What is PowerShell Desired State Configuration?

PowerShell Microsoft Technologies Software & Coding

Although DSC is a very large topic, we will quickly summarize it in this article with the needed concepts to what exactly it is and how we can implement it.

PowerShell Desired State Configuration (DSC) is an Infrastructure automation tool and used for Infrastructure as a Code (Iaac). Besides, DSC can also be used as an Inventory management tool like to get the specific inventory from the servers if they exist or not. PowerShell and DSC both are different things. However, DSC can be implemented using PowerShell.

PowerShell script uses Imperative model means we need to write the script how we will implement the things while the DSC is the declarative model means it only shows what we need to perform rather how.

For example, Post servers configuration we need the Server to be joined in a specific domain, create one local user, and install the IIS features on the server. Using DSC we just need to declare all the items using DSC resources while using the script we need to write the code how it can be done.

PowerShell DSC is applicable in .Net Framework version (4.0 and 5.0) while it is discontinued from the .Net Core version (6.0 onwards) by Microsoft but Azure DSC is doing great in the cloud as Infrastructure code.

Local Configuration Manager (LCM)

DSC uses an LCM engine to maintain the state of the remote computers. So it is a bridge between the Configuration that is declared and the Remote computers. If the Pull method (explained later) is used, LCM regularly polls the remote servers to check if they are in desired states, if not it calls the configuration to make them into the desired state.

Structure

Configuration DSCConfig{
   Node ("Node1","Node2","Node3"){
      DSCResource ResourceName1{
         #Configuration Parameters
      }
      DSCResource ResourceName2{
         #Configuration Parameters
      }
   }
}

Example

Configuration MyDSCConfig{
   Node ("Test1-Win2k12","Test1-Win2k16"){
      Service WinRMStatus{
         Name = 'WINRM'
         State = 'Running'
         StartupType = 'Automatic'
      }
      File IISFile{
         Type = 'File'
         DestinationPath = 'C:\IIS\Config.html'
         SourcePath = '\addc\shared\Config.html'
         Ensure = 'Present'
         Force = $true
      }
   }
}

In this example, there are two nodes configured and two resources Service and File. The first resource Service ensures that the WINRM should be running on both the servers and it should be in an Automatic State. The Second Resource File ensures that the Config.html file should be present on the destination path on both servers.

You can also have a configuration for each separate node as shown below.

Configuration MyDSCConfig{
   Node Test1-Win2k12 {
      Service WinRMStatus{
         Name = 'WINRM'
         State = 'Running'
         StartupType = 'Automatic'
      }
   }
   Node Test1-Win2k16 {
      File IISFile{
         Type = 'File'
         DestinationPath = 'C:\IIS\Config.html'
         SourcePath = '\addc\shared\Config.html'
         Ensure = 'Present'
         Force = $true
      }
   }
}

If there are several nodes, you can provide a text file which has nodes stored and use the foreach loop as we do in the PowerShell script.

Compile the Configuration

When we compile the above DSC script, it creates the Managed Object Format (MOF) file for every node given in the Node block. To compile we need to write the name of the Configuration and have to provide the path to generate the MOF file. For example,

MyDScConfig -OutputPath C:\Scripts\DSC\DSCOut

Once you load the above configuration into memory, it will generate MOF files at the specified location.

Directory: C:\Scripts\DSC\DSCOut
Mode                LastWriteTime    Length    Name
----                -------------    ------    ----
-a---- 10/18/2020    2:10 AM          1964    Test1-Win2k12.mof
-a---- 10/18/2020    2:10 AM          2066    Test1-Win2k16.mof

MOF File Execution

There are two methods you can use to execute MOF files on the remote nodes.

Push method
Pull Method

Push method − This method is the easiest way to push the configuration on the nodes. To push the MOF file to execute on the remote nodes, we need to use the command StartDSCConfiguration provided by the path of the MOF files. When this command runs, remote nodes immediately start applying the configuration. The disadvantage of this method is if the server is offline, it can’t push the configuration later.

Pull Method − With this method, we need an additional server to host the configuration. Mostly we use the SMB share server. In this method, the server continuously polls the remote nodes and if the server is offline, in the next interval it sends the MOF files on the server until the server comes online.

Applying Configuration

In this article, we will use the Pull method to apply the configuration. For that Start-DSCConfiguration command can be used. See the example below.

Start-DscConfiguration -Path C:\Scripts\DSC\DSCOut -Verbose

You will see the output as below.

Notice the two properties here − State and HasMoreData. Its state is running and it has more data stored in the output. If we are using the above command in the same DSC script then use -Wait parameter so DSC will wait to start the configuration until the MOF file is loaded into the memory.

Let’s check the Job status. Here the Job ID is 1000 and the Job name is Job1000 so we will retrieve its job.

Get-Job -Id 1000 | Select -ExpandProperty ChildJobs

Output

You can see both the jobs are completed. Now we can test the configuration using the TestDSCConfiguration command.

Test-DscConfiguration -Path C:\Scripts\DSC\DSCOut -Verbose

Output

After running the command, you can check in the above output that both servers are in the desired status.

Chirag Nagrekar

Updated on: 02-Nov-2020

285 Views

Kickstart Your Career

Get certified by completing the course

Get Started