1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Azure Resource Manager Virtual Machines

Demo - Deploy an Azure PowerShell DSC Configuration

The course is part of these learning paths

AZ-103 Exam Preparation: Microsoft Azure Administrator
course-steps 15 certification 6 lab-steps 7
Developing, Implementing and Managing Azure Infrastructure
course-steps 10 certification 7 lab-steps 2
3 Pillars of the Azure Cloud
course-steps 4 certification 4 lab-steps 1
more_horiz See 1 more

Contents

keyboard_tab
Overview of the course
1
2
Summary
play-arrow
Start course
Overview
DifficultyBeginner
Duration2h 17m
Students3351
Ratings
4.9/5
star star star star star-half

Description

Azure Resource Manager Virtual Machines

Virtual Machines are a very foundational and fundamental resource in Cloud Computing. Deploying virtual machines gives you more flexibility and control over your cloud infrastructure and services, however, it also means you have more responsibility to maintain and configure these resources. This course gives you an overview of why use virtual machines as well as how to create, configure, and monitor VMs in Azure Resource Manager.

Azure Resource Manager Virtual Machines: What You'll Learn

Lesson What you'll learn
Overview Overview of the course and the Learning Objectives
What is a Virtual Machine? Understand what are Azure Virtual Machines and what workloads are ideal for VMs
Creating and Connecting to Azure VMs Learn to deploy Windows and Linux VMs as well as how to connect to these VMs
Scaling Azure Virtual Machines Understand VM scaling, load-balancing, and Availability Sets in Azure Resource Manager
Configuration Management Understand the basic concepts of Desired State Configuration and the options available to Azure VMs
Design and Implement VM Storage Gain an understanding of the underlying Storage options available to VMs as well as Encryption
Configure Monitoring & Alerts for Azure VMs Learn to monitor VMs in Azure Resource Manager as well as configure alerts.
Summary Course summary and conclusion

 

Transcript

First we’re going to define the actual DSC configuration. Here I am in the Windows PowerShell ISE a common environment used to create and run scripts. We have an editor window at the top and a interactive PowerShell session at the bottom. In this configuration, we want our VMs to be web servers running IIS. If for some reason our VM is not running IIS, it will try to confirm to our standard and install IIS automatically. We begin our Configuration with the word “Configuration” followed by a name which we call DSC_IIS. We specify the target nodes this configuration applies to. For this demo we just want to target our single VM itself and so we’ll reference it as “localhost.” Then we can begin to add a WindowsFeature section. This block of code which we call IIS enables us to add any number of windows features that we’d like as part of our configuration. We only care about installing the IIS Web Server Windows Feature. Within this WindowsFeature block, we have the “Ensure” parameter set to “Present” meaning we want to ensure this feature is present. Then we have the name of the actual WindowsFeature which is called “Web-Server.”

Before we do anything else, let’s hop back over to our VM which I’m already connected to. And as you can see from Server Manager, we do not have the IIS Web Server Role installed. Let’s open up a PowerShell window and run “Get-WindowsFeature | where DisplayName -Like *IIS*”. And as you can see we currently do not have the Web Server (IIS) installed. Also notice the name of the actual Web Server Role is “Web-Server” which is what we specified in our PowerShell DSC configuration script.

Next, we need to deploy our DSC Configuration to Azure. We’ll Login, push the DSC configuration to a Storage Account, then deploy the PowerShell DSC Extension to our target VM which will invoke our DSC Configuration and hopefully the VM will update accordingly.

The first thing we do is login to our Azure Account, which I’ve already done. If you are working with the Azure Government community Cloud you would specify “-EnvironmentName AzureUSGovernment” or something similar for your appropriate cloud environment. Next, we define a set of variables which we’ll use in our script. We have our $resourceGroupName which is the name of our VM and storage account resource group, the $targetVM we wish to deploy our DSC Configuration, $storageAccountName (and I’ve created a separate storage account called “dscscripts”), and finally $DSCcontainer name which you can think of as a folder called “powershellscripts” which lives on our StorageAccount. Let’s execute this section of the script to load them into memory.

Next, we are going to Publish our DSC configuration to the storage account and deploy the PowerShell DSC Extension. You publish a DSC configuration by using the “Publish-AzureRmVMDscConfiguration” cmdlet which is going to take our configuration file and any other additional data and archive it in a .ZIP file before copying it to our storage account. Let’s take a look at the help documentation to see what parameters this command accepts. We have an “AdditionalPath” parameter where we can include other files and directories with our configuration. Looking at the “Required?” field we can see that it’s false and so not required. What we care about is the “ConfigurationPath” to locate our config file, the “ContainerName” which in our case is “powershellscripts” although not required, the “ResourceGroupName,” and finally the StorageAccountName where our configuration will live. Looking back at our PowerShell window, you can see that we have these values configured along with a “-Force” parameter in order to skip any confirmation prompts. Let’s execute this.

As output, you can see the path to our .ZIP file in the given URL. The URL has the “dscscripts” as the storage account name, “powershellscripts” as the container name, and finally the .ZIP file where our configuration files live. Let’s take a look at this in the portal. At the Storage accounts view let’s select “dscscripts.” Click “Blobs.” There is our “powershellscripts” container which is also set to Private so that only my Azure account owner can access it at the moment. Clicking on our “powershellscripts” container brings up our zip file. Clicking on it gives us the option of downloading it. I’ve already downloaded and unzipped this archive so that we may have a look. Let’s open the files in Visual Studio Code. But as you can see, nothing too surprising. The dscmetadata.json file is practically blank, and our DSC_IIS.ps1 file is exactly how we left it. By the way you’ll notice my Visual Studio code has a PowerShell interactive prompt at the bottom of the screen in addition to intellisense, for example Get-AzureRmVM brings up Azure PowerShell commands automatically. This is courtesy of the PowerShell extension available through Visual Studio Code, and I use it quite a bit.

We’re almost done. Heading back to our PowerShell script we have to deploy the PowerShell DSC extension to our VM using the “Set-AzureRmVMDscExtension” command. Let’s take a look at the help documentation for this command. The required parameters here are “ArchiveBlobName”, “ArchiveStorageAccountName”, “ResourceGroup”, “Version”, and “VMName.” If you noticed there is also an optional “AutoUpdate” parameter which you want to be careful of because with this enabled, if you update your published configuration, your VM will eventually pull the changes and could potentially reboot, but could be an excellent feature if you know what you’re doing. Note there is also a corresponding “Remove-AzureRmVMDscExtension” command to remove this extension from the VM.

In my command I specify version “2.23.” I dislike hardcoded values, however it does help in the cases where newer versions could potentially break your existing configurations. But how do we get the list of Version numbers for a VM Extension. I have a small code block here for getting the PowerShell DSC Extension specifically. We essentially parse through all the available Image Publishers in the East US region and filter on Publisher Names equal to “Microsoft.PowerShell” which is the name of the extension. Let’s run it to see what kind of output we get. There, I sorted it in Descending order however since these are version numbers a pure text sort isn’t perfect. But we can still easily see that at the time of this recording the latest version is 2.23.0.0. When putting the version number in the script just stick with the Major and Minor revision numbers, “2.23” in our case.

Great, now that we have that, the rest of the parameters are pretty straight forward. We have the ResourceGroupName, the name of our targetVM, three “Archive” parameters that reference our Zip archive file where our configuration lives, and finally we give our DSC Configuration a name which we call “DSC_IIS.” We again use the “-Force” parameter to avoid any confirmation screens. Let’s execute this. It will take a short while since the VM has to install the extension and reboot to complete our DSC configuration.

Looking back at our VM in the Portal and clicking Extensions, we can see the Microsoft PowerShell DSC extension is being installed and in a state called “Transitioning.” Clicking on the extension gives us a more details. And when it’s done, that Status will change to “Provisioning Succeeded.” Coming back to our PowerShell ISE, we can see that we’ve successfully deployed the PowerShell DSC extension with our DSC configuration.

Let’s have a look at the VM. Server Manager now shows the IIS Role installed. Opening PowerShell and once again running Get-WindowsFeature | where DisplayName -like *IIS* also shows us that we now have IIS installed.

Also one final note, the Azure PowerShell DSC Extension outputs log files to C:\WindowsAzure\Logs\Plugs\Microsoft.PowerShell.DSC\[version]. Here you can see the command execution logs and other log files where the extension is downloading the Windows Management Framework (or WMF which requires a reboot) and other DSC configurations such as RefreshSequenceMins, etc. This now completes our demo.

About the Author

Students5073
Labs1
Courses3
Learning paths1

Chris has over 15 years of experience working with top IT Enterprise businesses.  Having worked at Google helping to launch Gmail, YouTube, Maps and more and most recently at Microsoft working directly with Microsoft Azure for both Commercial and Public Sectors, Chris brings a wealth of knowledge and experience to the team in architecting complex solutions and advanced troubleshooting techniques.  He holds several Microsoft Certifications including Azure Certifications.

In his spare time, Chris enjoys movies, gaming, outdoor activities, and Brazilian Jiu-Jitsu.