layering configs on a node

This topic contains 8 replies, has 3 voices, and was last updated by  Jim Bendtsen 4 months, 1 week ago.

  • Author
    Posts
  • #68046

    Jim Bendtsen
    Participant

    I'm wondering about the best way to "layer" or apply multiple config scripts on a PULL node. For instance: I want to apply a number of windows features, set up an IIS website, and do an msi install. Ideally, I'd like to separate these into 3 separate scripts and apply them. I'm know I can put every endpoint setting in one single dsc configuration script/mof without partial configurations, or one script/mof using partial configurations. Are those my only 2 options?

  • #68047

    Sergei
    Participant

    This is an excellent question. I would like to be able to have separate configurations that can be used to update one MOF file per host. Up until now I am still using one huge configuration file for all the hosts. I am not using partial configurations as they are not recommended ( and I do agree with the arguments against using them). Better pull server would probably provide what I am looking for.
    Let's see what other forum users have to say.

  • #68049

    Jim Bendtsen
    Participant

    After posting this question, I started searching through the new leanpub book "The DSC Book". In the Designing DSC section, I see information about "includes" and composite configurations, in addition to partial configurations. I'll start researching there.

  • #68247

    Sergei
    Participant

    Both includes and composites are good for modularizing the configs but I don't see how they would help to 'layer' the configurations.

    • #68277

      Jim Bendtsen
      Participant

      Being a newcomer to DSC, I didn't use the term "modularize", I used "layering". Now, I know there can only be one .mof applied to a node at a time. What I'm looking for is a way to create more than one "configuration" and then combine or include them in the .mof applied. I'm trying includes and partial configs to do that. So far, not having much success with partial configs, so I'm testing each one stand-alone first. If I keep having issues with partials, I'll move on to includes, which might be a much simpler solution.

    • #68313

      Eric
      Participant

      Jim, if I were you I'd take a good look at Composite Resources. They will give you the flexibility to break things into reusable chunks and combine them into Configurations, which I believe is what you are after.

  • #68458

    Jim Bendtsen
    Participant

    I changed the .edb to a .mdb due to various errors I was experiencing. I also finally got partial configurations working, but discovered that it requires switching to configurationids instead of configurationnames. Now, I'm looking for examples of the "simple includes" (stripped down .ps1 files) that Don Jones mentions in his new book, but I can't find any information about on the net. Anyone using

      
    configuration DatabaseServer { 
    param(  
    [string[]]$ComputerName 
    ) 
    node $ComputerName { 
    . ./standard-config.ps1 
    . ./security-config.ps1 
    . ./sql-server-2012-config.ps1  
    } 
    } 
    • #68658

      Sergei
      Participant

      Here is an example – it contains three includes, one for registry config, another for configuring secure MOF, and one for SCOM agent config.
      Each include refers to a separate file in the same directory.

      1. Configuration.ps1

      $configurationName = "mainConfiguration"
      
      param(
          [Parameter(Mandatory=$true)]
          [ValidateNotNullOrEmpty()]
          [PSCredential]$credential,
          )
      	
      configuration $configurationName{
      
      Import-DscResource –ModuleName 'PSDesiredStateConfiguration'
      Import-DscResource -ModuleName cMMagent
      
      #region Includes
      
      Node $AllNodes.Where({$_.roles -contains 'DSCTest'}).NodeName
          {
              . ./Configuration-Registry.ps1
          }
      
      Node $AllNodes.Where({$_.nodeName -eq 'TESTSERVER'}).NodeName
          {
              . ./Configuration-EncryptionDemo.ps1
          }    
      
      Node $AllNodes.Where({$_.roles -contains 'SCOMClient'}).NodeName
          {
              . ./Configuration-SCOMAgentConfiguration.ps1
          }
      
      #endregion
      
      }
      
      # filepaths definition
      $configurationFolder = "C:\DSC\Configuration"
      $dscConfigPath = "$env:programfiles\WindowsPowerShell\DscService\Configuration"
      $confDataFileName = "ConfigData.psd1"
      
      $nodeConfigFolder = Join-Path $configurationFolder $configurationName
      $configData = (Import-PowerShellDataFile -Path (Join-path $configurationFolder $confDataFileName) )
      
      # clean up old MOF files
      Remove-Item $nodeConfigFolder\* -Force
      
      # run the configuration
      &$configurationName -ConfigurationData $configData  -OutputPath $nodeConfigFolder
      
      # Update production mof files
      Write-Verbose "Update MOF files in DSC PullServer [$dscConfigPath ] and create Checksums"
                  $result = ("Yes","No") | Out-GridView -PassThru -Title "Confirm overwriting MOF files and checksum creation"
                  if ($result -eq "Yes") {
                      Write-Verbose "Copying MOF files from [$nodeConfigFolder] to [$configDataFile]"
                      copy-item $nodeConfigFolder\*  $dscConfigPath -Force -Verbose
                      New-DscChecksum -Path $dscConfigPath -Force -Verbose
                  }
      
      

      2. Configuration-Registry

      Registry RegistryTest{
          Ensure    = "Present"
          Force     = $True
          Key       = "HKLM:\SOFTWARE\RegistryTest\ComputerID"        
          ValueName = "ID"
          ValueData = $Node.ID
          ValueType = 'String'
      }
      
      

      3. Configuration-EncryptionDemo

      
      Group TestGroup {
           GroupName = 'TestGroup'
           Members = 'Administrator'
           Ensure = 'Present'
           Credential = $credential
       }
       
      

      4. Configuration-SCOMAgentConfiguration

      
      cMMAgentManagementGroups ManagementGroups {
          managementGroupName  = "group1"
          managementServerName = "servrer1"
          Ensure               = 'Present'
      }
            
      
  • #68661

    Jim Bendtsen
    Participant

    Thanks very much. I can't wait to try this due to the simplicity and elimination of steps. I also got partial configurations working with both configurationids and configurationnames. I wrote some code to automate the process of creating the configid and file renaming during script execution, making using configids trivial.

You must be logged in to reply to this topic.