Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

2,036 views

Published on

PowerShell DSC is a configuration management platform that provides the operations team the capability to deploy and manage systems by defining the desired configuration of a machine while having the assurance that whatever happens, the machines configuration will remain the same.
In this session you will learn what is PowerShell DSC, and how it can grant you the power of implementing a DevOps oriented environment by building and managing your infrastructure in an automatic and consistent fashion.

Published in: Technology
  • Be the first to comment

Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

  1. 1. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Building and Managing your Virtual Datacenter using PowerShell DSC Florin Loghiade Cloud & DevOps Engineer Avaelgo Blog: florinloghiade.ro Twitter: @florinloghiade
  2. 2. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Many thanks to our sponsors & partners! GOLD SILVER PARTNERS PLATINUM POWERED BY
  3. 3. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals • What is PowerShell DSC (Desired State Configuration)? –Deployment Models –Configurations –Resources • PowerShell DSC Scenarios Agenda
  4. 4. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals WHAT IS POWERSHELL DSC?
  5. 5. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals • Configuration management platform • Cross-Platform • Standards based (Distributed Management Task Force) • Allows “continuous deployment” and prevents “configuration drift” • Uses language extensions and providers to enable declarative and idempotent deployments What is PowerShell DSC?
  6. 6. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals DSC vs. GPO Feature Group Policy DSC Configuration stored in GPO file Configuration script / MOF file Target nodes by means of AD links to OUs, sites, etc. Configuration specifies node names Configuration implemented by Client-side OS components Client-side shell scripts (resources) Extensible by means of Complex native programming Windows PowerShell scripts Primary configuration target Windows registry Anything Windows PowerShell can “touch” Persistence Settings reapply each time Settings are persistent Number of configurations per node As many GPOs as you want to link One or More (Partial Configurations) Source: Channel 9
  7. 7. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Traditional Scripts vs DSC DSC Configurations Intent DSC Resources Technology Specific DSC Engine Dependency Resolution Logging & Error Handling Reboot Resiliency Repeatable Automation Traditional Scripts
  8. 8. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Easy to write and easy to deploy Intent Environment Configuration (Dev -> Test -> Production) $WebConfigEnv = @{ ComputerName = $VMServerNames Name = “FourthCoffee” } … Structural Configuration WindowsFeature IIS { Name = "Web-Server" Ensure = "Present" } … Make It So Idempotent Automation foreach -parallel ($featureName in $Name) { $feature = Get-WindowsFeature -Name $featureName if(($Ensure -eq "Present") -and (!$feature.Installed)) { Install-WindowsFeature -Name $featureName } …. } … Source: Channel 9
  9. 9. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Push • Manual Process. DSC Resources have to be copied to the nodes • Use Start-DscConfiguration to copy the MOF to the nodes and tell them to make it so. Pull • Use Push to enroll nodes, configuring them to query a Pull Server. The nodes then check the pull server every 30 minutes for configuration changes. • DSC Resources must be zipped and placed on the Pull Server • Every generated MOF file has to be accompanied by a checksum file and both need to be placed on the Pull server. Two Deployment Modes
  10. 10. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Push Model Configuration Staging Area (Contains DSC data) Authoring Phase (May include imperative as well as declarative code) Staging Phase - Fully declarative configuration representation using DMTF standard MOF instances - Configuration is calculated for all nodes “Make it So” Phase (Declarative configuration is reified through imperative providers.) Parser and Dispatcher Imperative Providers Providers implement changes: • Monotonic • Imperative • Idempotent Local Configuration Store 3rd party languages and tools PowerShell V(n) Visual Studio Code Source: Channel 9
  11. 11. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Pull Model Pull Server (Contains DSC data and Modules) Authoring Phase (May include imperative as well as declarative code) Staging Phase - Fully declarative configuration representation using DMTF standard MOF instances - Configuration is calculated for all nodes “Make it So” Phase (Declarative configuration is reified through imperative providers.) Parser and Dispatcher Imperative Providers Providers implement changes: • Monotonic • Imperative • Idempotent Local Configuration Store 3rd party languages and tools PowerShell V(n) Visual Studio Code Source: Channel 9
  12. 12. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Core DSC Resources Resource Description Archive Resource Unpacks archive (.zip) files at specific paths on target nodes. Environment Resource Manages system environment variables on target nodes. File Resource Manages files and directories on target nodes. Group Resource Manages local groups on target nodes. Log Resource Logs configuration messages Package Resource Installs and manages packages, such as Windows Installer (.msi) and setup.exe packages on target nodes. WindowsProcess Resource Configures Windows processes on target nodes. Registry Resource Manages registry keys and values on target nodes. WindowsFeature Resource Adds or removes Windows features and roles on target nodes. Script Resource Runs Windows PowerShell script blocks on target nodes. Service Resource Manages services on target nodes. User Resource Manages local user accounts on target nodes.
  13. 13. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals xDSC Resources Resource Description xSmbShare Allows configuration of a SMB Share xADDomain Allows configuration or deployment of Active Directory components xWindowsUpdates Handles the installation of a Windows Update from a given path xNetworking Allows configuration of network adapters, firewall rules and more xSQLServer Allows configuration or deployment of SQL Server xFailoverCluster Allows configuration or deployment of Failover Clusters xHyper-V Allows configuration or deployment of Hyper-V xWebAdministration Allows configuration of IIS websites, application pools etc. • Marked as eXperimental, these resources are in continuous development and should be considered as beta resources. • There are over 500 resources online and open sourced on GitHub: https://github.com/PowerShell/DscResources/tree/master/xDscResources
  14. 14. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals DSC Resources for Linux Provider Description nxArchive Unpacks .tar or .zip archives at a specific path nxFile Allows management of files and directories nxFileLine Provides a mechanism to manages lines within a configuration file nxPackage Allows management of packages (.rpm, .deb, yum, zipper, apt) nxUser Allows management of users nxGroup Allows management of groups nxScript Provides a mechanism to run .sh / .bash scripts nxService Allows management of services (init, upstart, systemd) nxEnvironment Allows management of environment variables nxSSHAuthorizedKeys Allows management of SSH keys • Yes you read right. DSC can be used on Linux machines. • Can be installed using native packages (rpm/deb) • At this time there are about 10 built-in DSC Resources • Supports Push/Pull deployment models
  15. 15. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Configuration StopService { Import-DscResource -ModuleName PSDesiredStateConfiguration Service BITS { Name = 'BITS' State = 'Stopped' StartupType = 'Disabled' Ensure = 'Absent' #This deletes the service } } What do configurations look like (Windows)
  16. 16. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Configuration InstallApache { Import-DSCResource -Module nx node <insert linux server ip/hostname here> { nxPackage Apache { PackageManager = 'Yum' Ensure = 'Present' Name = 'httpd' } } } What do configurations look like (Linux)
  17. 17. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals DEMO
  18. 18. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals POWERSHELL DSC SCENARIOS
  19. 19. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals • You can deploy “bare” VMs and have DSC configure them based on a role (Web Server, SQL Server, AD Domain Controller, Cluster etc.) – No more gold images • You can keep production servers in check – You can be sure that everything that you configured via DSC will stay that way even if somebody tampers with the configuration • Create multiple identical environments with ease. – Dev, QA, Staging, Production • You can use DSC with your release management tools. – VSTS, TFS, TeamCity etc. PowerShell DSC Scenarios #1
  20. 20. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals • Azure offers a service named Azure Automation that besides running native PowerShell Code it also is a DSC Pull Server. • You can use Azure Automation DSC to manage all your cloud environments, including your on-premise servers. • Can be used as is or as a compliance server / module repository PowerShell DSC in Azure
  21. 21. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals • Management platform in Windows PowerShell • Allows you to: –Enable / Disable server roles and features –Manage registry settings –Manage files and directories –Deploy new software –Prevent configuration drift –And many more  DSC Overview
  22. 22. @ITCAMPRO #ITCAMP16Community Conference for IT Professionals Q & A

×