building and managing your virtual datacenter using powershell dsc - florin loghiade

22
@ITCAMPRO #ITCAMP16 Community Conference for IT Professionals Building and Managing your Virtual Datacenter using PowerShell DSC Florin Loghiade Cloud & DevOps Engineer Avaelgo Blog: florinloghiade.ro Twitter: @florinloghiade

Upload: itcamp

Post on 07-Jan-2017

955 views

Category:

Technology


1 download

TRANSCRIPT

Page 1: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Building and Managing your Virtual

Datacenter using PowerShell DSC

Florin Loghiade

Cloud & DevOps Engineer

Avaelgo

Blog: florinloghiade.ro

Twitter: @florinloghiade

Page 2: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Many thanks to our sponsors & partners!

GOLD

SILVER

PARTNERS

PLATINUM

POWERED BY

Page 3: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

• What is PowerShell DSC (Desired State

Configuration)?

–Deployment Models

–Configurations

–Resources

• PowerShell DSC Scenarios

Agenda

Page 4: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

WHAT IS POWERSHELL DSC?

Page 5: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

• Configuration management platform

• Cross-Platform

• Standards based (Distributed Management Task

Force)

• Allows “continuous deployment” and prevents

“configuration drift”

• Uses language extensions and providers to enable

declarative and idempotent deployments

What is PowerShell DSC?

Page 6: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

DSC vs. GPO

Feature Group Policy DSC

Configuration stored in GPO file Configuration script / MOF file

Target nodes by means of AD links to OUs, sites, etc. Configuration specifies node names

Configuration implemented by Client-side OS components Client-side shell scripts (resources)

Extensible by means of Complex native programming Windows PowerShell scripts

Primary configuration target Windows registryAnything Windows PowerShell can “touch”

Persistence Settings reapply each time Settings are persistent

Number of configurations per node As many GPOs as you want to link One or More (Partial Configurations)

Source: Channel 9

Page 7: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Traditional Scripts vs DSC

DSC ConfigurationsIntent

DSC ResourcesTechnology Specific

DSC Engine

Dependency ResolutionLogging & Error Handling

Reboot ResiliencyRepeatable Automation

Traditional Scripts

Page 8: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Easy to write and easy to deploy

Intent EnvironmentConfiguration(Dev -> Test -> Production)

$WebConfigEnv = @{ComputerName = $VMServerNamesName = “FourthCoffee”

} …

StructuralConfiguration

WindowsFeature IIS {Name = "Web-Server"Ensure = "Present"

}…

Make It So IdempotentAutomation

foreach -parallel ($featureName in $Name){

$feature = Get-WindowsFeature -Name $featureNameif(($Ensure -eq "Present") -and (!$feature.Installed)){

Install-WindowsFeature -Name $featureName}….

}…

Source: Channel 9

Page 9: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Push• Manual Process. DSC Resources have to be copied to the nodes

• Use Start-DscConfiguration to copy the MOF to the nodes and tell them to

make it so.

Pull• Use Push to enroll nodes, configuring them to query a Pull Server. The nodes

then check the pull server every 30 minutes for configuration changes.

• DSC Resources must be zipped and placed on the Pull Server

• Every generated MOF file has to be accompanied by a checksum file and both

need to be placed on the Pull server.

Two Deployment Modes

Page 10: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Push Model

Configuration Staging Area

(Contains DSC data)

Authoring Phase(May include imperative as well as declarative code)

Staging Phase- Fully declarative configuration

representation using DMTF standard MOF instances

- Configuration is calculated for all nodes

“Make it So” Phase(Declarative configuration is reified through imperative providers.)

Parser and Dispatcher

Imperative Providers

Providers implement changes:• Monotonic• Imperative• Idempotent

Local Configuration

Store

3rd party languages and

tools

PowerShell V(n)

Visual Studio Code

Source: Channel 9

Page 11: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Pull Model

Pull Server(Contains DSC data and

Modules)

Authoring Phase(May include imperative as well as declarative code)

Staging Phase- Fully declarative configuration

representation using DMTF standard MOF instances

- Configuration is calculated for all nodes

“Make it So” Phase(Declarative configuration is reified through imperative providers.)

Parser and Dispatcher

Imperative Providers

Providers implement changes:• Monotonic• Imperative• Idempotent

Local Configuration

Store

3rd party languages and

tools

PowerShell V(n)

Visual Studio Code

Source: Channel 9

Page 12: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Core DSC Resources

Resource DescriptionArchive Resource Unpacks archive (.zip) files at specific paths on target nodes.

Environment Resource Manages system environment variables on target nodes.

File Resource Manages files and directories on target nodes.

Group Resource Manages local groups on target nodes.

Log Resource Logs configuration messages

Package ResourceInstalls and manages packages, such as Windows Installer (.msi) and setup.exe packages on target nodes.

WindowsProcess Resource Configures Windows processes on target nodes.

Registry Resource Manages registry keys and values on target nodes.

WindowsFeature Resource Adds or removes Windows features and roles on target nodes.

Script Resource Runs Windows PowerShell script blocks on target nodes.

Service Resource Manages services on target nodes.

User Resource Manages local user accounts on target nodes.

Page 13: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

xDSC Resources

Resource DescriptionxSmbShare Allows configuration of a SMB Share

xADDomain Allows configuration or deployment of Active Directory components

xWindowsUpdates Handles the installation of a Windows Update from a given path

xNetworking Allows configuration of network adapters, firewall rules and more

xSQLServer Allows configuration or deployment of SQL Server

xFailoverCluster Allows configuration or deployment of Failover Clusters

xHyper-V Allows configuration or deployment of Hyper-V

xWebAdministration Allows configuration of IIS websites, application pools etc.

• Marked as eXperimental, these resources are in continuous development and should be considered as beta resources.

• There are over 500 resources online and open sourced on GitHub: https://github.com/PowerShell/DscResources/tree/master/xDscResources

Page 14: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

DSC Resources for Linux

Provider Description

nxArchive Unpacks .tar or .zip archives at a specific path

nxFile Allows management of files and directories

nxFileLine Provides a mechanism to manages lines within a configuration file

nxPackage Allows management of packages (.rpm, .deb, yum, zipper, apt)

nxUser Allows management of users

nxGroup Allows management of groups

nxScript Provides a mechanism to run .sh / .bash scripts

nxService Allows management of services (init, upstart, systemd)

nxEnvironment Allows management of environment variables

nxSSHAuthorizedKeys Allows management of SSH keys

• Yes you read right. DSC can be used on Linux machines.• Can be installed using native packages (rpm/deb)• At this time there are about 10 built-in DSC Resources• Supports Push/Pull deployment models

Page 15: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Configuration StopService

{

Import-DscResource -ModuleName PSDesiredStateConfiguration

Service BITS

{

Name = 'BITS'

State = 'Stopped'

StartupType = 'Disabled'

Ensure = 'Absent' #This deletes the service

}

}

What do configurations look like (Windows)

Page 16: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Configuration InstallApache

{

Import-DSCResource -Module nx

node <insert linux server ip/hostname here>

{

nxPackage Apache

{

PackageManager = 'Yum'

Ensure = 'Present'

Name = 'httpd'

}

}

}

What do configurations look like (Linux)

Page 17: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

DEMO

Page 18: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

POWERSHELL DSC SCENARIOS

Page 19: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

• You can deploy “bare” VMs and have DSC configure them based on

a role (Web Server, SQL Server, AD Domain Controller, Cluster etc.)

– No more gold images

• You can keep production servers in check

– You can be sure that everything that you configured via DSC will stay that

way even if somebody tampers with the configuration

• Create multiple identical environments with ease.

– Dev, QA, Staging, Production

• You can use DSC with your release management tools.

– VSTS, TFS, TeamCity etc.

PowerShell DSC Scenarios #1

Page 20: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

• Azure offers a service named Azure Automation that

besides running native PowerShell Code it also is a

DSC Pull Server.

• You can use Azure Automation DSC to manage all

your cloud environments, including your on-premise

servers.

• Can be used as is or as a compliance server / module

repository

PowerShell DSC in Azure

Page 21: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

• Management platform in Windows PowerShell

• Allows you to:

–Enable / Disable server roles and features

–Manage registry settings

–Manage files and directories

–Deploy new software

–Prevent configuration drift

–And many more

DSC Overview

Page 22: Building and Managing your Virtual Datacenter using PowerShell DSC - Florin Loghiade

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Q & A