Monday, October 20, 2014

Azure IaaS Management and Desired Service Configuration

In a previous post, I started to talk about using Azure for training environments.  At Hitachi, we have been using Azure to host AX training for clients.  It has been going pretty well and I have been working on an internal script that we use to help deploy the training environment.

During a recent podcast I caught on to Desired Service Configuration (DSC) for PowerShell. Released last year, DSC is a management platform that "enables deploying and managing configuration data for software services and managing the environment in which these services run."  Sounds pretty neat!

You can read more about DSC here.  The base modules that come with DSC are pretty good.  They get the job done.  Please note that you will have to install WMF 4.0 to get any functionality.  In any event, what is really exciting is the modules that are currently in "experimental" mode, which are due for release with WMF 5.0.

You can see what is currently underway here.

There are some pretty handy modules in there, including one to manage Azure deployments.  Many times in my own lab, I have blown away everything and started again.  It will be nice to finally have a script that I can use to quickly rebuild a base configuration.

So here we go.

First thing, you will want to have windows 8 or better.  With WMF 5.0 still in preview, there is no support for the older operating systems.  This took most of my time as I had to download a Windows 8 image to play around with.

Once you have your windows 8 image configured (Install WMF 5.0 with the link above, Install Azure Powershell, etc), you can head to DSC Resource Kit to download the latest zip.  The install instructions are fairly easy, you just have to unzip into the modules directory (generally c:\program files\windowspowershell\modules).

This module is written a little bit differently then the other ones.  Basically, instead of calling out to various nodes, you call localhost with the azure configuration.  This then runs what you have configured.

One note is that you will have to allow WinRM to run.  An easy way to configure this is to run

winrm quickconfig

from an elevated powershell command line.  Please note that I tried running this from the ISE command window only to have it fail to complete. From reading through the options, it basically enables the service to run, and creates an exception in the firewall allowing WinRM connections.  There are probably some security considerations to be had when running the quickconfig, but I'm just running this on my local, so .....

DSC supports a separation of intent and configuration, which is a nice touch.  You can create a configuration element that is generic in nature (create storage account, etc) and then combine it with configuration that is user/task specific.

The DSC Resource Kit contains a ton of example code that you can filter through.  Mine is very similar to the xAzure example for creating a VM in the cloud.

As usual, you can grab a copy of my script in github.

As this technology continues to advance, I could see how you would be able to create a script that fully deploys an environment (AD, SQL, WebServer, etc).  Furthermore, you can use a central server to control all deployments and prevent drift.

Have fun!