What is Powershell Desired state configuration?
Powershell DSC is a declarative model of system configuration management Microsoft released along with Windows 2012, but enhanced and matured on Windows 2016.
In other word, you will be able to specify how you want a computer or servers to be configured and leave it to Powershell and the windows workflow engine to complete the task for you
It allows us to completely automate the configuration of the server including the build and setting up for application configuration, it can do but not limited to copy files, deploy registry key, software, add/remove a Windows Feature, etc
Advantage of DSC
- Simplify system administration tasks by configuring multiple devices automatically based on the defined configuration.
- Identical configuration of multiple machines, standardizing the devices
- Reduce the time consumed in terms of device and server configuration or reconfiguration
- Deployment on demand is largely automated and simplified
Types of architecture with DSC:
- Push mode: the configurations are sent (“pushed”) manually towards one or more units that we call “node”. This action is done by an administrator. Only one way communication from system administrator server or device to remote clients required. Push mode is one of the easy and one time way of doing remove device configuration.
It can be done from any workstation, no designated server required.
Real-time execution, offline devices will not receive configurations
- Pull mode: a “pull server” is created and the nodes contact this server at regular intervals so as to obtain their configuration. There is a designated pull server, Remote client nodes poll the “pull server” to ask whether a configuration is available . If so, then the “pull server” sends this configuration to the compatible machines; By default, this interval of communication is set at fifteen minutes
Idle for automating deployment of device and application configurations
Offline machines receive updates and configurations while it connected back.
DSC resources are configurable items that can be configured using Powershell DSC, below command to list all configurable resources
Get-DscResource | select Name,Module,Properties | Ft -AutoSize
Each explained below
- File: Manages files and folders on a machine
- Archive: Decompresses an archive in the compressed format
- Environment: Manages system environment variables on the machine
- Log: Writes a message in the DSC event log
- Package: installs or removing a package
- Registry: Manages registry key of a machine
- Script: Executes a PowerShell script block or commands on a machine
- Service: Manages Windows services on machine
- User: Manages local users on a machine
- WindowsFeature: Adds or removes a role/feature on a machine
- WindowsOptionalFeature: Adds or removes an optional role/feature on a machine
- WindowsProcess: Manages a Windows process
- WaitForAll / WaitForAny / WaitForSome: Available with PowerShell WMF 5 Production Preview. Cross-computer synchronisation allows us to use the dependency between machines during the deployment of their configuration. When there is a change in the status of a resource, another machine may be able to execute its configuration.
If you need more functionality as your use of DSC increases At that point, it is possible to add extra resources with the DSC Resource Kit: https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d or http://www.powershellgallery.com/ where resource kit was published by the Windows PowerShell Team
To install them, all you need to do is to copy and paste them into your PowerShell modules folder:
Powershell DSC syntax
Configuration TestTCXConf4 # Part 1
param ($MachineName) # Part 2
Node $MachineName # Part 3
File NewFolder # Part 4
Ensure = ‘Present’ # Part 5
DestinationPath = ‘C:\IISSite’
WindowsFeature IIS # Part 4 continued..
Ensure = ‘Present’ # Part 5 continued..
Name = “Web-Server”
TestTCXConf4 -MachineName ‘vipin-win2016-2’, ‘vipin-win2016-3’ # Part 6
Part 1: “Configuration” is followed by the name of the configuration, just like function
Part 2: This part define the parameters that are used in the configuration
Part 3: The part of the configuration indicates to DSC to deploy this configuration on these machines
Part 4: It is the resource that you want to configure. Here, to the resource “File”, “Packages”, “WindowsFeature” followed by a identifying name.
Part 5: Contains properties of the resource as “key=value” pairs. Key and value for each DSC resource (it varies) can be find as shown below
Get-DSCResource -Name <DSCResource> | Select -ExpandProperty Properties
Part 6: This part create configuration files to be applied to machine mentioned on the script. ( You may also import list of machine name from a text or CSV file)
Save above configuration in a Powershell script and save and <filename>.PS1 and run using Powershell
This will create an MOF file for each machine name mentioned
Now for pushing this configuration to these server, just run Start-DSCConfiguration with mof file path (PUSH MODE).
Start-DSCConfiguration -path <path>\TestTCXConf4\ -Verbose -Force -Wait
You can verify the servers listed receive packages, feature enabled or folder and file structure created.
Learn more about PowershellDSC
Learn About configuring and working on PowershellDSC pull server model