Presentation is loading. Please wait.

Presentation is loading. Please wait.

Struggles and Redemption of a DSC Deployment

Published byRoy Colin Copeland Modified over 7 years ago

Similar presentations

Presentation on theme: "Struggles and Redemption of a DSC Deployment"— Presentation transcript:

1 Struggles and Redemption of a DSC Deployment
(DSC Part 2)

2 DSC Overview (or Review)
What is dsc and why do I need it? What are requirements of DSC? What are some Limitations of dsc? How do I use DSC?

3 What is Desired State Configuration (DSC) and Why Do I Need It?
You declare how you want the system to look like. "this is how you should be" versus "do these steps in order“ "treat your servers like cattle, not like pets" -Michael Greene, Microsoft (Cloud Group) "We don't really care how DSC does it, just that it gets done" "Make it so“ DevOps mentality Comparison to group policy Based on open standards (MOF), huge community interest Desired State Configuration - you declare how you want the system to look like. "this is how you should be" versus "do these steps in order" "treat your servers like cattle, not like pets" -Michael Greene, Microsoft (Cloud Group) "We don't really care how DSC does it, just that it gets done" "Make it so" DevOps Ensures systems are setup properly before application deployment In an immutable paradigm DSC can be used to completely setup the system and deploy code in one swoop. Comparison to group policy Open standards (MOF) MS and community provided Resources and dependency handling Default File, Archive, Environment, Group, Log, Package, Registry, Script, Service, User, Windows Feature, Windows Process

4

5 What are the Requirements of DSC?
PowerShell version 4+ .Net 4.5 (for PowerShell v4+) Remoting/WinRM need to be enabled (even if pushing locally)

6 What are the Limitations of DSC?
Must know entire configuration before applying to an endpoint Only one active configuration can be applied at a time (v4). V5 will support “partial configurations” There’s no magic “rollback” button – you’d need to apply a new configuration with the exact opposite settings to “rollback” etc. No tools are generally available for managing DSC configurations en masse (versus group policy, which has been around for 15 years) Some resources are only designed to work on Windows 8/2012+ Limited documentation available (blogs and books noted at end) Must know entire configuration before applying it to a client (can't make configuration changes at run time, unless using the Script specific resource) V4, only one active configuration per client. V5 will change this (partial configurations) What does this mean? You could apply a config to ensure IIS is present, and then apply another config to ensure WindowsBackup is present, but DSC will only apply/monitor/report/correct the last configuration that's applied to an endpoint. Someone could come along and remove IIS in this example, and DSC would be none the wiser, since you haven't told it to make sure that IIS is present There's no magic "rollback" button for configurations that have been applied. To get back to the previous state (before a configuration was applied) you'd need to write an opposite configuration (if IIS was installed via configuration, and you wanted to reverse setting that configuration, you'd need to apply a configuration that does the opposite - in this case ensuring that IIS is absent instead of present) Some resources are designed for 2012/2012R2, and use cmdlets that aren't available in 2008/2008R2, just make sure to check first (some even require v5!) No tools available (versus group policy which has been around for 15+ years and has a pretty large group of tools around it) Limited documentation available, go off of Scripting Guy resources/links below

7 How do I use DSC? “Configuration” keyword was added in PSv4 (works similar to the function keyword) Define configurations using PowerShell language A Configuration defines how you want the system to look, and DSC resources do the work required to get to that state Process (simplified) Push: Create Configuration > Compile MOF > Deploy/Apply Pull: Create Configuration > Compile MOF > Upload to Pull Server > Update LCM on clients (advanced)

8 Practical Examples/Demos
Adding WindowsFeature Removing Windowsfeature Server build Adding WindowsFeature will show how to apply a simple configuration to ensure that the WindowsBackup feature is present, and then see it get installed. Removing WindowsFeature (or ensuring the absence of a specific feature) will show how to remove an installed feature, or to ensure a feature is not installed (I’m looking at you Telnet-Server!) Server Build will show a more complex example akin to what we’re using to configure servers after initial deployment.

9 Adding WindowsFeature (Demo)
Let’s write a configuration to ensure that the WindowsBackup feature is installed Not just limited to WindowsBackup, or even to Windows features, there are plenty of built in (and otherwise available DSC resources – think the DSC Resource Kits from MSFT)

10 Removing WindowsFeature (Demo)
Let’s write a configuration to ensure that the WindowsBackup feature is NOT installed Can be useful to make sure that a particular feature is not installed, or notifies you when it is installed (I’m looking at you Telnet- Server!)

11 ServerBuild Replaced legacy mixture of Vbscript and PowerShell
Cool Stuff New systems – VM, physicals – are all built the same way (once .Net and PSv4 are installed anyway) Configuration generated dynamically at execution time, takes parameters DNS server/site specific information Tough Bits File Resource, Script Resource, Package Resource can be tricky If using Push mode, custom resources need to be deployed prior to the configuration being applied (can be fixed using Pull mode) Don’t use Workflows in DSC scripts Replaced legacy mix of vbscripts and PowerShell files Cool stuff Push configuration generated dynamically at server build time/run time New systems are configured the same way when they're built Can have it configured to be injected into a VHD(X) file or run using Vmware configuration script Set DNS server configurations at run time based on parameters that pull information from a local config file Tough bits/Lessons learned File Resource - couldn't authenticate to remote shares at times, so double-check before deploying new systems with this template (this might've been just how we used it though) Script Resource - who knows how it's supposed to work? Can't pass parameters into the get or set methods. Very little in the way of formal documentation or examples Be careful with using the Win32_Product class, as it may trigger a pending installation or re-installation Package resource SCCM sucks: if you're trying to install the SCCM client using the package resource, and the package you've applied isn't the most recent client, SCCM will update it on-the-fly to the most recent version, which will cause the package resource to fail as a different product ID is installed versus the one that the package resource is looking for. Workaround? Use the Script resource and check for the existence of the product name in the Win32_Product output Getting MSI product IDs are difficult without the right tools, try the Windows Installer PS Module Stay away from trying to use Workflows with DSC - they're not really designed to work together well, and it really goes against everything DSC stands for Additional resources need to be copied manually in Push mode, but Pull mode will do that for you (if available on the Pull server) Next Steps Convert from Push to Pull configuration Set time zone, PS execution policy, enable RDP

12 Advanced Topics Push vs Pull Mode, Compliance reporting
LCM behavior (Apply, ApplyAndMonitor, ApplyAndAutocorrect) Nested configurations Defining config data/using AllNodes to control behavior Monitoring SCOM management pack for reporting DSC endpoint compliance Chef analytics server reporting Custom resources (don’t see something you need? Write your own!) Pull vs Push, compliance reporting LCM behavior: apply only, apply and auto correct, apply and monitor SCOM red/yellow/green monitoring/reporting for DSC configuration compliance Nested Configurations, ConfigData, AllNodes (included in my ServerBuild example for Network settings) - Steve Murowski, Building Scalable Configurations With DSC - Steve Murowski, Template to start DSC config utilizing ConfigData (heavily influenced by above videos) Custom Resources If you can't find something you need, you can make your own! Microsoft experimental resources start with 'x', and are not guaranteed to work, much less work the same way, in a future release Microsoft corporate-developed resources start with MSFT_ (they recommend you do the same for your own company) Community-developed resources start with 'c'

13 Shaun

14 The Future Of DSC Using OneGet w/DSC? Get excited!
Building entire stacks w/Powershell and DSC? Probably possible with the xPDT resource! What resources would you like to see? Tell the PowerShell team!

15 Want to Learn More? (cont’d)
PowerShell: Get-Help about_desired* Hey, ScriptingGuy!, MS Powershell, Building Clouds blogs PowerShell.org resources and forums Book(s) on DSC (check the notes) Channel9/YouTube “Why Puppet/Chef vs. DSC isn’t even a thing” (see the links in the notes below) PowerShell help about_desired* Basically every link you'll need to get started - Scripting Guy DSC posts Intro to DSC - Find DSC Cmdlets - Specifying DSC configuration data - Using DSC Resource Parameters - Pushing a Configuration to Multiple Servers (config data)- MS PowerShell blog on DSC - PowerShell.Org DSC Resources (great community-developed resources) - PowerShell.Org DSC forum - DSC Resource Kits - (current version is ResKit 9) Building Clouds blog - Channel9 Automation Series Part 3, PowerShell DSC - Why “Puppet vs. DSC” isn’t Even a Thing Windows PowerShell Desired State Configuration Revealed -

16 Discussion / Questions
What would you like to see next?

Download ppt "Struggles and Redemption of a DSC Deployment"

Similar presentations

© University of Reading 2007www.reading.ac.uk Huw Wright - IT Services Vista Deployment.

© University of Reading 2007www.reading.ac.uk Huw Wright - IT Services Vista Deployment.
VMWare to Hyper-V FOR SERVER 2012. What we looked at before migration  Performance – Hyper-V performs at near native speeds.  OS Compatibility – Hyper-V.

VMWare to Hyper-V FOR SERVER What we looked at before migration  Performance – Hyper-V performs at near native speeds.  OS Compatibility – Hyper-V.
Scripting Automated Solutions for Siemens PLM Software

Scripting Automated Solutions for Siemens PLM Software
1 Introduction to Tool chains. 2 Tool chain for the Sitara Family (but it is true for other ARM based devices as well) A tool chain is a collection of.

1 Introduction to Tool chains. 2 Tool chain for the Sitara Family (but it is true for other ARM based devices as well) A tool chain is a collection of.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Configuring the MagicInfo Pro Display

Configuring the MagicInfo Pro Display
Windows Domain Hardening

Windows Domain Hardening
AUTOBUILD Build and Deployment Automation Solution.

AUTOBUILD Build and Deployment Automation Solution.
Deploying Windows 7 Lesson 3. Objectives Understand enterprise deployments Capture an image file Modify an image file Deploy an image file.

Deploying Windows 7 Lesson 3. Objectives Understand enterprise deployments Capture an image file Modify an image file Deploy an image file.
Getting Started with the PowerShell.org DSC Toolkit Jason Hofferle

Getting Started with the PowerShell.org DSC Toolkit Jason Hofferle
Automated Deployment Framework Using TFS and Custom PowerShell cmdlets to create an automated deployment framework.

Automated Deployment Framework Using TFS and Custom PowerShell cmdlets to create an automated deployment framework.
1 PUPPET AND DSC. INTRODUCTION AND USAGE IN CONTINUOUS DELIVERY PROCESS. VIKTAR VEDMICH PAVEL PESETSKIY AUGUST 1, 2015.

1 PUPPET AND DSC. INTRODUCTION AND USAGE IN CONTINUOUS DELIVERY PROCESS. VIKTAR VEDMICH PAVEL PESETSKIY AUGUST 1, 2015.
Windows PowerShell Desired State Configuration Overview (for WMF 4.0 Preview) Windows PowerShell Desired State Configuration (DSC) is a new management.

Windows PowerShell Desired State Configuration Overview (for WMF 4.0 Preview) Windows PowerShell Desired State Configuration (DSC) is a new management.
Infrastructure as code. “Enable the reconstruction of the business from nothing but a source code repository, an application data backup, and bare metal.

Infrastructure as code. “Enable the reconstruction of the business from nothing but a source code repository, an application data backup, and bare metal.
SQL SERVER 2008 Installation Guide A Step by Step Guide Prepared by Hassan Tariq.

SQL SERVER 2008 Installation Guide A Step by Step Guide Prepared by Hassan Tariq.
INFSO-RI-223782 ETICS Local Setup Experiences A Case Study for Installation at Customers Location 4th. All Hands MeetingUwe Müller-Wilm VEGA Bologna, Nov.

INFSO-RI ETICS Local Setup Experiences A Case Study for Installation at Customers Location 4th. All Hands MeetingUwe Müller-Wilm VEGA Bologna, Nov.
Copyright © New Signature 2016. Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.

Copyright © New Signature Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.
Simple Push DSC with SCCM Compliance Items Matthew H. Teegarden Systems Software Engineer Lifetouch Inc. Joseph.

Simple Push DSC with SCCM Compliance Items Matthew H. Teegarden Systems Software Engineer Lifetouch Inc. Joseph.
Declarative Configuration Management with Azure Automation DSC and ARM Nathan Lasnoski Vice President of blog.concurrency.com Concurrency.

Declarative Configuration Management with Azure Automation DSC and ARM Nathan Lasnoski Vice President of blog.concurrency.com Concurrency.
Long Live Azure Automation!Long Live Azure Automation! Cloud-first Configuration Management and Automation Beth Cooper Program Manager.

Long Live Azure Automation!Long Live Azure Automation! Cloud-first Configuration Management and Automation Beth Cooper Program Manager.

Similar presentations

Ads by Google