This course covers the Architect An Azure Compute Infrastructure part of the 70-534 exam, which is worth 10 - 15% of the exam. The intent of the course is to help fill in an knowledge gaps that you might have, and help to prepare you for the exam.
Welcome back. In this lesson, we'll pick up our discussion of compute resources in Azure, and in particular we'll talk about configuration management.
When it comes to configuring a server, you'll need to be able to execute code on that server. With Azure VMs, that means you'll probably be using the Azure VM Agent, which is installed by default on both Windows and Linux VMs, and that allows OS-specific extensions to be added to the VM.
In the configuration management world, in general, there are a few standout tools: Chef and Puppet are two of them which have existed for quite some time. While they both work with Windows, Chef and Puppet are both widely used in the Linux world, allowing for a cross-OS solution.
However, you're not limited to just third-party tools. Microsoft has come out with an extension to PowerShell called DSC, which stands for Desired State Configuration. PowerShell DSC is a way to declaratively specify the state of a set of virtual machines, which are generally called nodes.
DSC allows you to specify things such as the state of services, registry settings, file contents, environment variables, and more in a declarative way, and then have that state applied to the given VM. DSC supports different types of resources, and some of which are shown here, for example, you could use DSC to ensure MongoDB is installed and configured whenever the startup script is run, and also to create a user account with permissions that can access the database.
You can also create custom resources for yourself with PowerShell allowing for greater customization. DSC allows you to repeatedly run the same script multiple times safely, and if a resource is already installed or in the desired state, then nothing is done.
DSC will ensure that all of the configuration steps are correctly applied and will even tell you if the configuration has drifted from what it should be since the last time that that was applied. The local configuration manager, abbreviated LCM, is the engine that DSC uses to facilitate the interaction between resources and configurations.
LCM will pull the system regularly and use the control flow that's implemented behind the scenes in the resource to make sure that the state specified and the configuration is maintained. DSC added the configuration keyword to PowerShell, and under that you can specify which nodes a configuration applies to. For reference, here's a script that will ensure that the FTP service is activated on a VM.
If Chef, Puppet, or DSC aren't what you're looking for, Azure also has custom script extensions as a means to execute code on a VM to facilitate configuration. Custom script extensions can be applied when the VM is first created or even if it's already running. Configuration management allows you to get the software you need installed and configured.
However, in recent years another option has emerged, which is containerization. Containerization offers value to both developers and operations. It allows a developer to bundle the code that they've written with the supporting libraries and have the container share the kernel of the operating system that's running the container.
Modern containers use layers, which are kind of like a set of file diffs, which allow the reuse of common layers, and this makes containerization a kind of fairly lightweight way to package up your code, and ensure that it's running the same way in any environment.
The value for operations is that once an app has been containerized, it becomes fairly standardized to deploy it because once you have a container orchestration system in place, all of the containers can be deployed using that same process.
The most popular container engine is currently Docker, and Azure supports Docker in two ways. It's possible to deploy VMs and install Docker on them, or you can use the Azure Container Service, which provides a platform as a service that hides all of the infrastructure requirements.
When it comes to configuring a compute resource, you have options. You can use Golden VM images that contain what you need. You can use configuration management software, such as Chef, Puppet, or DSC, and you can also use containers allowing for an immutable infrastructure.
Okay, that's gonna wrap up this lesson. In the next lesson, I'm going to cover ARM Templates, so if you're ready to keep learning, then let's get started in the next lesson.
About the Author
Ben Lambert is the Director of Engineering and was previously the lead author for DevOps and Microsoft Azure training content at Cloud Academy. His courses and learning paths covered Cloud Ecosystem technologies such as DC/OS, configuration management tools, and containers. As a software engineer, Ben’s experience includes building highly available web and mobile apps.
When he’s not building the first platform to run and measure enterprise transformation initiatives at Cloud Academy, he’s hiking, camping, or creating video games.