, Managed Image, Azure Computer Gallery, Windows 10, multi-user, win10 multi

Id: v7BWQJh_3dU

Channel Id: undefined

Length: 20min 29sec (1229 seconds)

Published: Sun Apr 16 2023