Introduction to Powershell Desired state Configuration (PowershellDSC)


What is Powershell Desired state configuration?

Powershell DSC is a declarative model of system configuration management Microsoft released along with Windows 2012, but enhanced and matured on Windows 2016.

In other word, you will be able to specify how you want a computer or servers to be configured and leave it to Powershell and the windows workflow engine to complete the task for you

It allows us to completely automate the configuration of the server including the build and setting up for application configuration, it can do but not limited to copy files, deploy registry key, software, add/remove a Windows Feature, etc

Advantage of DSC

  1. Simplify system administration tasks by configuring multiple devices automatically based on the defined configuration.
  2. Identical configuration of multiple machines, standardizing the devices
  3. Reduce the time consumed in terms of device and server configuration or reconfiguration
  4. Deployment on demand  is largely automated and simplified

Types of architecture with DSC:

  • Push mode: the configurations are sent (“pushed”) manually towards one or more units that we call “node”. This action is done by an administrator.  Only one way communication from system administrator server or device to remote clients required.  Push mode is one of the easy and one time way of doing remove device configuration.

It can be done from any workstation, no designated server required.

Real-time execution, offline devices will not receive configurations

  • Pull mode: a “pull server” is created and the nodes contact this server at regular intervals so as to obtain their configuration.  There is a designated pull server, Remote client  nodes poll the “pull server” to ask whether a configuration is available . If so, then the “pull server” sends this configuration to the compatible machines; By default, this interval of communication is set at fifteen minutes

Idle for automating deployment of device and application configurations

Offline machines receive updates and configurations while it connected back.

DSC resources

DSC resources are configurable items that can be configured using Powershell DSC, below command to list all configurable resources

Get-DscResource | select Name,Module,Properties | Ft -AutoSize

PowerShellDSC01

Each explained below

  • File: Manages files and folders on a machine
  • Archive: Decompresses an archive in the compressed format
  • Environment: Manages system environment variables on the machine
  • Log: Writes a message in the DSC event log
  • Package: installs or removing a package
  • Registry: Manages registry key of a machine
  • Script: Executes a PowerShell script block or commands on a machine
  • Service: Manages Windows services on machine
  • User: Manages local users on a machine
  • WindowsFeature: Adds or removes a role/feature on a machine
  • WindowsOptionalFeature: Adds or removes an optional role/feature on a machine
  • WindowsProcess: Manages a Windows process
  • WaitForAll / WaitForAny / WaitForSome: Available with PowerShell WMF 5 Production Preview. Cross-computer synchronisation allows us to use the dependency between machines during the deployment of their configuration. When there is a change in the status of a resource, another machine may be able to execute its configuration.

If you need more functionality as your use of DSC increases At that point, it is possible to add extra resources with the DSC Resource Kit: https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d or http://www.powershellgallery.com/ where resource kit was published by the Windows PowerShell Team

To install them, all you need to do is to copy and paste them into your PowerShell modules folder:

Powershell DSC syntax

Configuration TestTCXConf4       # Part 1
{
param ($MachineName)     # Part 2
Node $MachineName     # Part 3
{
File NewFolder     # Part 4
{
Ensure = ‘Present’                            # Part 5
DestinationPath = ‘C:\IISSite’
Type=’Directory’
}
WindowsFeature IIS         # Part 4 continued.. 
{
Ensure = ‘Present’         # Part 5 continued.. 
Name = “Web-Server”
DependsOn='[file]NewFolder’
}
}
}

TestTCXConf4 -MachineName ‘vipin-win2016-2’,  ‘vipin-win2016-3’     # Part 6

Part 1:  “Configuration” is followed by the name of the configuration, just like function

Part 2: This part define the parameters that are used in the configuration

Part 3: The part of the configuration indicates to DSC to deploy this configuration on these machines

Part 4: It is the resource that you want to configure. Here,  to the resource “File”, “Packages”, “WindowsFeature” followed by a identifying name.

Part 5: Contains properties of the resource as “key=value” pairs. Key and value for each DSC resource (it varies) can be find as shown below

Get-DSCResource -Name <DSCResource> | Select -ExpandProperty Properties

PowerShellDSC04

Part 6: This part create configuration files to be applied to machine mentioned on the script. ( You may also import list of machine name from a text or CSV file)

Save above configuration in a Powershell script and save and <filename>.PS1 and run using Powershell

This will create an MOF file for each machine name mentioned

PowerShellDSC02

Now for pushing this configuration to these server, just run Start-DSCConfiguration with mof file path (PUSH MODE).

Start-DSCConfiguration -path <path>\TestTCXConf4\ -Verbose -Force -Wait

PowerShellDSC03

You can verify the servers listed receive packages, feature enabled or folder and file structure created.

Reference:

Learn more about PowershellDSC

https://blogs.technet.microsoft.com/privatecloud/2013/08/30/introducing-powershell-desired-state-configuration-dsc/

https://4sysops.com/archives/powershell-desired-state-configuration-dsc-part-1-introduction/

Learn About configuring and working on PowershellDSC pull server model

http://www.systemcentercentral.com/day-1-intro-to-powershell-dsc-and-configuring-your-first-pull-server/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s