Posts

CPolydorou.HostsFile Module Updates

This post is to notify you of the recent changes in my HostsFile module. As part of the process of updating the Powershell modules I've published on the PSGallery repository to target a later version of .NET Framework, the CPolydorou.HostsFile module has been updated as well. The newest version of the module - that is 1.2.1 - now requires .NET 4.6.2 that comes pre-installed with Windows Server 2016. In case you are still using the module on operating systems older than that, you can always install the 1.1.1 version that is the latest that is built for .NET Framework 4.5. However, this version will not get any updates or bug fixes in the feature.  If you're installing the module on a new system and require the old version, you can install it using the below command: 1 Install-Module -Name CPolydorou.HostsFile -RequiredVersion 1.1.1

Designing Solutions for newer Azure Regions

Image
Microsoft Azure keeps growing and new regions are being announced and released one after the other, exceeding 60 at this time! New regions usually draw customers that are geographically located near them, with decreased latency being the key factor. Apart from new customers, large organizations usually move some of their workloads to the new regions for the same reasons. When designing a solution that is going to be deployed or extended to a recently released Azure region, you should always make sure that the resources that are part of your solution are available in that particular region. To make the life of the architects easier, Microsoft has created a webpage that provides service availability information and is available  here . This page will not only show you the regions that a  service is available from, but will also allow you to add all the components of your solution and confirm it's availability as a whole. Let's take for example a solution that comprises of Azure F

Additions to the CPolydorou.Security Powershell Module

This post has been triggered by a project that I'm currently working on that involves nginx and containers. As part of the nginx configuration, I had to create a certificate key pair that was going to be used in order to secure traffic towards nginx. The challenge I faced was to convert the PFX certificate that was handed to me by the Certificate Authority team to the format nginx understood. Considering that this was a process that I'd followed many times in the past (and also blogged about), I decided to update a Powershell module of mine named CPolydorou.Security in order to make the use of OpenSSL friendlier to the Windows administrator.  The four new functions that are included in the latest version ( 1.2.0 ) are: Export-ServerCertificateFromPFX Export-CertificateChainFromPFX Export-PrivateKeyFromPFX Decrypt-PrivateKey Let's go through them one-by-one to see how they can help! For the examples demostrated below, I've created secure string objects for the passphras

Configuring Virtual Machines Using Desired State Configuration - Part 6 - Azure Automation

Image
Continuing the post series about Microsoft DSC and a long break from Azure Global, we are going to see how Azure Automation Accounts help with DSC configurations on Azure Virtual Machines. First, we are going to deploy an automation account and then we're going to register a Windows Server VM to it so that it gets and applies our configuration. To deploy an Automation Account, navigate to the Azure Portal and search for "Automation". Select the Automation offering from Microsoft and click "Create". You will then have to select a name for your automation account, the subscription and resource group to deploy to and the location. When done with the deployment options, hit create to submit the deployment. The process should be much like the following (hover to animate): Now that we have created an Automation Account, we need to upload and compile a configuration, so that it

Configuring Virtual Machines Using Desired State Configuration - Part 5 - Creating a Pull Service

Image
Hello and welcome to an article on how to create your own Powershell DSC Pull Service. This is the fifth article of the series and things are starting to build our own DSC infrastructure.  To configure the DSC Pull Service we are going to need a windows server machine running at least Powershell v5 and a certifite. For the purpose of this post, I've created a dedicated machine and the certificate that I'm going to use is issued by my Active Directory Certificate Services. What would be the easiest way to create a Pull Service? DSC of course. We are going to push a DSC configuration to our machine that is going to convert it to a DSC Pull Service! First off, we're going to need that certificate installed in the Personal container of the machine. I prefer using my CA to issue certificates since it is trusted by all the domain member machines and for this one I've enrolled for a certificate based on the Web Server template: You can use any web server certificate as long as

Configuring Virtual Machines Using Desired State Configuration - Part 4 - Applying Configurations

Image
Welcome to the fourth article of the Desired Configuration series! Today we're going to discuss more on the ways you can apply configurations to virtual machines and how to examine the LCM verbose output. Without further ado, let me present the two ways you can apply configurations: Push and Pull. Push The push method is the simplest, we just send the configuration to the node and from then on the node has to act accordingly. We just sit and watch. Let's go through the process of pushing a configuration to a node. I'm going to be using my domain controller machine as the management host to avoid touching the node at all. First we have to put together the configuration itself. Here we are going to use a configuration from one of the previous posts that installs the Web-Server role and copies a web page file. We'll confirm that the Web-Server role is not installed on the node using the Get-WindowsFeature cmdlet: Great, IIS is not installed. Now, the default LCM configura

Configuring Virtual Machines Using Desired State Configuration - Part 3 - Authoring Configurations

Image
Following my previous post on how to configure the LCM, we are now going to deep dive into configurations and how to author them. We'll start with a very simple configuration and work our way to a more complicated one. In the first article of the series we configured a server with the Web-Server windows feature using the below configuration: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Configuration WebApp001 { # Import the module that contains the resources we're using. Import-DscResource -ModuleName PsDesiredStateConfiguration # The Node statement specifies which targets this configuration will be applied to. Node 'localhost' { # The first resource block ensures that the Web-Server (IIS) feature is enabled. WindowsFeature WebServer { Ensure = "Present" Name = "Web-Server" } # The second resource block ensures that the website conten