Save to My DOJO
Table of contents
Last year VMware released Desired Stated Configuration Resources for VMware. Because of the OS differences between Windows and ESXi, the current design is to leverage a Windows Server that acts as the “proxy” between VCenter/ESXi and the PowerShell DSC engine. Since the initial release, there has been a successful amount of interest and contributions in the community with the project resulting in the new release of DSC for VMware 2.0. This latest release is not published in the PowerShell Gallery which is much more convenient than the old installation process of copying the resource files directly from GitHub. Also, with the 2.0 release comes 14 new DSC Resources for interfacing with vSphere. We now have the following resources available:
- Cluster
- HACluster
- DrsCluster
- DatacenterFolder
- Datacenter
- Folder
- PowerCLISettings
- VMHostAccount
- VMHostService
- VMHostSettings
- VMHostSyslog
- VMHostVss
- VMHostVssBridge
- VMHostVssSecurity
- VMHostVssShaping
- VMHostVssTeaming
With the release of these additional resources, we are closer to being able to define our vSphere environment entirely with code in PowerShell DSC. It’s important to understand that these DSC resources can not only be used in just natively PowerShell DSC, but also can be leveraged by the popular configuration management utilities like Chef, Puppet, and Ansible. To get an idea of how to use those tools with VMware DSC, be sure to check out some of the examples posted on the GitHub. Let’s take a look at some of the things we can do now with the new resources available, in our example we will use Azure Automation Config Management to test out the new resources. For more documentation on each one be sure to check out the DSC Resources for VMware wiki.
Let’s See The New DSC Resources In Action!
In a previous post, we walked through how to get started using VMware DSC. A pull server is required in order to feed the DSC configuration to the Local Configuration Manager proxy server, which is the server that will be initiating the PowerCLI commands to turn our vSphere environment into our declared state. Microsoft is currently recommending using Azure DSC which contains a built-in pull server. This makes it very simple to add in these new DSC resources to a configuration and start playing with them. We will create our test configuration file:
Configuration LukeLabConfig { param( [Parameter(Mandatory = $true)] [string]$Server, [Parameter(Mandatory = $true)] [string]$Hostname ) Import-DscResource -ModuleName VMware.vSphereDSC Node localhost { $Cred = Get-AutomationPSCredential 'VCenter Password' DatacenterFolder DSCEnvironment { Server = $Server Credential = $Cred Name = 'DSCEnvironment' Location = '' Ensure = 'Present' } DatacenterFolder Services { Server = $Server Credential = $Cred Name = 'Services' Location = 'DSCEnvironment' Ensure = 'Present' DependsOn = "[DatacenterFolder]DSCEnvironment" } Datacenter Lab { Server = $Server Credential = $Cred Name = 'LukeLab' Location = '' Ensure = 'Present' } Cluster DSCCluster { Server = $Server Credential = $Cred Ensure = 'Present' Location = '' DatacenterName = 'LukeLab' DatacenterLocation = '' Name = 'DSCCluster' HAEnabled = $true HAIsolationResponse = 'DoNothing' HARestartPriority = 'Low' HAFailoverLevel = 1 DrsEnabled = $true DrsAutomationLevel = 'FullyAutomated' DrsMigrationThreshold = 5 DrsDistribution = 1 } VMHostVss dscvswitch { Name = $Hostname Server = $Server Credential = $Cred Ensure = 'Present' VssName = 'DSC-VSS' } } }
Note: We are using the Get-AutomationPSCredential cmdlet in our Configuration File to securely pass our vCenter credentials into the configuration. The credentials are stored and encrypted in the Azure Automation Account credentials manager. This is one of the amazing benefits of using Azure DSC as the pull server:
We’ll save our configuration above to a file, in my example, I saved it as LukeLabConfig.ps1. Now we will upload the file into Azure Automation. We will use their built-in compiling tool to automatically generate the MOF file for our LCM server. To do this go to State Configuration (DSC) and select the Configurations tab, then select Add:
We’ll import the configuration file and then refresh the Configurations tab. The newly imported configuration should now appear in the list:
Now when we select our configuration we choose the option to Compile to start the compiling job:
Input the parameters requested in the configuration file. In my example, we just need the vCenter server and the name of the host we want to create the VSS on:
The compilation job takes 5 to 10 minutes to complete. Once completed it will show the status under “Compilation Jobs”:
Lastly, we just assign our LCM node the new configuration and either wait for the next pull or remote into the server and run Update-DscConfiguration -Wait -Verbose to manually trigger the pull:
Once the LCM server has initiated the pull we can see the results of the pull from the “State Configuration” page. This is a great tool to use for managing configuration and even allows you to drill down into each DSC resource that we specified in our configuration file to troubleshoot any errors:
When we look in vCenter we can see our folders, data center, and cluster configurations that we declared with the new DSC Resources are now there:
Conclusion
With these new DSC resources for VMware, we are one step closer to an idempotent VMware environment utilizing DSC. Keep in mind that we are just leveraging the Windows PowerShell DSC engine with PowerCLI to make our configuration changes which means if you can make a change in VMware with PowerCLi you can make a DSC resource for it. If you want to follow along or contribute to this project, be sure to follow it on GitHub. I also have a walkthrough on how to create your own DSC resources for VMware. Also, If you’re a beginner to PowerShell or PowerCLI be sure to check out our popular eBook, PowerCLI: The Aspiring Automater’s Guide.
Let us know if you have any questions in the comments section below and thanks for reading!
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!