© "Security is key and Devops is life" ~ Antonio Cheltenham

Stop putting it off! Embrace Infrastructure as Code...#Devops

March 29, 2017

 

Now I am loving life, I feel so empowered, my brain is firing on all cylinders. (You might want to read my previous post to see how I got to this euphoric state). I always love the art of programming but never excelled at it because I couldn't think of any software to write that I would be passionate about, to see it through even as the brick wall got higher and thicker, because, it is the brick walls that breaks your will if you are not 100% passionate about achieving the end result. This was different, I can use code to help with my day to day work. #DevOPS

 

No longer do I have to guess what configurations I made weeks or months ago and try to use my finite memory banks to repeat a task that seems so so long ago. I can just look at the configuration file and see exactly what was done. 

Here is where Desired State Configuration come into play. If I want to do my "vagrant up" ninja move, I need to be able to configure my windows box from well crafted sequence of commands. Take note, for the Linux OS this is a piece of cake and people sometime give Windows static for only now getting on board with this style of server management, but here is what I believe is the reasoning for this. 

 

By the way I am in no way affiliated with Microsoft (Just certified) so this is just my opinion. It was easy for the Linux Eco system to adopt this Devops deployment model because at its core the Linux OS and all components are just text files. All configurations are text files, so when we configure Linux systems we are just really bad ass document editors. Windows as you know is an object based OS so the manipulation of its configured state is a bit more sticky. 

Microsoft saw this and realized that the old OS design where the GUI was build first and shell as an after thought wasn't going to cut it in the cloudy world, so with the help of Jeffery Snover  the OS was redesigned with the shell being developed first and the GUI built on top of it. This allowed admins to have the ability to execute any task on the shell as they would via the GUI and at times even greater options are only available via the shell.

 

With that said. Where does DSC fits into my grand plan? Well it is Microsoft's Configuration Management Platform. Please note I said "Platform" and not manager. A manager would be along the lines of Chef, Puppet, Ansible etc. DSC allows you use any of these configuration management software solutions to leverage its automating power.

I encourage you to read up some more on Desired State Configuration, only positive can come about from it. 

 

At this point of my journey I was very comfortable with Powershell. I am creating complex scripts, only configuring systems via the shell and even creating my own custom cmdlets and modules.  Every new project I am thinking "Hmmm how can I do this with Powershell?" #obsessed 

So the next logical step was to learn DSC. So again countless hours of training videos on YouTube and Microsoft Academy to bring myself up to speed with DSC. Unfortunately or fortunately, the period of time I was learning this new technology, so was  the rest of the world and there were bugs, oh boy there were lots of bugs. But due to great community feedback and continuous release cycles they quickly went from 4.0 to 5.1, and its keeps getting better. Bye bye bugs.

 

By the end of this learning period I was able to spin up a Domain Controller using DSC configuration code. Life was good and Infrastructure as Code got a spot on my list as one of the best concepts in the technical world. With this new skill I can now deploy and manage environments as code, where the environment can be truly documented, versioned using a source code repo such at GIT and you can go as far as defining security hardening configurations that can be applied to all servers as a de facto standard to assist with compliance.

 

So that's it, I made the major break through, from a base image I can define how a system is configured without ever having to log on the server, all done with the awesomeness that is DSC. The hurdle now is to get vagrant to provision the server and execute the code. One of the silly thought I had was to use a script block in the vagrant config to just pick up the .mof file and let it do its magic. 

Alas I found a better way, CHEF...............

 

Share on Facebook
Share on Twitter
Please reload

Featured Posts

Okta -> Kafka -> Splunk... Options Galore!

September 4, 2017

1/10
Please reload

Recent Posts

August 14, 2017

Please reload

Search By Tags
Please reload

Follow Us
  • Google+ Social Icon
  • LinkedIn Social Icon
  • Twitter Long Shadow