Azure VM created from packer image slow to logon

matman · February 4, 2021, 6:36am

After creating a packer image successfully I then make a new Azure VM from the image which deploys in the usual amount of time. It starts fine and I can connect to it however, it then take 10-15 minutes to actually get to the desktop. It pretty much takes just as long to logon asit does to create the whole thing.

Once I then restart the VM, I can logon normally in about 10 seconds or so.

I am using the Azure image Windows 10 Enterprise 20H2. Is there anything I can do to avoid this first start crawl?

tbugfinder · February 4, 2021, 7:16pm

Hi,
which SKU are you using for the deployment compared to the packer build?
Perhaps also configurations or packages interfere with the initial login.

matman · February 4, 2021, 9:01pm

I am using 20h2-ent as the image SKU for packer to build with and I am using d4s_v4 vm size to build and create the VM. Just ran another test and recorded the following:

Once the new VM starts, I can remotely connect via mstsc and I get the blue screen with please wait and the rotating dots. This lasts for 10 minutes
Then the screen changes to the user account and says welcome. This lasts for 30 seconds
Then you get to the desktop. After a few seconds, a toast notification pops up saying:

I couldn’t find anything obvious jumping out in the event logs
If I then restart the machine, I can connect and receive the welcome screen straight away and get to the desktop in about 3 seconds.

In relation to the deployed apps, it doesn’t make any difference what apps are deployed. I have tried installing nothing, just one app like notepad++, or full install with office and apps. All produce the same result.

tbugfinder · February 4, 2021, 9:10pm

I assume deprovisioning steps are in place?

matman · February 4, 2021, 9:20pm

Sorry, I’m not sure what deprovisioning steps are. I have only just started using packer and have been building off blog posts regarding deploying machines for Citrix. I have a post processors section in the json -

“post-processors”: [
{
“type”: “manifest”,
“output”: “manifest.json”,
“strip_path”: true
}

I also found that on the first boot machine, the following services set to automatic failed to start but were then started the second time -

IP Helper
Windows Time
Software Protection

tbugfinder · February 4, 2021, 9:49pm

E.g. sysprep for windows installations:

github.com

DanielMabbett/azure-packer-images/blob/main/images/windows-server-2019-CIS-L2/build.pkr.hcl#L34


  provisioner "powershell" {
    inline = ["java -version"]
  }
  
  provisioner "powershell" {
    inline = ["# Below will download and run the assessor cli", "$env:Path += \";C:\\ProgramData\\chocolatey\\lib\\azcopy10\\tools\\\"", "$env:AZCOPY_CRED_TYPE = \"Anonymous\"", "$env:AZCOPY_USER_AGENT_PREFIX = \"Microsoft Azure Storage Explorer, 1.12.0, win32, \"", "azcopy copy \"${var.storage_account_url}\" ${var.helper_script_folder} --recursive --from-to=BlobLocal --check-md5 \"FailIfDifferent\"", "ls ${var.helper_script_folder}"]
  }
  
  provisioner "powershell" {
    inline = ["write-host 'Run the install and configure script'", "${var.helper_script_folder}/init.ps1", "write-host 'Perform tests'", "cd ${var.helper_script_folder}\\Assessor-CLI-v4.0.21\\Assessor-CLI; .\\Assessor-CLI.bat -b .\\benchmarks\\${var.benchmark_name}.xml -p \"Level 2 - Member Server\"", "write-host 'push report to blob storage'", "(ls .\\reports)[0] | Rename-Item -NewName \"L2${var.destination_image_version}\" -Verbose", "$report = (Get-Item .\\reports\\L2${var.destination_image_version} | Select FullName).FullName", "azcopy copy $report \"${var.reports_storage_account_url}\" --overwrite=prompt --follow-symlinks --from-to=LocalBlob --blob-type=Detect --put-md5;", "write-host 'Cleanup of the helper script folder'", "Start-Sleep -Seconds 30", "rm ${var.helper_script_folder}\\Extract -Recurse -Force", "write-host 'Cleanup of the installed packages'", "choco uninstall -y javaruntime", "choco uninstall -y azcopy10", "write-host 'sysprep the machine'", "if( Test-Path $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\windows\\system32\\Sysprep\\unattend.xml -Force}", "& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /quit /mode:vm", "while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10  } else { break } }"]
  }
}

matman · February 4, 2021, 9:57pm

Yep although mine doesn’t have the /mode:vm switch, but that would only affect the boot time up to logon not post logon I thought -

{
“type”: “powershell”,
“inline”: [
“& $env:SystemRoot\System32\Sysprep\Sysprep.exe /oobe /generalize /quiet /quit”,
“while($true) { $imageState = Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\State | Select ImageState; if($imageState.ImageState -ne ‘IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE’) { Write-Output $imageState.ImageState; Start-Sleep -s 30 } else { break } }”
]
}

mmuffins · March 25, 2021, 10:20pm

I’m in the same situation and tried tried to nail the issue for quite a while now - without success. I tried to narrow down the issue by trying various provisioner combinations in hope of finding a common pattern:

-Install all available windows updates (via the windows update provisioner)
-Generalize image

-Install no windows updates
-Generalize image

-Install all available windows updates
-Don’t generalize image

-Install no windows updates
-Don’t generalize image

The last option did basically nothing. It spins up a virtual machine and immediately shuts it down and creates an image from it. In all cases I was using sku 20h2-pro-g2 and vm size Standard_DS4_v2 (both for building the image and deploying it).

I contacted the azure support with this, but since they don’t really offer support for custom images they only gave me a couple of hints to check the eventlog for running updates or framework installations, but that’s it.

matman · March 25, 2021, 10:46pm

Well like all annoying problems, this did actually end up going away for me or at least, is not visible any more now that I have moved to a complete WVD production line.

I create the packer image, push it into a Shared Image Gallery and then provision hosts into a WVD host pool. This all works nicely and the first logon by a user doesn’t have any issues.

Not much help I know, as it may simply be the deployment process taking the hit on the first slow logon, but at least it works.

Topic		Replies	Views
System booting time is high with packer generated .vhd image file Packer	0	191	December 24, 2021
Packer fails during windows template creation Packer	9	4240	March 25, 2021
Faster Waiting for SSH to become available Packer	12	12212	May 22, 2023
Azure Windows 11 Single user image need a first login Packer azure , windows	2	409	March 12, 2024
Build Azure managed image by Packer issue Packer azure	2	1236	November 9, 2022

Azure VM created from packer image slow to logon

Related topics