2. What is an Environment
• Set of resources needed for the software to run
– Hardware resources
– OS resources
– Software resources
• It has a specific purpose
– Production
– Testing / QA
– DEV
– …
• Needs to be managed
4. Environment as set of VMs
• A set of Virtual Machines, specifically prepared,
are an environment
• Thanks to cloning / virtual disk cloning we can
duplicate / recreate environment
• Advanced Virtualization Systems allows for “VM
Template” often called “Golden Images”
• You can create a new VM from Golden Image
5. Handle Pre-made environments with VM
• Virtualize and create Golden Images of
environments
• Thanks to SysPrep we can preinstall some
software (ex Sql Server)
– Generalization
– Anonymization
• “freeze” with certain OS patches
– Avoid error due to updates
– Recreate exact state of the system
6. Cross product problem
• You should provide a Golden image for each
combination
– SqlServer, IIS, IIS + Sql Server, Mongo, Mongo + IIS, ……
– It becomes impossible to create a VM for each
combination
– You can limit the explosion keeping only configuration
really used by your applications, but it does not help
• If you take into account OS Patches the combination
explodes
– Virtually each patch should create a new image
– You will literally needs Hundreds or thousands VM
Images
• Maintenance nightmare
7. Approach A
• A VM for each configuration
– Cons
• Maintenance Nightmare
• Lots of space used
– Pro
• Image immediately available
• Simple management for Devs
• Quick validation
8. Approach B
• A Base VM plus some further configuration
– Cons
• Need to manage configuration drift
• More time needed to reach a valid point
– Pro
• Less space used
• Simpler maintenance
9. Limit Golden Images to …
• Major Version of OS (WS2012, WS2012R2, RHEL7,
…)
• Some critical OS Patches (SP, etc)
• Some Difficult To Install and configure software
• Everything that cannot be automated
10. Workflow – Create Golden Image
OPS
• Create Image
• Make it accessible to DEV
DEV
• Setup Prerequisites
• Install application
• Verify Application
• Propose modification
OPS
• Update machine if needed
11. Workflow – Update Golden Image
OPS
• Modify Image
• Make it accessible to DEV
DEV
• Setup Prerequisites
• Install application
• Verify Application
• Propose modification
OPS
• Update machine if needed
• Previously validated Golden image needs to be modified
• OS Patches
• Software / Configuration patches
• …
12. Each department -> Right work
• Ops duty
– Manage virtualization environment
– Manage basic configuration of a VM
– Handle updates (Ex. critical system patches)
• Developers duty
– Quickly validate a new version of an image
– Being able to communicate configuration Drift
13. Workflow
• To validate a Golden Image DEV needs to perform
repetitive operation
– Install prerequisite
– Install software
– Run integration tests
• To setup a software OPS needs to perform the
same set of operations
• These operations needs to be well documented
• This is an area where “automation is the solution”
14. Rebuild from Metal (or Golden images)
• When an outage occur you need to minimize
– Time needed to detect that something is not
working
– Time needed to start working at the problem
– Time needed to fix the problem
• Time needed to fix cannot be estimated
• You can estimate how much time is needed to
rebuild the environment from scratch
• Often it is better to rebuild than trying to fix what
is broken.
16. Concept of “Desired State”
• Conceptually we need to automate
1. Install prerequisite of our application
2. Install our application
• Both these operation starts from a Golden Image
or bare metal
• We need to bring the environment from actual
State to a State where the application can be
installed
• This is what we call “Desired State”
17. Ex: Install IIS
• We can do a script with this pseudocode
– Test if IIS is installed
– If not installed install it
– Verify if it is started
– If not started start it
– …
• We need to check actual state and take
appropriate action
• Script can become complicated
18. DSC: POWERSHELL DESIRED STATE
CONFIGURATION
Microsoft proposition to manage state of an environment
19. Solution: specify Desired State
• We can use PowerShell DSC to specify a Desired
State
• All you need to do is specify the state you need
• It is similar to puppet/chef
• Everything related to real configuration is done by
a “resource”
• Microsoft gives you many resources to manage OS
and Software.
• You can write (or find in open source) additional
resources.
20. Three phases
• Authoring
– Authoring a configuration with various tools
– Produces a Mof file storing information of the
configuration
• Staging
– Make Mof available
• Make It So
– Apply configuration
24. Run imperative PowerShell code
• You can mix DSC and imperative instructions
• You can pack scripts inside a custom resource
• Remember that DSC is a part of PowerShell, you
can use any PowerShell instruction you need
25. Avoid confusion
• DSC is often used / presented as a “way to deploy
software”
• Remember that DSC is a library to bring a system
in a desired state
• A Typical problem: you need to install a Windows
Service
– First install is ok
– Update version, you can only specify if service
should be running or not
26. Deploy with multiple states
• A first State is required to start the deploy
– Service are stopped
– Sites are stopped
• A second DSC State (or imperative PowerShell) is
required to physically update
– Copy new version of the site on a folder
– Overwrite Windows Service with new version
• A final State is used to restart Everything
– Service are started
– Sites are running