Managing Linux hosts with Desired State Configuration via Azure Automation

Introduction

For this post I’ll be assuming you know the basics of Desired State Configuration (or DSC in short). The objective of today is to test what Azure Automation can bring to the table in terms of managing Linux hosts. We all know about Puppet, Chef, Ansible, … but is Azure Automation a viable alternative? 

cmts1

 

First things first… Azure Automation Account

When getting started with DSC on linux, check out this documentation page as a reference. First up, we’ll create an Azure Automation account.

2016-09-15-14_05_03-inbox-karim-vaesxylos-com-outlook

Copy one of the keys and the URL, as we’ll need it to manually register our “OnPremise” host.

Installing DSC on the Linux host

Afterwards, install the OMI & dsc packages on your host (reference documentation).

For Ubuntu, do the following ;

wget https://github.com/Microsoft/omi/releases/download/v1.1.0-0/omi-1.1.0.ssl_100.x64.deb
wget https://github.com/Microsoft/PowerShell-DSC-for-Linux/releases/download/v1.1.1-294/dsc-1.1.1-294.ssl_100.x64.deb
sudo dpkg -i omi-1.1.0.ssl_100.x64.deb dsc-1.1.1-294.ssl_100.x64.deb

Which should look like…

2016-09-15-14_05_38-kvaeskvaeslinuxdsc01_-_opt_microsoft_dsc_scripts

You can check if all went well by executing the following command ;

2016-09-15-14_05_55-kvaeskvaeslinuxdsc01_-_opt_microsoft_dsc_scripts

 

Linking the host to Azure Automation

Now let’s register the host by doing the following ;

/opt/microsoft/dsc/Scripts/Register.py <Automation account registration key> <Automation account registration URL>

2016-09-15-14_06_03-kvaeskvaeslinuxdsc01_-_opt_microsoft_dsc_scripts

Afterwards you’ll host will show up in Azure Automation ;

2016-09-15-14_07_28-inbox-karim-vaesxylos-com-outlook

You can also run the following command, and you’ll notice that the link towards Azure automation was added to the local configuration.

2016-09-15-19_37_15-kvaessw10kavs_

 

Loading nx module in Azure Automation

Before we’ll upload the DSC configuration, let’s make sure the “nx”-module is loaded, as we’ll be using this in our configs. At the “modules” pane, go to “browse gallery”.

2016-09-15-19_28_37-nx-microsoft-azure

Select the nx module” and select import.

2016-09-15-19_28_49-photos

Refresh the modules and you’ll see that it’s “Extracting activites…”

2016-09-15-19_30_43-nx-microsoft-azure

Wait for it to become “Available”.

2016-09-15-19_32_16-nx-microsoft-azure

If you fail to do the above steps, then you’ll receive the following error messages when compiling your DSC configuration ;

2016-09-15-19_31_30-9_15_2016-7_27-pm-microsoft-azure

 

Loading up the DSC Configuration

Now let’s get our DSC configuration into Azure Automation. Add the configuration file and compile it.

2016-09-15-19_31_46-9_15_2016-7_27-pm-microsoft-azure

If it went succesful, then you’ll see “Completed”. Otherwise you’ll notice a “Suspended”-status.

2016-09-15-19_54_13-kvaespersonaldockerhost-microsoft-azure

Once you get your configuration compiled, you’ll notice that a node configuration was added ;

2016-09-15-19_54_24-dsc-node-configurations-microsoft-azure

 

Linking the Node Configuration to the Linux Host

Next up will be to link the node configuration to the host. Go to the host and press the “Assign node…”-button. Next up you can select your node configuration.

2016-09-15-19_54_36

Once done, you’ll see the node will go into the “Pending”-status.

2016-09-15-19_54_48-kvaeslinuxdsc01-microsoft-azure

Wait for it… 🙂

2016-09-15-19_58_27-kvaeslinuxdsc01-microsoft-azure

And suddenly it’ll go “Failed”… Just kidding. That’s only the case when something went wrong off-course. 😉

2016-09-15-20_10_46-nxpackageapthtop-microsoft-azure

At a given point you’ll notice the node went to “Compliant”.

 

The configuration…

So what configuration did I add?

Configuration kvaesPersonalDockerHost{

Import-DSCResource -Module nx

Node DockerHost {

nxFile dirNaske
{
Ensure = "Present"
DestinationPath = "/opt/naske"
Type = "Directory"
}

nxFile dirDocker
{
Ensure = "Present"
DestinationPath = "/opt/naske/Docker"
Type = "Directory"
DependsOn = "[nxFile]dirNaske"
}

nxFile dirAutomator
{
Ensure = "Present"
DestinationPath = "/opt/naske/Automator"
Type = "Directory"
DependsOn = "[nxFile]dirNaske"
}

nxFileLine nfsVolumeDocker
{
FilePath = "/etc/fstab"
ContainsLine = "naske.kvaes.be:/Docker /opt/naske/Docker nfs auto 0 0"
DependsOn = "[nxFile]dirDocker"
}

nxFileLine nfsVolumeAutomator
{
FilePath = "/etc/fstab"
ContainsLine = "naske.kvaes.be:/Automator /opt/naske/Automator nfs auto 0 0"
DependsOn = "[nxFile]dirAutomator"
}

nxPackage aptHtop
{
Name = "htop"
Ensure = "Present"
PackageManager = "apt"
}

}
}

 

Enjoying the magic!

So now let’s look at our host… It’s got compliant and it looks like all went well.

2016-09-15-20_31_43-settings

So let’s do a validation on our host…

2016-09-15-20_30_32-microsoft_powershell-dsc-for-linux_-powershell-desired-state-configuration-for

All is as it should be! My directories got created and my nfs entries were added. And to top it off, the “htop”-package was installed.

One thing I was missing though, was the visual feedback I got with the windows dsc integration. For example ;

2016-09-15-20_32_14-9_14_2016-7_02-pm-microsoft-azure

With the linux host this was pretty much “all or nothing”, where I’m (currently?) missing the granularity in terms of reporting.

 

TL;DR

  • DSC for Linux does what it promises. DSC isn’t Windows only anymore.
  • The amount of modules is still quite limited imho. But it shows a lot of potential!
  • Azure Automation does a good job at getting the basics. In my opinion, it will already serve the need for a lot of organizations.
  • Gotta look into the reporting part. This to see if the granularity was due to my quick test or that it’s to be considered “as designed”. This cause in another test, I do saw the granularity…


















 

2 thoughts on “Managing Linux hosts with Desired State Configuration via Azure Automation

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.