1
00:00:01,540 --> 00:00:04,140
[Autogenerated] last thing we're going to do in this demo is desired

2
00:00:04,140 --> 00:00:08,910
state configuration particularly Azure automation dsc let's take the

3
00:00:08,910 --> 00:00:12,880
example that we want to enforce the iis web server and some basic

4
00:00:12,880 --> 00:00:15,150
content on one or more of our machines.

5
00:00:15,150 --> 00:00:18,850
I have a configuration here called web server that has a single

6
00:00:18,850 --> 00:00:21,540
string parameter that defaults to the local host,

7
00:00:21,540 --> 00:00:25,100
looks like we need the web administration and desired state

8
00:00:25,100 --> 00:00:28,660
configuration resources and it looks like I haven't installed these

9
00:00:28,660 --> 00:00:32,830
modules on my workstation now I always could do and install module to

10
00:00:32,830 --> 00:00:34,820
grab those from the PowerShell gallery.

11
00:00:34,820 --> 00:00:39,430
But I actually am going to let Azure automation dsc do all the work for us.

12
00:00:39,430 --> 00:00:42,300
So this is going to substitute the computer name,

13
00:00:42,300 --> 00:00:46,180
parameter as the node name and we're specifying that the I.

14
00:00:46,180 --> 00:00:49,900
S features should be present, the management console should be present,

15
00:00:49,900 --> 00:00:54,340
scripting sp .NET we've got the default website that looks like it

16
00:00:54,340 --> 00:00:56,900
will be present but stopped for some reason.

17
00:00:56,900 --> 00:00:58,040
That's kind of weird.

18
00:00:58,040 --> 00:01:02,250
Now if you're wondering what are the proper parameters and values,

19
00:01:02,250 --> 00:01:06,130
you could just look in the Microsoft docks for the x.

20
00:01:06,130 --> 00:01:11,870
website resource and you can see I'm assuming started is also a valid option.

21
00:01:11,870 --> 00:01:13,810
Let me make that change here.

22
00:01:13,810 --> 00:01:17,640
We can do dependencies here and then in this case it's going to create a

23
00:01:17,640 --> 00:01:22,470
demo folder and put in just a placeholder index dot html.

24
00:01:22,470 --> 00:01:26,910
Welcome to the Pluralsight 800 training course and we've got a web pool.

25
00:01:26,910 --> 00:01:27,910
So as you can see,

26
00:01:27,910 --> 00:01:32,670
we're declare a tiddly defining how we want that machine to behave right.

27
00:01:32,670 --> 00:01:34,260
So that is our configuration.

28
00:01:34,260 --> 00:01:36,360
Let me show you how to get this off the ground.

29
00:01:36,360 --> 00:01:41,070
And Azure automation dsc in our automation account will come up to state

30
00:01:41,070 --> 00:01:44,460
configuration dsc here on the state configuration.

31
00:01:44,460 --> 00:01:48,800
Dsc page we can see a list of on boarded nodes.

32
00:01:48,800 --> 00:01:52,040
We actually want to start on the configurations played here

33
00:01:52,040 --> 00:01:54,860
and I'm going to add a new configuration.

34
00:01:54,860 --> 00:01:59,190
It says that the file must be a PS one script smaller than one megabyte.

35
00:01:59,190 --> 00:02:00,490
That shouldn't be a problem.

36
00:02:00,490 --> 00:02:03,990
So let me grab on my dsC folder, that web server,

37
00:02:03,990 --> 00:02:06,640
PS one I'm going to call it Web server.

38
00:02:06,640 --> 00:02:07,190
Okay.

39
00:02:07,190 --> 00:02:11,150
In order to make the configuration usable by nodes,

40
00:02:11,150 --> 00:02:14,170
it has to be compiled into managed object format.

41
00:02:14,170 --> 00:02:16,100
So let me select the web server.

42
00:02:16,100 --> 00:02:19,190
Configuration and we'll run a compile on it right now.

43
00:02:19,190 --> 00:02:21,240
It's going to default to local host.

44
00:02:21,240 --> 00:02:24,340
That's fine because I'm just going to have each node that

45
00:02:24,340 --> 00:02:27,810
ingests this used local host as its name,

46
00:02:27,810 --> 00:02:30,730
says that that configuration job completed.

47
00:02:30,730 --> 00:02:35,180
I have another configuration that I've already uploaded and compiled called.

48
00:02:35,180 --> 00:02:36,280
Test Config.

49
00:02:36,280 --> 00:02:37,530
That's pretty interesting.

50
00:02:37,530 --> 00:02:40,040
Let me show you the configuration source here.

51
00:02:40,040 --> 00:02:43,620
There's some clever use of the node keyword here basically.

52
00:02:43,620 --> 00:02:47,860
It's called Test Config and then if we specify is web server,

53
00:02:47,860 --> 00:02:53,010
then we're saying that the IIs server needs to be present with all sub features.

54
00:02:53,010 --> 00:02:57,390
But if we apply the configuration, test Config dot not web server,

55
00:02:57,390 --> 00:02:58,670
then it's just the opposite.

56
00:02:58,670 --> 00:03:01,400
We want to make sure that IIs is not present.

57
00:03:01,400 --> 00:03:04,500
I kind of like that better than the one that I just uploaded.

58
00:03:04,500 --> 00:03:07,980
So why don't I go back to the root here and let's go back over to

59
00:03:07,980 --> 00:03:12,580
nodes and let me show you how to onboard your nodes into dsc so

60
00:03:12,580 --> 00:03:14,830
that they can ingest the configuration.

61
00:03:14,830 --> 00:03:14,930
Now.

62
00:03:14,930 --> 00:03:19,070
You should note that a node can have only one dsc

63
00:03:19,070 --> 00:03:22,120
configuration at a time and that's a bit unfortunate

64
00:03:22,120 --> 00:03:24,450
because that's going to lead to monolithic.

65
00:03:24,450 --> 00:03:26,090
Dsc scripts.

66
00:03:26,090 --> 00:03:29,340
There was a concept of partial configurations a while

67
00:03:29,340 --> 00:03:31,780
ago and composite configurations.

68
00:03:31,780 --> 00:03:32,830
That's still a thing.

69
00:03:32,830 --> 00:03:35,570
Fortunately we don't have to get that deep in the weeds

70
00:03:35,570 --> 00:03:38,060
for asi 800 I'm grateful for that.

71
00:03:38,060 --> 00:03:41,130
Let's click add on the nodes page and this is where we can

72
00:03:41,130 --> 00:03:43,950
specify which of our machines we want to on board.

73
00:03:43,950 --> 00:03:48,330
I'm going to choose my VM three A machine that is an Azure machine

74
00:03:48,330 --> 00:03:51,700
looks like the VM is showing as de allocated.

75
00:03:51,700 --> 00:03:52,120
Yikes.

76
00:03:52,120 --> 00:03:55,730
So let me quickly fix that by going over to my virtual machines.

77
00:03:55,730 --> 00:03:57,140
Note Oh yeah, it sure is.

78
00:03:57,140 --> 00:04:00,030
So why don't I go back to automation accounts?

79
00:04:00,030 --> 00:04:02,600
Let's try this again, repetition is a good thing.

80
00:04:02,600 --> 00:04:04,340
Right, repetition is a good thing.

81
00:04:04,340 --> 00:04:05,760
Now, one thing to keep in mind.

82
00:04:05,760 --> 00:04:07,940
The user interface is a little bit weird.

83
00:04:07,940 --> 00:04:10,780
The add button here, depends upon where you are.

84
00:04:10,780 --> 00:04:12,980
That is if you're on nodes and click add,

85
00:04:12,980 --> 00:04:14,960
that's how you would onboard a new node.

86
00:04:14,960 --> 00:04:17,790
Two dsc on the configurations page.

87
00:04:17,790 --> 00:04:20,280
Ad does a configuration upload.

88
00:04:20,280 --> 00:04:23,350
Takes a little bit of getting used to let's go to add and let me grab

89
00:04:23,350 --> 00:04:26,670
VM one this time and let me connect it in here.

90
00:04:26,670 --> 00:04:29,650
And what we're doing here is configuring the L c M or

91
00:04:29,650 --> 00:04:31,680
the local configuration manager.

92
00:04:31,680 --> 00:04:35,150
I'm going to first specify my config in this case,

93
00:04:35,150 --> 00:04:38,220
I'm going to say test Config is web server.

94
00:04:38,220 --> 00:04:40,210
We've got our refresh frequency.

95
00:04:40,210 --> 00:04:44,860
How long will the node wait before checking the Azure automation pull

96
00:04:44,860 --> 00:04:47,850
server to see if there's any changes to the configuration.

97
00:04:47,850 --> 00:04:48,940
That's 30 minutes.

98
00:04:48,940 --> 00:04:52,570
Config mode is important because this determines compliance.

99
00:04:52,570 --> 00:04:55,480
You don't want to be too aggressive with that mode frequency.

100
00:04:55,480 --> 00:04:58,380
I'm going to leave the defaults the configuration mode.

101
00:04:58,380 --> 00:05:00,750
I'm actually going to do apply an auto correct,

102
00:05:00,750 --> 00:05:02,780
which is the most aggressive option.

103
00:05:02,780 --> 00:05:05,090
That means that if one of my colleagues,

104
00:05:05,090 --> 00:05:08,160
let's say we're to uninstall the IIS server on the

105
00:05:08,160 --> 00:05:11,240
machine at the next configuration mode,

106
00:05:11,240 --> 00:05:16,030
the dsc LLC M component would automatically reinstall and

107
00:05:16,030 --> 00:05:20,380
potentially reboot the server C So I'm going to do a reboot node

108
00:05:20,380 --> 00:05:24,160
if needed and after reboot we're going to continue configuration

109
00:05:24,160 --> 00:05:26,790
now there's a couple d sclc.

110
00:05:26,790 --> 00:05:28,420
M configuration manager.

111
00:05:28,420 --> 00:05:29,390
PowerShell commands,

112
00:05:29,390 --> 00:05:33,650
you can adjust the L C M properties on the node with PowerShell and we

113
00:05:33,650 --> 00:05:37,220
can also do it centrally here in the Azure automation.

114
00:05:37,220 --> 00:05:38,400
Dsc panel.

115
00:05:38,400 --> 00:05:43,540
This is just a convenience to configure the L C M as we're on boarding machine.

116
00:05:43,540 --> 00:05:47,840
Let's connect this machine into dsC And while we're waiting for that,

117
00:05:47,840 --> 00:05:51,730
let me open up another instance of the portal and let's see if we

118
00:05:51,730 --> 00:05:56,580
can beat dsc I want to quickly log in the VM one.

119
00:05:56,580 --> 00:05:58,320
Let's do a bastion connection.

120
00:05:58,320 --> 00:06:01,800
Going to sign in with my domain administrator credential,

121
00:06:01,800 --> 00:06:04,870
see if I can type and click at the same time.

122
00:06:04,870 --> 00:06:09,810
I'm going to open up power shell session here administrative PowerShell session

123
00:06:09,810 --> 00:06:14,990
and I'm going to do a get Windows feature web server and as you can see it's not

124
00:06:14,990 --> 00:06:20,100
installed yet but we're going to find in time once this machine is on boarded it

125
00:06:20,100 --> 00:06:22,090
will be a web server and like I said,

126
00:06:22,090 --> 00:06:25,380
we can check the current Elsie M settings with get

127
00:06:25,380 --> 00:06:31,590
dsc local configuration manager, the L c m state is busy so it is working,

128
00:06:31,590 --> 00:06:33,850
it is set for apply and auto, correct.

129
00:06:33,850 --> 00:06:37,880
So it looks like we are in fact connected into Azure we can see down

130
00:06:37,880 --> 00:06:41,070
here as your automation DsC is our poll server.

131
00:06:41,070 --> 00:06:42,490
Let's come back to the portal.

132
00:06:42,490 --> 00:06:45,910
If I refresh, I can see my L CM settings.

133
00:06:45,910 --> 00:06:48,350
If I come back to my nodes view,

134
00:06:48,350 --> 00:06:51,710
I can see that VM one is in progress with the test.

135
00:06:51,710 --> 00:06:56,290
Config is web server node configuration let's go back to VM one,

136
00:06:56,290 --> 00:07:01,040
make clear the terminal up arrow and let's check the status of the web server,

137
00:07:01,040 --> 00:07:04,690
yep we can see now that is has been successfully installed.

138
00:07:04,690 --> 00:07:08,760
And, like I said, because of the apply and auto correct Elsie M property.

139
00:07:08,760 --> 00:07:16,000
This is going to ensure that our configuration does not drift out of our desired state for this server.