Implementing DSC and Linux Automation on Azure

Written by

Rajnish Kumar Jha

Under the topic

Azure DevOps

Dated:

April 27, 2024

Table Of Content

Implementing DSC and Linux Automation on Azure

In Azure, you can use Azure Automation to implement Desired State Configuration (DSC) for both Windows and Linux environments. DSC is a powerful mechanism for ensuring that your infrastructure is configured correctly and remains compliant with the desired state, whether you're managing virtual machines (VMs) or hybrid environments.

In this guide, we will explore how to implement DSC on Linux machines in Azure and automate the configuration of resources on these machines using Azure Automation.

Prerequisites for DSC and Linux Automation on Azure

Before you begin, ensure that you have the following:

Azure Subscription: You need an active Azure subscription.
Azure Automation Account: A created Automation account in your Azure environment.
Linux Virtual Machine: A Linux VM (such as Ubuntu, CentOS, Red Hat, etc.) that you want to configure with DSC.
Azure PowerShell or Azure CLI: Installed on your local machine, or access to the Azure portal.

Steps to Implement DSC for Linux on Azure

1. Create an Azure Automation Account

If you haven’t already created an Azure Automation account, you can do so through the Azure portal:

Create an Automation Account:

Go to the Azure Portal.
In the search box, type Automation Accounts, and click + Create.
Fill in the necessary information such as Subscription, Resource Group, Name, and Region.
Click Create.

2. Enable Linux DSC Extension on the VM

To enable DSC on a Linux VM, you need to install the Azure Automation DSC extension on the VM.

For Ubuntu-based Linux VMs:

Connect to your VM (via SSH or any other method):

SSH into your Azure Linux VM:


xxxxxxxxxx
1
1
ssh user@your-linux-vm-ip

Install DSC (OMI and DSC Agent):

The Azure Automation DSC extension requires the OMI (Open Management Infrastructure) and DSC agent to be installed on Linux.

On Ubuntu, use the following commands:


xxxxxxxxxx
3
1
sudo apt-get update
2
sudo apt-get install -y omi omi-psm1
3
sudo apt-get install -y linux-dsc

This installs both the OMI and the DSC agent.

Start and Enable the DSC Agent:

After installation, enable and start the DSC agent:


xxxxxxxxxx
2
1
sudo systemctl enable omsconfig
2
sudo systemctl start omsconfig

Verify Installation:

To verify the DSC agent is running properly, you can check the status:


xxxxxxxxxx
1
1
sudo systemctl status omsconfig

3. Configure Azure Automation State Configuration (DSC) for Linux

Once the DSC extension is installed, you can configure Azure Automation State Configuration to manage the configuration of the Linux VM.

Step-by-Step Process:

Navigate to the Automation Account:

Go to the Azure Portal and open your Automation Account.

Create a DSC Configuration:

In the Automation Account, navigate to the State Configuration (DSC) section.

Click on Configurations and then Add a configuration.

Write the DSC configuration for your Linux environment.

Example of a Linux DSC Configuration (for installing Apache):


xxxxxxxxxx
14
1
Configuration InstallApache {
2
    Node "localhost" {
3
        Package apache2 {
4
            Name = "apache2"
5
            Ensure = "Present"
6
        }
7
        Service apache2 {
8
            Name = "apache2"
9
            State = "Running"
10
            StartupType = "Automatic"
11
        }
12
    }
13
}
14
InstallApache

This configuration installs and starts the Apache HTTP Server on the target Linux machine.

Publish the DSC Configuration:

After writing your configuration, click Publish to make it available for deployment.

4. Apply DSC Configuration to the Linux VM

Now that the DSC configuration is published in Azure Automation, you can assign it to the target Linux VM.

Navigate to the Nodes:

Under the State Configuration section in the Automation Account, click on Nodes.

Add a Node:

Click Add Node to register your Linux VM. You will need the Node ID for your Linux VM, which you can retrieve by running the following command on the VM:


xxxxxxxxxx
1
1
sudo omconfig show

Link the Node to the Configuration:

Once the node is registered, you can select the node and assign the published DSC configuration to it.

Monitor DSC Compliance:

After applying the configuration, you can check the compliance status of the Linux VM in the State Configuration section to see whether the Apache service is installed and running.

5. Monitor and Remediate Configuration Drift

Azure Automation DSC will continuously monitor the configuration status of your Linux VM. If there are any deviations from the desired state (known as configuration drift), the system will automatically remediate the configuration to bring the system back to the desired state.

Compliance Monitoring:

In the Azure Portal, you can monitor the compliance of your nodes. Azure Automation will report whether the system is compliant with the DSC configuration or if remediation is required.

6. Automating DSC Configurations via Azure CLI/PowerShell

You can automate DSC configurations via Azure CLI or PowerShell scripts as well, which provides a more dynamic way of deploying configurations.

Example using PowerShell:


xxxxxxxxxx
8
1
# Connect to Azure
2
Connect-AzAccount
3
# Register Automation Account
4
$AutomationAccount = Get-AzAutomationAccount -ResourceGroupName "your-resource-group" -Name "your-automation-account"
5
# Publish DSC Configuration
6
Publish-AzAutomationDscConfiguration -AutomationAccount $AutomationAccount -Name "InstallApache" -Content "C:\Path\To\Your\Configuration.ps1"
7
# Apply DSC Configuration to Node
8
Set-AzAutomationDscNodeConfiguration -AutomationAccount $AutomationAccount -NodeConfigurationName "InstallApache" -NodeId "your-linux-node-id"

Example using Azure CLI:


xxxxxxxxxx
4
1
# Login to Azure
2
az login
3
# Deploy DSC configuration to Linux VM
4
az automation dsc node configuration assign --automation-account-name "your-automation-account" --node-id "your-linux-node-id" --configuration-name "InstallApache"

Summary

By following the steps outlined above, you can effectively implement Desired State Configuration (DSC) for Linux virtual machines in Azure. Azure Automation allows you to define, deploy, and maintain configurations across multiple Linux VMs, ensuring they remain in the desired state, are compliant with your configuration standards, and are automatically remediated in case of configuration drift.

Key Benefits:

Centralized management: Use Azure Automation to manage Linux VM configurations across your entire environment.
Cross-platform support: DSC supports both Linux and Windows VMs in Azure, enabling cross-platform configuration management.
Automated remediation: Automatically fix configuration drift and ensure compliance at all times.
Scalability: Scale your configuration management to thousands of nodes without manual intervention.

This approach allows for more streamlined management of your Linux VMs, improved security and compliance, and better overall automation in your Azure cloud environment.

Course Navigation Learn Azure DevOps from scratch

Exploring the Release Gates in Azure DevOps

Exploring the Release Gates in Azure DevOps Release gat…

Mastering Azure DevOps Pipelines

Mastering Azure DevOps Pipelines Pipelines in DevOps ar…

Exploring CodeQL in GitHub

Exploring CodeQL in GitHub CodeQL is a powerful static …

Exploring multi-configuration and multi-agent i…

Exploring multi-configuration and multi-agent in Azure …

Tags attached to this Post

About the Author

Rajnish Kumar Jha

MCT, MCSA, MCSE, MCAD, MCPD, MCTS, MCSD

My name is Rajnish Kumar Jha. I am Technical architect on Azure Cloud and .NET since 21+ years. I’ve worked for pioneer companies and as freelance trainer/consultant helping my clients to achieve their IT goals.

I find blogging, a great way to share back what I’ve learned all through my professional journey. You are welcome to connect or share feedback/suggestion here or through an email.