Upload
buddy-heath
View
223
Download
0
Embed Size (px)
Citation preview
Advanced Automation Using Windows PowerShell 3.0Kenneth Hansen
Program Manager
Microsoft Corporation
Steven Murawski, MVP
System Administrator
StackExchange
Session Overview
• Technical Level: 400• Intended Audience: IT administrators &
scripters• Learning Objectives: • Thoughts - Automation and PowerShell• Play – Demos simple and not so simple• Opine – A specific advanced automation technique
Scale is “great and terrible”
Great Terrible
Business is Good => $$
More servers=> More Failures
We have a Job
Rapid change is “great and terrible”
Great Terrible
Business can respond to match the market=> $$
More Change=> More Failures
We have a Job
Continuous service availability +Continuous rapid release cycle +Continuous deployment_________
Automation
What everybody wants…
$$IdeaBusiness Development Operations
“Hindsight is …”• The trigger for this event was a network configuration
change
• We will audit our change process and increase the automation to prevent this mistake from happening in the future
• …we focus on building software and services to survive failures
http://aws.amazon.com/message/65648/
Quote: Daniel Hansen
Windows Server Management PhilosophyIn the past, Windows Server was a great operating system
• for a single server• and its devices
Windows Server 2012 is a great operating system• for many servers• and the devices that connect them• whether they are physical or virtual• on premises or off premises
PowerShell “Sacred Vow”
• We know…• Admins are busy and don’t have time• Learning a new language and system (aka PowerShell) takes time!
• We vow… • Learn PowerShell and we will make it the best investment you ever
made• We will leverage what you learn over and over and over
The Journey• PowerShell 1.0• Introduced a great scripting language for local machine management• Great APIs for developers to write cmdlets and providers• Microsoft Exchange made a big bet on PowerShell• Shipped with Windows Server 2008
• PowerShell 2.0• Shipped with Windows 7 and Windows Server 2008 R2• Remoting introduced: 1:1, Fan-out, Fan-in, Implicit remoting• Introduced ISE: Syntax coloring, Graphical debugging, Intl. support• Introduced Modules: Self containing packaging mechanism• IT Pros can create PowerShell cmdlets using PowerShell script• Huge feature set: • Background Jobs, Restricted Sessions, Transactions, Out-GridView, Eventing
Windows PowerShell 3.0 Features
Windows PowerShell Workflow.NET Framework 4 supportAdd-Member improvementsComputer cmdletsCSV handling improvementsGet-ChildItem attributesGet-Command improvementsGet-Content -TailBetter history supportSecurity cmdlet fixesSelect-Object optimizationsSelect-String improvementsTee-Object -AppendDisconnected sessionsIdle timeout & server buffering controlInvoke-Command in disconnected sessionsDisconnected jobsSTA mode by defaultRun with PowerShell context menuUpdated console font & brandingConsole host start perf improvementsETW logging and tracingScheduled jobsNew Group Policy settingsOutput redirection for all streamsDynamic types & formatsWord wrapDefault properties on custom objects
Updatable help systemMethod overload discoveryHelpUri attribute supportHelpFile property on FunctionInfoSimplified Where and ForEachRemoting local variables via $usingArray syntax for scalarsNew parser built on DLRCustom parameter value defaultsGeneric method invocationTypecasting deserialized objectsImproved method overload selectionNew objects from hash tablesOrdered hash tablesTypecasting for parameter valuesPipeline paging APIsNested pipeline APIs$PSScriptRoot and $PSCommandPathImproved module discovery & importNew module manifest keysPublic abstract syntax treeRunspace pool cleanup APIPublic tab completionWindows RT API supportObsolete cmdlet attributeVerb & noun on FunctionInfoWeb & REST cmdletsJSON cmdlets
CIM cmdlet authoring from WMI v2CIM .NET APIsCore CIM cmdletsRuntime script compilationEngine reliability improvementsBetter Get-ChildItem network perfCmdlet definition filesCertificate provider improvementsCredentials for FileSystem providerAlternate NTFS data stream supportMove-Item across drivesRemote module discovery & importRemote session autodisconnect & retryTransport options for remote sessionsModule loggingRunAs and SharedHost supportJob integration with Task SchedulerAlternate credential support for jobsModule autoloadingCommand discovery improvementsSpecial character handlingLiteralPath support for core cmdletsImproved tab completionSession configuration filesIntellisenseWindows Management Framework 3.0WinPE supportWindows RT support
Windows PowerShell Web AccessXAML-based workflowsScript-based workflowsControl Panel cmdletsUnblock-File cmdletWorkflow helpCmdlet to activity conversionWorkflow persistenceImproved WMI object formattingHeterogeneous object formattingWorkflow loggingWorkflow extensibilityCommon workflow parametersWorkflow execution environmentWindows PowerShell Web ServicesSnippetsISE Add-onsIntelliSense supportShow-CommandGet-Help -ShowWindowRestart Manager supportScript autosave supportOut-GridView -PassThruXML syntax highlightingBlock selectCollapsible regionsContextual F1 supportScript Explorer
DEMO: PowerShell WorkflowDEMO
DEMO: Scheduled JobsDEMO
DEMO: Array SyntaxDEMO
DEMO: V3.0 –gt V2.0DEMODEMO: Enhanced ISEDEMO
DEMO: Delegated AdminDEMO
DEMO: RemotingDEMO
DEMO: CEC / CIM ResultsDEMO
Windows PowerShell 3.0 Themes
Simple & Easy v3.0 -gt v2.0
Robust & Scalable
Comprehensive Coverage
Standards-based
Management CEC• CEC: Common Engineering Criteria
• What: All Microsoft server products are required to comply with a set of engineering requirements as part of the CEC
• Goal: Reduce the overall total cost of ownership through improved integration, manageability, security, reliability, and other critical infrastructure
• Requirement: All management surfaces must be exposed via PowerShell cmdlets or providers
• Result: COVERAGE
Rough Coverage Comparison
Windows Server 2012Core cmdlets: 305Total cmdlets: 2300Modules: 239
Windows Server 2008 R2Core cmdlets: 249
Total cmdlets: 456
Modules: 10
CIM Based CmdletsLeverage WMI Investment
Write a WMI v2 provider
Write a Cmdlet Definition File (.cdxml)
Get PowerShell cmdlets with a low cost of entry
BenefitsNo dependency on .NET FrameworkIdeal for low level components (file system, networking)Remoting over CIM using WSMan and CimSessions
<?xml version="1.0" encoding="utf-8"?>
<PowerShellMetadata xmlns="http://schemas.microsoft.com/cmdlets-over-objects/2009/11">
<Class ClassName="ROOT/StandardCimv2/MSFT_NetAdapter" ClassVersion="1.0.0">
<Version>1.0</Version>
<DefaultNoun>NetAdapter</DefaultNoun>
<InstanceCmdlets>
<GetCmdletParameters DefaultCmdletParameterSet="ByName">
<QueryableProperties>
<Property PropertyName="Name">
<Type PSType ="string"/>
<RegularQuery AllowGlobbing="true">
<CmdletParameterMetadata PSName="Name" Position="0" CmdletParameterSets="ByName" />
</RegularQuery>
</Property>
...
New Cmdlets in Windows PowerShell 3.0Thousands more in Windows Server 2012
Jobs• Add-JobTrigger• Disable-JobTrigger• Enable-JobTrigger• Get-JobTrigger• New-JobTrigger• Remove-JobTrigger• Set-JobTrigger• Disable-ScheduledJob• Enable-ScheduledJob• Get-ScheduledJob• Register-ScheduledJob• Set-ScheduledJob• Unregister-ScheduledJob• Get-ScheduledJobOption• New-ScheduledJobOption• Set-ScheduledJobOption
ISE• Get-IseSnippet• Import-IseSnippet• New-IseSnippet
CIM• Get-CimAssociatedInstance• Get-CimClass• Get-CimInstance• Get-CimSession• Invoke-CimMethod• New-CimInstance• New-CimSession• New-CimSessionOption• Register-CimIndicationEvent• Remove-CimInstance• Remove-CimSession• Set-CimInstance
Remoting• Connect-PSSession• Disconnect-PSSession• Receive-PSSession• New-
PSSessionConfigurationFile• Test-PSSessionConfigurationFile• New-PSTransportOption
Workflow• New-PSWorkflowExecutionOption• New-PSWorkflowSession• Invoke-AsWorkflow• Resume-Job• Suspend-Job
Web• ConvertFrom-Json• ConvertTo-Json• Invoke-RestMethod• Invoke-WebRequest
Other• New-WinEvent• Unblock-File• Show-Command• Rename-Computer• Save-Help• Update-Help• Get-TypeData• Remove-TypeData• Get-ControlPanelItem• Show-ControlPanelItem
Available Everywhere• Windows 8, Windows RT, & Windows Server 2012 Full
Server• PowerShell Remoting enabled by default on server SKUs
• Server Core• With or without Server Graphical Shell or Graphical Management
Tools• CIM modules remotable without PowerShell or .NET Framework
installed
• Windows Preinstallation Environment (WinPE) 4.0• Non-Windows Platforms Via NanoWEBM / OMI• Windows Management Framework 3.0• Windows Server 2008 / Windows 7 / Windows Server 2008 R2
(+Server Core)
• Windows PowerShell Web Access• Access to PowerShell via web browser interface• Cross-platform support (IE, Firefox, Safari, Opera, Chrome)
Windows PowerShell 3.0 Themes
Simple & Easy v3.0 -gt v2.0
Robust & Scalable
Comprehensive Coverage
Standards-based
Windows PowerShell ISEIntegrated Scripting Environment
• IntelliSense• Snippets• Add-on Tools• Show-Command pane• Regions• F1 Help window• Rich copy & block select• Single pane I/O• AutoSave support• XML syntax highlighting• Debugger enhancements• Recent items list
IntelliSense
Simple & Easy for New Users
Windows PowerShell ISE• IntelliSense• Tab completion• Editor
enhancements• Autosave
support• Snippets
Command Discovery• Get-Command
discovery cache
• Automatic module importing
• Show-Command
• Run with PowerShell
Help System Improvements• Updatable help• Contextual F1• Get-Help ˗ShowWindow
• Word wrap in help output
Syntax & Language• Simplified
Where & ForEach
• $PSItem alias for $_
• Array syntax for singletons
• Get-ChildItem
Simple & Easy for Existing Users
ETS
Ordered hash tablesNew objects fromhash tablesAdd-Member improvementsDefault properties oncustom objects
Types & Formats
Dynamic types & formatsTypecasting deserialized objectsTypecasting parameter valuesHeterogeneous object formatting
Cmdlets
Custom parametervalue defaultsSelect-String improvementsSpecial character handlingLiteralPath support forcore cmdlets
ISE
XML syntax highlightingCommand + output insingle paneOut-GridView -PassThruRestart Manager support
Windows PowerShell 3.0 Themes
Simple & Easy v3.0 -gt v2.0
Robust & Scalable
Comprehensive Coverage
Standards-based
Intro to RemotingTypes of Remoting
Command Why
Interactive Enter-PSSession Like I’m on that computer
Background
Invoke-Command -AsJob When it’s going to take a while
FanOut Invoke-Command –Computer
When I need to do it on a lot of computers
FanIn Import-PSSession -Session
Brings that computer “local”
…and… Sessions
New-PSSession Enables a persistent connection
Robust Session Connectivity• Remote sessions remain in a "Connected" state during transient
network glitches or failures for up to 3 minutes• After 3 minutes, remote sessions automatically transition to a
new "Disconnected" state• Persistent commands and jobs can continue to run even if the
session is disconnected• Client can reconnect to a disconnected session after network
connectivity with the server has been restored• Cmdlets for managing disconnected sessions:• Disconnect-PSSession: Manually disconnects a session connection from a remote
computer• Connect-PSSession: Reestablishes a session connection with a remote computer• Receive-PSSession: Resumes execution of a command on a remote session and
retrieves the session output.; implicitly reconnects to session (without Connect-PSSession command)
Simple & Easy Delegated Administration• Session Configuration Files• Easy remote endpoint creation• Uses .psd1 PowerShell data files• Declarative name-value pairs• No scripting required
• RunAs• New settings within WSMan plug-in• RunAsUser & RunAsPassword• Allows running remote sessions with different creds
• SharedHost• Normally each session runs in a separate process• Allows multiple remote sessions to run in same process
Scheduled Jobs• Job Scheduling allows you to schedule the
execution of a PowerShell background jobSupport for a rich set of triggers
Once at a specific date & timeDaily, weekly, or custom interval (day, week, month)With a specific repetition duration or intervalAt log on, at startup, or with a random delayUnder a different user account
New PSScheduledJob module with 16 cmdlets*-JobTrigger to create scheduled triggers*-ScheduledJob to register, unregister, and change scheduled job definitions*-ScheduledJobOption to configure advanced settings*-Job to retrieve results from scheduled, workflow, and background jobs
PowerShell WorkflowMulti-machine orchestration engine built on Windows Workflow Foundation and .NET 4.0• Launch-able from command-line or SC Orchestrator• Reliably execute long-running management tasks
across multiple machines or IT processes• Robust: Able to suspend & resume individual workflows, survive machine
reboots• Performant: Connection pooling, workflow throttling, and shared hosting• Scalable: Execute multiple tasks in parallel, common parameters for multi-
machine• Reliable: Automatic connection and action retry with configurable intervals• Familiar: Author workflows as PowerShell scripts or using XAML, manage as
PSJobs
Configuration and Continuous Deployment
Intent EnvironmentConfiguration(Dev -> Test -> Production)
$WebConfigEnv = @{ ComputerName = $VMServerNames Name = 'FourthCoffee'} …
Structural Configuration
$WindowsFeature = @{ Name="Web-Server", "Web-ASP-NET45" Ensure="Present"}…
Make It So Idempotent Automation
foreach -parallel ($featureName in $Name){ $feature = Get-WindowsFeature -Name $featureName if(($Ensure -eq "Present") -and (!$feature.Installed)) { Install-WindowsFeature -Name $featureName } ….}…
Windows PowerShell 3.0 Themes
Simple & Easy v3.0 -gt v2.0
Robust & Scalable
Comprehensive Coverage
Standards-based
STANDARD: Common Information Model• CIM: Common Information Model• Open standard defined by the Distributed Management Task Force
(DMTF) for managing systems, networks, applications, and services• CIM Schema - standardized model for management objects:
processes, computers, printers, etc.• CIM Profiles - Profiles - collections of CIM models and associated
behaviors for particular management areas: power, virtualization, storage, etc.
• CIM defines a consistent way to manage everything in your environment
• WMI: Windows Management Instrumentation• Formal remote access to CIM on Windows• Common way to expose management objects from COM and .NET• WMI v1: Access to CIM over DCOM• WMI v2: Access to CIM over WS-Man• PowerShell cmdlets automatically generated from WMI v2 providers
STANDARD: WSMan• WSMan: Web Services for Management• DMTF industry standard protocol to access CIM• Defines client and server roles• Defines a common set of operations to access management objects• Works across firewalls• Implemented by various hardware and software vendors• Provides web services access to CIM on heterogeneous devices
• WinRM: Windows Remote Management• Microsoft implementation of the WSMan protocol• Exposes WMI classes via WSMan• Microsoft extensions to WSMan enable PowerShell remoting• 1-1, 1-many, many-1
Management OData IIS Extension• Open Data Protocol (OData): RESTful web protocol based on HTTP and
JSON for querying and updating data• Provides an ability to manage Windows Servers from various type of
devices : Windows, Non Windows (PowerShell is not available)• Allows to plugin Windows Server management via PowerShell into a
simplified management application experience:• By using familiar web protocol conventions • By benefitting from broad client support (Java script, PERL, .NET…)
• Processes OData requests and converts them into PowerShell invocations to perform the management function• Optional feature on Windows Server 8 for hosting PowerShell cmdlets as OData
endpoints.• Hosted in IIS; resource schema and authorization module supplied by the
customer
STANDARD: Storage Management Initiative-Spec• SMI-S: Storage Management Initiative - Specification
• Developed by the Storage Networking Industry Association (SNIA)• Ratified as ISO/IEC 24775:2011
• Windows Storage Management API• Comprehensive: Discovery, pool / logical unit / volume creation, TP, snapshots,
replication• Extensible: Supports all of SMI-S plus vendor proprietary extensions via pass-through• Partners: EMC, HP, Dell Equalogic, Dell Compellent, NetApp, HDS, LSI, IBM, Xiotech
Complete set of PowerShell cmdlets for all API operations
Windows PowerShell 3.0 Themes
Simple & Easy v3.0 -gt v2.0
Robust & Scalable
Comprehensive Coverage
Standards-based
Top Votes on Connect
• Bug with Default Formatter• *-item cmdlets ignore items containing "[]" • Square Bracket "Range" globbing is a BUG not
a FEATURE• Can’t redirect all the output pipelines• Get-ACL (and some other cmdlets) need
support for the LiteralPath parameter• Get-Command doesn't show function if 2
modules are loaded that have same function name
• Get-Command doesn't display information about duplicate commands
• Foreach should not execute the loop body for a scalar value of $null
• Default properties on custom objects • Select-Object optimization• Set-AuthenticodeSignature fails on scripts
created from ISE• Multiple ambiguous overloads• Move-Item cmdlet can’t move items between
different PSDrives• Same command with different output fails if
run in sequence
Capture Warning, Verbose, Debug and Host Output via alternate streamsAdd enumeration parameter to Get-ChildItem cmdlet to specify Container/Non-container/Bothdir -ad and other Get-ChildItem improvements Make it easier to create custom objectsOrdered hashes as an optionModules: Unable to determine script module filename at load time (there should be a $psmoduleinfo)Get-Command and Get-Help should display the ModuleNameMVP: Get-Module output should sort by name by defaultPSV2: Lazy pipeline - ability for cmdlets to say "NO MORE"Add auto-variable $PSScriptRootScript Logging needs to be improvedImport-Csv should have -Encoding parameteradd an -Append Switch to Export-CSVTee-Object Needs -Append parameterAdd "sst" alias for Select-String cmdlet
Bugs Suggestions
Partner Feedback• .NET 4.0 / CLR 4.0 support• Updatable help system• Performance improvements and public AST• Disconnect / reconnect of remote sessions• Calling cmdlets from cmdlets• Batch command invocation• Module cmdlet improvements• Runspace pool cleanup API• Add/remove dynamic type and format data• Paging APIs for cmdlets• ETW logging• Generic method invocation
Call to Action• Windows PowerShell 3.0 provides a comprehensive,
resilient, and simple way to automate the management of servers in your network
• Pick up the RTM bits today• Windows 8• Windows Server 2012 • Windows Management Framework 3.0
Evaluation
Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a CommNet kiosk or log on at www.2013mms.com.Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.
We want to hear from you!
Resources
http://channel9.msdn.com/Events
Access MMS Online to view session recordings after the event.
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.