building and managing your virtual datacenter using powershell dsc - florin loghiade

Download Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

Post on 07-Jan-2017

940 views

Category:

Technology

1 download

Embed Size (px)

TRANSCRIPT

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Building and Managing your Virtual

    Datacenter using PowerShell DSC

    Florin Loghiade

    Cloud & DevOps Engineer

    Avaelgo

    Blog: florinloghiade.ro

    Twitter: @florinloghiade

    https://florinloghiade.ro/

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Many thanks to our sponsors & partners!

    GOLD

    SILVER

    PARTNERS

    PLATINUM

    POWERED BY

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    What is PowerShell DSC (Desired State

    Configuration)?

    Deployment Models

    Configurations

    Resources

    PowerShell DSC Scenarios

    Agenda

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    WHAT IS POWERSHELL DSC?

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Configuration management platform

    Cross-Platform

    Standards based (Distributed Management Task

    Force)

    Allows continuous deployment and prevents

    configuration drift

    Uses language extensions and providers to enable

    declarative and idempotent deployments

    What is PowerShell DSC?

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    DSC vs. GPO

    Feature Group Policy DSC

    Configuration stored in GPO file Configuration script / MOF file

    Target nodes by means of AD links to OUs, sites, etc. Configuration specifies node names

    Configuration implemented by Client-side OS components Client-side shell scripts (resources)

    Extensible by means of Complex native programming Windows PowerShell scripts

    Primary configuration target Windows registryAnything Windows PowerShell can touch

    Persistence Settings reapply each time Settings are persistent

    Number of configurations per node As many GPOs as you want to link One or More (Partial Configurations)

    Source: Channel 9

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Traditional Scripts vs DSC

    DSC ConfigurationsIntent

    DSC ResourcesTechnology Specific

    DSC Engine

    Dependency ResolutionLogging & Error Handling

    Reboot ResiliencyRepeatable Automation

    Traditional Scripts

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Easy to write and easy to deploy

    Intent EnvironmentConfiguration(Dev -> Test -> Production)

    $WebConfigEnv = @{ComputerName = $VMServerNamesName = FourthCoffee

    }

    StructuralConfiguration

    WindowsFeature IIS {Name = "Web-Server"Ensure = "Present"

    }

    Make It So IdempotentAutomation

    foreach -parallel ($featureName in $Name){

    $feature = Get-WindowsFeature -Name $featureNameif(($Ensure -eq "Present") -and (!$feature.Installed)){

    Install-WindowsFeature -Name $featureName}.

    }

    Source: Channel 9

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Push Manual Process. DSC Resources have to be copied to the nodes

    Use Start-DscConfiguration to copy the MOF to the nodes and tell them to

    make it so.

    Pull Use Push to enroll nodes, configuring them to query a Pull Server. The nodes

    then check the pull server every 30 minutes for configuration changes.

    DSC Resources must be zipped and placed on the Pull Server

    Every generated MOF file has to be accompanied by a checksum file and both

    need to be placed on the Pull server.

    Two Deployment Modes

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Push Model

    Configuration Staging Area

    (Contains DSC data)

    Authoring Phase(May include imperative as well as declarative code)

    Staging Phase- Fully declarative configuration

    representation using DMTF standard MOF instances

    - Configuration is calculated for all nodes

    Make it So Phase(Declarative configuration is reified through imperative providers.)

    Parser and Dispatcher

    Imperative Providers

    Providers implement changes: Monotonic Imperative Idempotent

    Local Configuration

    Store

    3rd party languages and

    tools

    PowerShell V(n)

    Visual Studio Code

    Source: Channel 9

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Pull Model

    Pull Server(Contains DSC data and

    Modules)

    Authoring Phase(May include imperative as well as declarative code)

    Staging Phase- Fully declarative configuration

    representation using DMTF standard MOF instances

    - Configuration is calculated for all nodes

    Make it So Phase(Declarative configuration is reified through imperative providers.)

    Parser and Dispatcher

    Imperative Providers

    Providers implement changes: Monotonic Imperative Idempotent

    Local Configuration

    Store

    3rd party languages and

    tools

    PowerShell V(n)

    Visual Studio Code

    Source: Channel 9

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Core DSC Resources

    Resource DescriptionArchive Resource Unpacks archive (.zip) files at specific paths on target nodes.

    Environment Resource Manages system environment variables on target nodes.

    File Resource Manages files and directories on target nodes.

    Group Resource Manages local groups on target nodes.

    Log Resource Logs configuration messages

    Package ResourceInstalls and manages packages, such as Windows Installer (.msi) and setup.exe packages on target nodes.

    WindowsProcess Resource Configures Windows processes on target nodes.

    Registry Resource Manages registry keys and values on target nodes.

    WindowsFeature Resource Adds or removes Windows features and roles on target nodes.

    Script Resource Runs Windows PowerShell script blocks on target nodes.

    Service Resource Manages services on target nodes.

    User Resource Manages local user accounts on target nodes.

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    xDSC Resources

    Resource DescriptionxSmbShare Allows configuration of a SMB Share

    xADDomain Allows configuration or deployment of Active Directory components

    xWindowsUpdates Handles the installation of a Windows Update from a given path

    xNetworking Allows configuration of network adapters, firewall rules and more

    xSQLServer Allows configuration or deployment of SQL Server

    xFailoverCluster Allows configuration or deployment of Failover Clusters

    xHyper-V Allows configuration or deployment of Hyper-V

    xWebAdministration Allows configuration of IIS websites, application pools etc.

    Marked as eXperimental, these resources are in continuous development and should be considered as beta resources.

    There are over 500 resources online and open sourced on GitHub: https://github.com/PowerShell/DscResources/tree/master/xDscResources

    https://github.com/PowerShell/DscResources/tree/master/xDscResources

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    DSC Resources for Linux

    Provider Description

    nxArchive Unpacks .tar or .zip archives at a specific path

    nxFile Allows management of files and directories

    nxFileLine Provides a mechanism to manages lines within a configuration file

    nxPackage Allows management of packages (.rpm, .deb, yum, zipper, apt)

    nxUser Allows management of users

    nxGroup Allows management of groups

    nxScript Provides a mechanism to run .sh / .bash scripts

    nxService Allows management of services (init, upstart, systemd)

    nxEnvironment Allows management of environment variables

    nxSSHAuthorizedKeys Allows management of SSH keys

    Yes you read right. DSC can be used on Linux machines. Can be installed using native packages (rpm/deb) At this time there are about 10 built-in DSC Resources Supports Push/Pull deployment models

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Configuration StopService

    {

    Import-DscResource -ModuleName PSDesiredStateConfiguration

    Service BITS

    {

    Name = 'BITS'

    State = 'Stopped'

    StartupType = 'Disabled'

    Ensure = 'Absent' #This deletes the service

    }

    }

    What do configurations look like (Windows)

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Configuration InstallApache

    {

    Import-DSCResource -Module nx

    node

    {

    nxPackage Apache

    {

    PackageManager = 'Yum'

    Ensure = 'Present'

    Name = 'httpd'

    }

    }

    }

    What do configurations look like (Linux)

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    DEMO

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    POWERSHELL DSC SCENARIOS

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    You can deploy bare VMs and have DSC configure them based on

    a role (Web Server, SQL Server, AD Domain Controller, Cluster etc.)

    No more gold images

    You can keep production servers in check

    You can be sure that everything that you configured via DSC will stay that

    way even if somebody tampers with the configuration

    Create multiple identical environments with ease.

    Dev, QA, Staging, Production

    You can use DSC with your release management tools.

    VSTS, TFS, TeamCity etc.

    PowerShell DSC Scenarios #1

  • @ITCAMPRO #ITCAMP16Community Conference for IT Professionals

    Azure offers a service named Azure Automation that

    besides running native PowerShell Code it also is a

    DSC

Recommended

View more >