Demo DSC – Part 3

In Part 1 of this series I talked about how I demo’d the building of a Domain Controller. In Part 2 I talked about demoing the building of a Pull Server, an App Server, and then using the two servers to show how a Pull Server works and what needs to be done to make the magic happen. If you didn’t read Part 1, here is the disclaimer:

This was never intended to demonstrate all the features and capabilities of DSC (there’s a lot!), but instead was done to show at a high level the kinds of things that are possible and to start a discussion about where it fits into our organization immediately and going forward

My outline for this part of the demo looked like this:

  1. Build Web Server
    1. Run BuildWebServer Script on the Web Server
    2. Talk about what’s going on while the server reboots
      1. File copy after domain join
      2. Install of Roles and Features, IIS Components
  2. Post Reboot
    1. Show IIS Site(s
      1. Show default as stopped
      2. Show DSCTest Website
    2. Browse to site from App Server – http://<WebServerName>:8080
    3. Break Web Server
      1. Change IIS Binding
      2. Delete WebSiteFiles Folder
    4. Show broken site from App Server
    5. Talk about various ways this could be fixed (Push/Pull)
    6. Run the BuildLabWebServer script on the Web Server
    7. Show working site from APP Server

For comedic purposes, here is what my awesome Microsoft Word Website looked like that I break in this demo:

CrappyWebsiteDSCDemo

 

Here is the Configuration script in its entirety. It’s also available on GitHub.

$ConfigData =@{
    AllNodes = @(
        @{
          NodeName = "localhost"
          PSDSCAllowPlainTextPassword = $True
          }
    )

}

Configuration BuildLabWebServer{

    param(
        
        [parameter(Mandatory)]
        [ValidateNotNullorEmpty()]
        [string]$NodeName,

        [parameter(Mandatory=$True)]
        [ValidateNotNullorEmpty()]
        [string]$ComputerName,

        [parameter(Mandatory=$True)]
        [ValidateNotNullorEmpty()]
        [string]$Domain,

        [parameter(Mandatory=$True)]
        [ValidateNotNullorEmpty()]
        [string]$IP,

        [parameter(Mandatory=$True)]
        [ValidateNotNullorEmpty()]
        [string]$DNSIP,

        [parameter(Mandatory=$True)]
        [ValidateNotNullorEmpty()]
        [string]$Gateway,

        [parameter(Mandatory=$True)]
        [ValidateNotNullorEmpty()]
        [string]$Subnet,

        [Parameter(Mandatory=$True)] 
        [ValidateNotNullOrEmpty()] 
        [String]$WebSiteName,

        [Parameter(Mandatory=$True)] 
        [ValidateNotNullOrEmpty()] 
        [String]$SourcePath 
    )

    #unsecure, not safe or recommended way to do this
    $Creds = ConvertTo-SecureString "Passw0rd!" -AsPlainText -Force
    $DomainAdminCred = New-Object System.Management.Automation.PSCredential ("$Domain\Administrator", $Creds)
    $SafeModeAdminCred = New-Object System.Management.Automation.PSCredential ("Administrator", $Creds)

    Import-DscResource -ModuleName xNetworking,xComputerManagement,xPendingReboot,LutzResources,xWebAdministration

    Node $NodeName{

        LocalConfigurationManager{
            RebootNodeIfNeeded = $True
        }

        WindowsFeature IIS 
        { 
            Ensure          = "Present" 
            Name            = "Web-Server" 
        } 
 
        WindowsFeature AspNet45 
        { 
            Ensure          = "Present" 
            Name            = "Web-Asp-Net45" 
        }
        
        WindowsFeature IISMgmtTools
        {
            Ensure = "Present"
            Name = "Web-Mgmt-Tools"
        } 
 
        xWebsite DefaultSite  
        { 
            Ensure          = "Present" 
            Name            = "Default Web Site" 
            State           = "Stopped" 
            PhysicalPath    = "C:\inetpub\wwwroot" 
            DependsOn       = "[WindowsFeature]IIS" 
        }       

        xIPAddress WEBIP{
            IPAddress = $IP
            DefaultGateway = $Gateway
            SubnetMask = $Subnet
            AddressFamily = "IPv4"
            InterfaceAlias = "Ethernet"
        }
          
        xDNSServerAddress DomainDNS{
            Address = $DNSIP
            InterfaceAlias = "Ethernet"
            AddressFamily = "IPv4"
        }

        LutzFirewall Domain{
            Profile = "Domain"
            Status = "Disabled"               
        }

        xComputer RenameAndDomainJoin{
           Name = $ComputerName
           DomainName = $Domain
           Credential = $DomainAdminCred
           DependsOn = "[xIPAddress]WEBIP","[xDNSServerAddress]DomainDNS"
       }

       xPendingReboot DomainJoin{
            Name = "Check for reboot after domain join"
       }

        File WebSiteCopy{
            Ensure = "Present"
            DependsOn = "[xPendingReboot]DomainJoin"
            SourcePath = $SourcePath
            DestinationPath = "C:\$WebsiteName"
            Recurse = $True
            Type = "Directory"

       } 
 
        # Create the new Website with HTTP 
        xWebsite DSCWebsite 
        { 
            Ensure          = "Present" 
            Name            = $WebSiteName 
            State           = "Started" 
            PhysicalPath    = "C:\$WebsiteName"
            BindingInfo     = MSFT_xWebBindingInformation 
                             { 
                               Protocol              = "HTTP" 
                               Port                  = 8080 
                             }
            DependsOn = "[File]WebSiteCopy" 
        } 
    }#Node

}#configuration

BuildLabWebServer -ConfigurationData $ConfigData -NodeName localhost -computername $WebServerName -Domain $YourDomain -IP $YourIP -Gateway $YourGateway -Subnet 24 -DNSIP $YourDCIP -OutputPath $YourPath -WebsiteName "DSCTest" -SourcePath "\\PULLSERVER\WebServerFiles"
Set-DscLocalConfigurationManager -Path $YourPath
Get-DSCLocalConfigurationManager
Start-DscConfiguration -Wait -Force -Verbose -Path $YourPath

Leave a Reply