agenda - meetupfiles.meetup.com/3800542/nik charlebois - sharepointdsc.pdf · • dsc module:...
TRANSCRIPT
![Page 1: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/1.jpg)
![Page 2: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/2.jpg)
Agenda
Quick recap of Desired State Configuration (DSC)
Practical DSC – On-Prem
Practical DSC - Azure
Reverse DSC
![Page 3: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/3.jpg)
![Page 4: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/4.jpg)
Desired State Configuration (DSC)
• Requires PowerShell 4 or greater (WMF);
• Responsible for bringing/keeping a machine in its Desired State;
• Available both On-Prem and in Azure Automation & IaaS;
![Page 5: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/5.jpg)
Before we begin…
• Local Configuration Manager (LCM):
Engine responsible for ensuring the current machine is in its Desired State;
• DSC Module:
Represents a package responsible for configuring various aspects of a system. A module is normally associatedwith a software component (e.g. xEchange, xActiveDirectory, SharePointDSC, etc.);
• DSC Resource:
Responsible for configuring a specific aspect of a software. Each DSC Module is made of one or several resources(e.g. User, Mailbox, SPWebApplication, etc.);
![Page 6: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/6.jpg)
DSC Modules and Resources
xActiveDirectory
• MSFT_xADGroup
• MSFT_xADUser
• […]
xSCOM
• MSFT_xSCOMManagementPack
• MSFT_xSCOMReportingServerSetup
• […]
SharePointDSC
• MSFT_SPWebApplication
• MSFT_SPSite
• MSFT_SPSearchServiceApplication
• [..]
xExchange
• MSFT_xExchMailboxDatabase
• MSFT_xExchEventLogLevel
• […]
![Page 7: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/7.jpg)
![Page 8: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/8.jpg)
DSC Configuration Script
• Where you define your Desired State.
• PS1 script defining a special « Configuration » keyword (behaves like a method);
• Upon calling the configuration, generates a .MOF file;
![Page 9: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/9.jpg)
What Does it Look Like?
![Page 10: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/10.jpg)
Start-DSCConfiguration
• PowerShell cmdlet that sends the .MOF info to the Local Configuration Manager;
• Tells the LCM to start bringing the current machine in its Desired State right now;
• Asynchronous by default, use –Wait to make synchronous call;
• Used for « Push » Refresh Mode;
![Page 11: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/11.jpg)
![Page 12: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/12.jpg)
Troubleshooting DSCApplications and Services Logs > Microsoft > Windows > Desired State Configuration > Operational
![Page 13: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/13.jpg)
Secure Credentials
• By default securables are stored as plain text in the MOF file;
• Need to certificate to encrypt the content in MOF file;
• Specify the Certificate (.cer) and its Thumbprint in the configuration data;
![Page 14: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/14.jpg)
![Page 15: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/15.jpg)
![Page 16: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/16.jpg)
Local Configuration Manager
• Responsible for:
• Determining refresh mode (push or pull);
• Determining pull frequency;
• Associating the nodes with the pull servers;
• Handle partial DSC;
![Page 17: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/17.jpg)
Local Configuration Manager […]
• Keeps the MOF in memory as a DSCConfigurationDocument object;
• Get-DSCConfiguration returns the MOF currently in memory;
• Remove-DSCConfigurationDocument –Stage Current removes the current MOF from memory;
![Page 18: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/18.jpg)
LCM Refresh Modes
• Disabled:
• No DSC configuration specified;
• Push:
• Configurations were started by the Start-DSCConfiguration cmdlet;
• Configurations are applied immediately to the node;
• Default value;
• Pull:
• Regurarly ping a central server (a.k.a. Pull Server) to check
compliance with specified Desired State;
![Page 19: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/19.jpg)
LCM Refresh Frequency
• Only applicable to Pull Server mode;
• Specify, in minutes, intervals for pinging the Pull Server;
• Default is 30 minutes;
• Valid range is between 30 and 44640 minutes (31 days);
![Page 20: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/20.jpg)
LCM Configuration Modes
• ApplyOnly:
• Once the configuration is applied, LCM doesn’t do anything else unlessa new Configuration is received;
• ApplyAndMonitor:
• Apply the configuration, checks on a regular basis if the configuration drifted from Desired State and log discrepencies (Default);
• ApplyAndAutoCorrect:
• Apply the configuration, checks on a regular basis for
compliance, log discrepencies and automatically bring the
machine back in to its Desired State.
![Page 21: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/21.jpg)
LCM Configuration Frequency
• Time interval, in minutes, where the LCM checks the current state to see if it steered away from Desired State;
• Default is 15 minutes;
• Valid range is between 15 and 44640 minutes (31 days).
![Page 22: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/22.jpg)
![Page 23: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/23.jpg)
Partial DSC• New in WMF 5.0;
• Allows for the Desired State to be fragmented into several configurations;
• Enables better control over Governance of each partial DSC;
• Ex:
• Team A controls IIS, Team B controls SQL Server;
• Team A is responsible for deploying VM and OS, Team B is responsible for the Application layer;
• LCM is responsible for putting the fragments back together on the machines.
![Page 24: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/24.jpg)
Mixed Refresh Mode• There are really only two Refresh Modes:
• Push
• Pull
• In partial DSC, each fragment can be associated with whatever RefreshMode;
• For a single server, you can have some DSC fragments using Push whileothers use Pull;
• Can be pulled from multiple Pull Servers.
![Page 25: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/25.jpg)
![Page 26: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/26.jpg)
![Page 27: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/27.jpg)
Azure Automation DSC (AADSC)• Need to create an Azure Automation Account;
• Allows us to publish DSC configuration scripts in the cloud;
• DSC Configuration Scripts are compiled and checked for validity;
• Acts just like an On-Premises Pull server would;
• DSC Script can be assigned to VM by creating a custom extension;
![Page 28: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/28.jpg)
AADSC Assets• Types of Assets:
• Schedules
• Modules
• Certificates
• Connections
• Variables
• Credentials
![Page 29: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/29.jpg)
![Page 30: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/30.jpg)
![Page 31: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/31.jpg)
A SharePoint DSC Module• Open Source at:
• http://github.com/PowerShell/SharePointDSC
• Was the first DSC Resource to lose its ‘x’;
• Current version is 1.4.0.0.
• Currently looking at options to convert existing AutoSPInstaller scripts intoDSC Configuration script;
![Page 32: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/32.jpg)
A Look Inside• SPWebApplication
• SPSite
• SPWeb
• SPManagedAccount
• SPFeature
• …
![Page 33: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/33.jpg)
![Page 34: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/34.jpg)
![Page 35: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/35.jpg)
Anatomy of a DSC Resource
• Set-TargetResource -> Here is how I want you to configure me!
• Get-TargetResource -> How am I currently configured?
• Test-TargetResource -> Am I in my Desired State?
![Page 36: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/36.jpg)
LCM
Desired State Info
Get-TargetResource
Test-TargetResource
Current State Info
Is Current = Desired
Yes
Set-TargetResourceNo
![Page 37: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/37.jpg)
So…
• Get-TargetResource is included in every resource…
• Get-TargetResource returns me the current state of any given server for a resource…
• Using PowerShell we can dynamically call into all Get-TargetResourcemethods inside a Module…
![Page 38: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/38.jpg)
Introducing a new concept
Reverse DSC!https://github.com/PowerShell/SharePointDsc/pull/396/files
![Page 39: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/39.jpg)
The “Ahhhh” moment
• I can get an exact picture of how my existing environment is configured!
• I can export the result of calling all Get-TargetResource as a DSC script!
• I can use that script to create an exact replica of an existing environment or on-board an existing environment onto DSC!
• …I can even take an on-premises environment…..take that Reverse DSC and…. push a replica in Azure!
![Page 40: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/40.jpg)
Imagine the possibilities
• Analyze best practices
• Quickly replicate on-prem to Azure;
• Compare configuration drifts between 2 environments;
• Replicate a client’s environment for troubleshooting;
• Enroll existing environment onto DSC for Monitoring and compliance;
• DEV/TEST
• DEVOps
• ….
![Page 41: Agenda - Meetupfiles.meetup.com/3800542/Nik Charlebois - SharePointDSC.pdf · • DSC Module: Represents a package responsible for configuring various aspects of a system. A module](https://reader033.vdocuments.us/reader033/viewer/2022050412/5f88b3a6855400685d13c6f3/html5/thumbnails/41.jpg)