To create a new Azure Automation account, we need to provide the Name for the account, Subscription, Resource group, and Location. Another option is to create Run-as-account. Run-as-account is a service principal that's used to authenticate to Azure when managing Azure resources through Azure Automation. I strongly recommend that you create this as it will be easier to manage with accounts in place. An example of creating an Azure Automation account is shown here:
With Azure Automation, you can perform various operations, schedule and run scripts, manage your resources, and so on. It's important to mention that you can manage both Azure and on-premises resources, as well as resources in other clouds. Here, we are going to concentrate on applying DSC to Azure VMs.
Managing DSC in Azure Automation is done under State configuration (DSC). Here, we can manage Nodes, Configurations, and Compiled configurations, and access the Gallery. We are going to see each of these settings, except Gallery. Gallery contains a number of DSC scripts that you can use or edit, based on your requirements. An example of the State configuration (DSC) blade is shown in the following screenshot:
DSC uses a script that is applied on selected nodes. Nodes are VMs or groups of VMs. These VMs can be both Azure VMs or local VMs.
To start a new configuration, we need a DSC script. The script we are going to use ensures that the IIS role is installed on the server. Save the script locally and make sure that the name of the file is the same as the name of the configuration. In our case, the name should be webserverDSC:
configuration webserverDSC {
Node WebServer {
WindowsFeature IIS {
Ensure = 'Present'
Name = 'Web-Server'
IncludeAllSubFeature = $true
}
}
}
Under Configurations, select New configuration and import the previously saved script:
After the script has been imported, it needs to be compiled before we can proceed. Select the imported script and a new blade will open. Select Compile and wait for the compile to finish. The compile time will depend on the size of the script, but in this case, it shouldn't take more than 2-3 minutes. An example of the configuration blade is as follows:
After the script has compiled, we can proceed and apply configuration to the nodes. Under Nodes, select New and a new blade will open. In the list of VMs, we can select the VMs we want DSC to be applied to. I'm going to select the VM I created with the last script in this chapter, packtdemoVM-01.
Under Registration, we can select a few options. We can select which Registration key will be used, Node configuration name, Refresh frequency, Configuration Mode Frequency, Configuration Mode, Allow Module Override or Reboot Node if Needed, and Action after Reboot. I'm going to select the new configuration we just created and leave the rest of the settings as the defaults. An example of node registration is shown here:
After registration is complete, we need to wait for the initial check and for configuration to be applied to our server. This can take some time, depending on the frequency selected and the complexity of DSC we want to apply. If you monitor the node blade, the added node will go from pending to in progress, until it finally reaches compliant. An example of a node with configuration applied is shown in the following screenshot:
After the node becomes compliant, we can verify that the configuration is applied. Go to the VM blade that we used in node registration and locate the public IP address. Open the browser and try reaching http://'youripaddress'. You should get the default IIS page, which will confirm that IIS is installed on the server:
