DSC is a (DevOps) management platform in PowerShell that enables you to manage your IT and development infrastructure with configuration as code. While writing Part 1: Configure PowerShell remoting between Windows and Linux my main motive was to configure push Desired State Configuration (DSC) on Linux server from windows. To work DSC on Linux below versions and flavors of Linux are supported, I am using CentOS 7 for this demo.
Red Hat Enterprise Linux Server 5, 6 and 7 (x86/x64)
CentOS 5, 6, and 7 (x86/x64)
Ubuntu Server 12.04 LTS, 14.04 LTS and 16.04 LTS (x86/x64)
Debian GNU/Linux 6, 7 and 8 (x86/x64)
Oracle Linux 5, 6 and 7 (x86/x64)
SUSE Linux Enterprise Server 10, 11 and 12 (x86/x64)
In my earlier article, I had already installed required prerequisite rpm packages PowerShell core 6, OMI and PSRP on CentOS 7. The main recipe to work you need to install DSC rpm package. While choosing DSC version choose which matches to using openssl version on your linux server. As you can see below, my openssl version is matching DSC rpm package.
Part 1: Configure PowerShell remoting between Windows and Linux
Part 2: Getting started with Powershell Desired State Configuration (DSC) on Linux
Once you download the dsc.x.x.x-xxx.ssl_xxx.x64.rpm, upload it on linux using WinSCP or equivalent SCP tool. Log in to Linux using putty, change execution mode of uploaded rpm file. If you ls, rpm file will show in red color, once execution mode is changed to allow, Rpm files color will show green and good to execute.
chmod 777 dsc-1.1.1-94.ssl_100.x64.rpm
Install rpm using yum, before that update yum repository either using internet online repository or offline local repo.
yum install dsc-1.1.1-94.ssl_100.x64.rpm
Press y to proceed. Note the installed DSC resources on linux which are all name matching with MSFT_ nx***** resource. If everything is good, there will be message complete! in the last.
Other series
Part 1: Build your first Microsoft PowerShell DSC pull server
Part 2: Generate target server node config for PowerShell DSC pull server
Part 3: Configure PowerShell DSC Local configuration manager LCM in pull mode and update configuration
How to force a PowerShell DSC client to refresh configuration from pull server
Installation tasks are completed on Linux server, Now on my windows system, to manage linux from windows using PowerShell DSC, you require nx DSC modules. I will download it from internet.
Install-Module nx
Verify PowerShell dsc module is installed correctly, check it with below command, It will be downloaded to default folder C:\Program Files\WindowsPowerShell\Modules which requires Administrator access.
Get-Module -ListAvailable nx
I will just get insight on nx module, how it works and which configuration options exist on the nx DscResource module.
Get-DscResource -Module nx
For an example I want to create example file on linux with some contents, I will use nxFile resource in my node configuration block. To get more information on nxFile parameters check command.
Get-DscResource -Module nx -Name nxFile | Select-Object -ExpandProperty Properties
I am using PowerShell ISE for further actions and wrote below DSC script, below are definition of different parts and breakdown of script.
DSC Configuration allows you to use powershell syntax, the desired state in your environment. DSC Node configuration you can also call it as 'MOF' or 'configuration document'. DSC Node is computer name on which you are trying apply configuration. DSC Resource is a building blocks (Settings) that you can use to define a DSC configuration.
$configuration = 'centos01'
Configuration LinuxConf
{
Import-DscResource -Module nx
Node $computerName
{
nxFile TextFile
{
DestinationPath = "/tmp/testfile.txt"
Contents = "This is example of `n Powershell Desired State Configuration"
Ensure = "Present"
Type = "File"
}
}
}
I will run configuration (you can consider it as DSC function), It generates and creates MOF files under given folder.
LinuxConf -OutputPath 'C:\temp'
Next create a powershell session with linux, first line ask for username and password, you need root equivalent credentials to connect linux. Second line uses parameter to use SSL connection and ignore CA, CN and revocation check. Third line actually establishes session from Windows to Linux.
$credential = Get-Credential root
$options = New-CimSessionOption -UseSsl -SkipCACheck -SkipCNCheck -SkipRevocationCheck
$session = New-CimSession -Credential $credential -ComputerName $computerName -Port 5986 -Authentication Basic -SessionOption $options -OperationTimeoutSec 90
Once MOF file and session is created successfully, It need to be pushed on linux using below final command. If everything is fine read the verbose message Invoke CimMethod compelted.
Start-DscConfiguration -Path 'C:\temp' -CimSession $session -Wait -Verbose
Login to the Linux server with putty and check location /tmp for newly created file using desired state configuration, it will have defined contents.
If you are facing issues with DSC configuration output, for troubleshooting purpose you can view below log files on linux.
/var/opt/omi/log/omiserver.log
/var/opt/omi/log/dsc.log
Useful articles
POWERSHELL PS REMOTING BETWEEN STANDALONE WORKGROUP COMPUTERS
POWERSHELL DSC XACTIVEDIRECTORY ERROR - A NETBIOS DOMAIN NAME MUST BE SPECIFIED
DSC (DESIRED STATE CONFIGURATION) : DEPLOYING ACTIVE DIRECTORY
THE POWERSHELL XACTIVEDIRECTORY PROVIDER DOES NOT EXIST AT THE POWERSHELL MODULE PATH NOR IS IT REGISTERED AS A WMI PROVIDER