Skip to main content
sekureco42
  1. Posts/

Deploy Windows 11 Dev VM to Proxmox

·2010 words·10 mins· loading · loading · ·
English Proxmox Windows 11 VMware OVA Expert
rOger Eisenecher
Author ::..
rOger Eisenecher
> 12 years leading and building a SOC for MSSP • > 20 years working in security • > 40 years working with IT • 100% tech nerd.
Table of Contents

Microsoft provides Windows 11 Developer VMs for several Hypervisors like VMware, Hyper-V and more - but not for Proxmox. This article shows how to automate the process of deploying Windwos 11 Developer VM to Proxmox.

Introduction

For development purposes (or also to have from time to time a fresh install of latest Windows 11 OS) Microsoft provides a so called Windows 11 Developer Virtual Image . It is available for following hyper visors:

  • Hyper-V
  • VMware
  • Parallels
  • Virtualbox

This development image is valid typical for 90 days. This is enough to test software and do development. Furthermore due the “temporary” character of this VM you will be enforced to do your work repeatable and save it in a central repository, eg. by using git.

VMware was my preferred solution for virtualisation - but due recent license changes I had to check for a new solution. I ended up by using Proxmox - a virtualisation host based on Debian and KVM/QEMU.

Proxmox Header
Proxmox Virtualisation Host with Windows 11 Developer VM.

My goal was to make it easy to deploy the Windows 11 developer image with a simple call and automate the process as far as possible. The solution is this blog post which describes the required steps to achieve this goal.

Deployment Overview

The process of deployment is easy and most of the tasks can be automated. Here is an overview:

graph LR A[Get Windows OVA] --> B[Import OVA to Proxmox] B --> C(Install Drivers) C --> D[Additional tasks] subgraph Manual Task C end

The only thing which could not be automated is the installation of the Virtio drivers in Windows 11 due the QEMU agent (which allows communication from virtualisation host to the VM) is not available before installation of the Virtio drivers.

After this initial deployment the VM is ready for the next stage in the installation process. This can be done eg. with Ansible. How this is done is not part of this article. If enough people are interested to know more about Windows and Ansible I will add an article about this setup procedure.

For those which are impatient should directly jump to the section “Using”.

Get Windows OVA

Basically this is easy. Just head over to https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/ and download the image with the VMware button. You will get an ZIP archive. Just extract it and you will get the typical OVA files (*.ova, *.vmdk, *.mf).

Import OVA to Proxmox

Proxmox supports direct import of OVA files into Proxmox. Just call on the command line: qm importovf (see https://pve.proxmox.com/pve-docs/qm.1.html for detailed syntax).

Typical some adjustments are necessary after importing the VM. My typical adjustments are:

  • Change Boot type from BIOS to UEFI (and adding required disks for TPM and EFI)
  • Change CPU to Host; this due I want to use nested virtualisation, eg. WSL in Windows
  • Change machine type to Q35
  • Enable QEMU agent in VM
  • Setting OS Type to Windows 11
  • Defining network configuration
  • Adding CD ROM with Virtio drivers for easy setup after boot of VM

Due they have to be done after each import of the VM this steps are also automated.

Install drivers

Installation of driver is not automated. This is due the fact that the drivers are missing so no communication to the VM is possible before installation of them. So this is your turn. After the system has booted just do this steps:

  • Open Explorer
  • Navigate to the CD ROM drive
  • Execute virtio-win-guest-tools.exe and install all applications and drivers

Additional tasks

Typical additional tasks for my environment are adding a dedicated user for future use and installing the Windows Feature OpenSSH.

Using win11dev2proxmox

All the steps which are described above are implemented in the script deploy_win11-dev-vm_to_proxmox.sh which can be found in my github repo https://github.com/sekureco42/win11dev2proxmox

Installation

  • Login to your proxmox host
  • Change directory where your ISO images are located
  • Clone the repo with git clone https://github.com/sekureco42/win11dev2proxmox
  • Change permission of the script so it is executable: chmod +x win11dev2proxmox/deploy_win11-dev-vm_to_proxmox.sh

Setup

Before using the script you should adapt the config section in the script to your environment.

# --- Start Config Section
USERNAME= # if defined a user will be added as local administrator
PASSWORD= # Password for the new user
VMNAME= # If defined it will be used as name in Proxmox
VMDOWNLOAD_PATH="/mnt/pve/ISOimages" # Where to download the Windows 11 Developer Image
VMSTORAGE="FastDisk" # Where should the VM saved on Proxmox
VMNET="virtio,bridge=vmbr0,firewall=0,tag=401" # Your network definition for VM
VIRTIO_ISO="ISOimages:iso/virtio-win.iso" # Location of virtio driver ISO
# --- End Config Section

USERNAME & PASSWORD

If USERNAME is set an additional account on the Windows VM will be created with local administration rights. Please note that the base image has already a user defined. It is called User - the password is not known so it is not usable for

VMNAME

If VMNAME is set it will be used as name in Proxmox. If not set a default value (WinDevXXXXEval where XXX typically represents the release date of the developer image of Microsoft) will be used.

VMDOWNLOAD_PATH

This variable defines where the OVA image should be saved. Please not that you typically need about 12 GB free disk space for the image - especially during extracting.

VMSTORAGE

VMSTORAGE defines where the VMs disks will be stored (main disk, TPM, EFI).

VMNET

VMNET defines the network interface for the VM. In the example given (virtio,bridge=vmbr0,firewall=0,tag=401) virtio as network hardware will be used, is bridged to the physical interface vmbr0, no firewall will be used and the VM will be attached to VLAN 401.

VIRTIO_ISO

With VIRTIO_ISO you define where the Virtio ISO can be found in your Proxmox environment. In the example it is located on storage ISOimages; there located as file iso/virtio-win.iso.

Run the script

After you changed to configuration to your enivornment just call the script:

  • Log in to your Proxmox host
  • Change to the directory where you stored the script
  • Call it ./deploy_win11-dev-vm_to_proxmox.sh

The script will start and does all the things described before. Depending on the speed of your internet connection, your disk for VM storage and your Proxmox host it will take about 30 minutes to setup your VM. This looks like:

root@vms02:/mnt/pve/ISOimages# ./deploy_win11-dev-vm_to_proxmox.sh
[i] Downloading VM image
--2024-04-22 07:25:16--  https://aka.ms/windev_VM_vmware
Resolving aka.ms (aka.ms)... 104.79.90.33
Connecting to aka.ms (aka.ms)|104.79.90.33|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://download.microsoft.com/download/3/6/6/36680891-e388-4127-b76f-8562922fbd2e/WinDev2403Eval.VMWare.zip [following]
--2024-04-22 07:25:16--  https://download.microsoft.com/download/3/6/6/36680891-e388-4127-b76f-8562922fbd2e/WinDev2403Eval.VMWare.zip
Resolving download.microsoft.com (download.microsoft.com)... 23.36.225.100, 2a02:26f0:f3:399::317f, 2a02:26f0:f3:39c::317f
Connecting to download.microsoft.com (download.microsoft.com)|23.36.225.100|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 24163718860 (23G) [application/octet-stream]
Saving to: ‘WinDevEval.VMWare.zip’

WinDevEval.VMWare.zip   100%[============================>]  22.50G  63.2MB/s    in 7m 21s

2024-04-22 07:32:37 (52.3 MB/s) - ‘WinDevEval.VMWare.zip’ saved [24163718860/24163718860]

Archive:  WinDevEval.VMWare.zip
  inflating: WinDev2403Eval-disk1.vmdk
  inflating: WinDev2403Eval.mf
  inflating: WinDev2403Eval.ovf
[i] Importing VM into Proxmox...
[i] Next VM ID: 104, OVF template: WinDev2403Eval.ovf
  Logical volume "vm-104-disk-0" created.
transferred 0.0 B of 125.0 GiB (0.00%)
transferred 1.2 GiB of 125.0 GiB (1.00%)
...
transferred 125.0 GiB of 125.0 GiB (100.00%)
update VM 104: -name WinDev2403Eval
update VM 104: -bios ovmf
update VM 104: -cpu host
update VM 104: -machine pc-q35-8.1
update VM 104: -agent 1,fstrim_cloned_disks=1
update VM 104: -ide2 media=cdrom,file=ISOimages:iso/virtio-win.iso
update VM 104: -boot order=sata0;ide2
update VM 104: -ostype win11
update VM 104: -net0 virtio,bridge=vmbr0,firewall=0,tag=401
update VM 104: -efidisk0 FastDisk:1,efitype=4m,pre-enrolled-keys=1,size=4M
  Rounding up size to full physical extent 4.00 MiB
  Logical volume "vm-104-disk-1" created.
transferred 0.0 B of 528.0 KiB (0.00%)
transferred 528.0 KiB of 528.0 KiB (100.00%)
transferred 528.0 KiB of 528.0 KiB (100.00%)
efidisk0: successfully created disk 'FastDisk:vm-104-disk-1,efitype=4m,pre-enrolled-keys=1,size=4M'
update VM 104: -tpmstate0 FastDisk:1,size=4M,version=v2.0
  Logical volume "vm-104-disk-2" created.
tpmstate0: successfully created disk 'FastDisk:vm-104-disk-2,size=4M,version=v2.0'
swtpm: Formatting 'file:///dev/vmdata/vm-104-disk-2' as new linear NVRAM store
swtpm_setup: Starting vTPM manufacturing as root:root @ Mon 22 Apr 2024 07:54:43 AM CEST
swtpm_setup: TPM is listening on Unix socket.
swtpm_setup: Successfully created RSA 2048 EK with handle 0x81010001.
swtpm_setup:   Invoking /usr/bin/swtpm_localca --type ek --ek ...
swtpm_setup: swtpm_localca: Successfully created EK certificate locally.
swtpm_setup:   Invoking /usr/bin/swtpm_localca --type platform --ek ...
swtpm_setup: swtpm_localca: Successfully created platform certificate locally.
swtpm_setup: Successfully created NVRAM area 0x1c00002 for RSA 2048 EK certificate.
swtpm_setup: Successfully created NVRAM area 0x1c08000 for platform certificate.
swtpm_setup: Successfully created ECC EK with handle 0x81010016.
swtpm_setup:   Invoking /usr/bin/swtpm_localca --type ek --ek ...
swtpm_setup: swtpm_localca: Successfully created EK certificate locally.
swtpm_setup: Successfully created NVRAM area 0x1c00016 for ECC EK certificate.
swtpm_setup: Successfully activated PCR banks sha256 among sha1,sha256,sha384,sha512.
swtpm_setup: Successfully authored TPM state.
swtpm_setup: Ending vTPM manufacturing @ Mon 22 Apr 2024 07:54:43 AM CEST
[!] PLEASE install VIRTIO driver package from CD ROM on your newly created VM!
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
QEMU guest agent is not running
[-] Waiting another 30 seconds until VIRTIO drivers are installed and QEMU agent is running...
[i] QEMU agent seems to run on the new VM.
[-] Waiting another 30 seconds to make sure everything is ready before proceeding...
[i] Adding additional user to the system...
[i] Preparing system so it can be managed by Ansible later on...
QEMU guest agent is not running
[i] OpenSSH Server (still) not running (attempt: 1). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 2). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 3). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 4). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 5). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 6). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 7). Retrying in 30 seconds...
VM 104 qmp command 'guest-exec' failed - got timeout
[i] OpenSSH Server (still) not running (attempt: 8). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 9). Retrying in 30 seconds...
[i] OpenSSH Server (still) not running (attempt: 10). Retrying in 30 seconds...
QEMU guest agent is not running
[i] OpenSSH Server (still) not running (attempt: 11). Retrying in 30 seconds...
[i] OpenSSH Server Stage 1 successfully installed; now reboot required.
[i] Removing virtio CD image from system (has to be rebooted for this task)
update VM 104: -ide2 media=cdrom,file=none
swtpm_setup: Not overwriting existing state file.
[i] Preparing system so it can be managed by Ansible later on...
QEMU guest agent is not running
QEMU guest agent is not running
[-] OpenSSH Server (still) not running (attempt: 1). Retrying in 30 seconds...
[i] OpenSSH Server successfully installed and it is running.
[!] Basics done (VM deployed, User added, OpenSSH Server installed and running).
root@vms02:/mnt/pve/ISOimages# exit

Please note the line [!] PLEASE install VIRTIO driver package from CD ROM on your newly created VM! - there you have to install the QEMU drivers in the newly created VM by just executing virtio-win-guest-tools.exe from the CD ROM drive.

FAQ

How to get rid of the VMware tools?

You most probably noticed that at each startup you will see a crash of the installed VMware utilities. Unfortunatly they can’t be deinstalled with the supplied installer. With the script of https://gist.github.com/broestls/f872872a00acee2fca02017160840624 you can remove VMware tools.

Windows 11 Developer Edition
Windows 11 Developer Image with crashed VMware tools.

Further Reading

Here are some links: