PowerShell's Desired State Configuration
The PowerShell DSC sequence I’m using to deploy my Windows machines primarily uses script elements although a multitude of other elements (such as WindowsFeature shown below) could be used. The Pull Server has PowerShell DSC installed as a feature.
With this example, I’m using Server 2016 in Azure against other Azure provisioned systems.
This example is from provisioning a Windows client on Azure and using a bootstrap (Custom Script Extension) for using PowerShell DSC (Pull) off a Server 2016 (WMF 5) DSC server.
I’m using Self-Signed certificates in my environment. One certificate is for the webserver of my DSC server. The second certificate is for DSC to use for encryption.
My target machine is an Azure provisioned RHEL 7.2 system. I’m using an Azure Script Extension to install PowerShell DSC for Linux off a Server 2016 (WMF 5) Pull Server.
As my provisioned machine cannot access the internet, I’ve downloaded the omi and dsc rpm installers and placed them on an internal web server.
PowerShell’s Desired State Configuration is becoming a core component of Windows and is included with the installation of PowerShell 5.
Earlier I wrote about enabling WinRM using a self-signed certificate (http://www.laurierhodes.info/?q=node/115). Use those instructions to configure WinRM on a newly built machine.
Windows Remote Management is a core technology for the remote management and configuration of Windows machines. WinRM is essential for automating complex Azure and AWS tasks. This guide will outline how to establish WinRM using SSH and a self-signed certificate. A certificate issued from a Certificate Authority would be preferable but for the purpose of establishing a test environment, the steps below are enough to get the technology working.
This demonstration is in three parts.
PowerShell’s Desired State Configuration allows for routines or classes to be run on remote machines by passing a text based “properties” object to the destination end-node. There are a growing number of Microsoft supplied “classes” and importantly, the framework allows for custom development of additional objects.
MOF Files define the inputs to the class that will be run remotely.
