Skip to main content

Desired State Configuration with Powershell

At TechEd North America 2013 Microsoft has shed some light on the upcoming release of Powershell Version 4. The big news is the DSC or Desired State Configuration feature. Though I should just make a few comments about it.

What is it?

With DSC you can apply a configuration to your servers/datacenter i matter of minutes from powershell. DSC does not have any dependencies of the underlying infrastructure, however it is a tool to configure it. The scope of the DSC can be a server, a collection of servers or other infrastructure items.

How is it delivered?

DSC support both PUSH and PULL configurations. You can apply an configuration with a script that targets specific objects (PUSH) or you can provide an URI to the configuration and the scoped selection and the targets will download the configuration from there (PULL) at scheduled intervals which also can be configured. If you use a PULL model, you must configure your target nodes with an URI and an UUID. 

How do you write it?

You use a declarative syntax to express the state of operating system features. Each feature requires an provider. You can easily write an provider with powershell. I also expect it to be possible to write a provider from Visual Studio. Currently only a few providers exist, however I expect this to change dramatically over the next moths while we wait for the final release of the product.

Operating systems supported?

We expect Powershell V4 to be preinstalled on Windows Server 2012 R2 and Windows 8.1. It is also highly likely that the distribution channel for V4 will be the Windows Management Framework. Further it has been an tradition from Microsoft to support the current release of the operating system and 2 back. This way V4 will be supported in Windows server 2008 R2, Windows 7 and Windows 8 if Microsoft decides to follow their tradition. This implies that Windows 2008 servers are falling behind, as is to be expected. 

How does DSC work?

Using the declarative syntax powershell compiles your script to a MOF-file. You then apply the MOF to your datacenter/servers. When the target system applies an MOF, it checks to see it has all the modules required by the MOF and apply the configuration described in the MOF. When used in combination with the PULL model, the target will automatically try and download any missing modules/providers, extract it to the correct location and finally run them. 

My 2 cents

The linux guys has been enjoying this for years with puppet/chef. I am really excited about this as it will be an turning point in how we apply configuration across different scopes of servers. In software development I see a huge potential as your application evolves through the different stages (Development-, test- and production environment). 

I will definitely write more when I can get my hands on a preview of 2012 R2.   

You can watch a demo here: 


Popular posts from this blog

Monitoring Orchestrator runbook events from Operations Manager

Today I will follow up on my colleague’s post Mr ITblog (Knut Huglen) about monitoring Orchestrator Runbook events.  He has build a nice double up SNMP loopback feature that does self monitoring in Orchestrator resulting in entries written to a special Windows Eventlog. Now we need to raise alerts in SCOM when one of his runbooks fails or sends a platform event, who knows there could be trouble lurking in his paradise.

We are not going to do anything fancy, however these are the steps we will be focusing on today:
Create a Management Pack for our customizations Create rules that collects the events from the orchestrator serverOff we go then and fire up the SCOM console and a powershell window. First we create a MP, I am going to use powershell to do this, however you may use the SCOM console as well (Administration – ManagementPacks – Action: Create Management Pack):

Import the Management Pack into SCOM and move on to the Authoring section in the SCOM console. Create a new rule:

Give the…

Powershell – Log like you mean it

How do you do logging in powershell? Why should you do logging? What should you log? Where do you put your log? How do you remove your log? How do you search your log? All important questions and how you answer then depends upon what your background is like and the preferences you have. This will be a 2 part blog post and this is part 1.

Why should you log?

Well it is not mandatory, however I have 2 reasons:
Help with debugging a script/module/functionSelf documenting script/module/function
Firstly; Do you know any program that does not contain any bugs? Working with IT for the last 2 decades, I cannot name one. When you create scripts/modules/functions, you will create bugs, that is where they live and try to make your life a living mess.

Secondly: Adding a little extra information to your logging will make them self documenting. Do you like writing documentation? Well I normally am not fond of it and use logging while debugging to get two birds with one stone.

What should you log?


Powershell - List information about your WIFI networks

This is just a quick post about this new function I have created. Basically this is a text-output to powershell object output function that uses netsh to query the WIFI information. This illustrates the importance of changing the authentication level on your WIFI-network. No matter if you use WEP/WPA/WPA2 your password is available in clear text in your profile.