Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

Getting started with Powershell Desired State Configuration (DSC) on Linux

DSC is a (DevOps) management platform in PowerShell that enables you to manage your IT and development infrastructure with configuration as code. While writing Part 1: Configure PowerShell remoting between Windows and Linux my main motive was to configure push Desired State Configuration (DSC) on Linux server from windows. To work DSC on Linux below versions and flavors of Linux are supported, I am using CentOS 7 for this demo.

Red Hat Enterprise Linux Server 5, 6 and 7 (x86/x64)
CentOS 5, 6, and 7 (x86/x64)
Ubuntu Server 12.04 LTS, 14.04 LTS and 16.04 LTS (x86/x64)
Debian GNU/Linux 6, 7 and 8 (x86/x64)
Oracle Linux 5, 6 and 7 (x86/x64)
SUSE Linux Enterprise Server 10, 11 and 12 (x86/x64)

In my earlier article, I had already installed required prerequisite rpm packages PowerShell core 6, OMI and PSRP  on CentOS 7. The main recipe to work you need to install DSC rpm package. While choosing DSC version choose which matches to using openssl version on your linux server. As you can see below, my openssl version is matching DSC rpm package.

Part 1: Configure PowerShell remoting between Windows and Linux
Part 2: Getting started with Powershell Desired State Configuration (DSC) on Linux

Powershell desired state configuration dsc for linux nx dscresource Powershell remoting between Linux and windows, ssl certificate powershell devops, configure devops powershell on linux powershelldsc.png Powershell desired state configuration dsc linux dsc rpm installation planning openssl version get-dscresource omi version powershell core psrp server omiengine omiserver open management instrumentation.png

Once you download the dsc.x.x.x-xxx.ssl_xxx.x64.rpm, upload it on linux using WinSCP or equivalent SCP tool. Log in to Linux using putty, change execution mode of uploaded rpm file. If you ls, rpm file will show in red color, once execution mode is changed to allow, Rpm files color will show green and good to execute.

chmod 777 dsc-1.1.1-94.ssl_100.x64.rpm

Install rpm using yum, before that update yum repository either using internet online repository or offline local repo. 

yum install dsc-1.1.1-94.ssl_100.x64.rpm

Press y to proceed. Note the installed DSC resources on linux which are all name matching with MSFT_ nx***** resource. If everything is good, there will be message complete! in the last.

Powershell desired state configuration linux, yum install dsc.rpm, msft_nxresource, dsc resource group, file, user, archive, script, package, rpm dsc, powershell dsc on linux rpm.png

Other series
Part 1: Build your first Microsoft PowerShell DSC pull server
Part 2: Generate target server node config for PowerShell DSC pull server
Part 3: Configure PowerShell DSC Local configuration manager LCM in pull mode and update configuration
How to force a PowerShell DSC client to refresh configuration from pull server

Installation tasks are completed on Linux server, Now on my windows system, to manage linux from windows using PowerShell DSC, you require nx DSC modules. I will download it from internet.

Install-Module nx

Verify PowerShell dsc module is installed correctly, check it with below command, It will be downloaded to default folder C:\Program Files\WindowsPowerShell\Modules which requires Administrator access.

Get-Module -ListAvailable nx

Powershell desired state configuration devops dsc on linux, install-module nx get-module-listavailable nx, Windowspowershell modules, unix nx dsc resource module, psremoting ssl.png

I will just get insight on nx module, how it works and which configuration options exist on the nx DscResource module.

Get-DscResource -Module nx

For an example I want to create example file on linux with some contents, I will use nxFile resource in my node configuration block. To get more information on nxFile parameters check command.

Get-DscResource -Module nx -Name nxFile | Select-Object -ExpandProperty Properties

Powershell desired state configuration dsc linux get-dscResoruce -module nx nxfile nxEnvironment, DSC module linux nx -expandproperty Properties windows powershell azure dsc demo step by step guide.png

I am using PowerShell ISE for further actions and wrote below DSC script, below are definition of different parts and breakdown of script.

DSC Configuration allows you to use powershell syntax, the desired state in your environment. DSC Node configuration you can also call it as 'MOF' or 'configuration document'. DSC Node is computer name on which you are trying apply configuration. DSC Resource is a building blocks (Settings) that you can use to define a DSC configuration.

$configuration = 'centos01'

Configuration LinuxConf
{
      Import-DscResource -Module nx

       Node $computerName
       {
              nxFile TextFile
              {
                      DestinationPath = "/tmp/testfile.txt"
                      Contents = "This is example of `n Powershell Desired State Configuration"
                      Ensure = "Present"
                      Type = "File"
              }
       }
}

I will run configuration (you can consider it as DSC function), It generates and creates MOF files under given folder.

LinuxConf -OutputPath 'C:\temp'

Next create a powershell session with linux, first line ask for username and password, you need root equivalent credentials to connect linux. Second line uses parameter to use SSL connection and ignore CA, CN and revocation check. Third line actually establishes session from Windows to Linux.

$credential = Get-Credential root
$options = New-CimSessionOption -UseSsl -SkipCACheck -SkipCNCheck -SkipRevocationCheck
$session = New-CimSession -Credential $credential -ComputerName $computerName -Port 5986 -Authentication Basic -SessionOption $options -OperationTimeoutSec 90

Once MOF file and session is created successfully, It need to be pushed on linux using below final command. If everything is fine read the verbose message Invoke CimMethod compelted.

Start-DscConfiguration -Path 'C:\temp' -CimSession $session -Wait -Verbose

Login to the Linux server with putty and check location /tmp for newly created file using desired state configuration, it will have defined contents.

Powershell desired state configuration linux nx module import-dscresource nx get-credential new-cimsessionoption, new-cimsession, start-dscconfiguration verbose nxfile ensure present node configuration.png

If you are facing issues with DSC configuration output, for troubleshooting purpose you can view below log files on linux.

/var/opt/omi/log/omiserver.log

/var/opt/omi/log/dsc.log

putty linux desired state configuration dsc powershell desired state configuration tail log var opt omi log omiserver.log dsc.log nx dscresource dsc configuration node powershell devops.png

Useful articles
POWERSHELL PS REMOTING BETWEEN STANDALONE WORKGROUP COMPUTERS  
POWERSHELL DSC XACTIVEDIRECTORY ERROR - A NETBIOS DOMAIN NAME MUST BE SPECIFIED 
DSC (DESIRED STATE CONFIGURATION) : DEPLOYING ACTIVE DIRECTORY 
THE POWERSHELL XACTIVEDIRECTORY PROVIDER DOES NOT EXIST AT THE POWERSHELL MODULE PATH NOR IS IT REGISTERED AS A WMI PROVIDER

Go Back

Comment

Blog Search

Page Views

2461980

Follow me on Blogarama