Book Image

Learning PowerShell DSC - Second Edition

By : James Pogran
Book Image

Learning PowerShell DSC - Second Edition

By: James Pogran

Overview of this book

The main goal of this book is to teach you to configure, deploy, and manage your system using the new features of PowerShell v5/v6 DSC. This book begins with the basics of PowerShell Desired State Configuration, covering its architecture and components. It familiarizes you with the set of Windows PowerShell language extensions and new Windows PowerShell commands that make up DSC. Then it helps you create DSC custom resources and work with DSC configurations with the help of practical examples. Finally, it describes how to deploy configuration data using PowerShell DSC. Throughout this book, we will be focusing on concepts such as building configurations with parameters, the local configuration manager, and testing and restoring configurations using PowerShell DSC. By the end of the book, you will be able to deploy a real-world application end-to-end and will be familiar enough with the powerful Desired State Configuration platform to achieve continuous delivery and efficiently and easily manage and deploy data for systems.

Related Content you might be interested in

Current Title:

Small book image
Learning PowerShell DSC - Second Edition
James Pogran
Sep, 2017 | 272 pages
Small book image
Windows Server 2019 Automation with PowerShell Cookbook
Thomas Lee
Feb, 2019 | 542 pages
Small book image
Windows Server 2016 Automation with PowerShell Cookbook
Thomas Lee | Ed Goad
Sep, 2017 | 660 pages
Small book image
Learn PowerShell Core 6.0
JanHendrik Peters | David das Neves
Jul, 2018 | 552 pages
Table of Contents (9 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Introducing PowerShell DSC
Introducing PowerShell DSC
What is PowerShell DSC?
Why do we need configuration management?
DSC quick wins
DSC high-level overview
Why all the abstraction?
How does DSC help?
DSC features
PowerShell V4 DSC
PowerShell V5 DSC
PowerShell V6 DSC
Summary
2
DSC Architecture
DSC Architecture
Overview
Push and pull modes
The general workflow
The example workflow
Configuration data
Local Configuration Manager
The DSC pull server
Deployment considerations
Summary
3
DSC Configuration Files
DSC Configuration Files
Defining a DSC configuration script file
Defining a DSC configuration data file
Creating reusable DSC configurations
Debugging and troubleshooting configuration script files
Summary
4
DSC Resources
DSC Resources
What are DSC resources?
Summary
5
Pushing DSC Configurations
Pushing DSC Configurations
Tooling
Setting things up
Locally pushing DSC configurations
Remotely pushing DSC configurations
Things you must consider when pushing DSC configurations
Summary
6
Pulling DSC Configurations
Pulling DSC Configurations
Creating DSC pull servers
Validating a DSC pull server install
Registering target nodes with a DSC pull server
Pulling DSC configurations with a DSC pull server
DSC pull server and target node status
Summary
7
DSC Cross Platform Support
DSC Cross Platform Support
DSC cross-platform support
Summary
8
Example Scenarios
Example Scenarios
Real-life DSC usage
Setting up a common installation base
Installing software
Configuration management refresher
Complicated deployments
Handling change
Summary

PowerShell V4 DSC

PowerShell V4 was released as part of WMF 4 on October 24, 2013, and contained the first released version of DSC. Even though this was the first release of DSC, it is still referred to as being version 4 of DSC. While confusing at first, this is largely something you can ignore, as versioning of DSC resources is a more frequent point of variance.

As the first release, this version of DSC largely focuses on bringing a minimally viable product to the market for Microsoft. Microsoft is a little late to the DevOps game with DSC, as there are several toolsets out there that have been in use for many years. Puppet and Chef are the most notable, but there are many others. What sets DSC apart here is that it is not an add-on or separate product; it's a core part of the Windows OS and can be used by other tools as much as it can be used by itself.

The first version contains most features needed out of the gate to start automating your deployment process, but only the built-in DSC resources were available and were lacking in addressing commonly used products such as IIS, SQL, or Exchange. In the early days, Microsoft relied heavily on the community to expand its DSC resource list, which resulted in mixed success. Microsoft released a set of DSC resources it authored to the community in batches to address the gap. The combination of community and Microsoft contributions has greatly expanded the reach of DSC, and it has been expanding it ever since.

V4 DSC language extensions

DSC adds three new functions as language extensions to support declaring the expected state of a machine:

  • Configuration: The configuration keyword is a DSC function that declares a set of operations to perform on a target system.
  • Node: The node configuration keyword is a DSC function that declares the target host to perform operations on.
  • Import-DscResource: This looks like a PowerShell cmdlet but really is a keyword. It locates the DSC resources needed to parse and compile the DSC configuration script.

V4 DSC base resources

The following table lists the DSC base resources of V4:

Base resource

Description

Service

The Service DSC resource performs operations against Windows services. It can start or stop a service or configure the account it runs under and the startup type of the service. This resource cannot install services; it operates only on services that are already present. Look at the xService resource for additional functionality.

Script

The Script resource is a versatile generic resource. It allows you to specify an arbitrary block of code to be executed on the target host. There are some restrictions such as variable expansion and access to some system resources. Generally, this should be used for short term or one-off situations that are not handled by an existing DSC resource, as error handling and proper idempotency is difficult to achieve in the limited space you have.

User

The User DSC resource performs operations on local users on the target system. It allows the creation or deletion of users and setting passwords and password policies as well as basic attributes of the user.

WindowsProcess

The WindowsProcess DSC resource performs operations on processes on the target system. This is commonly used to execute arbitrary executables with specific parameters that are not handled by an existing DSC resource.

WindowsFeature

The WindowsFeature DSC resource adds or removes features of the Windows operating system. This uses the built-in Deployment Image Servicing and Management (DISM) infrastructure of the Windows Server platform; some features are not operable using this resource on a client OS.

Registry

The Registry DSC resource adds, removes, or modifies registry entries in the target system. Support for the full range of registry keys and values is present.

Environment

The Environment DSC resource adds, removes, or modifies environment variables on the target system.

Archive

The Archive DSC resource performs operations on compressed files.

Group

The Group DSC resource performs operations on local groups on the target system. It can add, remove, or modify membership on local groups.

Package

The Package DSC resource installs software bundled in MSI or EXE formats. In the case of MSI, it can also remove software if all the necessary options are provided to the MSI command line. Refer to the MSI documentation for more information on this.

Log

The Log DSC resource writes messages to the DSC operational log. This is useful for troubleshooting or diagnostic purposes.

V4 DSC cmdlets

Cmdlet

Description

Get-DSCConfiguration

This cmdlet returns the current DSC configuration status of the node if the configuration exists. If it does not, this will throw an error. This can also be run on remote systems.

Get-DSCLocalConfigurationManager

This returns the current settings, or meta-configuration, of the LCM on the system if the settings exist. This can be run on remote systems and is useful for troubleshooting DSC deployments that use DSC pull servers.

Get-DSCResoure

This cmdlet returns a list of all DSC resources on the system. This is vital in troubleshooting and authoring DSC resources, as it helps show what resources are present on the system. If the resource you are authoring is not present, then DSC cannot read the resource.

New-DSCCheckSum

This cmdlet returns a hash from the DSC configuration MOF file. This is used to deploy MOF files to pull servers.

Remove-DSCConfigurationDocument

This cmdlet removes the compiled MOF from the target node, along with additional cleanup tasks.

This cmdlet is available only as part of the November 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2: http://support.microsoft.com/en-us/kb/3000850, from the Microsoft support library. Before you use this cmdlet, review the information in What's New in Windows PowerShell: http://technet.microsoft.com/library/hh857339.aspx in the TechNet library.

Restore-DSCConfiguration

This cmdlet restores the previous configuration for the target node if a previous successful configuration exists on the target node.

Stop-DSCConfiguration

This cmdlet stops a currently running configuration on a target node. This is useful in aborting interactive configuration runs initiated using Start-DSCConfiguration.

This cmdlet is available only as part of the November 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2: http://support.microsoft.com/en-us/kb/3000850 from the Microsoft Support library. Before you use this cmdlet, review the information in What's New With PowerShell: https://docs.microsoft.com/en-us/powershell/scripting/What-s-New-With-PowerShell?view=powershell-6 in the TechNet library.

Test-DSCConfiguration

This cmdlet runs the specified configuration against a target node but does not execute it. It compares the current state of the system to the expected configuration and reports back if they match. No changes are made to the system using this cmdlet.

Set-DSCLocalConfigurationManager

This cmdlet is used to change the settings, or meta-configuration, on the LCM on the target computer. This is most often used in pull server scenarios.

Start-DSCConfiguration

This cmdlet executes the specified MOF file against the target computer. This is by far the cmdlet you will use the most, as it's helpful in both authoring and troubleshooting DSC configurations and DSC resources.

Import-DSCResource

This cmdlet is really a dynamic function that is only available at runtime. It specifies which DSC resources need to be loaded to parse and compile the DSC configuration script.

V4 DSC pull server

The DSC pull server is the management server that the DSC agents on target nodes pull DSC configurations and DSC resources from. This will be explained in greater detail in Chapter 6, Pulling DSC Configurations.

Previous Section
End of Section 9
Next Section