Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Manage your environment with DSC


Published on

Use PowerShell desired State Configuration to manage your environment.

  • Be the first to comment

Manage your environment with DSC

  1. 1. Build your Environment with PowerShell and PowerShell DSC Gian Maria Ricci
  2. 2. What is an Environment • Set of resources needed for the software to run – Hardware resources – OS resources – Software resources • It has a specific purpose – Production – Testing / QA – DEV – … • Needs to be managed
  3. 3. ENVIRONMENT AND VIRTUALIZATION Virtualization is silver bullet?
  4. 4. Environment as set of VMs • A set of Virtual Machines, specifically prepared, are an environment • Thanks to cloning / virtual disk cloning we can duplicate / recreate environment • Advanced Virtualization Systems allows for “VM Template” often called “Golden Images” • You can create a new VM from Golden Image
  5. 5. Handle Pre-made environments with VM • Virtualize and create Golden Images of environments • Thanks to SysPrep we can preinstall some software (ex Sql Server) – Generalization – Anonymization • “freeze” with certain OS patches – Avoid error due to updates – Recreate exact state of the system
  6. 6. Cross product problem • You should provide a Golden image for each combination – SqlServer, IIS, IIS + Sql Server, Mongo, Mongo + IIS, …… – It becomes impossible to create a VM for each combination – You can limit the explosion keeping only configuration really used by your applications, but it does not help • If you take into account OS Patches the combination explodes – Virtually each patch should create a new image – You will literally needs Hundreds or thousands VM Images • Maintenance nightmare
  7. 7. Approach A • A VM for each configuration – Cons • Maintenance Nightmare • Lots of space used – Pro • Image immediately available • Simple management for Devs • Quick validation
  8. 8. Approach B • A Base VM plus some further configuration – Cons • Need to manage configuration drift • More time needed to reach a valid point – Pro • Less space used • Simpler maintenance
  9. 9. Limit Golden Images to … • Major Version of OS (WS2012, WS2012R2, RHEL7, …) • Some critical OS Patches (SP, etc) • Some Difficult To Install and configure software • Everything that cannot be automated
  10. 10. Workflow – Create Golden Image OPS • Create Image • Make it accessible to DEV DEV • Setup Prerequisites • Install application • Verify Application • Propose modification OPS • Update machine if needed
  11. 11. Workflow – Update Golden Image OPS • Modify Image • Make it accessible to DEV DEV • Setup Prerequisites • Install application • Verify Application • Propose modification OPS • Update machine if needed • Previously validated Golden image needs to be modified • OS Patches • Software / Configuration patches • …
  12. 12. Each department -> Right work • Ops duty – Manage virtualization environment – Manage basic configuration of a VM – Handle updates (Ex. critical system patches) • Developers duty – Quickly validate a new version of an image – Being able to communicate configuration Drift
  13. 13. Workflow • To validate a Golden Image DEV needs to perform repetitive operation – Install prerequisite – Install software – Run integration tests • To setup a software OPS needs to perform the same set of operations • These operations needs to be well documented • This is an area where “automation is the solution”
  14. 14. Rebuild from Metal (or Golden images) • When an outage occur you need to minimize – Time needed to detect that something is not working – Time needed to start working at the problem – Time needed to fix the problem • Time needed to fix cannot be estimated • You can estimate how much time is needed to rebuild the environment from scratch • Often it is better to rebuild than trying to fix what is broken.
  15. 15. DESIRED STATE Specify environment state you need for your application to run
  16. 16. Concept of “Desired State” • Conceptually we need to automate 1. Install prerequisite of our application 2. Install our application • Both these operation starts from a Golden Image or bare metal • We need to bring the environment from actual State to a State where the application can be installed • This is what we call “Desired State”
  17. 17. Ex: Install IIS • We can do a script with this pseudocode – Test if IIS is installed – If not installed install it – Verify if it is started – If not started start it – … • We need to check actual state and take appropriate action • Script can become complicated
  18. 18. DSC: POWERSHELL DESIRED STATE CONFIGURATION Microsoft proposition to manage state of an environment
  19. 19. Solution: specify Desired State • We can use PowerShell DSC to specify a Desired State • All you need to do is specify the state you need • It is similar to puppet/chef • Everything related to real configuration is done by a “resource” • Microsoft gives you many resources to manage OS and Software. • You can write (or find in open source) additional resources.
  20. 20. Three phases • Authoring – Authoring a configuration with various tools – Produces a Mof file storing information of the configuration • Staging – Make Mof available • Make It So – Apply configuration
  21. 21. Make It So
  22. 22. Make It So
  23. 23. Pull or Push model
  24. 24. Run imperative PowerShell code • You can mix DSC and imperative instructions • You can pack scripts inside a custom resource • Remember that DSC is a part of PowerShell, you can use any PowerShell instruction you need
  25. 25. Avoid confusion • DSC is often used / presented as a “way to deploy software” • Remember that DSC is a library to bring a system in a desired state • A Typical problem: you need to install a Windows Service – First install is ok – Update version, you can only specify if service should be running or not
  26. 26. Deploy with multiple states • A first State is required to start the deploy – Service are stopped – Sites are stopped • A second DSC State (or imperative PowerShell) is required to physically update – Copy new version of the site on a folder – Overwrite Windows Service with new version • A final State is used to restart Everything – Service are started – Sites are running
  27. 27. MORE COMPLEX DSC Let’s see something more complex to deploy a site + database