JohanPersson.nu

My Digital Brain

  • Getting started with Desired State Configuration – Part 2

    In the first part we got DSC up and running with some custom modules. In this part we will start using some of the built in modules. We start by creating a Configuration. In this case we want to create a configuration for a DC which means that we will need a DHCP Server. We start by installing the DHCP Role:

    configuration DC
{
    
    # One can evaluate expressions to get the node list
    # E.g: $AllNodes.Where("Role -eq Web").NodeName
    node ("DC01")
    {
        # Call Resource Provider
        # E.g: WindowsFeature, File
        WindowsFeature DHCPServer
        {
           Ensure = "Present"
           Name = "DHCP"
        }
    }
}

DC

Start-DscConfiguration -Path .\DC

    When the configuration is created we run it to create the .mof (the Mof file is created in a folder with the same name as the node in the folder where you are running the configuration block) file for the configuration and then we start the configuration by invoking Start-DscConfiguration.

    We continue to build our configuration by using the Service Dsc module. By running:

    Get-DscResource Service | select -ExpandProperty Properties

    we will get more information about the module and which keywords we can use. We use this to set the State and StartupType

    configuration DC
{
    
    # One can evaluate expressions to get the node list
    # E.g: $AllNodes.Where("Role -eq Web").NodeName
    node ("DC01")
    {
        # Call Resource Provider
        # E.g: WindowsFeature, File
        WindowsFeature DHCPServer
        {
           Ensure = "Present"
           Name = "DHCP"
        }

        Service DHCP
        {
            State = "Running"
            Name = "DHCPServer"
            StartupType = "Automatic"
        }
    
    }
}

DC

Start-DscConfiguration -Path .\DC

    To verify that the configuration is applied  and that it has not been changed we use:

    Compare-DscConfiguration -Path .\DC

    If everything is OK we will see this:

    PSComputerName  ResourcesInDesiredState        ResourcesNotInDesiredState     InDesiredState 
--------------  -----------------------        --------------------------     -------------- 
DC01            {[WindowsFeature]DHCPServer... {}                             True

    Try stopping the DHCP Service and run the same command again

      

    PSComputerName  ResourcesInDesiredState        ResourcesNotInDesiredState     InDesiredState 
--------------  -----------------------        --------------------------     -------------- 
DC01            [WindowsFeature]DHCPServer     [Service]DHCP                  False

    As you can see we can now find configuration drift… in the next part we will look at how to enforce the configuration.

    /Johan

  • Getting started with Desired State Configuration – Part 1

    I have been thinking a long time about forcing myself to learn Desired Stat Configuration (DSC), but I haven’t gotten around to it… Now is the time

    Desired State Configuration is this super cool technology that appeared in Windows Server 2012 R2 and when Microsoft st6arted talking about it the typical example was the you hade this farm of Web Servers and you wanted to ensure that they were identically configured. The problem is that most of my customers do not have a farm of web servers… so what do I use it for. Well, Microsoft is releasing these new DSC resources on a regular basis for a lot of products which means that it is getting more and more interresting. The latest resource kit is called Wave 9 and it contains the following resources:

    cFileShare
    xActiveDirectory
    xAdcsDeployment
    xAzure
    xAzurePack
    xBitlocker
    xChrome
    xComputerManagement
    xCredSSP
    xDatabase
    xDhcpServer
    xDismFeature
    xDnsServer
    xDscDiagnostics
    xDSCResourceDesigner
    xExchange
    xFailOverCluster
    xFirefox
    xHyper-V
    xInternetExplorerHomePage
    xJea
    xMySql
    xNetworking
    xPendingReboot
    xPhp
    xPowerShellExecutionPolicy
    xPSDesiredStateConfiguration
    xRemoteDesktopAdmin
    xRemoteDesktopSessionHost
    xSafeHarbor
    xSCDPM
    xSCOM
    xSCSMA
    xSCSPF
    xSCSR
    xSCVMM
    xSmbShare
    xSqlPs
    xSQLServer
    xSystemSecurity
    xTimeZone
    xWebAdministration
    xWindowsRestore
    xWindowsUpdate
    xWinEventLog
    xWordPress

    As you can see thare are A LOT of them… some that I think are really cool are for instance TimeZone, RemoteDesktopAdmin, BitLocker and more. Note that all DCS recources starting with an X are eXperimental. So lets get started…

    Prerequsites

    DSC is built in to Windows Server 2012 R2 but it needs a patch KB2883200. If this patch is not installed you will net be able to see the modules you have installed.

    Installing DSC Resources

    There are some default resources installed by default:

    File
    Archive
    Environment
    Group
    Log
    Package
    Registry
    Script
    Service
    User
    WaitForAll
    WaitForAny
    WaitForSome
    WindowsFeature
    WindowsOptionalFeature
    WindowsProcess

    If you want to install other modules (for instance Wave 9) you just download them and extract them to the folder C:\Program Files\WindowsPowerShell\Modules

    Verifying the install

    To verify the install run the following command

    Get-DSCReource

    In the next part we will look at how you actually use DSC to create server configurations

    /Johan

    Links

    http://blogs.msdn.com/b/powershell/archive/2014/12/17/another-holiday-present-from-the-powershell-team-dsc-reskit-wave-9.aspx
    http://support.microsoft.com/kb/2883200