Laurie Rhodes's blog

PowerShell DSC (Pull) Sequence

The PowerShell DSC sequence I’m using to deploy my Windows machines primarily uses script elements although a multitude of other elements (such as WindowsFeature shown below) could be used.  The Pull Server has PowerShell DSC installed as a feature.

With this example, I’m using Server 2016 in Azure against other Azure provisioned systems.

PowerShell DSC – Pull Mode, Server 2012 R2 Client and Server 2016 Server

This example is from provisioning a Windows client on Azure and using a bootstrap (Custom Script Extension) for using PowerShell DSC (Pull) off a Server 2016 (WMF 5) DSC server.

I’m using Self-Signed certificates in my environment.  One certificate is for the webserver of my DSC server.  The second certificate is for DSC to use for encryption.

PowerShell DSC – Pull Mode, RHEL7 Linux Client

My target machine is an Azure provisioned RHEL 7.2 system.  I’m using an Azure Script Extension to install PowerShell DSC for Linux off a Server 2016 (WMF 5) Pull Server.

As my provisioned machine cannot access the internet, I’ve downloaded the omi and dsc rpm installers and placed them on an internal web server.

Azure Script Extensions - Powershell DSC Bootstrap

Azure Script Extensions allow end-to-end provisioning of standardised machines by providing a bootstrap mechanism to start configuration.

In the examples below, I am retrieving initial bootstrap scripts from a web server located on my vNet (and addressable in DNS). 

Linux Script Extension

With Linux, I’m using the CustomScriptForLinux.

Creating Chocolatey packages

This method utilises the free utility NuGet Package Explorer to wrap existing software packages for bootstrapping with Cloud provisioning.  These examples use a custom launcher (available on this site) to standatdise install and uninstall interfaces for software packages.  Once packaged, the Chocolatey installers can be installed from a NuGet server using standard PowerShell cmdlines

Package Metadata

Creating Custom Azure Roles with JSON Templates

 

A series of predefined roles are available for asignment within Azure.

The first place to start with defining custom roles is to export existing roles  using the PowerShell cmdlet Get-AzureRMRoleDefinition.  The snippet below writes the inbuilt Reader role to file.

Recursively tag Azure Objects

This code snippet allows the recursive tagging of Azure objects within a Resource Group with a predefines set of values

Calling Jenkins workflows with PowerShell / Web API

 

This script  shows how to use PowerShell to invoke a Jenkins workflow and retrieve the result.

Finding the results is depenent on each request being submitted with a unique request ID that may be filtered for.  It also assumes that a unique API token for the workflow being called is known.

Unfortunately, the best that can be retrieved at the completion of a Jenkins job is the text based log file.  This resides in a known folder on the jenkins server to the workflow can be hacked to replace the log with something a little more workable like JSON output.

SCCM Application Objects - Enhanced Registry Detection

Over the years I've posted a number of atricles related to using PowerShell with SCCM.  The most read of these was about creating SCCM Applications with Enhanced Detection methods - specifically for File Based Detection.  A number of people have asked for an example of the same script using Registry based detection for installed applications.

Not to go over old ground - the earlier blogs that may be of interest are found here:

PowerShell DSC - using an IP address to Configure a Workgroup Machine

 

PowerShell’s Desired State Configuration is becoming a core component of Windows and is included with the installation of PowerShell 5.

Earlier I wrote about enabling WinRM using a self-signed certificate (http://www.laurierhodes.info/?q=node/115).   Use those instructions to configure WinRM on a newly built machine.

Pages

Subscribe to RSS - Laurie Rhodes's blog