Chocolatey + DSC = Software Automation Sweeter - PowerShell Day UK
1 like1,747 views
Chocolatey is a package manager for Windows that simplifies software management and automation, integrating seamlessly with PowerShell and other configuration management tools. It offers functionalities like smart installs, automatic uninstallation, and detailed reporting for inventory management, making it suitable for both individual and organizational use. With features designed for modern automation, Chocolatey facilitates efficient software lifecycle management, enhancing the user experience and aligning with DevOps practices.
Chocolatey + DSC = Software Automation Sweeter - PowerShell Day UK
- 1. Chocolatey The package manager for Windows Chocolatey + DSC = Software Automation Sweeter Rob Reynolds Founder Chocolatey Software @ferventcoder
- 3. Rob Reynolds • Creator and Founder of Chocolatey • Enjoys long walks on the beach and designing solutions that make hard things easy • Co-wrote infrastructure framework known as the Chuck Norris Framework • Over 10 years experience in infrastructure automation • Obsesses over user experience • Microsoft MVP for whatever they are calling .NET area now
- 4. Agenda • The Story of Windows Automation • Windows Software Ecosystem • Chocolatey • Chocolatey + DSC
- 5. Let’s talk about a story… possibly your story
- 6. The Story of Modern Automation for Windows
- 8. You probably use or have used traditional tools
- 9. Traditional Tools • Manual Configuration • Golden Images • Endpoint management tools • Not necessarily bad, just are harder to fit into modern automation approaches
- 10. Modern Automation • Feature-Rich • Infrastructure as Code (IaC) • Source Control • Testable Infrastructure • Reporting • Centralized Management
- 11. PowerShell DSC • Microsoft • Building on PowerShell • Desired State • Modern Approaches • Framework - couple it with full Configuration Management Platforms like Puppet / Chef when appropriate
- 12. So you modernized your Windows automation
- 13. DevOps == Rainbows and Unicorns “Umm…”
- 14. Rainbows and Unicorns “Just go with it…”
- 18. Something was not quite right…
- 19. Configuration Management alone is missing something
- 20. Software Management / Package Management is necessary for great Configuration Management
- 21. Software management may account for 50-90% of your automation
- 22. Windows Software Ecosystem • Over 20 installer formats and thousands of installers in the wild • Zips and other archive formats • Internal software • Software installers are messy • It’s like the Wild West
- 23. PowerShell DSC - Package Resource • You may have used Package Resource • Finding the PackageID (MSI Product Code GUID) • Non-MSI? • Upgrades?
- 24. “Fortunately there is a better way”
- 25. What is Chocolatey? • Software Management • PowerShell • Fancy zip files = “packages” • Packages are independent software deployment artifacts • Takes your deployment scripts to the next level
- 26. So you knew about Chocolatey
- 27. But does it work well in organizational sense?
- 30. Well, obviously - what does it represent though?
- 31. Here’s a hint
- 33. Let’s take a step back and evaluate what’s possible
- 34. Chocolatey - Sane Software Management • Easily manage the software lifecycle • Native installers, zips, binaries • PowerShell module simplifies work • Packages are independent building blocks • Integrates with configuration management • Business friendly features
- 35. Chocolatey - The Approach • Single, unifying interface - control the chaos • Decentralized - multiple places to get packages, including internal • PowerShell • Flexible • Secure • Reliable 6+ years - proven technology
- 36. FOSS vs Chocolatey for Business (C4B) • Chocolatey open source (FOSS) == package management • Works well in organizational use • C4B == complete software management • Smoother experience • Builds on top of FOSS • Better system integration, endpoint management, etc • Better visual interfaces (GUIs) • Features geared specifically towards organizational use
- 37. Smart Installs / Smarter Upgrades • Track software installation in Programs & Features to map packages to system installs • Track environment variable changes • Leave out guesswork by reporting on software installation location • Upgrades - Use Xml Document Transform (XDT) for .NET configuration file changes • Exclusive to Chocolatey - Use new tools / commands without closing / re-opening your shell for environment changes to take effect
- 38. Graphical Interface - Chocolatey GUI • Configure Chocolatey • Manage software installations
- 39. Automatic Uninstallation • Exclusive to Chocolatey - Automatically uninstall over 90% of installations without uninstall script • AutoUninstaller reduces time by not developing and managing uninstall scripts
- 40. Integrates with Everything • https://chocolatey.org/docs/features-infrastructure- automation • Puppet • Chef (built-in), cookbook • PowerShell DSC • Ansible • Saltstack • Octopus Deploy • Boxstarter • SCCM • RMM, or really anything that can run scripts
- 42. Inventory - Comprehensive Software Audit • Exclusive to Chocolatey - Visibility beyond just the software ‘installed’ in Programs & Features • Track versions of zip archives & own internal software that is not visible in system installation. • Get a complete view of your systems. Chocolatey reports applications in systems not directly under its management. • Package Audit (C4B) adds who and when
- 43. Package Synchronizer (C4B) - All Packages in Programs and Features • Programs and Features represents only 50-80% of the software on a machine • Chocolatey brings managed entries for non-installer packages • Supporting legacy inventory reporting systems is now a snap • Do not need to build MSIs / Installers for internal use just to support legacy reporting
- 44. Logging - Detailed Reporting • Log file captures very detailed information - environment and state • Reduces rollback / recreation necessity
- 45. Compliance – Audit Out of Date Software • choco outdated • Comprehensive reporting on available upgrades • See what will upgrade on next maintenance window
- 47. Community Package Repository • https://chocolatey.org/packages • Community Feed / Community Maintained • Moderated as of October 2014 • Everything goes through VirusTotal • Organizations Should Avoid • Not Fully Reliable - public repo means subject to distribution rights (download CDN cache feature helps) • Trust and Control
- 48. Hosting Your Own Package Server • https://chocolatey.org/docs/how-to-host-feed • Non-Windows Hosting • Artifactory • Sonatype Nexus • NuGet Gallery proper • ProGet / MyGet • NuGet.Server / Chocolatey.Server • Puppet - chocolatey/chocolatey_server module • Visual Studio Team Services
- 50. Chocolatey Packages • Terminology: "Package" is nupkg file, "Software" is binaries or installers • Zip files + Versioning, Dependencies & PowerShell • Metadata - Software Information / Package Information • PowerShell - https://chocolatey.org/docs/helpers-reference • 30+ Built-in functions - complex tasks become 1 liners • Handle additional missing installer logic (like add to PATH) • Add options missing from installer arguments • Files - drop in binaries, native installers
- 51. Creating Packages • https://chocolatey.org/docs/create- packages • choco new • Generates package files with most of the work done • Create your own packaging templates!
- 52. Package Builder (C4B) - “Generate software deployment packages in seconds” • Package Builder automatically creates high quality packaging from an installer/zip in 5-10 seconds • Determines everything necessary for silently installing software • Supports passing urls (and checksums) - downloads files first • Allows customization • Supports exe, msi, 7z, zip, msu, and msp files
- 53. Package Internalizer (C4B) - “Convert existing packages to 100% offline and reliable” • Take advantage of existing packages without dependency on the internet • Downloads existing package and all remote resources • Recompiles package to use those internal resources • Option to download and point to other locations • Ability to host packages on private internal repositories • Visual Interface coming
- 54. How does it work?
- 57. Package Synchronizer - Auto Sync • Chocolatey maintains state based on packages. System state can be manipulated outside of Chocolatey • Any Chocolatey command will trigger synchronization in licensed editions of Chocolatey • Package Synchronizer syncs with manual software removal • Syncs w/software that automatically upgrades, such as Chrome
- 58. Package Synchronizer - Choco Sync Command • Brings all software in Programs and Features under Chocolatey management • Generates packaging and baselines to Chocolatey install • Provides packaging code to take back to source control
- 59. Other Features • https://chocolatey.org/docs/release-notes • Internal sources (like ProGet) • choco upgrade all - Windows update for your 3rd party and internal software • Shimming - like symlinks but better • Pass install arguments directly through to installer (append or override package args) • Package Parameters to adjust logic in packages • Handles locking on upgrades in package folders • Great reference docs - https:// chocolatey.org/docs/commands- reference & https://chocolatey.org/ docs/helpers-reference • Excellent open source support community • 30+ built-in PowerShell Functions • Extend functionality with your own PowerShell Modules • Custom Package Templates • Can manage anything on Windows
- 60. Other Features (C4B) • https://chocolatey.org/docs/ release-notes-licensed • Auto-uninstaller more effective - uninstaller detection / Package Synchronizer • Install/upgrade keeping secrets out of logs • Ubiquitous Install Directory Option • More built-in PowerShell functions • Uninstall non-Chocolatey managed software • Direct Installer - install directly from exe/msi • Package Throttle / Package Reducer / Package Audit • Runtime malware protection • CDN Cache • Professional Packaging Services • Amazing expert support team - https:// chocolatey.org/support
- 61. Chocolatey Roadmap • https://chocolatey.org/docs/ roadmap • Central Management UI (C4B) • Choco Deploy CLI (C4B) • WSA / Windows Nano Support • PowerShell PackageManagement Official Provider • Package Enhancements • Pack Validation • Virtual packages • GPG Signing • Package Grid (C4B) • Deferred Installer (C4B) • Possible support on other platforms
- 62. Where does DSC come in?
- 63. cChoco DSC Resource • Manages Chocolatey installation • Manages Choco sources and configuration • Manages packages • https://github.com/ PowerShellOrg/cChoco • https:// www.powershellgallery.com/ packages/cChoco/2.3.0.0
- 64. cChocoInstaller • Manages Chocolatey installation • Manage install location • Can work offline, however currently requires specifying a script to run locally
- 65. cChocoSource • Manage available package sources • Add or remove, does not disable • Add credentials • Add priorities for sources • Will need new source items - 0.10.4+
- 66. cChocoFeature • Manage available Chocolatey features • cChoco vNext
- 67. cChocoPackageInstall • Ensure software package installation • Optional params, chocoParams, Version, Source, and AutoUpgrade • Allows customizing complete choco call
- 68. cChoco - Get Involved • If you are looking for a place to contribute, this is a good place • https://github.com/ chocolatey/cchoco
- 69. Demo
- 70. Once you go Chocolatey…
- 71. Would you go back to other methods?
- 72. Automate Software Management Without Chocolatey?
- 73. Automate Software Management Without Chocolatey?
- 74. Automate Software Management Without Chocolatey?
- 75. Questions
- 76. + • Rob • @ferventcoder • ferventcoder at gmail Evaluate Chocolatey for Business in your environment - special discounts available conference attendees - reach out at https:// chocolatey.org/contact for details