Quick recap, I’m working through a series of posts about the Desired State Configuration infrastructure that I’m building at Stack Exchange, including some how-to’s.
The High Points
I started with an overview of what and why. Â Today, I’m going to start the how.
Building a Pull Server
I’m going to describe how to do this with Server 2012 R2 RTM (NOTE: this is not the General Availability Â release, so there may be changes at GA), since that’s the environment I’m working most in. Â If there is enough demand, I may follow up with how to do this using the Windows Management Framework on downlevel operating systems after the GA version of WMF 4 is released.
The first step is adding the required roles and features, including the DSC Service.
Fortunately, the Dsc-Service feature has the right dependencies configured so IIS, the correct modules, and the Management OData Extension are all enabled.
Next we need to set up the IIS web site:
- Create an directory to serve the web application from (I’ll use c:\inetpub\wwwroot\PSDSCPullServer)
- Copy several files from $pshome/modules/psdesiredstateconfiguration/pullserver (Global.asax, PSDSCPullServer.mof, PSDSCPullServer.svc, PSDSCPullServer.xml) to this directory.
- Copy PSDSCPullServer.config and rename it to web.config
- Create a subdirectory named “bin”.
- Copy one file from $pshome/modules/psdesiredstateconfiguration/pullserver (Microsoft.Powershell.DesiredStateConfiguration.Service.dll) to the “bin” directory.
- In IIS, create an application pool that runs under the “Local System” account.
- In, IIS, create a new site (or application in an existing site or just use the existing default site)
- Point the site or application root to the directory you designated as the root of the site.
- Unlock the sections of the web config as below
$appcmd = "$env:windir\system32\inetsrv\appcmd.exe"
& $appCmd unlock config -section:access
& $appCmd unlock config -section:anonymousAuthentication
& $appCmd unlock config -section:basicAuthentication
& $appCmd unlock config -section:windowsAuthentication
Now we need to set up the location where the pull server content will be served from. Â Installing the DSC Service feature creates a default location ( $env:programfiles\WindowsPowerShell\DscService ). Â There’ll you find sub-directories for configuration and modules. Â We can use these folders or we can create another location. Â I’m going to stick with the defaults for now. Â We’ve got a few steps left.
First, we need to copy the Devices.mdb fromÂ $pshome/modules/psdesiredstateconfiguration/pullserver to the root of our pull server data location (in this case,Â $env:programfiles\WindowsPowerShell\DscService )
Update the web.config app settings with the following settings:
<add key="dbprovider" value="System.Data.OleDb" />
<add key="dbconnectionstr" value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Program Files\WindowsPowerShell\DscService\Devices.mdb;" />
<add key="ConfigurationPath" value="C:\Program Files\WindowsPowerShell\DscService\Configuration" />
<add key="ModulePath" value="C:\Program Files\WindowsPowerShell\DscService\Modules" />
After that your pull server should be up and running. Â You should see something like this if you navigate to http://yourpullserver/psdscpullserver.svc