Introducing DSC to my company

Welcome Forums DSC (Desired State Configuration) Introducing DSC to my company

This topic contains 5 replies, has 3 voices, and was last updated by

 
Participant
1 year, 8 months ago.

  • Author
    Posts
  • #65409

    Participant
    Points: 3
    Rank: Member

    I'm a system engineer that supports vendor and homegrown applications(from an operational perspective). I've been researching DSC for about a month now, and think it might be a good fit for streamlining the overall support the applications. I have a few things I need to figure out before planning a more official roll out.
    1.) Whats the best way to set up a repository for the different versions of the configuration files?
    2.) My organization is very SILO'd with different teams handling patching, AD groups, app packaging, etc. Has anyone figured out how to break down those barriers that prevent a more efficient utilization of DSC? As an example, an OS patch recently caused an outage in production. I'm assuming with DSC I could roll back versions of the config file to quickly fix that issue(Please correct me if I'm wrong).

  • #65446

    Keymaster
    Points: 1,638
    Helping HandTeam Member
    Rank: Community Hero

    1) Nobody's really come up with anything better than a version repo like Git. We tend to not worry about the MOFs, but rather the .PS1 files used to generate the MOFs.

    2) Yeah, fix the organization's culture LOL. And no, DSC isn't a "total snapshot" of the machine, and you ordinarily wouldn't use DSC to manage patch installation anyway. DSC describes how the machine is to be configured – including, for example, ensuring WSUS is turned on to install patches. DSC isn't a "last known good" state, and its ability to uninstall a patch would be deeply limited. Rather, DSC's ultimate goal would be to let you trash the affected machine and rebuild it anew, quickly and automatically, back to the state you wanted.

    If you've not gotten into "The DSC Book," you might; it covers a lot of the design stuff like this and might help shape your thinking.

  • #65466

    Participant
    Points: 3
    Rank: Member

    Don,

    Thank you for your timely response! I like the idea of version control of the configuration script rather than the mof file.

    I'm assuming if idea of "trashing" and quickly rebuilding would require all configurations/patching/updates to applied through DSC? Otherwise you would have a partially configured/patch server after you do the rebuild.

  • #65529

    Participant
    Points: 56
    Rank: Member

    Hi Brian,

    You could look a the custom resource https://github.com/PowerShell/xWindowsUpdate and see if that would help?

  • #65791

    Participant
    Points: 3
    Rank: Member

    Alex,

    Thank you I'm planning on give that a shot next patch cycle.

  • #65811

    Participant
    Points: 56
    Rank: Member

    In your dev environment yeah 😉

The topic ‘Introducing DSC to my company’ is closed to new replies.