Wilson Mar bio photo

Wilson Mar

Hello. Hire me!

Email me Calendar Skype call 310 320-7878

LinkedIn Twitter Gitter Instagram Youtube

Github Stackoverflow Pinterest

Automate creation of Windows 2016 server as VMware Fusion images used to make Vagrant boxes for Atlas


This tutorial contains hands-on step-by-step instructions that even “newbies” can follow to create a Windows 2016 server within a Mac laptop (the host machine), using software from Hashicorp: Packer, Vagrant, Atlas. This is more of a deep dive than others, as it explains the intricacies for troubleshooting.

The workflow begins with manually registering with Microsoft for download of a large file (called an ISO image) that’s like what is on a DVD. To automate this on MacOS we download from GitHub a script processed by Packer from Hashicorp.

We need to automate this because Microsoft limits its free license to 180 days (6 months). This building from scatch is like buying a new computer. You’ll have the very latest versions of all software. This is important to keep up with changes without spending what usually takes days.

The script downloads the iso file to create a VMware Fusion server image. VMware is needed for nested virtualization of Windows HyperV containers. A Windows Update is applied to get the latest security patches. Agents for accessing the machine within Azure and other clouds is added, called WMF (Windows Management Framework).

We then keep the image small by removing unneeded files and defragmenting the disk.

The VMware image can then be converted to a box image in a format used by Vagrant (from Hashicorp) so that it can be made available for download from a repository of Vagrant box images called Atlas that Hashicorp has made available.

BTW, Hashicorp also has a licensed utility that dynamically updates the Vagrant file when changes are made in the VMWare image.

Having images in the cloud means that one line in a Vagrantfile obtained from GitHub is all that’s needed for Vagrant to bring up a Windows machine.

Hashicopr provides a Vagrant RDP program for GUI access the Windows instance. Custom Windows apps can be added inside this Windows server.

to create Dockerized images such as Windows Docker Containers. The images are pushed up to DockerHub so others can use it to run as isolated instances on Windows server machines in production.


Vagrant has been around longer than Docker. So some consider it more “mature”, stable, “simpler to understand” than Docker.

Windows 8.1 and Windows 10 both come with Hyper-V installed (business editions, you shouldn’t use any other version). Small VM’s of Ubuntu using RTcamps EasyEngine. Simple to spin up a new instance of WP. Great for debugging and testing and the connecting of SFTP with PHPstorm makes everything sync so easily.

Individual Vagrant box images are Gigabytes larger than Docker “containers”, and thus take more RAM as well. This is because Vagrant box images contains the entire operating system whereas Docker separates out shared components. See my “Docker setup tutorial”.

  • create a container running https://github.com/jwilder/nginx-proxy on port 80. Then specify a VIRTUAL_HOST environment variable when creating other containers to give them a domain name.

Five alternatives to Docker http://pow.cx/. https://github.com/aacebedo/dnsdock.

  • opencontainers.org holds the runC container engine from Docker. Other supporters include Google, Amazon, Facebook, IBM and Red Hat.

  • kubernetes.io powers the Google cloud and its superior scaling capabilities.

  • CoreOS and its quay.io image repository and rkt which supports multiple container formats.

  • Apache Mesos used by Mesosphere.com branded as the “data center operating system” used by Yelp, Verizon, Bloomberg.

  • Canonical.com, maintainer of the Ubuntu Linux distro, built the LXD “container hypervisor” for Linux.

  • Amazon’s Elastic Container Service

https://deliciousbrains.com/vagrant-docker-wordpress-development/ Docker for WordPress

Wocker http://wckr.github.io/ sets up 1 VM, but 25 unique server environments.


  1. Be inside a Terminal window, on any directory.
  2. Install Homebrew
  3. Install a Git client.
  4. ssh.exe or putty for Windows.


    Install VMware Fusion 8.5 for Mac (not the Pro edition) for its drivers.

  5. Pay $395 for the license after 10 days.
  6. Get the installer from:


    VMware-Fusion-8.5.8-5824040.dmg is 467 MB.

  7. Double-click on the file downloaded to run the installer.
  8. Exit the pop-up by clicking the “X” at the upper-left.
  9. In Finder, scroll to the “Drives” section on the left pane to click the exit icon to the right of “VMware Fusion”.
  10. Right-click the .dmg and “Move to Trash”.

    PROTIP: There is no need to invoke the program from Applications folder (/Applications/VMware Fusion.app).


    Vagrant install

  11. Install Vagrant using Homebrew:

    export HOMEBREW_CASK_OPTS="--appdir=/Applications"
    brew cask install vagrant
  12. To avoid issues, delete the curl program from Vagrant so your Mac’s program is used:

    sudo rm /opt/vagrant/embedded/bin/curl

    All Vagrant commands

  13. List Vagrant commands:



    Usage: vagrant [options] command> [args>]
     -v, --version                    Print the version and exit.
     -h, --help                       Print this help.
    Common commands:
      box             manages boxes: installation, removal, etc.
      connect         connect to a remotely shared Vagrant environment
      destroy         stops and deletes all traces of the vagrant machine
      global-status   outputs status Vagrant environments for this user
      halt            stops the vagrant machine
      help            shows the help for a subcommand
      init            initializes a new Vagrant environment by creating a Vagrantfile
      login           log in to HashiCorp's Vagrant Cloud
      package         packages a running vagrant environment into a box
      plugin          manages plugins: install, uninstall, update, etc.
      port            displays information about guest port mappings
      powershell      connects to machine via powershell remoting
      provision       provisions the vagrant machine
      push            deploys code in this environment to a configured destination
      rdp             connects to machine via RDP
      reload          restarts vagrant machine, loads new Vagrantfile configuration
      resume          resume a suspended vagrant machine
      share           share your Vagrant environment with anyone in the world
      snapshot        manages snapshots: saving, restoring, etc.
      ssh             connects to machine via SSH
      ssh-config      outputs OpenSSH valid configuration to connect to the machine
      status          outputs status of the vagrant machine
      suspend         suspends the machine
      up              starts and provisions the vagrant environment
      validate        validates the Vagrantfile
      version         prints current and latest Vagrant version
    For help on any individual command run `vagrant COMMAND -h`
    Additional subcommands are available, but are either more advanced
    or not commonly used. To see all subcommands, run the command
    `vagrant list-commands`.

    Vagrant VMware install

  14. Install the Vagrant Fusion plugin from Hashicorp:

    vagrant plugin install vagrant-vmware-fusion

    The response at time of writing:

    Installing the 'vagrant-vmware-fusion' plugin. This can take a few minutes...
    Fetching: vagrant-vmware-fusion-5.0.4.gem (100%)
    Building native extensions.  This could take a while...
    Vagrant is installing the VMware plugin which requires
    root access. You may be prompted for your password to
    complete setup.
    Installed the plugin 'vagrant-vmware-fusion (5.0.4)'!
  15. Pay $79 for the license at https://www.vagrantup.com/vmware/index.html

    Vagrant plugin usage documentation is at: https://docs.vagrantup.com/v2/plugins/usage.html

  16. Open the email from Hashicorp. Click the link. Click “click here” to download the license.lic file.
  17. Construct the command with the name of the license file within the Downloads folder:

    vagrant plugin license vagrant-vmware-fusion ~/Downloads/hashicorp-vagrant-license.lic

    The response:

    Installing license for 'vagrant-vmware-fusion'...
    The license for 'vagrant-vmware-fusion' was successfully installed!

    QUESTION: What is the name of the provider to use?

    Packer from GitHub

    Packer (at packer.io) is from Hashicorp who created Vagrant. It is a cross-vendor utility that builds images used by VMware and cloud providers: Amazon EC2, CloudStack, DigitalOcean, Docker, Google Compute Engine, Microsoft Azure, QEMU, VirtualBox.

  18. Install Packer using Homebrew:

    brew install packer

  19. Create a folder to house various repositories from GitHub:

    cd ~
    mkdir gits
    cd gits

    Alternately, some prefer dev.

  20. Create a folder to house repositories around a subject, such as virtual machines:

    cd ~/gits
    mkdir vms
    cd vms

    Alternately, use your own “subject” folder.

  21. Get the Packer scripts (just the latest version):

    git clone https://github.com/StefanScherer/packer-windows --depth=1
    cd packer-windows 

    Sample response:

    Cloning into 'packer-windows'...
    remote: Counting objects: 178, done.
    remote: Compressing objects: 100% (142/142), done.
    remote: Total 178 (delta 47), reused 93 (delta 11), pack-reused 0
    Receiving objects: 100% (178/178), 135.62 KiB | 0 bytes/s, done.
    Resolving deltas: 100% (47/47), done.
  22. Use a text editor to view file windows_2016_docker.json.

    The sections are “builder”, “provisioners”, “Post-processors”, and “variables”.

    The “iso_url” variable defines the URL to get the Windows 2016 disk image.

    WARNING: The URL changes over time.

    Register for Windows ISO file

  23. Get to the page providing downloads of Windows Server 2016 Evaluation edition good for 180 days:


    We come to this page to get a cookie for a Packer script to download.

  24. Click Register, and provide your info.
  25. Select “ISO” (not Azure or Virtua Lab). Click Continue.
  26. Fill in your name, work email, country, etc. Click Continue.
  27. Select “English” language. Click Download.
  28. Cancel the download of file:


    Leave it to the Packer to download the file, but we want to make sure that it downloads the most recent file Microsoft has.

    PROTIP: The file at time of writing is a whopping 6.5 GB! So it may take hours to download, depending on how fast your internet connection is.

    Packer pulls the installer and runs it

  29. To have Packer download the big .iso file from Microsoft: It’s big so it will take a long time.

    While in the packer-windows folder, use the Packer file windows_2016_docker.json in the repo from Stefan:

    packer build --only=vmware-iso windows_2016_docker.json

    Note one of the response lines from it:

    ==> vmware-iso: Downloading or copying: http://care.dlservice.microsoft.com/dl/download/1/4/9/149D5452-9B29-4274-B6B3-5361DBDA30BC/14393.0.161119-1705.RS1_REFRESH_SERVER_EVAL_X64FRE_EN-US.ISO
     vmware-iso: Download progress: 1%
     ==> vmware-iso: Creating floppy disk...
     vmware-iso: Copying files flatly from floppy_files
     vmware-iso: Copying file: ./answer_files/2016_core/Autounattend.xml
     vmware-iso: Copying file: ./scripts/disable-screensaver.ps1
     vmware-iso: Copying file: ./scripts/disable-winrm.ps1
     vmware-iso: Copying file: ./scripts/docker/enable-winrm.ps1
     vmware-iso: Copying file: ./scripts/docker/2016/install-containers-feature.ps1
     vmware-iso: Copying file: ./scripts/microsoft-updates.bat
     vmware-iso: Copying file: ./scripts/win-updates.ps1
     vmware-iso: Done copying files from floppy_files
     vmware-iso: Collecting paths from floppy_dirs
     vmware-iso: Resulting paths from floppy_dirs : []
     vmware-iso: Done copying paths from floppy_dirs
    ==> vmware-iso: Creating virtual machine disk
    ==> vmware-iso: Building and writing VMX file
    ==> vmware-iso: Starting virtual machine...


Packer stores the installer into a folder named “packer_cache”. So to run using what has already been downloaded:

packer build --only=vmware-iso windows_2016_docker.json --var iso_url=~/gits/vms/packer-windows/packer_cache/49f719e23c56a779a991c4b4ad1680b8363918cd0bfd9ac6b52697d78a309855.iso

NOTE: This is also MSDN file en_windows_server_2016_x64_dvd_9718492.iso

PROTIP: The Packer command can be restarted and it restarts where it left off on partial downloads. Once downloaded, it knows to not download again.

The rest of the response:

    vmware-iso: Download progress: 100%
==> vmware-iso: Creating floppy disk...
    vmware-iso: Copying files flatly from floppy_files
    vmware-iso: Copying file: ./answer_files/2016/Autounattend.xml
    vmware-iso: Copying file: ./floppy/WindowsPowershell.lnk
    vmware-iso: Copying file: ./floppy/PinTo10.exe
    vmware-iso: Copying file: ./scripts/disable-screensaver.ps1
    vmware-iso: Copying file: ./scripts/disable-winrm.ps1
    vmware-iso: Copying file: ./scripts/docker/enable-winrm.ps1
    vmware-iso: Copying file: ./scripts/docker/2016/install-containers-feature.ps1
    vmware-iso: Copying file: ./scripts/microsoft-updates.bat
    vmware-iso: Copying file: ./scripts/win-updates.ps1
    vmware-iso: Done copying files from floppy_files
    vmware-iso: Collecting paths from floppy_dirs
    vmware-iso: Resulting paths from floppy_dirs : []
    vmware-iso: Done copying paths from floppy_dirs
==> vmware-iso: Creating virtual machine disk
==> vmware-iso: Building and writing VMX file
==> vmware-iso: Starting virtual machine...

### VMware Fusion Internal Error

On occassion, my VMware Fusion 8.5 displays “Internal error” upon starting an image.

==> vmware-iso: Error starting VM: VMware error: Error: Cannot connect to the virtual machine
==> vmware-iso: Deleting output directory...
Build 'vmware-iso' errored: Error starting VM: VMware error: Error: Cannot connect to the virtual machine
==> Some builds didn't complete successfully and had errors:
--> vmware-iso: Error starting VM: VMware error: Error: Cannot connect to the virtual machine
==> Builds finished but no artifacts were created.

PROTIP: The Packer command can be restarted and it restarts where it left off

### Windows Desktop Update

Packer shows this message while it constructs a Windows instance:

==> vmware-iso: Waiting for WinRM to become available...

A cmd.exe window appears to display messages about the Update process, which can take a while.

Checking for Windows Updates
Script: A:\win-updates.ps1
Script User: VAGRANT-2016\vagrant
Started: 9/18/2017 12:30:58 AM

We wait (with no countdown UI) while this appears:

Downloading updates...

WARNING: If Windows Update is interrupted, Packer will start again with a new instance of VMware Fusion image, and download again.

TODO: Contact them and see if we can avoid re-downloading.

  1. PROTIP: Keep your laptop plugged into a power source and a (preferrably fast) network.

  2. PROTIP: Keep the MacOS screen from going to sleep: choose Apple menu > System Preferences, click Energy Saver. Drag the “Display sleep” to “Never”.

    PROTIP: To move mouse beyond the Windows machine, press command+Tab until the process you want is highlighted.

    The WindowsServer2016Docker.vmx file that VMware Fusion opens is created inside the output-vmware-iso folder. However, this folder is moved to:


    when you see:

    Build 'vmware-iso' finished.
    ==> Build finished. The artifacts of successful builds are:
    --> vmware-iso: 'vmware' provider box: windows_2016_docker_vmware.box

    The .box file is created in the GitHub root level directory.

    Custom applications are added within the Vagrant image, not in the .vmx image.


    Add box

    vagrant box add windows_2016_docker windows_2016_docker_vmware.box

    The response:

     detected as metadata. Adding it directly...
    ==> box: Adding box 'windows_2016_docker' (v0) for provider: 
     box: Unpacking necessary files from: file:///Users/wilsonmar/gits/vms/packer-windows/windows_2016_docker_vmware.box
    ==> box: Successfully added box 'windows_2016_docker' (v0) for 'vmware_desktop'!

    PROTIP: The above command adds to folder ~/.vagrant.d/boxes/ under your user home.

  3. List Vagrant boxes (to verify):

    vagrant box list

    The response should be:

    windows_2016_docker (vmware_desktop, 0)


  4. To create a bare-bones Vagrantfile:

    vagrant init windows_2016_docker windows_2016_docker_vmware.box

    CAUTION: This overwrites an existing Vagrantfile if one exists.

    The response:

    A `Vagrantfile` has been placed in this directory. You are now
    ready to `vagrant up` your first virtual environment! Please read
    the comments in the Vagrantfile as well as documentation on
    `vagrantup.com` for more information on using Vagrant.

    Alternately, copy vagrantfile-windows_2016.template from the GitHub repo onto Vagrantfile

    cp vagrantfile-windows_2016.template Vagrantfile

    PROTIP: By default, MacOS does not recognize “.template” as a file to be edited, so after right-clicking such a file, select Open With, then “Other” to select your favorite text editor (Sublime Text, Atom, etc.)

    Enable Windows RDP

  5. Edit the Vagrantfile to reference the name of the box file in the vagrant add above</a>:

     config.vm.define "windows_2016_docker"
     config.vm.box = "windows_2016_docker_vmware.box"
  6. Notice the specification of the Windows user name and password:

     # Admin user name and password
     config.winrm.username = "vagrant"
     config.winrm.password = "vagrant"
  7. Install WMF 5.0 (Windows Management Framework) PowerShell.

    WARNING: Windows 10 / Server 2016 has WMF/PowerShell 5 pre-installed which is maintained by Windows Updates.

    Vagrant Up

  8. Bring up Vagrant .box in the folder:

    vagrant up

    QUESTION: Add vagrant up \-\-provider vmware_fusion ?

    The response:

    Bringing machine 'default' up with 'vmware_fusion' provider...
    ==> default: VMware requires root privileges to make many of the changes
    ==> default: necessary for Vagrant to control it. In a moment, Vagrant will ask for
    ==> default: your administrator password in order to install a helper that will have
    ==> default: permissions to make these changes. Note that Vagrant itself continues
    ==> default: to run without administrative privileges.
    ==> default: Box 'windows_2016_docker' could not be found. Attempting to find and install...
     default: Box Provider: vmware_desktop, vmware_fusion, vmware_workstation
     default: Box Version: >= 0
    ==> default: Box file was not detected as metadata. Adding it directly...
    ==> default: Adding box 'windows_2016_docker' (v0) for provider: vmware_desktop, vmware_fusion, vmware_workstation
     default: Unpacking necessary files from: file:///Users/wilsonmar/gits/vms/packer-windows/windows_2016_docker_vmware.box
    ==> default: Successfully added box 'windows_2016_docker' (v0) for 'vmware_desktop'!
    ==> default: Cloning VMware VM: 'windows_2016_docker'. This can take some time...
    ==> default: Verifying vmnet devices are healthy...
    ==> default: Preparing network adapters...
    WARNING: The VMX file for this box contains a setting that is automatically overwritten by Vagrant
    WARNING: when started. Vagrant will stop overwriting this setting in an upcoming release which may
    WARNING: prevent proper networking setup. Below is the detected VMX setting:
    WARNING:   ethernet0.pcislotnumber = "33"
    WARNING: If networking fails to properly configure, it may require this VMX setting. It can be manually
    WARNING: applied via the Vagrantfile:
    WARNING:   Vagrant.configure(2) do |config|
    WARNING:     config.vm.provider :vmare_fusion do |vmware|
    WARNING:       vmware.vmx["ethernet0.pcislotnumber"] = "33"
    WARNING:     end
    WARNING:   end
    WARNING: For more information: https://www.vagrantup.com/docs/vmware/boxes.html#vmx-whitelisting
    ==> default: Starting the VMware VM...
    ==> default: Waiting for machine to boot. This may take a few minutes...
     default: WinRM address:
     default: WinRM username: vagrant
     default: WinRM execution_time_limit: PT2H
     default: WinRM transport: negotiate
    ==> default: Machine booted and ready!
    ==> default: Forwarding ports...
     default: -- 3389 => 3389
     default: -- 22 => 2222
     default: -- 5985 => 55985
     default: -- 5986 => 55986
     default: WinRM address:
     default: WinRM username: vagrant
     default: WinRM execution_time_limit: PT2H
     default: WinRM transport: negotiate
    ==> default: Configuring network adapters within the VM...
    ==> default: Configuring secondary network adapters through VMware 
    ==> default: on Windows is not yet supported. You will need to manually
    ==> default: configure the network adapter.
    ==> default: Enabling and configuring shared folders...
     default: -- /Users/wilsonmar/gits/vms/packer-windows: /vagrant

    The Windows Desktop should now appear.

  9. Get the VMware Fusion menu by moving your mouse/trackpad cursor to the top of the screen. Select View > Single Window.

  10. Select menu Window > Virtual Machine Library to see that the VMware instance is a “Linked clone” in directory



  11. Click the entry within the VIRTUAL MACHINES list to return to the VMware Fusion instance.

  12. Click the Windows icon and choose Shutdown.

  13. In the VMWare Fusion Window > Virtual Machine Library, right-click on “packer-windows” to select “Create Full Clone”.

    Boxster to add Windows apps

  14. PROTIP: In the clone, add Windows apps using Terraform (or Ansible or PowerShell DSC) so that if something goes terribly wrong, you can begin anew with much less effort.

    Within Windows, download the zip from boxstarter.org to install Chocolatey and its modules within PowerShell. Exit PowerShell when done.

    For resiliancy of reboots, Boxstarter intercepts all Chocolatey install commands to check for pending reboots and reboots the machine automatically, then log the user back on and resume the installation. Boxstarter will even suspend Bitlocker, if enabled, to avoid prompts for the Bitlocker key upon reboot.

    Vagrant Global Status

  15. Get the id:

    vagrant global-status

    A sample response:

    id       name    provider      state   directory                                
    16b921a  default vmware_fusion running /Users/wilsonmar/gits/vms/packer-windows 
    The above shows information about all known Vagrant environments
    on this machine. This data is cached and may not be completely
    up-to-date. To interact with any of the machines, you can go to
    that directory and run Vagrant, or you can use the ID directly
    with Vagrant commands from any directory. For example:
    "vagrant destroy 1a2b3c4d"

    RDP into Windows

  16. Open another Terminal window to login to the new server via Microsoft’s Remote Desktop Protocol:

    vagrant rdp

    Alternately, open a Terminal window to login to the new server via SSH (Secure Shell) if port 22 was open.


Stefan Scherer.

  • https://github.com/StefanScherer/docker-windows-box/

Matt Wrock (@mwrockx, hurryupandwait.io), Software Development Engineer at Chef Software

Matthew Hodgkins


  • https://gaelcolas.com/2016/07/11/introduction-to-kitchen-dsc/



More on DevOps

This is one of a series on DevOps:

  1. DevOps_2.0
  2. ci-cd (Continuous Integration and Continuous Delivery)
  3. User Stories for DevOps

  4. Git and GitHub vs File Archival
  5. Git Commands and Statuses
  6. Git Commit, Tag, Push
  7. Git Utilities
  8. Data Security GitHub
  9. GitHub API
  10. TFS vs. GitHub

  11. Choices for DevOps Technologies
  12. Java DevOps Workflow
  13. AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
  14. AWS server deployment options

  15. Cloud regions
  16. AWS Virtual Private Cloud
  17. Azure Cloud Onramp
  18. Azure Cloud
  19. Azure Cloud Powershell
  20. Bash Windows using Microsoft’s WSL (Windows Subystem for Linux)

  21. Digital Ocean
  22. Cloud Foundry

  23. Packer automation to build Vagrant images
  24. Terraform multi-cloud provisioning automation

  25. Powershell Ecosystem
  26. Powershell on MacOS
  27. Powershell Desired System Configuration

  28. Jenkins Server Setup
  29. Jenkins Plug-ins
  30. Jenkins Freestyle jobs
  31. Jenkins2 Pipeline jobs using Groovy code in Jenkinsfile

  32. Dockerize apps
  33. Docker Setup
  34. Docker Build

  35. Maven on MacOSX

  36. Ansible

  37. MySQL Setup

  38. SonarQube static code scan

  39. API Management Microsoft
  40. API Management Amazon

  41. Scenarios for load