7

PowerShell DSC: The next generation

 3 years ago
source link: https://puppet.com/blog/powershell-dsc-the-next-generation/?utm_campaign=Feed%3A+PuppetLabs+%28Puppet+Labs%29
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

PowerShell DSC: The next generation

by Ben Ford|19 May 2021
See more posts about: Windows

We have some exciting news for you about Puppet's support for the PowerShell DSC configuration framework for Windows. In short, content from the PowerShell Gallery will simply appear on the Puppet Forge and can be added to your Puppetfile and used just like any other Puppet module. This makes it by far the most flexible and maintainable iteration of DSC integration we've ever had. Pick and choose whatever DSC Resources you want and get all the VSCode IntelliSense magic you've come to expect.

So why are we making these changes?

Let's start out with some history. The first puppetlabs-dsc module was released in 2015 and it vendored the entire known DSC universe at the time. This was great for users --- all they had to do was install the one module to get access to the power of DSC right in their Puppet codebase. But it also meant that the module was huge and had a ton of tiny files. This made Puppet's pluginsync process take ages and even fail in some circumstances.

The build process for vendoring all those DSC Resources and building the module was fragile too. In theory, anyone could rebuild a version of that module with any DSC Resources they wanted, even their own private code. In reality, the DSC ecosystem was in such flux that we struggled to keep the builder working. Eventually the changes caught up with us and it failed for good. This means that the module still works, but the DSC Resources that it uses are stuck in time and won't ever be updated.

To alleviate those concerns, we iterated the second approach, the puppetlabs-dsc_lite module, in 2018. This module didn't vendor any DSC Resources, and instead pulled out the abstraction layer and let you invoke any arbitrary DSC Resources via a simple resource type. That was great because the build pipeline was solid and testable and maintainable, and the module itself was tiny and reliable. Best of all, you could once again use modern DSC Resources.

The problem (you knew this was coming, right?) was it achieved those goals by simply offloading the hard administrative work to the user. The user was responsible for distributing all the underlying DSC Resources they wanted to use, and for knowing all the parameters of each resource. Since it supported arbitrary resources with arbitrary parameters, we couldn't even validate manifests other than the basic Puppet syntax, much less provide modern editor support like autocomplete or type validation.

So that brings us to today. Instead of providing a translation module, we extracted the core translation engine into a shared library and then created a tool (the Puppet.Dsc PowerShell Module) that vendors a single PowerShell module with DSC Resources into a shim Puppet module with all the proper parameters and type validation built in for each of those resources. Then we built a pipeline that crawls the PowerShell Gallery and generates a Puppet module for each new release of every PowerShell module with DSC Resources that it finds. These are published directly to the Forge and marked as Supported by Puppet. This means that now users will simply add any DSC Resource they want to use directly to their Puppetfile and start writing Puppet code.

You no longer need to be concerned with the under-the-hood implementation details. You don't need to care which tools were invoked to effect a change. Describe what you need in Puppet's effortlessly declarative language and then let Puppet do what it does best: abstract away the details and just make the changes you need.

Best of all, when paired with Puppet's VS Code extension, you'll get all the IntelliSense goodness that you've come to expect as you're writing your profile classes. Not only do you get context-sensitive syntax highlighting and autocompletion, but you'll get parameter validation that knows what data types to use and even which values are acceptable --- and that all comes automatically from the wrapped DSC Resources!

DSC roadmap

We are currently recommending that all users begin moving to the new modules at their earliest convenience. The legacy puppetlabs-dsc module is now deprecated and will be officially unsupported as of July 21, 2021. The puppetlabs-dsc_lite module will be deprecated at that time and will be officially unsupported one year later. At that point, the DSC modules on the Forge will become the only supported solution.


About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK