Cloudbase-init in OCI – join a computer to a domain

join-a-computer-to-a-domain

Cloudbase-init

Cloudbase-init is an open-source, cloud-init implementation designed for Windows instances in cloud environments. It provides initial configuration of cloud instances, automating tasks such as setting the hostname, configuring network interfaces, injecting SSH keys, and executing user-defined scripts during the first boot. Cloudbase-init supports various cloud platforms, including Oracle OCI, AWS, Azure, and Google Cloud. By leveraging metadata services provided by these platforms, it customizes the instance based on predefined configurations. This tool is essential for seamless integration of Windows virtual machines into cloud infrastructures, ensuring they are correctly configured and ready for use immediately after deployment. Here you can find more details.

Terraform

Terraform is an open-source infrastructure as code (IaC) tool developed by HashiCorp. It enables users to define and provision data center infrastructure using a high-level configuration language. It allows for the management of both low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries and SaaS features. Terraform’s declarative approach lets users describe the desired end state of infrastructure. It supports a wide range of providers, including Oracle OCI, AWS, Azure, Google Cloud, and many others, facilitating a consistent workflow across multiple environments. Terraform’s state management and execution planning features ensure predictable and repeatable deployments, making it a powerful tool for automating and scaling infrastructure.

Cloudbase-init & Terraform in OCI

Using template_cloudinit_config in Oracle Cloud Infrastructure (OCI) allows you to define and apply cloud-init configurations to your instances.

Here’s how you can use template_cloudinit_config in OCI:

data "template_cloudinit_config" "cloudinit_config" {
  gzip          = true
  base64_encode = true

  part {
    filename     = "cloudinit_user.ps1"
    content_type = "text/x-shellscript"
    content = templatefile("${local.userdata}/cloudinit_user.ps1", {
      instance_user     = "opc",
      instance_password = random_string.instance_password.result
    })
  }

  part {
    filename     = "cloudinit_joindomain.ps1"
    content_type = "text/x-shellscript"
    content = length(var.dns_ip) > 0 ? templatefile("${local.userdata}/cloudinit_joindomain.ps1", {
      dns1_ip         = var.dns_ip[0],
      dns2_ip         = var.dns_ip[1],
      domain_fqdn     = var.domain_fqdn,
      domain_username = var.domain_username,
      domain_password = var.domain_password
    }) : ""
  }

}

In the example above, there are two scripts referenced, details of which you can find below.

PowerShell scripts

password change script – cloudinit_user.ps1

#ps1_sysnative
$user='${instance_user}'
$password='${instance_password}'

# password_change
Write-Output "Changing $user password"
net user $user $password
Write-Output "Changed $user password"

join domain script – cloudinit_joindomain.ps1

#ps1_sysnative
$ErrorActionPreference = "Stop"

# Set_DNS
Write-Output "Set_DNS: Setting DNS"

try {

  $Dns1_ip = '${dns1_ip}'
  $Dns2_ip = '${dns2_ip}'
  $metadataServiceVnicsUrl = "http://169.254.169.254/opc/v1/vnics/"
  $wc = New-Object system.Net.WebClient
  $allVnicsMetadata = ($wc.downloadString($metadataServiceVnicsUrl) | ConvertFrom-Json)
  $vnicMetadata = $allVnicsMetadata[0]
  $vnicAdapter = (Get-NetAdapter | Where-Object {$_.MacAddress -eq $vnicMetadata.macAddr.Replace(":", "-")})
  Set-DNSClientServerAddress -InterfaceAlias $vnicAdapter.InterfaceAlias -ServerAddresses ($Dns1_ip, $Dns2_ip)

} catch {

  Write-Error "Set_DNS: $_"
  Exit

}
Write-Output "Set_DNS: DNS configured"

# Add_server_to_Domain

try {
  
  $DomainFQDN = '${domain_fqdn}'
  $DomainFQDNsplit = $DomainFQDN.Split(".")
  $DomainName = $DomainFQDNsplit[0]
  $Env = $DomainFQDNsplit[1]
  $DomainPwd = '${domain_password}'
  $DomainSecurePwd = ConvertTo-SecureString $DomainPwd -AsPlainText -Force
  $DomainUsername = '${domain_username}'
  $DomainCredentials = New-Object System.Management.Automation.PSCredential $DomainUsername,$DomainSecurePwd 
  Write-Output "Add_server_to_Domain: Adding Computer to the domain $DomainFQDN"
  Add-Computer -domain $DomainFQDN -Credential $DomainCredentials -OUPath "OU=Servers,DC=$DomainName,DC=$Env"

} catch {

  Write-Error "Add_server_to_Domain: $_"
  Exit

}
Write-Output "Add_server_to_Domain: Computer added to the domain $DomainFQDN"

References:

Leave a Reply

Your email address will not be published. Required fields are marked *