DSC Architecture using Windows Server 2019

Anyone have any best-practices or experience they want to share?

I’m looking to design a DSC infrastructure that is somewhat highly available.

I’m not interested in using a pull server based in Azure due to costs. I’m looking for drift / reporting in 15 or 30 minute intervals, and using Azure would cost me > $10k / month.

Here’s what my current plan includes

  • 2 Pull servers behind an F5 LTM. I'm using an F5 because in my environment it will provide the easiest way to "publish" an HTTPS server to all local networks. My F5's also have public wildcard certs, so i don't need to worry about SSL traffic.
  • The 2 pull servers will use a UNC path for IIS site, and that path will be on a share that is highly available
  • The 2 pull servers will be configured to use SQL Server
  • The SQL instance used by DSC will be in a SQL Always On Availability Group
Any feedback / comments are welcome.

Mike J

I’m embarking on the same journey.

I have some of it working in my lab, but the production design I’m shooting for is basically the same as your (minus the wild card cert)

I would love to swap notes

What were you going to use for pulling reports?