Windows DSC - chef-boneyard/chef-summit-2014 GitHub Wiki

Location and Time

Friday, Greenwood, 10:00 a.m.

Convenor

Steven Murawski, community engineer, Chef

Participants

Summary of Discussions

Common Engineering Criteria - in Microsoft they have these standards that have to be there in order to ship. Publish a scorecard on their conformance to this Criteria.

All things have to ship with powershell, for around 2011.

Server 2012 is the culmination of this, 2012R2, tacked on the DSC, 2008r2 backported too. Powershell 4 on 2012 does more because 2008 does not have all the features. 2012 migrated to a new management API, Microsoft advocating writing DSC at all microsoft conferences. Discover DSC resources and how to utilise them.

Pain points, getting the resource onto machines. Using chef with DSc is less painful with Chef. In DSC you run the config as a separate process, all the resouces have to be present at the corret version before DSC will be successful, but with chef you can use auto discovery and install one resource at a time. Keyword "import DSC resouce" in the DSC script resouce in dsc client cookbook, next version this will all be done behind the scenes. DSC script is the first wave, but next level makes this easier.

windows management framework 4 and chef-client 11.16 minimun. Server 2012R2, faster drops of WMF5, production quality features, but they may support, 2008R2 ( x64 only) is as far back as it can go.

Do not look at Technet. Windows powershell team blog best resource. Free book on powershell.org, Best resources are blog posts.

Eval version for 180 days.. Packer can make a good base box. Or register on Azure.
Reasons for using. Supporting many different versions of windows, and struggling what to do with it. Adam DSC resources, more script are on the way. Windows cookbook, zip file resource, 7zip needs to be downloaded, error message is not good if you don't have internet access. DSC has an archive resource, so this should be better.

DSC is a mythical thing to see in the wild.

NY chef users group, - demo of DSC will be uploaded. If you know chef, DSC is pretty natural, ie avoid learning powershell.

3 functions. get-target resource set-target resource test-target resource

This code ships now:-

dsc_script 'Myscript' do CODE_EOH Archive zip PATH=c:\myzip.zip EOH End

New script, this is where we want to get to.

DSCResource MyResource do RESOURCE : window feature PROPERTY : NAME 'WEB-SERVER' END

Preview cookbook, called DSC on supermarket, some missing functionality Some problems with passwords in clear text and if you want to encrypt you need key pairs and this is rather challenging.

Windows cookbook,

DSC config looks kinda like this.. this basically compiles something. Just a way to serialise data.

CONFIG MyDsc Config { NODE LOCALHOST { WINDOWSFEATURE WEB { NAME='WEB-SERVER' { FILE APPCONFIG { PATH='C:\WINDOWS\SYSTEM\IIS...' CONTENTS='H.FROM DSC' DEPENDSON='[WINDOWSFEATURE]WEB' } } }

DSC does not allow you pass clear text credentials, difficult/possible to turn on but not recommended.

Q: Looking for a roadmap on DSC resources. Start shipping now with tests, after feedback.

powershell.org has a github site, pull requests, feature requests, stack exchange etc. Lot of community. All shipped as open source. Rename with a "C" not an "X"

80 resources already.

What will we do now? What needs to happen next?

Building a linting tool, right now a framework.

Moving to classes. Write a powershell class. Allows you to use C#

DSC rescources will be listed in supermarket.

In memory code, soon, as on disk code is rather slow.

More rescources on the way.