Shortest path to Azure Automation DSC + Chocolatey VM

Let’s create the smallest useful Azure Automation-controlled setup including one configured VM:

  • Create an Azure Automation account in an empty resource group

    In the Azure portal, click “+ New”, Management, Automation.  Give it a name like “myAutomation” and create a new resource group named something like “myAutomation”.  Put it in a data center near your compute assets.  Note in the Settings blade under “keys” your URL and access key for later.

  • Download cChoco.zip from here.  cChoco is a PowerShell DSC Integration Module.  This is a special version that suits the needs of this article.  cChoco has two capabilities: 1) install the Chocolatey package manager, and 2) install software from an MSI (or other package-based system.)

  • Click the “Assets” tile, then the “Modules” tile.  Click the “+ Add a module” button, point to cChoco.zip and Ok the box.  It’ll display a message saying that activities are being extracted, but there are none to extract.  This is normal.

  • Save the following in a file called “WebHeadRole.ps1”:

    Configuration WebHeadRole
    {   
    Import-DscResource -ModuleName PSDesiredStateConfiguration
    Import-DscResource -ModuleName cChoco

        Node 'WebHead'
    {
    WindowsFeature WebServerRole
    {
    Name = "Web-Server"
    Ensure = "Present"
    }
    WindowsFeature WebManagementConsole
    {
    Name = "Web-Mgmt-Console"
    Ensure = "Present"
    }
    WindowsFeature WebManagementService
    {
    Name = "Web-Mgmt-Service"
    Ensure = "Present"
    }
    WindowsFeature ASPNet45
    {
    Ensure = "Present"
    Name = "Web-Asp-Net45"
    }
    cChocoInstaller installChoco
    {
    InstallDir = "C:\choco"
    }
    }
    }

  • Add a DSC Configuration (that can be applied to a VM/node)

    In your automation account’s display, click the DSC Configurations tile.  Click “+ Add a configuration”.  In the Configuration File box, put the location of the file from the previous step.  Ok the box.

  • Compile the DSC configuration

    Click the line item “WebHeadRole” in the list.  Click the “Compile” button in the detail blade.  It’ll take a few minutes to queue up and execute, but you don’t need to wait around.  Come back in a few and check for the compile to be “Completed”. 

  • Create a Windows VM

    Click “+ New”, Compute, Windows Server 2012 R2 Datacenter.  Use the Resource Manager deployment model, and Create.  If you put it in the same resource group as above, you can delete everything with one button click.  Fill in the details, submit, wait for the results.

  • Register the VM as a DSC node

    RDP to the VM, turn off IE Enhanced Security.  Open a browser, go to https://aka.ms/wmf5latest.  Download and install w2k12r2-kb3094174-x64.msu.  You’ll have to reboot at this point.  (NOTE: Due to a recently detected bug in wmf5latest, please use the WMF5 Production Preview at this address.)

    Start PowerShell ISE as Admin.  Run this script:  

    (Note: you need to put in your automation account URL, and your automation account key below.)

    [DscLocalConfigurationManager()]
    Configuration ConfigureLCMforAAPull
    {
    param
    (
    [Parameter(Mandatory=$True)]
    $RegistrationUrl,

        [Parameter(Mandatory=$True)]
[String]$RegistrationKey,

        [Int]$RefreshFrequencyMins = 30,

[Int]$ConfigurationModeFrequencyMins = 15,

[String]$ConfigurationMode = "ApplyAndMonitor",

[String]$NodeConfigurationName,

        [Boolean]$RebootNodeIfNeeded= $False,

        [String]$ActionAfterReboot = "ContinueConfiguration",

        [Boolean]$AllowModuleOverwrite = $False,

        [String]$Timestamp = ""
)

    if(!$NodeConfigurationName -or $NodeConfigurationName -eq "")
{
$ConfigurationNames = $null
}
else
{
$ConfigurationNames = @($NodeConfigurationName)

    Settings
{
RefreshFrequencyMins = $RefreshFrequencyMins
RefreshMode = "PULL"
ConfigurationMode = $ConfigurationMode
AllowModuleOverwrite = $AllowModuleOverwrite
RebootNodeIfNeeded = $RebootNodeIfNeeded
ActionAfterReboot = $ActionAfterReboot
ConfigurationModeFrequencyMins = $ConfigurationModeFrequencyMins
}

    ConfigurationRepositoryWeb AzureAutomationDSC
{
ServerUrl = $RegistrationUrl
RegistrationKey = $RegistrationKey
ConfigurationNames = $ConfigurationNames
}

    ResourceRepositoryWeb AzureAutomationDSC
{
ServerUrl = $RegistrationUrl
RegistrationKey = $RegistrationKey
}

    ReportServerWeb AzureAutomationDSC
{
ServerUrl = $RegistrationUrl
RegistrationKey = $RegistrationKey
}
}

cd ~
$here = (Get-Item -Path ".\" -Verbose).FullName

ConfigureLCMforAAPull `
-RegistrationUrl 'your automation account url' `
-RegistrationKey ‘your automation account key’ `
-NodeConfigurationName 'WebHeadRole.WebHead'

Set-DscLocalConfigurationManager -Path "$here\ConfigureLCMforAAPull" –Verbose

  • Apply the DSC configuration.

    Well, you get this one for free.  Because it was compiled in a previous step, once the VM is registered as a node it’ll pick up the node configuration automatically. It may take a while since the VM is set to check in for updates each 30 minutes.

Note that this blog uses portal-based techniques to keep things simple and above-the-board.  This article shows a much more automated technique for managing the same process – more suitable for Continuous Integration scenarios.

Cheers!