SlideShare a Scribd company logo

Mmik_Powershell_DSC_Azure_DSC

Download as PPT, PDF
Mmik Huang, profile picture
Mmik Huang

This document discusses PowerShell Desired State Configuration (DSC) and provides steps to set up DSC in different environments. It begins with an overview of DSC and its architecture. It then describes how to set up a native on-premises DSC push server with steps to configure the client and server. Additional sections explain how to set up a native on-premises DSC pull server and how to use the Azure Automation DSC extension to configure virtual machines in Azure.

Technology
1 of 34
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
PowerShell DSC Sharing Mmik Huang
Agenda • What is Powershell DSC? • The difference with Powershell DSC family • Powershell DSC Introduction and Architecture • How to learn by yourself • Requirement for Lab practice • Build up a native Powershell DSC (Push server) step by step • Build up a native Powershell DSC (Pull server) step by step • Build up a Azure automation DSC extension step by step • Build up a Azure Powershell DSC extension step by step
What is Powershell DSC ? • First of all declaring a DSC configuration is PowerShell based. So you can leverage all your PowerShell skills to not only define a configuration, but also for troubleshooting. • DSC is designed to support “continuous deployments” which means that you can deploy your configuration over and over without breaking anything • When a DSC configuration is being applied only those settings which do not match will be set, the rest will be skipped which can result in a faster deployment time • You can separate the configuration data from the logic of your configuration so that you can reuse your configuration data for different resources, nodes, and configurations, see http://technet.microsoft.com/en-us/library/dn249925.aspx • DSC can be used on-premise, in a public or in a private Cloud environment. You just need either Windows Server 2012 R2 or Windows 8.1 and local administrator permissions to execute the DSC PowerShell scripts • You can integrate DSC with any Microsoft or non-Microsoft solutions as long as you can execute a PowerShell script on the target system. Using DSC within the Windows Azure Pack portal in conjunction with SMA is a good example For example: Powershell = script Powershell + modules(DSC resource) = deliver configuration(mof) to local Powershell + modules(DSC resource) + LCM + winrm = deliver configurations(mof) to remote computers
The difference with Powershell DSC family • Powershell DSC workflow
  Support Cloud plugin launch & config vm OS Deploy Centralized report Chef AWS/Azure/Private…etc 10 cloud plugins Yes Win/Linux Pull Yes Powershell DSC Azure/Private cloud No Win/Linux Push/Pull No Azure automation DSC Azure Only Yes Win Pull Yes Azure powershell DSC Azure Only Yes Win Push Yes The difference with Powershell DSC family
Powershell DSC Introduction and Architecture Introduction •Following are some example scenarios where you can use built-in DSC resources to configure and manage a set of computers (also known as target nodes) in an automated way: – Enabling or disabling server roles and features – Managing registry settings – Managing files and directories – Starting, stopping, and managing processes and services – Managing groups and user accounts – Deploying new software – Managing environment variables – Running Windows PowerShell scripts – Fixing a configuration that has drifted away from the desired state – Discovering the actual configuration state on a given node
Architecture •On-premise Powershell DSC (Native) – need a Server to Push or Pull configuration to client – prepare client environment (firewall, winrm / LCM service) before deliver configuration – prepare deploy script (mof) on server •Azure automation DSC extension (new Azure portal only) – No need to prepare server – (use Azure Automation account as server role) – No need to prepare client – Azure template + extension to setup pull mode – prepare deploy script and upload to Azure Automation account – Add extension (create vm or after vm launched) •Azure powershell DSC extension (new Azure portal only) – No need to prepare server – deploy one by one, no server role to manage script – No need to prepare client environment – Azure template + extension to setup push mode – prepare deploy script and upload to Azure extension UI – Add extension (after vm launched) Powershell DSC Introduction and Architecture
• Package installation – Powershell DSC only support windows 2012 R2 x64, windows 8.1 using OneGet • This first version of OneGet installs and searches from Chocolatey repositories, with support for additional repositories expected in subsequent versions. • https://github.com/OneGet/oneget – Import-Module –Name OneGet – Get-Command –Module OneGet – Find-Package | Out-Gridview – Install-Package putty.portable –Force – Get-Package – If you are not running the above os, what option do you have to automate the installation of packages? • Ninite – (http://www.ninite.com) • Chocolatey – (http://chocolatey.org/). Powershell DSC Introduction and Architecture
• Push mode – Build-in mode in windows • Pull mode – LocalConfigurationManager needs to be configured on each target node – Schedule poll a pull server to check for new configurations Powershell DSC Introduction and Architecture
Powershell DSC configuration structure •Install module – Online: • install-Module -name xpsdesired* • install-Module -name xpsdesired* -force (upgrade version) – Local: • Action: download and unzip the content • Location: $env:ProgramFilesWindowsPowerShellModules folder •List module – Online: • Find-Module -name xpsdesired* – Local: • Get-module •Use resource in code – Import-DSCResource -ModuleName xPSDesiredStateConfiguration # Modules must exist on target pull server – Get-DscResource -Name windowsfeature – Get-DscResource -Name WindowsFeature – Syntax – Get-DscResource -Name WindowsFeature | Select-Object -ExpandProperty properties Powershell DSC Introduction and Architecture
How to learn by yourself • Download / get help / example code for modules https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d https://msconfiggallery.cloudapp.net/packages • Resource Designer Tool – A walkthrough writing a DSC resource http://blogs.msdn.com/b/powershell/archive/2013/11/19/resource-designer-tool-a-walkthrough-writing-a-dsc-resource.aspx • Understanding Import-DscResource Keyword in Desired State Configuration http://blogs.msdn.com/b/powershell/archive/2014/04/25/understanding-import-dscresource-keyword-in-desired-state-configuration.asp • Understanding CONFIGURATION keyword in Desired State Configuration http://blogs.msdn.com/b/powershell/archive/2013/11/05/understanding-configuration-keyword-in-desired-state-configuration.aspx • Azure automation (runbook, DSC, webhook) https://azure.microsoft.com/en-us/documentation/articles/automation-webhooks/ • The DSC book https://www.penflip.com/powershellorg/the-dsc-book/blob/1769edf37fd0112dea84846e14e69702a918d45b/About.txt • 100 Days of DevOps with PowerShell http://www.systemcentercentral.com/100DaysOfDevOps/
• Learning course http://www.microsoftvirtualacademy.com/training-courses/getting-started-with-powershell-desired-state-configuratio https://channel9.msdn.com/Events/Microsoft-Azure/Level-Up-Azure-IaaS-for-IT-Pros/Learn-the-Ins-and-Outs-of-Az • 17 Hours of PowerShell Desired State Configuration (DSC) Video Training http://blogs.technet.com/b/ashleymcglone/archive/2015/05/22/17-hours-of-powershell-desired-state- configuration-dsc-video-training.aspx • Oneget http://blogs.technet.com/b/keithmayer/archive/2014/04/16/what-s-new-in-powershell-getting-started-with-oneget-in http://www.systemcentercentral.com/automating-application-installation-using-oneget/ How to learn by yourself
Native Powershell DSC Lab practice • Required software dependency – Client side • Windows 2012 R2 x64 • install WMF 5.0 (Upgrade to LCM 2.0) – Server side • Windows 2012 R2 x64 • install WMF 5.0 use find-module / install-module to extend DSC from online repository https://www.microsoft.com/en-us/download/details.aspx?id=46889 • Change default bowser to chrome (add-azureaccount need to run javascript) • Windows Powershell 0.9.5 or above http://azure.microsoft.com/en-us/downloads/ https://github.com/Azure/azure-powershell • Install Powershell DSC service Under “add role and featurefeatureswindows powershell” • Script / command Reference find-module mva* install-module mva_dsc_2015_day1 install-module mva_dsc_2015_day2
Build up a native Powershell DSC (Push server) step by step
• Client side – prepare environment – firewall is allowed for port 5985 (http) / 5986 (https) – Setup winrm/powershell permission Enable-PSRemoting -Force Set-Item wsman:localhostclienttrustedhosts * Restart-Service WinRM • Server side – prepare environment – Allow remote trigger powershell Set-Item WSMan:localhostClientTrustedHosts -Value * -Force Set-ExecutionPolicy Unrestricted -Force Restart-Service WinRM Build up a native Powershell DSC (Push server) step by step
• Server side – establish connection – Set variable ## client ip or fqdn $clientip = <client_ip> ## client account $clientacc=<account> – Test client winrm service Test-wsman $clientip – Keep credential $securePassword = ConvertTo-SecureString -AsPlainText -Force ‘<password>‘ $cred = New-Object System.Management.Automation.PSCredential $clientacc, $securePassword – Build session with client $Session = New-CimSession –ComputerName $clientip –Credential $cred – Test remote trigger powershell is ok Invoke-Command -ComputerName $clientip -ScriptBlock { get-childitem c: } -Credential $cred – Check client LCM status Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Push server) step by step
• Server side – setup client LCM by remote – Change client LCM default setting [DSCLocalConfigurationManager()] Configuration LCMPUSH { Node $clientip { Settings { AllowModuleOverwrite = $True ConfigurationMode = 'ApplyAndAutoCorrect‘ RefreshMode = 'Push' } } } #$clientip = ‘<client_ip>’ # Create the Computer.Meta.Mof in folder LCMPush -OutputPath c:DSCLCM5 – Push MOF file to client Set-DSCLocalConfigurationManager -ComputerName $clientip -Path c:DSCLCM5 –Verbose –credential $cred – Check client LCM setting Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Push server) step by step
• Server side – deploy script – Install IIS on client side configuration clientiis { Node $clientip { WindowsFeature IIS{ Name = 'web-server‘ Ensure = 'Present‘ } } } #$clientip = ‘<client_ip>‘ clientiis -OutputPath c:DSCConfig – Push MOF file to client start-DscConfiguration -Path C:DSCConfig -CimSession $Session -verbose -Wait – Check windows feature is exist Invoke-Command -ComputerName $clientip -ScriptBlock { get-windowsfeature -name web-server } -Credential $cred Build up a native Powershell DSC (Push server) step by step
• Detect configuration change by hash file, check then deploy Build up a native Powershell DSC (Pull server) step by step
• Client side – prepare environment – firewall is allowed for port 5985 (http) / 5986 (https) – Setup winrm/powershell permission Enable-PSRemoting -Force Set-Item wsman:localhostclienttrustedhosts * Restart-Service WinRM • Server side – prepare environment – Allow remote trigger powershell Set-Item WSMan:localhostClientTrustedHosts -Value * -Force Set-ExecutionPolicy Unrestricted -Force Restart-Service WinRM Build up a native Powershell DSC (Pull server) step by step
• Server side – establish connection – Set variable ## client ip or fqdn $clientip = <client_ip> ## client account $clientacc=<account> – Test client winrm service Test-wsman $clientip – Keep credential $securePassword = ConvertTo-SecureString -AsPlainText -Force ‘<password>‘ $cred = New-Object System.Management.Automation.PSCredential $clientacc, $securePassword – Build session with client $Session = New-CimSession –ComputerName $clientip –Credential $cred – Test remote trigger powershell is ok Invoke-Command -ComputerName $clientip -ScriptBlock { get-childitem c: } -Credential $cred – Check client LCM status Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Pull server) step by step
• Server side – setup pull server – Install service and configure (dsc service, iis for http/https web site) configuration HTTPPullServer { # Modules must exist on target pull server Import-DSCResource -ModuleName xPSDesiredStateConfiguration Node localhost { WindowsFeature DSCServiceFeature { Ensure = "Present" Name = "DSC-Service" } WindowsFeature IISConsole { Ensure = "Present" Name = "Web-Mgmt-Console" } xDscWebService PSDSCPullServer { Ensure = "Present" EndpointName = "PSDSCPullServer" Port = 8080 PhysicalPath = "$env:SystemDriveinetpubwwwrootPSDSCPullServer" CertificateThumbPrint = "AllowUnencryptedTraffic" ModulePath = "$env:PROGRAMFILESWindowsPowerShellDscServiceModules" ConfigurationPath = "$env:PROGRAMFILESWindowsPowerShellDscServiceConfiguration" State = "Started" DependsOn = "[WindowsFeature]DSCServiceFeature" } xDscWebService PSDSCComplianceServer { Ensure = "Present" EndpointName = "PSDSCComplianceServer" Port = 8443 PhysicalPath = "$env:SystemDriveinetpubwwwrootPSDSCComplianceServer" CertificateThumbPrint = "AllowUnencryptedTraffic" State = "Started" IsComplianceServer = $true DependsOn = ("[WindowsFeature]DSCServiceFeature" ,"[xDSCWebService]PSDSCPullServer") } } } # Generate MOF HTTPPullServer -OutputPath C:DSCHTTP – Deploy pull server in local Start-DscConfiguration -Path C:DSCHTTP -Verbose -Wait Build up a native Powershell DSC (Pull server) step by step
• Server side – setup client LCM by remote – Change client LCM default setting [DSCLocalConfigurationManager ()] Configuration LCM_HTTPPULL { param ( [Parameter(Mandatory =$true) ] [string[]] $ComputerName, [Parameter(Mandatory =$true) ] [string] $guid ) Node $ComputerName { Settings{ AllowModuleOverwrite = $True ConfigurationMode = 'ApplyAndAutoCorrect' RefreshMode = 'Pull' ConfigurationID = $guid } ConfigurationRepositoryWeb DSCHTTP { ServerURL = 'http://server_ip:8080/PSDSCPullServer.svc' AllowUnsecureConnection = $true } } } # Create Guid for the computers $guid=[guid ]::NewGuid() # Create the Computer.Meta.Mof in folder LCM_HTTPPULL -ComputerName $clientip -Guid $guid -OutputPath c:DSCHTTP – Push MOF file to client Set-DSCLocalConfigurationManager -ComputerName $clientip -Path c:DSCHTTP – Verbose –credential $cred – Check client LCM setting Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Pull server) step by step
• Server side – deploy script – Install IIS on client side configuration clientsmtp { Node HTTPComputers { WindowsFeature SMTP{ Name = 'SMTP-Server' Ensure = 'Present' } } } clientsmtp -OutputPath c:DSChttp – Product MOF file for each client •get guid from client $guid= Get-DscLocalConfigurationManager -CimSession $Session | Select-Object -ExpandProperty ConfigurationID •Specify source folder of configuration $source = "C:DSCHTTPHTTPComputers.mof" •Destination is the pull location on the web server $dest = "localhostc$Program FilesWindowsPowerShellDscServiceConfiguration$guid.mof" Copy-Item -Path $source -Destination $dest •make checksum New-DSCChecksum $dest – Check installation is complete Update-DscConfiguration -ComputerName s1 -Wait -Verbose – Check windows feature is exist Invoke-Command -ComputerName $clientip -ScriptBlock { get-windowsfeature -name *smtp* } -Credential $cred Build up a native Powershell DSC (Pull server) step by step
• What is Azure Automation account – Azure will play as a DSC server role – Automation Account information • Access key • URL – Runbook • Using Azure UI to manage scripts (after extension deploy) • Push configuration file to client • Webhooks – Regular execute – Trigger by 3rd party application • show on both new/old Azure protal Build up a Azure automation DSC extension step by step
• What is Azure Automation DSC extension – Extension will play as a DSC client role – After deploy, client will register to Automation Account – Pull mode – Only show on new Azure portal – Azure linux platform not support Azure extension Build up a Azure automation DSC extension step by step
• How to deploy Azure Automation DSC extension – Enable Azure Automation account • Default : invisible • Use command to enable (step1) • Select Azure Automation account (step2) – Create configuration file and upload to Azure Automation account • Manage configuration file in Azure Automation account (step3,4) – Prepare ps1, and zip file – Import / remove configuration by azure powershell command – Deploy Azure Automation DSC extension • Azure Automation account detail (step5) – Provide “Access key” when launch vm extension – Provide “URL” when launch vm extension • Launch extension in vm setting – Check vm status (step6) Build up a Azure automation DSC extension step by step
• Step 1: Enable the extension in your Azure Account – Add & Select Account Add-AzureAccount Switch-AzureMode -Name AzureResourceManager – Register DSC extension on account Register-AzureProvider –ProviderNamespace Microsoft.Automation Register-AzureProviderFeature -FeatureName dsc -ProviderNamespace Microsoft.Automation • Step 2: Select subscription and default values – select subscription Switch-AzureMode AzureResourceManager Get-AzureAccount – List and set SuscriptionName SwGet-Azuresubscription Select-AzureSubscription "SuscriptionName" – List and set ResourceGRoupName, AutomationAccountName Get-AzureAutomationAccount $PSDefaultParameterValues = @{ "*AzureAutomationDsc*:ResourceGroupName" = "ResourceGRoupName" "*AzureAutomationDsc*:AutomationAccountName" = "AutomationAccountName" } Build up a Azure automation DSC extension step by step
• Step 3: Write configuration – Powershell script Configuration PSUG { Node "webserver“ { #Install the IIS Role WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } } } – Node configuraiton name "psug.webserver“ – it is important that the filename is the same as configuration name • Step 4: Import and Compile configuration – Import Config & compile Switch-AzureMode AzureResourceManager get-command *azureautomationdsc* Import-AzureAutomationDscConfiguration -SourcePath E:DataPSUG.ps1 -Published -Force Start-AzureAutomationDscCompilationJob -ConfigurationName "psug“ – check status is completed on compilation job Get-AzureAutomationDscCompilationJob – check that psug.webserver has appeared Get-AzureAutomationDscNodeConfiguration Build up a Azure automation DSC extension step by step
• Step 5: Create or Register machine / node – Add Azure Automation extension on node – Fill in to information • Registration URL: from automation account • Registration key: from automation account • Node configuration name: from step3 • Configuration mode: apply and autocorrect Build up a Azure automation DSC extension step by step
• Step 6: check node status / unregister node – Get all nodes Status Get-AzureAutomationDscNode |fl * – Check latest node result for node WEB2 $Node = Get-AzureAutomationDscNode -Name WEB02 Get-AzureAutomationDSCNodeReport -NodeId $Node.ID | Sort EndTime | Select-Object -last 1 – unregister node Get-AzureAutomationDscNode -Name WEB01 | select-object -first 1 |Unregister- AzureAutomationDscNode • Reference – Azure Automation DSC: How to register and use Azure Automation DSC http://blog.coretech.dk/jgs/azure-automation-dsc-how-to-register-and-use-azure-automation-dsc/ – Azure Automation: Using Azure Scheduler to trigger a runbook via Runbook Webhooks http://blog.coretech.dk/jgs/azure-automation-using-azure-scheduler-to-trigger-a-runbook-via- runbook-webhooks/ – Azure Automation webhooks https://azure.microsoft.com/en-us/documentation/articles/automation-webhooks/ Build up a Azure automation DSC extension step by step
• Azure Powershell DSC extension – Azure will play as DSC server role – Only show on new Azure portal – Configuration file management • Package script and manage them by yourself (offline) • Upload to client once • Deploy extension will overwrite the previous one • Azure automation dsc extension is one of powershell dsc extension – Azure linux platform not support Azure extension Build up a Azure Powershell DSC extension step by step
• Write a powershell script configuration IISInstall { WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } } • Deploy script by powershell dsc extension – Prepare script package for UI Switch-AzureMode AzureServiceManagement Publish-AzureVMDscConfiguration -ConfigurationPath c:iisinstall.ps1 Publish-AzureVMDscConfiguration C:IISInstall.ps1 -ConfigurationArchivePath c:iisinstall.ps1.zip – Deploy powershell dsc extension to node •Configuration modules or script: installation.ps1.zip •Configuration data PSD1 file: (none) •Module-qualified Name of configuration: iisinstall.ps1iisinstall •Configuration arguments: (none) Build up a Azure Powershell DSC extension step by step
Resources • Azure automation DSC, Step by Step http://blog.coretech.dk/jgs/azure-automation-dsc-how-to-register-and-use-azure-automation-dsc/ • PowerShell DSC for Linux, Step by Step http://blogs.technet.com/b/privatecloud/archive/2014/05/19/powershell-dsc-for-linux-step-by-step.aspx • Manage the PowerShell DSC Extension in the Azure Preview Portal http://blogs.msdn.com/b/powershell/archive/2014/10/28/manage-the-powershell-dsc-extension-in-the- azure-preview-portal.aspx • Use PowerShell DSC to Configure the Registry http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/06/use-powershell-dsc-to-configure-the- registry.aspx • Use PowerShell Desired State Configuration to Set Time Zone http://blogs.technet.com/b/heyscriptingguy/archive/2015/01/07/use-powershell-desired-state- configuration-to-set-time-zone.aspx

More Related Content

PPTX
Azure virtual machines & Terraform
Juan Jose Gazzola
 
PPTX
Upgrading to VMware vSphere 6.0
Tim Carman
 
PPSX
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle Final
Liudmila Li
 
PDF
Cloudera cluster setup and configuration
Sudheer Kondla
 
PPTX
Escalabilidad horizontal y Arquitecturas elásticas en Windows Azure | SolidQ ...
SolidQ
 
PPTX
Active Directory for VMware vCenter 6.5
Tuan Yang
 
PDF
VMware compute driver for OpenStack
openstackindia
 
PPTX
Creating a gallery image for Azure marketplace
Alexey Bokov
 
Azure virtual machines & Terraform
Juan Jose Gazzola
 
Upgrading to VMware vSphere 6.0
Tim Carman
 
Cvc2009 Moscow Xen App5 Fp1 Fabian Kienle Final
Liudmila Li
 
Cloudera cluster setup and configuration
Sudheer Kondla
 
Escalabilidad horizontal y Arquitecturas elásticas en Windows Azure | SolidQ ...
SolidQ
 
Active Directory for VMware vCenter 6.5
Tuan Yang
 
VMware compute driver for OpenStack
openstackindia
 
Creating a gallery image for Azure marketplace
Alexey Bokov
 

What's hot (18)

PDF
Mastering VMware Datacenter Part-1
M.M.Rahman Munna, Linux, VMware and Mail Server Expert
 
PPTX
How to build a cloud adapter
Maarten Smeets
 
PPTX
VMware Advance Troubleshooting Workshop - Day 5
Vepsun Technologies
 
PDF
New features of Azure Cloud Provider at OCP 3.10
Takayoshi Tanaka
 
PPTX
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
Michael Noel
 
PPTX
All about Azure workshop deck
Alexey Bokov
 
PDF
VMware vSphere 5 seminar
Markiting_be
 
PDF
vBrownBag 2015-07-08 - VCP6-DCV Foundations Section 7: Monitoring
Dan Barr
 
PPTX
Java on Windows Azure (Cloud Computing Expo 2010)
David Chou
 
PPTX
Selecting the correct hypervisor for CloudStack 4.5
Tim Mackey
 
PDF
Running your Java EE 6 applications in the cloud
Arun Gupta
 
PDF
KoprowskiT_it_camp2013 - 2amADisasterJustBegan
Tobias Koprowski
 
PDF
07 automate windowsenvironmentswithansibleanddsc
Khairul Zebua
 
PDF
Automate Building your VM Templates with Packer - CPAVMUG 2021-12-02
Dan Barr
 
PPTX
Accelerate your ColdFusion Applications using Caching
ColdFusionConference
 
PPTX
VMware Advance Troubleshooting Workshop - Day 3
Vepsun Technologies
 
PPTX
Oracle VM 3 hard partitioning
Gary Waldrom
 
PPTX
Oracle VM 3.4.1 Installation
Simo Vilmunen
 
Mastering VMware Datacenter Part-1
M.M.Rahman Munna, Linux, VMware and Mail Server Expert
 
How to build a cloud adapter
Maarten Smeets
 
VMware Advance Troubleshooting Workshop - Day 5
Vepsun Technologies
 
New features of Azure Cloud Provider at OCP 3.10
Takayoshi Tanaka
 
AUDWC 2016 - Using SQL Server 20146 AlwaysOn Availability Groups for SharePoi...
Michael Noel
 
All about Azure workshop deck
Alexey Bokov
 
VMware vSphere 5 seminar
Markiting_be
 
vBrownBag 2015-07-08 - VCP6-DCV Foundations Section 7: Monitoring
Dan Barr
 
Java on Windows Azure (Cloud Computing Expo 2010)
David Chou
 
Selecting the correct hypervisor for CloudStack 4.5
Tim Mackey
 
Running your Java EE 6 applications in the cloud
Arun Gupta
 
KoprowskiT_it_camp2013 - 2amADisasterJustBegan
Tobias Koprowski
 
07 automate windowsenvironmentswithansibleanddsc
Khairul Zebua
 
Automate Building your VM Templates with Packer - CPAVMUG 2021-12-02
Dan Barr
 
Accelerate your ColdFusion Applications using Caching
ColdFusionConference
 
VMware Advance Troubleshooting Workshop - Day 3
Vepsun Technologies
 
Oracle VM 3 hard partitioning
Gary Waldrom
 
Oracle VM 3.4.1 Installation
Simo Vilmunen
 
Ad

Similar to Mmik_Powershell_DSC_Azure_DSC (20)

PDF
Building and Managing your Virtual Datacenter using PowerShell DSC - Florin L...
ITCamp
 
PPTX
PowerShell-and-DSC-Enables-DSCDevOps-1.pptx
prabhatthunuguntla
 
PPTX
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf
 
PPTX
Configuration management comes to Windows
Ravikanth Chaganti
 
PDF
PowerShell DSC - State of the Art & Community by Gael Colas
UK DevOps Collective
 
PPTX
Jan Egil Ring - Get started with windows power shell desired state configuration
Nordic Infrastructure Conference
 
PPT
PowerShell v4 Desired State Configuration
Jason Stangroome
 
PPTX
Introduction to Desired State Configuration (DSC)
Jeffery Hicks
 
PPTX
Sp automation with dsc
Nikolas Charlebois-Laprade
 
PPTX
NetPonto #10 @Porto - DevOps: Poershell DSC
Rui Melo
 
PPTX
#DevOps in a windows world - @DevOpsGuys
DevOpsGroup
 
PPTX
PowerBreakfast #005 - Why DSC, NOW?
Milton Goh
 
PPTX
Manage your environment with DSC
Gian Maria Ricci
 
PPTX
Become an Automation Ninja in 60 Minutes
Michael Rüefli
 
PPTX
Experts live2016 - Karim Vaes - end-to-end automation
Karim Vaes
 
PPTX
Automation: PowerShell & DSC
Josh Gillespie
 
PPT
Desired state-configuration-ravikanth-august-2013-vtc india
Ravikanth Chaganti
 
PPTX
Power shell saturday ravikanth
Ravikanth Chaganti
 
PPTX
Server update management optimization
Allen Brokken
 
PPTX
Azure System Management
Mustafa
 
Building and Managing your Virtual Datacenter using PowerShell DSC - Florin L...
ITCamp
 
PowerShell-and-DSC-Enables-DSCDevOps-1.pptx
prabhatthunuguntla
 
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf
 
Configuration management comes to Windows
Ravikanth Chaganti
 
PowerShell DSC - State of the Art & Community by Gael Colas
UK DevOps Collective
 
Jan Egil Ring - Get started with windows power shell desired state configuration
Nordic Infrastructure Conference
 
PowerShell v4 Desired State Configuration
Jason Stangroome
 
Introduction to Desired State Configuration (DSC)
Jeffery Hicks
 
Sp automation with dsc
Nikolas Charlebois-Laprade
 
NetPonto #10 @Porto - DevOps: Poershell DSC
Rui Melo
 
#DevOps in a windows world - @DevOpsGuys
DevOpsGroup
 
PowerBreakfast #005 - Why DSC, NOW?
Milton Goh
 
Manage your environment with DSC
Gian Maria Ricci
 
Become an Automation Ninja in 60 Minutes
Michael Rüefli
 
Experts live2016 - Karim Vaes - end-to-end automation
Karim Vaes
 
Automation: PowerShell & DSC
Josh Gillespie
 
Desired state-configuration-ravikanth-august-2013-vtc india
Ravikanth Chaganti
 
Power shell saturday ravikanth
Ravikanth Chaganti
 
Server update management optimization
Allen Brokken
 
Azure System Management
Mustafa
 
Ad

Recently uploaded (20)

DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Approach and Philosophy of On baking technology
30anthuong17
 
Cloud computing and distributed systems.
kkkkkhan
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Teaching material agriculture food technology
LiaRayya
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 

Mmik_Powershell_DSC_Azure_DSC

  • 2. Agenda • What is Powershell DSC? • The difference with Powershell DSC family • Powershell DSC Introduction and Architecture • How to learn by yourself • Requirement for Lab practice • Build up a native Powershell DSC (Push server) step by step • Build up a native Powershell DSC (Pull server) step by step • Build up a Azure automation DSC extension step by step • Build up a Azure Powershell DSC extension step by step
  • 3. What is Powershell DSC ? • First of all declaring a DSC configuration is PowerShell based. So you can leverage all your PowerShell skills to not only define a configuration, but also for troubleshooting. • DSC is designed to support “continuous deployments” which means that you can deploy your configuration over and over without breaking anything • When a DSC configuration is being applied only those settings which do not match will be set, the rest will be skipped which can result in a faster deployment time • You can separate the configuration data from the logic of your configuration so that you can reuse your configuration data for different resources, nodes, and configurations, see http://technet.microsoft.com/en-us/library/dn249925.aspx • DSC can be used on-premise, in a public or in a private Cloud environment. You just need either Windows Server 2012 R2 or Windows 8.1 and local administrator permissions to execute the DSC PowerShell scripts • You can integrate DSC with any Microsoft or non-Microsoft solutions as long as you can execute a PowerShell script on the target system. Using DSC within the Windows Azure Pack portal in conjunction with SMA is a good example For example: Powershell = script Powershell + modules(DSC resource) = deliver configuration(mof) to local Powershell + modules(DSC resource) + LCM + winrm = deliver configurations(mof) to remote computers
  • 4. The difference with Powershell DSC family • Powershell DSC workflow
  • 5.   Support Cloud plugin launch & config vm OS Deploy Centralized report Chef AWS/Azure/Private…etc 10 cloud plugins Yes Win/Linux Pull Yes Powershell DSC Azure/Private cloud No Win/Linux Push/Pull No Azure automation DSC Azure Only Yes Win Pull Yes Azure powershell DSC Azure Only Yes Win Push Yes The difference with Powershell DSC family
  • 6. Powershell DSC Introduction and Architecture Introduction •Following are some example scenarios where you can use built-in DSC resources to configure and manage a set of computers (also known as target nodes) in an automated way: – Enabling or disabling server roles and features – Managing registry settings – Managing files and directories – Starting, stopping, and managing processes and services – Managing groups and user accounts – Deploying new software – Managing environment variables – Running Windows PowerShell scripts – Fixing a configuration that has drifted away from the desired state – Discovering the actual configuration state on a given node
  • 7. Architecture •On-premise Powershell DSC (Native) – need a Server to Push or Pull configuration to client – prepare client environment (firewall, winrm / LCM service) before deliver configuration – prepare deploy script (mof) on server •Azure automation DSC extension (new Azure portal only) – No need to prepare server – (use Azure Automation account as server role) – No need to prepare client – Azure template + extension to setup pull mode – prepare deploy script and upload to Azure Automation account – Add extension (create vm or after vm launched) •Azure powershell DSC extension (new Azure portal only) – No need to prepare server – deploy one by one, no server role to manage script – No need to prepare client environment – Azure template + extension to setup push mode – prepare deploy script and upload to Azure extension UI – Add extension (after vm launched) Powershell DSC Introduction and Architecture
  • 8. • Package installation – Powershell DSC only support windows 2012 R2 x64, windows 8.1 using OneGet • This first version of OneGet installs and searches from Chocolatey repositories, with support for additional repositories expected in subsequent versions. • https://github.com/OneGet/oneget – Import-Module –Name OneGet – Get-Command –Module OneGet – Find-Package | Out-Gridview – Install-Package putty.portable –Force – Get-Package – If you are not running the above os, what option do you have to automate the installation of packages? • Ninite – (http://www.ninite.com) • Chocolatey – (http://chocolatey.org/). Powershell DSC Introduction and Architecture
  • 9. • Push mode – Build-in mode in windows • Pull mode – LocalConfigurationManager needs to be configured on each target node – Schedule poll a pull server to check for new configurations Powershell DSC Introduction and Architecture
  • 10. Powershell DSC configuration structure •Install module – Online: • install-Module -name xpsdesired* • install-Module -name xpsdesired* -force (upgrade version) – Local: • Action: download and unzip the content • Location: $env:ProgramFilesWindowsPowerShellModules folder •List module – Online: • Find-Module -name xpsdesired* – Local: • Get-module •Use resource in code – Import-DSCResource -ModuleName xPSDesiredStateConfiguration # Modules must exist on target pull server – Get-DscResource -Name windowsfeature – Get-DscResource -Name WindowsFeature – Syntax – Get-DscResource -Name WindowsFeature | Select-Object -ExpandProperty properties Powershell DSC Introduction and Architecture
  • 11. How to learn by yourself • Download / get help / example code for modules https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d https://msconfiggallery.cloudapp.net/packages • Resource Designer Tool – A walkthrough writing a DSC resource http://blogs.msdn.com/b/powershell/archive/2013/11/19/resource-designer-tool-a-walkthrough-writing-a-dsc-resource.aspx • Understanding Import-DscResource Keyword in Desired State Configuration http://blogs.msdn.com/b/powershell/archive/2014/04/25/understanding-import-dscresource-keyword-in-desired-state-configuration.asp • Understanding CONFIGURATION keyword in Desired State Configuration http://blogs.msdn.com/b/powershell/archive/2013/11/05/understanding-configuration-keyword-in-desired-state-configuration.aspx • Azure automation (runbook, DSC, webhook) https://azure.microsoft.com/en-us/documentation/articles/automation-webhooks/ • The DSC book https://www.penflip.com/powershellorg/the-dsc-book/blob/1769edf37fd0112dea84846e14e69702a918d45b/About.txt • 100 Days of DevOps with PowerShell http://www.systemcentercentral.com/100DaysOfDevOps/
  • 12. • Learning course http://www.microsoftvirtualacademy.com/training-courses/getting-started-with-powershell-desired-state-configuratio https://channel9.msdn.com/Events/Microsoft-Azure/Level-Up-Azure-IaaS-for-IT-Pros/Learn-the-Ins-and-Outs-of-Az • 17 Hours of PowerShell Desired State Configuration (DSC) Video Training http://blogs.technet.com/b/ashleymcglone/archive/2015/05/22/17-hours-of-powershell-desired-state- configuration-dsc-video-training.aspx • Oneget http://blogs.technet.com/b/keithmayer/archive/2014/04/16/what-s-new-in-powershell-getting-started-with-oneget-in http://www.systemcentercentral.com/automating-application-installation-using-oneget/ How to learn by yourself
  • 13. Native Powershell DSC Lab practice • Required software dependency – Client side • Windows 2012 R2 x64 • install WMF 5.0 (Upgrade to LCM 2.0) – Server side • Windows 2012 R2 x64 • install WMF 5.0 use find-module / install-module to extend DSC from online repository https://www.microsoft.com/en-us/download/details.aspx?id=46889 • Change default bowser to chrome (add-azureaccount need to run javascript) • Windows Powershell 0.9.5 or above http://azure.microsoft.com/en-us/downloads/ https://github.com/Azure/azure-powershell • Install Powershell DSC service Under “add role and featurefeatureswindows powershell” • Script / command Reference find-module mva* install-module mva_dsc_2015_day1 install-module mva_dsc_2015_day2
  • 14. Build up a native Powershell DSC (Push server) step by step
  • 15. • Client side – prepare environment – firewall is allowed for port 5985 (http) / 5986 (https) – Setup winrm/powershell permission Enable-PSRemoting -Force Set-Item wsman:localhostclienttrustedhosts * Restart-Service WinRM • Server side – prepare environment – Allow remote trigger powershell Set-Item WSMan:localhostClientTrustedHosts -Value * -Force Set-ExecutionPolicy Unrestricted -Force Restart-Service WinRM Build up a native Powershell DSC (Push server) step by step
  • 16. • Server side – establish connection – Set variable ## client ip or fqdn $clientip = <client_ip> ## client account $clientacc=<account> – Test client winrm service Test-wsman $clientip – Keep credential $securePassword = ConvertTo-SecureString -AsPlainText -Force ‘<password>‘ $cred = New-Object System.Management.Automation.PSCredential $clientacc, $securePassword – Build session with client $Session = New-CimSession –ComputerName $clientip –Credential $cred – Test remote trigger powershell is ok Invoke-Command -ComputerName $clientip -ScriptBlock { get-childitem c: } -Credential $cred – Check client LCM status Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Push server) step by step
  • 17. • Server side – setup client LCM by remote – Change client LCM default setting [DSCLocalConfigurationManager()] Configuration LCMPUSH { Node $clientip { Settings { AllowModuleOverwrite = $True ConfigurationMode = 'ApplyAndAutoCorrect‘ RefreshMode = 'Push' } } } #$clientip = ‘<client_ip>’ # Create the Computer.Meta.Mof in folder LCMPush -OutputPath c:DSCLCM5 – Push MOF file to client Set-DSCLocalConfigurationManager -ComputerName $clientip -Path c:DSCLCM5 –Verbose –credential $cred – Check client LCM setting Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Push server) step by step
  • 18. • Server side – deploy script – Install IIS on client side configuration clientiis { Node $clientip { WindowsFeature IIS{ Name = 'web-server‘ Ensure = 'Present‘ } } } #$clientip = ‘<client_ip>‘ clientiis -OutputPath c:DSCConfig – Push MOF file to client start-DscConfiguration -Path C:DSCConfig -CimSession $Session -verbose -Wait – Check windows feature is exist Invoke-Command -ComputerName $clientip -ScriptBlock { get-windowsfeature -name web-server } -Credential $cred Build up a native Powershell DSC (Push server) step by step
  • 19. • Detect configuration change by hash file, check then deploy Build up a native Powershell DSC (Pull server) step by step
  • 20. • Client side – prepare environment – firewall is allowed for port 5985 (http) / 5986 (https) – Setup winrm/powershell permission Enable-PSRemoting -Force Set-Item wsman:localhostclienttrustedhosts * Restart-Service WinRM • Server side – prepare environment – Allow remote trigger powershell Set-Item WSMan:localhostClientTrustedHosts -Value * -Force Set-ExecutionPolicy Unrestricted -Force Restart-Service WinRM Build up a native Powershell DSC (Pull server) step by step
  • 21. • Server side – establish connection – Set variable ## client ip or fqdn $clientip = <client_ip> ## client account $clientacc=<account> – Test client winrm service Test-wsman $clientip – Keep credential $securePassword = ConvertTo-SecureString -AsPlainText -Force ‘<password>‘ $cred = New-Object System.Management.Automation.PSCredential $clientacc, $securePassword – Build session with client $Session = New-CimSession –ComputerName $clientip –Credential $cred – Test remote trigger powershell is ok Invoke-Command -ComputerName $clientip -ScriptBlock { get-childitem c: } -Credential $cred – Check client LCM status Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Pull server) step by step
  • 22. • Server side – setup pull server – Install service and configure (dsc service, iis for http/https web site) configuration HTTPPullServer { # Modules must exist on target pull server Import-DSCResource -ModuleName xPSDesiredStateConfiguration Node localhost { WindowsFeature DSCServiceFeature { Ensure = "Present" Name = "DSC-Service" } WindowsFeature IISConsole { Ensure = "Present" Name = "Web-Mgmt-Console" } xDscWebService PSDSCPullServer { Ensure = "Present" EndpointName = "PSDSCPullServer" Port = 8080 PhysicalPath = "$env:SystemDriveinetpubwwwrootPSDSCPullServer" CertificateThumbPrint = "AllowUnencryptedTraffic" ModulePath = "$env:PROGRAMFILESWindowsPowerShellDscServiceModules" ConfigurationPath = "$env:PROGRAMFILESWindowsPowerShellDscServiceConfiguration" State = "Started" DependsOn = "[WindowsFeature]DSCServiceFeature" } xDscWebService PSDSCComplianceServer { Ensure = "Present" EndpointName = "PSDSCComplianceServer" Port = 8443 PhysicalPath = "$env:SystemDriveinetpubwwwrootPSDSCComplianceServer" CertificateThumbPrint = "AllowUnencryptedTraffic" State = "Started" IsComplianceServer = $true DependsOn = ("[WindowsFeature]DSCServiceFeature" ,"[xDSCWebService]PSDSCPullServer") } } } # Generate MOF HTTPPullServer -OutputPath C:DSCHTTP – Deploy pull server in local Start-DscConfiguration -Path C:DSCHTTP -Verbose -Wait Build up a native Powershell DSC (Pull server) step by step
  • 23. • Server side – setup client LCM by remote – Change client LCM default setting [DSCLocalConfigurationManager ()] Configuration LCM_HTTPPULL { param ( [Parameter(Mandatory =$true) ] [string[]] $ComputerName, [Parameter(Mandatory =$true) ] [string] $guid ) Node $ComputerName { Settings{ AllowModuleOverwrite = $True ConfigurationMode = 'ApplyAndAutoCorrect' RefreshMode = 'Pull' ConfigurationID = $guid } ConfigurationRepositoryWeb DSCHTTP { ServerURL = 'http://server_ip:8080/PSDSCPullServer.svc' AllowUnsecureConnection = $true } } } # Create Guid for the computers $guid=[guid ]::NewGuid() # Create the Computer.Meta.Mof in folder LCM_HTTPPULL -ComputerName $clientip -Guid $guid -OutputPath c:DSCHTTP – Push MOF file to client Set-DSCLocalConfigurationManager -ComputerName $clientip -Path c:DSCHTTP – Verbose –credential $cred – Check client LCM setting Get-DscLocalConfigurationManager –CimSession $session Build up a native Powershell DSC (Pull server) step by step
  • 24. • Server side – deploy script – Install IIS on client side configuration clientsmtp { Node HTTPComputers { WindowsFeature SMTP{ Name = 'SMTP-Server' Ensure = 'Present' } } } clientsmtp -OutputPath c:DSChttp – Product MOF file for each client •get guid from client $guid= Get-DscLocalConfigurationManager -CimSession $Session | Select-Object -ExpandProperty ConfigurationID •Specify source folder of configuration $source = "C:DSCHTTPHTTPComputers.mof" •Destination is the pull location on the web server $dest = "localhostc$Program FilesWindowsPowerShellDscServiceConfiguration$guid.mof" Copy-Item -Path $source -Destination $dest •make checksum New-DSCChecksum $dest – Check installation is complete Update-DscConfiguration -ComputerName s1 -Wait -Verbose – Check windows feature is exist Invoke-Command -ComputerName $clientip -ScriptBlock { get-windowsfeature -name *smtp* } -Credential $cred Build up a native Powershell DSC (Pull server) step by step
  • 25. • What is Azure Automation account – Azure will play as a DSC server role – Automation Account information • Access key • URL – Runbook • Using Azure UI to manage scripts (after extension deploy) • Push configuration file to client • Webhooks – Regular execute – Trigger by 3rd party application • show on both new/old Azure protal Build up a Azure automation DSC extension step by step
  • 26. • What is Azure Automation DSC extension – Extension will play as a DSC client role – After deploy, client will register to Automation Account – Pull mode – Only show on new Azure portal – Azure linux platform not support Azure extension Build up a Azure automation DSC extension step by step
  • 27. • How to deploy Azure Automation DSC extension – Enable Azure Automation account • Default : invisible • Use command to enable (step1) • Select Azure Automation account (step2) – Create configuration file and upload to Azure Automation account • Manage configuration file in Azure Automation account (step3,4) – Prepare ps1, and zip file – Import / remove configuration by azure powershell command – Deploy Azure Automation DSC extension • Azure Automation account detail (step5) – Provide “Access key” when launch vm extension – Provide “URL” when launch vm extension • Launch extension in vm setting – Check vm status (step6) Build up a Azure automation DSC extension step by step
  • 28. • Step 1: Enable the extension in your Azure Account – Add & Select Account Add-AzureAccount Switch-AzureMode -Name AzureResourceManager – Register DSC extension on account Register-AzureProvider –ProviderNamespace Microsoft.Automation Register-AzureProviderFeature -FeatureName dsc -ProviderNamespace Microsoft.Automation • Step 2: Select subscription and default values – select subscription Switch-AzureMode AzureResourceManager Get-AzureAccount – List and set SuscriptionName SwGet-Azuresubscription Select-AzureSubscription "SuscriptionName" – List and set ResourceGRoupName, AutomationAccountName Get-AzureAutomationAccount $PSDefaultParameterValues = @{ "*AzureAutomationDsc*:ResourceGroupName" = "ResourceGRoupName" "*AzureAutomationDsc*:AutomationAccountName" = "AutomationAccountName" } Build up a Azure automation DSC extension step by step
  • 29. • Step 3: Write configuration – Powershell script Configuration PSUG { Node "webserver“ { #Install the IIS Role WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } } } – Node configuraiton name "psug.webserver“ – it is important that the filename is the same as configuration name • Step 4: Import and Compile configuration – Import Config & compile Switch-AzureMode AzureResourceManager get-command *azureautomationdsc* Import-AzureAutomationDscConfiguration -SourcePath E:DataPSUG.ps1 -Published -Force Start-AzureAutomationDscCompilationJob -ConfigurationName "psug“ – check status is completed on compilation job Get-AzureAutomationDscCompilationJob – check that psug.webserver has appeared Get-AzureAutomationDscNodeConfiguration Build up a Azure automation DSC extension step by step
  • 30. • Step 5: Create or Register machine / node – Add Azure Automation extension on node – Fill in to information • Registration URL: from automation account • Registration key: from automation account • Node configuration name: from step3 • Configuration mode: apply and autocorrect Build up a Azure automation DSC extension step by step
  • 31. • Step 6: check node status / unregister node – Get all nodes Status Get-AzureAutomationDscNode |fl * – Check latest node result for node WEB2 $Node = Get-AzureAutomationDscNode -Name WEB02 Get-AzureAutomationDSCNodeReport -NodeId $Node.ID | Sort EndTime | Select-Object -last 1 – unregister node Get-AzureAutomationDscNode -Name WEB01 | select-object -first 1 |Unregister- AzureAutomationDscNode • Reference – Azure Automation DSC: How to register and use Azure Automation DSC http://blog.coretech.dk/jgs/azure-automation-dsc-how-to-register-and-use-azure-automation-dsc/ – Azure Automation: Using Azure Scheduler to trigger a runbook via Runbook Webhooks http://blog.coretech.dk/jgs/azure-automation-using-azure-scheduler-to-trigger-a-runbook-via- runbook-webhooks/ – Azure Automation webhooks https://azure.microsoft.com/en-us/documentation/articles/automation-webhooks/ Build up a Azure automation DSC extension step by step
  • 32. • Azure Powershell DSC extension – Azure will play as DSC server role – Only show on new Azure portal – Configuration file management • Package script and manage them by yourself (offline) • Upload to client once • Deploy extension will overwrite the previous one • Azure automation dsc extension is one of powershell dsc extension – Azure linux platform not support Azure extension Build up a Azure Powershell DSC extension step by step
  • 33. • Write a powershell script configuration IISInstall { WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } } • Deploy script by powershell dsc extension – Prepare script package for UI Switch-AzureMode AzureServiceManagement Publish-AzureVMDscConfiguration -ConfigurationPath c:iisinstall.ps1 Publish-AzureVMDscConfiguration C:IISInstall.ps1 -ConfigurationArchivePath c:iisinstall.ps1.zip – Deploy powershell dsc extension to node •Configuration modules or script: installation.ps1.zip •Configuration data PSD1 file: (none) •Module-qualified Name of configuration: iisinstall.ps1iisinstall •Configuration arguments: (none) Build up a Azure Powershell DSC extension step by step
  • 34. Resources • Azure automation DSC, Step by Step http://blog.coretech.dk/jgs/azure-automation-dsc-how-to-register-and-use-azure-automation-dsc/ • PowerShell DSC for Linux, Step by Step http://blogs.technet.com/b/privatecloud/archive/2014/05/19/powershell-dsc-for-linux-step-by-step.aspx • Manage the PowerShell DSC Extension in the Azure Preview Portal http://blogs.msdn.com/b/powershell/archive/2014/10/28/manage-the-powershell-dsc-extension-in-the- azure-preview-portal.aspx • Use PowerShell DSC to Configure the Registry http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/06/use-powershell-dsc-to-configure-the- registry.aspx • Use PowerShell Desired State Configuration to Set Time Zone http://blogs.technet.com/b/heyscriptingguy/archive/2015/01/07/use-powershell-desired-state- configuration-to-set-time-zone.aspx