Is it possible that i can configure a remote Node LCM to retrieve the required Modules from a custom service. i.e. i create a custom web service that the remote LCM is configured to talk to for any modules.
In the Environment all Nodes do not have internet access and they are in Push mode. We have a custom solution that creates and pushes our MOf files to the remote machines according to their role.
The trouble is we do not have the required modules on the remote Nodes (especially when they have just been provisioned) and i am attempting to automate it. I have configured SMBShare before and that is not a solution for us in this situation as we want our custom solution to be portable to multiple domains and sites.
So we were thinking to make our solution the svc that a remote LCM can retrieve Modules from.
Is this even possible ?
Thank you in advance.
Sure. See GitHub.com/powershellorg/tug. It’s a custom pull server implementation that you can use as an example to see how the protocol works. It’s not 100% done, but you should lie able to get the idea.
Thank you, I will download and take a look.
Your help as always is much appreciated.
@Don: points to an issue opened sometime ago
I think TUG is a great idea and POC now that the DSCPM protocol is available, but i wouldn’t stop there.
Why not create your own LCM, after all its a simple windows service. You can even go a head and create
your own protocol between the 2 parts.
Generally i would advise against swapping parts of a technology. If you use LCM, you use MS pull/push methods.
Especially if you have customers depending on you and your product/service.
If MS publishes PowerShell x.y tomorrow and with it the LCM and pull server change, you’re stuck and so are
your customers until you update and upgrade your code to match. Meanwhile, your customer cant update to
version x.y on a node that he needs to fix another issue as it would force the LCM-CustomPullServer mechanism
to stop working.
Sometimes when i find myself that i need to augment part of a technology just to fit my case, i stop to think
if that technology is really the way forward. Even Don would say that DSC isn’t always the right technology or
the go-to solution for every situation. Sometimes there might be easier ways to both implement and maintain,
thus gaining a trust.
As per your issue, there are a few things you can do:
Use PULL servers, that’s what it was meant for…making sure nodes will have resources before the configuration
is run. You don’t need internet for that. Simply copy the modlues into the network and place in a certain
structure. But lets assume that’s not possible.
Use PSModulePath environment variable on each node to point to a share folder. This will mean all modules
are updated in a single place and all configuration scripts will run (naturally the resources need to exist
in that share). But as you noted you used shares before, lets assume this isn’t a desired method.
As the LCM is a windows service, nothing stops you from mimicing it via Scheduled tasks on each node (cause
that’s exactly what the LMC does), if you dont want to write the extra service.
Every 15 min, run a PowerShell script that copy with overwriting a folder/share onto the nodes module directory.
You can then control the complexity of the checks the PowerShell script does when deciding if anything is newer
on the source directory versus the target one.
Hope this gave you some ideas as well