Today I’ll show you how to deploy a DSC server on Azure. This server will have the function of reference server, and will be the PULL server to store configurations.
To start, deploy a new server on Azure (Windows Server 2016 for me) and allow in the NSG, port 8080 and 443.
Install the following feature and the DSC module, with the following commands:
|
|
<em>Install-WindowsFeature DSC-Service -IncludeManagementTools</em> <em>Install-Module xPsDesiredStateConfiguration</em> <em>winrm quickconfig</em> |
|
Save the following script to configure your DSC server:
https://github.com/Flodu31/PowerShellDSC/blob/master/DSCPullServer.ps1
You can add a certificate and adapt ports. Execute it to generate the MOF configuration file for your server:
Launch the configuration of the server by executing the following command:
|
|
<em>Start-DscConfiguration -Path C:\Users\florent\Desktop\PullDSC\NewPullServer\ -Wait</em> |
|
To verify that the configuration has been applied correctly, navigate to the following URL on your server: http://localhost:8080/PSDSCPullServer.svc/
You’ll have something like that:
We will now create the configuration for our server that will receive the installation of RSAT. Use the following script, by replacing the Computername and the OutputPath:
https://github.com/Flodu31/PowerShellDSC/blob/master/DeployRSATDSC.ps1
Execute it:
A new MOF file appeared. It contains the configuration for your server. Because we will use this file for multiple server, from our pull server, we need to rename it. Use a GUID to make it easier:
|
|
<em>Rename-Item -Path C:\Users\florent\Desktop\ClientDSC\dscclienteco01.westeurope.cloudapp.azure.com.mof -NewName "$([guid]::NewGuid()).mof"</em> |
|
To allow target servers to be able to get files configurations, we need to copy files into C:\Program Files\WindowsPowerShell\DscService\Configuration. Use the following command to do this:
|
|
<em>Copy-Item .\8c3fd4c9-9166-45c1-8559-872e431d8902.mof "C:\Program Files\WindowsPowerShell\DscService\Configuration"</em> <em>ls "C:\Program Files\WindowsPowerShell\DscService\Configuration"</em> |
|
To be sure of the origin of configuration files, we need to generate a checksum associated to our configuration:
|
|
<em>New-DSCChecksum 'C:\Program Files\WindowsPowerShell\DscService\Configuration\8c3fd4c9-9166-45c1-8559-872e431d8902.mof'</em> <em>ls "C:\Program Files\WindowsPowerShell\DscService\Configuration"</em> |
|
We will now apply the configuration to our target server, to give the instruction to our server to download automatically the configuration file on our pull server. Download the following script:
https://github.com/Flodu31/PowerShellDSC/blob/master/DSCPullMode.ps1
Modify it with your ServerUrl from where you access it, the target IP address (connection is done with WinRM, so you need to configure and allow it) and the GUID that has been generated for the configuration file. Execute the script:
A new MOF file has been generated.
Go now on the target client and verify with the following commands that the configuration has been applied correctly:
|
|
<em>Get-DscLocalConfigurationManager </em> <em>(Get-DscLocalConfigurationManager).DownloadManagerCustomData</em> |
|
After 15 minutes, the client is downloading the MOF file and is applying it:
You can automate many installations with DSC, like the deployment of new IIS servers, Active Directory, SQL, etc.
Related materials:
Views All Time
2
Views Today
2
The following two tabs change content below.
Filed under:
Services by Florent Appointaire
