Chef and Powershell DSC

Transcript

1. None

2. Chef and PowerShell Desired State Configuration September 4th, 2014 !

   Stephen Nelson-Smith [email protected] @LordCope

3. Prologue: ! Configuration management maturity is a prerequisite for organisational

   effectiveness
4. None

5. Effectiveness: The ability to achieve chosen and set goals

6. IT Effectiveness: Perceptiom Effectiveness

7. IT Effectiveness: Perceptiom Effectiveness

8. IT Effectiveness: Perceptiom Effectiveness

9. IT Effectiveness: Perception Effectiveness

10. IT Effectiveness: Reality Effectiveness

11. Config Management Maturity Model Level 1 Hand-crafted ! snowflakes No

    shared knowledge

12. Config Management Maturity Model Level 1 Level 2 Hand-crafted !

    snowflakes No shared knowledge Runbooks and Wikis Scripts Golden Images

13. Config Management Maturity Model Level 1 Level 2 Level 3

    Hand-crafted ! snowflakes No shared knowledge Runbooks and Wikis Scripts Golden Images First / Second! Generation! Configuration! Management Tools

14. Config Management Maturity Model Level 1 Level 2 Level 3

    Level 4 Hand-crafted ! snowflakes No shared knowledge Runbooks and Wikis Scripts Golden Images First / Second! Generation! Configuration! Management Tools Third / Fourth! Generation! Configuration! Management Tools

15. Config Management Maturity Model Level 1 Level 2 Level 3

    Level 4 Level 5 Hand-crafted ! snowflakes No shared knowledge Runbooks and Wikis Scripts Golden Images First / Second! Generation! Configuration! Management Tools Third / Fourth! Generation! Configuration! Management Tools Third / Fourth! Generation! Configuration! Management Tools Orchestration Audit / Reporting Analytics

16. Effectiveness % Organizations Level 1 Level 2 Level 3 Level

    4 Level 5

17. Microsoft is behind the curve… …but closing fast!

18. PowerShell History Early 1990s 1998 2002 2005 2006 2009 2014

    2013 2012 COMMAND.COM! BATCH FILES WINDOWS SCRIPT HOST MONAD IN! DEVELOPMENT MONAD BETA! RELEASE POWERSHELL POWERSHELL 2.0 POWERSHELL! 3.0 POWERSHELL! 4.0! ! DESIRED STATE CONFIG POWERSHELL! 5.0 Level 3 / 4 Level 2

19. The Holy Trinity of Config Management Package File Service

20. The Holy Trinity of Config Management Package File Service …isn’t

    sufficient for full Windows automation

21. Assertion: ! Chef + PowerShell DSC = Level 5

22. Desired State

23. Desired State Configuration • Extensions to PowerShell 4.0 • Installed

    by default on Windows® 8.1 and Windows Server 2012 R2 • Windows 7 with SP1, or Windows Server 2008 R2 via Windows Management Framework 4.0

24. Desired State Configuration • Declarative interface to Windows automation •

    Enables self-provisioning (bootstrap to desired state) • Enables self-remediation (converges to desired state) • Has a resource/provider model • 12 resources out of the box

25. Out of the box…

26. How DSC Works • PowerShell 4 provides a DSL for

    generating a document (MOF) consumed by PowerShell module or WMI (Windows Management Infrastructure) resource • Machines may converge manually by running Start-DscConfiguration cmdlet • Systems under management run Local Configuration Manager • Support push and pull model • Systems remain convergent by running Test- DscConfiguration via CIM (Common Information Model) session

27. DSC Resource Kit • 6 releases since Boxing Day last

    year • Over 80 resources: ! ! • Highlights: • xAzure • xActiveDirectory • xFailoverCluster • xMySQL • xSmbShare • xWindowsUpdate

28. DSC Vision • Create an open ecosystem to enable 3rd

    party tools to automate Windows systems • Extend DSC concept to all devices in the data centre via open standards (Linux, Switches) • Make DSC a standard criteria for all Microsoft products
29. None

30. Chef • Automation framework • Declarative Ruby DSL for heterogenous

    system automation • Convergent infrastructure model • Server-based or standalone • Push or pull • Reporting, Search, Inventory, Analytics • Thriving unit and integration testing ecosystem • Cloud / Virtualization integration • Orchestration capabilities

31. Chef and Windows History May 2011 October 2011 December 2011

    February 2012 August 2013 July 2014 ~ September 2014 KNIFE WINDOWS! PLUGIN POWERSHELL! IIS! SQL SERVER! WINDOWS! COOKBOOKS CHEF CLIENT! MSI REGISTRY_KEY! IN CORE CHEF POWERSHELL ! & ! BATCH SCRIPT IN CORE CHEF CHEF-CLIENT WINDOWS! SERVICE DSC PREVIEW! OPEN SOURCED DSC_SCRIPT! RESOURCE! IN CORE CHEF DESIRED STATE! SUPPORT! ANNOUNCED! (2014 DELIVERY)

32. Chef + DSC • PowerShell resource already exists • Two

    new resources: dsc_resource and dsc_script • Native Chef resource maps onto DSC resources • Embeddable of PowerShell DSC resources • Integrated reporting, analytics, audit • Technology provided via preview cookbook • Phase 1 integration (dsc_script) Functionality will ship in Chef 12, very soon • Phase 2 integration (dsc_resource) afterwards

33. dsc_resource • Provides an analogue to the DSC DSL

34. How to build the resource ! • Explore available DSC

    resources: ! ! • Examine the properties of the resource:

35. How to build the resource • Set the resource_name attribute

    to the name of the resource as a symbol, i.e. WindowsFeature in DSC becomes :windowsfeature. Case doesn’t matter. • For each property in the DSC resource for which you want to declare a desired value, use the syntax: property :property_name, value ! ! !

36. Side by Side

37. dsc_script • Formerly dsc_configuration • In Chef 12, very soon

    • Embed dsc code directly • No translation from Chef DSL into DSC resources

38. Chef + DSC Demo

39. The Future (Chef) • More resources moving into core Chef

    • Package, Reboot, Feature • dsc_resource in core Chef • Easy WinRM setup & bootstrap • New cookbooks: AD, WSUS, Group Policy

40. The Future (Microsoft) • DSC in Common Engineering Criteria •

    All product teams will support DSC and produce resources • Activity around OMI (Open Management Infrastructure) • Activitity around DAL (Datacentre Astraction Layer) • DSC on Linux • DSC for network switches • WMF 5.0 (OneGet, PowerShellGet, Network Switch cmdlets)

41. Getting to Maturity • You (probably) need both • Chef

    alone isn’t really sufficient • DSC provides an ecosystem and standard for automation and configuration • The Chef ecosystem adds testing, reporting/analytics • Chef + DSC = Win

42. Next Actions • Install ChefDK • Clone the DSC cookbook

    • Get the latest resource kit • Play with some DSC resources • Contribute to the RFC • Hang out in freenode #chef and #chef-hacking

43. Further Reading (Chef) https://github.com/opscode-cookbooks/dsc https://supermarket.getchef.com/cookbooks/dsc http://stevenmurawski.com/powershell/2014/9/why-chef-revisited http://www.getchef.com/blog/2014/07/24/getting-ready-for-chef- powershell-dsc/ https://github.com/opscode/chef-rfc/pull/29 https://downloads.getchef.com/chef-dk/

44. Further Reading (Microsoft) http://technet.microsoft.com/en-us/library/dn249912.aspx http://www.microsoft.com/en-us/download/details.aspx?id=42936 http://gallery.technet.microsoft.com/DSC-Resource-Kit-All-c449312d http://www.microsoft.com/en-us/download/details.aspx?id=42936 http://technet.microsoft.com/en-us/cloud/dal.aspx http://blogs.msdn.com/b/powershell/archive/2012/07/02/omi-open- management-infrastructure-to-bring-the-power-of-powershell-and-standards-to-

    devices-in-your-datacenter.aspx http://blogs.msdn.com/b/powershell/archive/2014/05/19/announcing-windows- powershell-desired-state-configuration-for-linux.aspx