You know PowerShell and you must have heard of DSC, but 6 years after its creation, where are we at?
Join Gael Colas, a well-known DSC contributor and Microsoft MVP, in this session, he will show what's happening in the DSC community, how to get started, where to find information or help, and some best practices to follow.
He will demo some concepts, practices and use cases, share some code, and insights about who's behind DSC and what they are doing, so you have no excuse for not learning Configuration Management!
- Demo code: https://github.com/gaelcolas/packer-templates
Follow & connect with Gael Colas:
- Twitter: https://twitter.com/gaelcolas
- LinkedIn: https://www.linkedin.com/in/gaelcolas/
- Blog: https://gaelcolas.com/
Thanks to dotdigital Group (https://dotdigital.com / https://twitter.com/dotdigital) for providing the venue, food and drinks. We very much appreciate your continued support of our community of PowerShell & DevOps tech enthusiasts.
Join our next event at https://www.meetup.com/PowerShell-London-UK/. We are running at least one Meetup every month.
#PowerShell #PSDSC
3. • Automate configuration of a set of computers (target nodes)
• Option to create custom resources to configure the state of any application or
system setting
What is DSC?
3
Scripts
Environment
Variables
Registry
Repair
Desired
State
Report
Desired
State
Deploy
Software
Roles and
Features
Files and
Directories
Processes and
Services
Users and
Groups
4. • Imperative
• Declarative
Imperative vs. Declarative Language
Configuration BaseBuild {
WindowsFeature Backup {
Ensure = "Present"
Name = "Windows-Server-Backup"
}
}
Add-WindowsFeature Windows-Server-Backup
6. What’s new about DSC?
DSCv2, Native LCM,Azure Guest Configuration
7.
8.
9. DSCv2 is not DSCv2 yet!
Explaining how things works, and semantic
10. The best tools to resolve
AZURE STATE
CONFIGURATION
01
AZURE RUN
SCRIPT
02
AZURE CHANGE
HISTORY
03
AZURE POLICY
GUEST
CONFIGURATION
04
HOW DO I
CONFIGURE
SERVER SETTINGS
AS I DEPLOY THEM
IN AZURE?
01
HOW DO I INSTALL
APPLICATIONS IN
MY SERVERS ON
AZURE?
02
CAN I SEE HOW
THINGS HAVE
CHANGED OVER
TIME?
03
CAN I PROVE MY
SERVERS ARE
COMPLIANT WITH
BASLINES?
04
11. Manage the configuration
of your operating system
and application settings
View compliance reports at
scale from across your
environment
Centrally store
configurations and
dependent modules
Configuration Management (DSC)
Set and control your configuration as code
12. Discover what's installed on your
machines
• Software
• Services/Daemons
• Files
• Registries
View how many machines have a
specific software or version
Updated when a change is
detected
Inventory
Discover the state of your environment
13. Detect changes to your machines
• Software
• Services/Daemons
• Files
• Registries
View changes when
troubleshooting
Alert on critical changes
Difference in Inventory snapshots
Change Tracking
Detect server changes
14. Assess update status of
servers across your
environment
Deploy updates to your
machines from a single
pane of glass
Verify update compliance
across your environment
Update Management
Assess & deploy server patches
15. Orchestrate tasks for your environment
• Optimize consumption (Stop/Start
VMs)
• Cleanup and maintenance tasks
Runtime environment
• Azure - using the automation service
• On-prem - using on-prem machines
Deploy Python2 and PowerShell jobs
• Deploy from the Azure portal, REST
API, PowerShell Cmdlets, schedules,
a webhook URL, Azure alerts, and
more
Azure Automation
Automate redundant, error-prone processes
job history
16. Audit inside Virtual Machines
• What is installed, check for known-bad
apps, protocols
• Certificates, admin privileges, health of
agents
• Customer-authored content
Who would apply these policies?
• Central IT (cloud custodian) looking for
regulatory requirements at scale
• Application teams validating they meet
compliance before releasing change
How would they see results?
• Report on details in Policy or in Cloud Shell
NEW: Azure Policy Guest Configuration
Audit settings in your virtual machines
17. Planning for DSC technologies
Azure State Configuration Azure Policy Guest Configuration Azure Guest Configuration
Learning/using DSC today
is a safe bet. Syntax
continues forward.
Currently focused on
Governance scenarios,
audit inside VMs.
Future state is to align
solutions.
Direction: Continue to be the native Configuration Management platform in Azure.