PowerShell Desired State Configuration (DSC) ã䜿çšãããšãæ°çŸå°ã®ãµãŒããŒãããå Žåã«ããªãã¬ãŒãã£ã³ã° ã·ã¹ãã ããµãŒããŒã®åœ¹å²ãããã³ã¢ããªã±ãŒã·ã§ã³ãå±éããŠæ§æããäœæ¥ã倧å¹
ã«ç°¡çŽ åãããŸãã
ãã ããDSC ããªã³ãã¬ãã¹ã§äœ¿çšããå Žåãã€ãŸãMS Azure ã§ã¯ãªããããããã€ãã®ãã¥ã¢ã³ã¹ããããŸãã ãããã¯ãçµç¹ã倧èŠæš¡ (ã¯ãŒã¯ã¹ããŒã·ã§ã³ãšãµãŒããŒã 300 å°) ã§ãã³ã³ããã®äžçããŸã ç解ããŠããªãå Žåã«ç¹ã«é¡èã§ãã
- ã·ã¹ãã ã®ã¹ããŒã¿ã¹ã«é¢ããå®å šãªã¬ããŒãã¯ãããŸããã å¿ èŠãªæ§æãäžéšã®ãµãŒããŒã«é©çšãããŠããªãå Žåããããã®ã¬ããŒãããªããã°ããã®ããšãç¥ãããšã¯ã§ããŸããã çµã¿èŸŒã¿ã®ã¬ããŒã ãµãŒããŒããæ å ±ãååŸããã®ã¯éåžžã«å°é£ã§ããããã¹ãã®æ°ãå€ãå Žåã¯æéããããããšããããŸãã
- ã¹ã±ãŒã©ããªãã£ãšèé害æ§ãæ¬ ããŠããŸãã åäžã®ãã©ãŒã«ã ãã¬ã©ã³ã ããŒã¿ããŒã¹ãšãæ§æãã¢ãžã¥ãŒã«ãããã³ç»é²ããŒçšã® mof ãã¡ã€ã«ã®å ±éã¹ãã¬ãŒãžãåãã DSC ãã« Web ãµãŒããŒã®ãã¡ãŒã ãæ§ç¯ããããšã¯äžå¯èœã§ãã
ä»æ¥ã¯ãæåã®åé¡ã解決ããŠã¬ããŒãçšã®ããŒã¿ãååŸããæ¹æ³ã説æããŸãã SQL ãããŒã¿ããŒã¹ãšããŠäœ¿çšã§ããã°ããã¹ãŠãç°¡åã«ãªããŸãã MS
ãã®æ¹æ³ãèŠã€ããŸãããWindows Server 2012 ããã³ 2016 ã䜿çšããŠããå Žåã¯ã次ã®ããšãã§ããŸãã
泚: Windows Server 2016 ã®å Žåã¯ã次ã䜿çšããå¿
èŠããããŸãã
DSC ãã« ãµãŒããŒãå±éããããã»ã¹ã«ã€ããŠã¯è©³ãã説æããŸããããéåžžã«è©³ãã説æãããŠããŸãã
-
UseSecurityBestPractices = $false
ããããªããšãTLS 1.0 ãç¡å¹ã«ãªããSQL ããŒã¿ããŒã¹ã«æ¥ç¶ã§ããªããªããŸãã Kaspersky Security Center ãæ©èœããŸãã (ãã®åé¡ã¯ Kaspersky Security Center v11 ã§è§£æ±ºãããã¯ãã§ã)ã
-
Enable32BitAppOnWin64 = $true
ãã®å€æŽãè¡ããªããšãWSUS ã䜿çšã㊠IIS äžã§ AppPool DSC ãµãŒããŒãå®è¡ã§ããªããªããŸãã
- WSUS ã䜿çšã㊠DSC ãµãŒããŒãã€ã³ã¹ããŒã«ããå Žåã¯ãDSC ãµã€ãã®éçãã£ãã·ã¥ãšåçãã£ãã·ã¥ãç¡å¹ã«ããŸãã
SQL ããŒã¿ããŒã¹ã䜿çšããããã® DSC ãµãŒããŒã®èšå®ã«é²ã¿ãŸãããã
SQLããŒã¿ããŒã¹ã®äœæ
- DSC ãšããååã®ç©ºã® SQL ããŒã¿ããŒã¹ãäœæããŸãããã
- ãã®ããŒã¿ããŒã¹ã«æ¥ç¶ããããã®ã¢ã«ãŠã³ããäœæããŸãããã ãŸããSQL ãµãŒããŒã Windows ã¢ã«ãŠã³ããš SQL ã¢ã«ãŠã³ãã®äž¡æ¹ã®èªèšŒãèš±å¯ããŠããããšã確èªããŸãã
- ããŠãŒã¶ãŒ ãããã³ã°ãã»ã¯ã·ã§ã³ã«ç§»åããŸãã ããŒã¿ããŒã¹ (ãã®å Žå㯠DSC) ãéžæããŸãã ç§ãã¡ã¯ããŒã¿ããŒã¹ææè ã®æš©å©ãäžããŸãã
- å®äºããŸããã
DSC ããŒã¿ããŒã¹ã®ã¹ããŒãã®äœæ
DSC ããŒã¿ããŒã¹ã®ã¹ããŒããäœæããã«ã¯ã次㮠XNUMX ã€ã®æ¹æ³ããããŸãã
- TSQL ã¹ã¯ãªãããä»ããŠç¬ç«ããŠ
SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO CREATE TABLE [dbo].[Devices]( [TargetName] [nvarchar](255) NOT NULL, [ConfigurationID] [nvarchar](255) NOT NULL, [ServerCheckSum] [nvarchar](255) NOT NULL, [TargetCheckSum] [nvarchar](255) NOT NULL, [NodeCompliant] [bit] NOT NULL, [LastComplianceTime] [datetime] NULL, [LastHeartbeatTime] [datetime] NULL, [Dirty] [bit] NOT NULL, [StatusCode] [int] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[RegistrationData]( [AgentId] [nvarchar](255) NOT NULL, [LCMVersion] [nvarchar](255) NULL, [NodeName] [nvarchar](255) NULL, [IPAddress] [nvarchar](255) NULL, [ConfigurationNames] [nvarchar](max) NULL ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] GO CREATE TABLE [dbo].[StatusReport]( [JobId] [nvarchar](50) NOT NULL, [Id] [nvarchar](50) NOT NULL, [OperationType] [nvarchar](255) NULL, [RefreshMode] [nvarchar](255) NULL, [Status] [nvarchar](255) NULL, [LCMVersion] [nvarchar](50) NULL, [ReportFormatVersion] [nvarchar](255) NULL, [ConfigurationVersion] [nvarchar](255) NULL, [NodeName] [nvarchar](255) NULL, [IPAddress] [nvarchar](255) NULL, [StartTime] [datetime] NULL, [EndTime] [datetime] NULL, [Errors] [nvarchar](max) NULL, [StatusData] [nvarchar](max) NULL, [RebootRequested] [nvarchar](255) NULL ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] GO
- SQL ããŒã¿ ã€ã³ããŒã ãŠã£ã¶ãŒãã䜿çšããŠãPS ã¢ãžã¥ãŒã« PSDesiredStateConfiguration ã®äžéšãšããŠç©ºã® devices.mdb ããããŒã¿ãã€ã³ããŒãããŸãã
ããã§äœ¿çšãã Devices.mdb ã¯ãC:WindowsSysWOW64WindowsPowerShellv1.0ModulesPSDesiredStateConfigurationPullServer ã«ãããŸãã
- ããŒã¿ãã€ã³ããŒãããã«ã¯ãSQL Server ã€ã³ããŒãããã³ãšã¯ã¹ããŒã ãŠã£ã¶ãŒããå®è¡ããŸãã
- ããŒã¿ã®ååŸå ãéžæããŸãããã®å Žåããã㯠Microsoft Access ããŒã¿ããŒã¹ã§ãã ã次ãžããã¯ãªãã¯ããŸãã
- å³ã®ã€ã³ããŒãå ã®ãã¡ã€ã«ãéžæããŸãã
- ã€ã³ããŒãããå Žæãæå®ããŸããç§ãã¡ã®å Žåããã㯠SQL ããŒã¿ããŒã¹ã§ãã
- SQL ãµãŒã㌠(ãµãŒããŒå) ãšããŒã¿ãã€ã³ããŒãããããŒã¿ããŒã¹ (ããŒã¿ããŒã¹) ãéžæããŸãã
- [XNUMX ã€ä»¥äžã®ããŒãã«ãŸãã¯ãã¥ãŒããããŒã¿ãã³ããŒãã (ããŒãã«ãŸãã¯ãã¥ãŒããã®ããŒã¿ã®ã³ããŒ)] ãªãã·ã§ã³ãéžæããŸãã
- ããŒã¿ããŒã¹ ã¹ããŒããã€ã³ããŒãããããŒãã«ãéžæããŸãã
- ãããã«å®è¡ããã§ãã¯ããã¯ã¹ããªã³ã«ããŠããå®äºããã¯ãªãã¯ããŸãã
- å®äºããŸããã
- ãã®çµæãDSC ããŒã¿ããŒã¹ã«ããŒãã«ã衚瀺ãããŸãã
.mdbããããã·ããã¡ã€ã«ã®ã»ããã¢ãã
SQL ãµãŒããŒãžã® ODBC æ¥ç¶ãäœæããŸãã DSC ãå®è¡ããŠãããµãŒããŒã«ã¯ MS Access ãã€ã³ã¹ããŒã«ãããŠããªããšæ³å®ãããŠãããããdatabases.mdb ã®ã»ããã¢ãã㯠MS Access ãã€ã³ã¹ããŒã«ãããŠããäžéãã¹ãã§è¡ãããŸãã
SQL ãµãŒããŒãžã®ã·ã¹ãã ODBC æ¥ç¶ãäœæããŸããã (æ¥ç¶ã®ãããæ°ã¯ MS Access ã®ãããæ° (64 ãŸã㯠32) ãšäžèŽããå¿
èŠããããŸã)ã 以äžã䜿çšããŠäœæã§ããŸãã
- Powershell ã³ãã³ãã¬ãã:
Add-OdbcDsn âName DSC âDriverName 'SQL Server' âPlatform '<64-bit or 32-bit>' âDsnType System âSetPropertyValue @('Description=DSC Pull Server',"Server=<Name of your SQL Server>",'Trusted_Connection=yes','Database=DSC') âPassThru
â ãŸãã¯æ¥ç¶ãŠã£ã¶ãŒãã䜿çšããŠæåã§:
- 管çããŒã«ãéããŸãã ã€ã³ã¹ããŒã«ãããŠãã MS Access ã®ããŒãžã§ã³ã«å¿ã㊠ODBC ããŒã¿ ãœãŒã¹ãéžæããŸãã [ã·ã¹ãã DSN] ã¿ãã«ç§»åããã·ã¹ãã æ¥ç¶ãäœæããŸã (è¿œå )ã
- SQL ãµãŒããŒã«æ¥ç¶ããããšã瀺ããŸãã ãå®äºããã¯ãªãã¯ããŸãã
- æ¥ç¶ããååãšãµãŒããŒãæå®ããŸãã 次ã«ãåããã©ã¡ãŒã¿ã䜿çšããæ¥ç¶ã DSC ãµãŒããŒäžã«äœæããå¿ èŠããããŸãã
- SQL ãµãŒããŒã«æ¥ç¶ããã«ã¯ãDSC ãšããååã§ä»¥åã«äœæãããã°ã€ã³ã䜿çšããããšã瀺ããŸãã
- DSC æ¥ç¶èšå®ã§ããŒã¿ããŒã¹ãæå®ããŸãã
- ãå®äºããã¯ãªãã¯ããŸãã
- ã»ããã¢ãããå®äºããåã«ãæ¥ç¶ãæ©èœããŠããããšã確èªããŸã (ãã¹ã ããŒã¿ ãœãŒã¹)ã
- å®äºããŸããã
MS Access 㧠devices.mdb ããŒã¿ããŒã¹ãäœæããŸãã MS Access ãèµ·åããdevices.mdb ãšãã空ã®ããŒã¿ããŒã¹ãäœæããŸãã
- ãå€éšããŒã¿ãã¿ãã«ç§»åãããODBC ããŒã¿ããŒã¹ããã¯ãªãã¯ããŸãã 衚瀺ããããŠã£ã³ããŠã§ãããŒã¿ ãœãŒã¹ã«æ¥ç¶ãããªã³ã¯ ããŒãã«ã®äœæãéžæããŸãã
- æ°ãããŠã£ã³ããŠã§ãããã·ã³ ããŒã¿ ãœãŒã¹ãã¿ããéžæãããOKããã¯ãªãã¯ããŸãã æ°ãããŠã£ã³ããŠã§ãSQL ãµãŒããŒã«æ¥ç¶ããããã®è³æ Œæ å ±ãå ¥åããŸãã
- ãªã³ã¯ããå¿ èŠãããããŒãã«ãéžæããŸãã ããã¹ã¯ãŒããä¿åãããã¯ã¹ããã§ãã¯ãããOKããã¯ãªãã¯ããŸãã XNUMX ã€ã®ããŒãã«ãã¹ãŠã®ãã¹ã¯ãŒããæ¯åä¿åããŸãã
- ã€ã³ããã¯ã¹ã§ã¯ã次ã®ãã®ãéžæããå¿
èŠããããŸãã
â dbo_Devices ããŒãã«ã® TargetNameã
â dbo_RegistrationData ã® NodeName ãŸã㯠IPAddressã
â dbo_StatusReport ã® NodeName ãŸã㯠IPAddressã - MS Access ã§ããŒãã«ã®ååãå€æŽããŸããããã€ãŸããDSC ã䜿çšã§ããããã« dbo_ ãã¬ãã£ãã¯ã¹ãåé€ããŸãã
- å®äºããŸããã
- ãã¡ã€ã«ãä¿åããMS Access ãéããŸãã ããã§ãçµæã® devices.mdb ã DSC ãµãŒã㌠(ããã©ã«ãã§ã¯ C:Program FilesWindowsPowershellDSCService) ã«ã³ããŒããæ¢åã®ãã®ãããã«çœ®ãæããŸã (ååšããå Žå)ã
SQL ã䜿çšããããã® DSC ãµãŒããŒã®æ§æ
- DSC ãµãŒããŒã«æ»ããŸãã ãããã· ãã¡ã€ã«ã䜿çšã㊠SQL ãµãŒããŒã«æ¥ç¶ããã«ã¯ãDSC ãµãŒããŒäžã«æ°ãã ODBC æ¥ç¶ãäœæããŸãããã ååãããã深床ãããã³æ¥ç¶èšå®ã¯ãMDB ãã¡ã€ã«ã®äœææãšåãã§ããå¿ èŠããããŸãã èšå®æžã¿ã®ç©ºã® devices.mdb ãããããã³ããŒã§ããŸãã
- devices.mdb ã䜿çšããã«ã¯ãDSC ãã« ãµãŒããŒã® web.config ãå€æŽããå¿ èŠããããŸã (ããã©ã«ã㯠C:inetpubPSDSCPullServerweb.config)ã
- Windows Server 2012ã®å Žå
<add key="dbprovider" value="System.Data.OleDb">
<add key="dbconnectionstr" value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:Program FilesWindowsPowerShellDscServiceDevices.mdb;">
- Windows Server 2016ã®å Žå
<add key="dbprovider" value="System.Data.OleDb">
<add key="dbconnectionstr" value="Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:Program FilesWindowsPowerShellDscServiceDevices.mdb;">
ãã㧠DSC ãµãŒããŒã®ã»ããã¢ãããå®äºããŸããã
DSC ãµãŒããŒã®æ©èœã確èªãã
- Web ãã©ãŠã¶ãŒãã DSC ãµãŒããŒã«ã¢ã¯ã»ã¹ã§ããããšã確èªããŠã¿ãŸãããã
- 次ã«ãDSC ãã« ãµãŒããŒãæ£ããåäœããŠãããã©ããã確èªããŠã¿ãŸãããã ãããè¡ãããã«ãxPSDesiredStateConfiguration ã¢ãžã¥ãŒã«ã«ã¯ pullserversetuptests.ps1 ã¹ã¯ãªãããå«ãŸããŠããŸãã ãã®ã¹ã¯ãªãããå®è¡ããåã«ãPester ãšããååã® Powershell ã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããå¿ èŠããããŸãã Install-Module -Name Pester ãã€ã³ã¹ããŒã«ããŸãã
- C:Program FilesWindowsPowerShellModulesxPSDesiredStateConfiguration<ã¢ãžã¥ãŒã« ããŒãžã§ã³>DSCPullServerSetupPullServerDeploymentVerificationTest (äŸã®ããŒãžã§ã³ 8.0.0.0.0) ãéããŸãã
- PullServerSetupTests.ps1 ãéããDSC ãµãŒããŒã® web.config ãžã®ãã¹ã確èªããŸãã ã¹ã¯ãªããããã§ãã¯ãã web.config ãžã®ãã¹ãèµ€è²ã§åŒ·èª¿è¡šç€ºãããŸãã å¿ èŠã«å¿ããŠããã®ãã¹ãå€æŽããŸãã
- pullserversetuptests.ps1 ãå®è¡ããŸã
Invoke-Pester.PullServerSetupTests.ps1
ãã¹ãŠããŸããããŸãã - SQL Management Studio ã§ã¯ã管ç察象ãã¹ããã¬ããŒãã DSC ã¬ããŒã ãµãŒããŒã«éä¿¡ããããŒã¿ã SQL ãµãŒããŒäžã® DSC ããŒã¿ããŒã¹ã«ä¿åãããããšãããããŸãã
ããã ãã§ãã 次ã®èšäºã§ã¯ãååŸããããŒã¿ã«åºã¥ããŠã¬ããŒããäœæããæ¹æ³ã説æããäºå®ã§ããã©ãŒã«ã ãã¬ã©ã³ã¹ãšã¹ã±ãŒã©ããªãã£ã®åé¡ã«ã€ããŠã觊ããŸãã
åºæïŒ habr.com