Experiment with creating and configuring cloud dev VM

[patheard]

• Use Azure/AzureStack
• All configuration-as-code (ideally one-action create and ready to use).

[patheard]

Observations about AzureStack VM (Windows Server 2016 Datacenter):

• IE was set to restrict file download, running active scripts.
• Needed to change this with a custom security level in Internet Options > Security > Internet Zone.
• Performance is quite good. ~500-1000ms on input lag.
• Internet transfer speed very good ~10MB/s.

[patheard]

Possible fix for exposing CPU virtualization to guest OS:

Set-VMProcessor -VMName <Target VM's Name> -ExposeVirtualizationExtensions $true

[patheard]

Linux VM is now also up and running and can communicate with Windows VM.

Tested with following Docker container:

docker run --name test-nginx -p 80:80 -d nginx

And then connecting to http://<linux-vm-host> in a browser on the Windows VM.

[patheard]

Confirmed linux/windows VM can communicate over 443. This should let me test with Ansible with a linux control node and windows host.

[patheard]

Steps to setup:

# Linux control node
sudo apt update
sudo apt install software-properties-common
sudo apt-add-repository --yes --update ppa:ansible/ansible
sudo apt install ansible

# Windows host
choco install python

[patheard]

Created local Ansible playbook based on esdc-devx/dev-laptop.

dto-btn/ansible-dev-laptop#1

[patheard]

• Localhost provision worked nicely at Linux VM.
• Next test is to see if it can provistion Windows VM.

[patheard]

Commands to share windows folder on linux:

# windows
New-SMBShare –Name "Development" –Path "C:\path\to\folder" –FullAccess domain\username

# linux
sudo apt-get install cifs-utils
sudo mount.cifs //WindowsPC/path ~/path/to/mount -o user=username

[patheard]

Setting up windows host with SSH:

Linux control node:

# Create ssh keys
ssh-keygen -t rsa -b 4096

# Grant ownership to the default `local_tmp` and `remote_tmp` in ansible.cfg
# Alternative: change these directories
chown -R username:usergroup ~/.ansible

Windows host:

# Install and start server
choco install openssh --package-parameters='"/SSHServerFeature"'

# Copy control node `id_rsa.pub` contents into %userprofile%\.ssh\authorized_keys

# Update %programdata%\ssh\sshd_config:
PubkeyAuthentication yes
# Match Group administrators
#       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

# Restart sshd service
Restart-Service -Name sshd -Force

# Set default SSH shell to powershell (optional)
Set-Itemproperty -path 'HKLM:\SOFTWARE\OpenSSH' -Name 'DefaultShell' -value 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe'

Debug public key authentication not working:

ssh -vvv windows-host

[patheard]

Test command with plaintext auth and public key auth from linux control node:

# plaintext
# can alternatively set `ansible_user` and `ansible_password` in encryped ansible.cfg file
ansible windows -m win_whoami -u username --ask-pass

Test command with pubkey authentication:

# pubkey
ansible windows -m win_whoami

[patheard]

Commands for installing Ubuntu desktop on a UbuntuServer image and enablding RDP from Windows:

sudo apt install ubuntu-desktop
sudo apt install xrdp
sudo systemctl enable xrdp

[patheard]

Allow xrdp to listen on 443:

sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/xrdp
sudo vi /etc/xrdp/xrdp.ini # change port=443