Let PowerShell make it right and keep it right
This article describes the use of Windows PowerShell Desired State Configuration (DSC).
Concepts here are introduced after you take an action.
DSC resources can be obtained from several places:
On every target node, the process running in the background to parse and “enact” configurations sent to the node is the Local Configuration Manager (LCM). See https://docs.microsoft.com/en-us/powershell/dsc/metaconfig and https://docs.microsoft.com/en-us/powershell/dsc/metaconfig4
http://blogs.msdn.com/b/powershell/ Central repository for PowerShell Desired State Configuration (DSC) resources maintained within Microsoft.
### From GitHub
The community has
https://github.com/PowerShell/SharePointDsc The SharePointDsc PowerShell module provides DSC resources that can be used to deploy and manage a SharePoint farm
Use an internew browser (Chrome) to my sample PowerShell DSC scripts at:
(I would be honored if it earns your clicking the Star)
- Create a GitHub account for yourself if you haven’t already.
Click the Fork button to make it yours, since you will be making changes.
- Install a Git client.
- Open a Terminal command terminal.
Navigate or create a subject container folder where repos are created, such as:
Get my sample PowerShell scripts onto your laptop (substituting “wilsonmar” with your own account name):
git clone https://github.com/wilsonmar/powershell-dsc && powershell-dsc
The above is one line, but may be word-wrapped on your screen.
Use a text editor to view file
But a PowerShell DSC configuration has a block that uses the PowerShell keyword
Configurationfollowed by the name of the configuration.
Each target computer defined by a DSC script is called a node. The name of the node (a computer instance) is passed into the script using the $ComputerName parameter supplied when compiling the configuraton. The name defaults to “localhost” if not supplied.
When the name of the script (without the .ps1 suffix) is specified within PowerShell, that script is compiled into a MOF document for each node
within a folder created in the current directory with the same name as the configuration. For example:
### PowerShell Commands
PROTIP: A PowerShell DSC configuration file is a PowerShell script, and thus has a .ps1 file suffix and runs within the PowerShell command-line shell. DSC was introduced with PowerShell 4.0.
- On MacOS, install PowerShell.
List PowerShell functions for DSC:
Get-command -Noun dsc*
CommandType Name Version Source ----------- ---- ------- ------ Function Find-DscResource 220.127.116.11 PowerShellGet Function Get-DscResource 0.0 Function Get-DSCResourceModules 0.0 Function New-DscChecksum 0.0 PSDesiredStateConfiguration
Get resources for DSC:
Compile to MOF
Compile the script into an MOF document for each node within a folder created in the current directory with the same name as the configuration:
The response for the default user (replace your user name here):
Directory: C:\users\default\Documents\DSC Configurations\MyDscConfiguration Mode LastWriteTime Length Name ---- ------------- ------ ---- -a---- 10/23/2017 1:32 PM 2842 TEST-PC1.mof
“MOF” is an acornym for “Management Object Format” used in Windows operating systems.
It has syntax based on Microsoft Visual C++.
MOF files often have a partner DLL (dynamic link library) file that stores data needed for retrieval in the MOF file.
CAUTION: The MOF file contains all of the configuration information for the target node. Because of this, it’s important to keep it secure.
The MOF file for each node defined in the Configuration is what are “enacted”.
Noramlly, DSC applies the resources in the order that they appear within the configuration. That’s unless
DependesOn is specified.
### Push vs. Pull
DSC can deliver configurations in either push and pull.
The push method is delivered from a server to a computer thus the “pushing” instructions. This method is generally only used for testing or one-off applications uncommon in a production environment. See https://github.com/PowerShellOrg/shove
The pull method is initiated from a client rather than the server.
See https://docs.microsoft.com/en-us/powershell/dsc/pullclientconfigid on Setting up a pull client using configuration ID
Open source on Linux and MacOS
From the PowerShell and DSC Team YouTube channel:
This 51-minute series of demos was published Aug 18, 2016.
This article notes Desired State Configuration for Linux and the promise of SSH support arrived in 2014 (several months before Microsoft open sourced .NET and brought .NET Core to Linux). But “you had to author your scripts on the Windows platform, you had to configure things on the Windows platform and then deliver the desired configuration to a Linux box and have it be configured; now you can do all of that on Linux.”
Noteworthy pages in the FAQ:
Other IAC incorporating DSC
https://github.com/chef-boneyard/dsc was implemented into core Chef
Operation Validation Framework
Get-Command -Module OperationValidation
It has two functions:
Get-OperationValidation to Retrieve operational tests from modules
Invoke-OperationValidation to run operational tests from modules
- Reusable automation
- Source Control
- Unit Testing
- Continuous Deployment
- Integration tests, which validate the desired state
- Operations Validation, which validates the functionality at desired state!
Practical Desired State Configuration (DSC) [3:01] 10 Aug 2016 by Josh Duffney
A Practical Overview of Desired State Configuration TechEd North America 2014
Windows PowerShell 4.0 introduces Desired State Configuration (DSC), and it’s time to put it to use. With DSC, you declaratively ..
Why I love PowerShell Desired State Configuration and so should u by Nicholas Dille https://twitter.com/NicholasDille http://dille.name/blog/
A Practical Overview of Desired State Configuration by TechEd North America
http://www.tomsitpro.com/articles/how-to-integrate-ansible-dsc,1-3474.html 13 Jan 2017 when Ansible didn’t support DSC and required https://github.com/trondhindenes/Ansible-win_dsc by Trond Hindenes. That’s since been merged into Ansible Core.
More on DevOps
This is one of a series on DevOps:
- ci-cd (Continuous Integration and Continuous Delivery)
- Git and GitHub vs File Archival
- Git Commands and Statuses
- Git Commit, Tag, Push
- Git Utilities
- Data Security GitHub
- GitHub API
- Choices for DevOps Technologies
- Java DevOps Workflow
- AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
- Digital Ocean
- Cloud regions
- AWS Virtual Private Cloud
- Azure Cloud Onramp
- Azure Cloud
- Packer automation to build Vagrant images
Terraform multi-cloud provisioning automation
- Powershell Ecosystem
- Powershell on MacOS
- Jenkins Server Setup
- Jenkins Plug-ins
- Jenkins Freestyle jobs
- Dockerize apps
- Docker Setup
- API Management Microsoft
- Scenarios for load