Skip to content
This repository has been archived by the owner on Sep 12, 2024. It is now read-only.

Desired State Configuration for Linux - v1.1.1-294

Compare
Choose a tag to compare
@KrisBash KrisBash released this 31 Aug 21:50
· 610 commits to master since this release

PowerShell Desired State Configuration for Linux

Release Notes

Version 1.1.1-294

Table of Contents

Release Overview

** Supported Linux operation system versions **
The following Linux operating system versions are supported for DSC for Linux.

  • CentOS 5, 6, and 7 (x86/x64)
  • Debian GNU/Linux 6, 7 and 8 (x86/x64)
  • Oracle Linux 5, 6 and 7 (x86/x64)
  • Red Hat Enterprise Linux Server 5, 6 and 7 (x86/x64)
  • SUSE Linux Enterprise Server 10, 11 and 12 (x86/x64)
  • Ubuntu Server 12.04 LTS, 14.04 LTS, 16.04 LTS (x86/x64)

SHA256 Checksums

Package SHA256 Checksum
dsc-1.1.1-294.ssl_098.x64.deb 71ae4115a59527ef25de9eef19fda7fcfd23ccb81b677f2b90bfda28c4c4dd7b
dsc-1.1.1-294.ssl_098.x64.rpm 9490252ea069afbbda474d9dc06232a0027f4e4ea3796bbca63fddf943c88ad4
dsc-1.1.1-294.ssl_098.x86.deb 344d5de2a7b01dd791dcc070c3a918d233e274117cf37b77cf33f5a1a698fa59
dsc-1.1.1-294.ssl_098.x86.rpm 1ef07debb2a0392ea02e5130723c4918856114cbb6015c5b4a2b5c9341b5f2af
dsc-1.1.1-294.ssl_100.x64.deb 0f078694853591a5614b74ae5a7fdfaa5d63896d5ee51a97279e2ccf51d39815
dsc-1.1.1-294.ssl_100.x64.rpm 18c1e55dcb894ba558ca380327360a6164db549395b7e5bc0e94127827bc191a
dsc-1.1.1-294.ssl_100.x86.deb b17639ece1c757130642d154d071061cbb58fb118eb20be1fcc8e5d985d99a2c
dsc-1.1.1-294.ssl_100.x86.rpm 4937d476c55a80152fe73b4c453195eac7002935c3a313c650b8edf018e292ce

Requirements

The following table describes the required package dependencies for DSC for Linux.

Required package Description Minimum version
Glibc GNU C Library 2.4 - 31.30
python Python 2.4 - 3.4
omi Open Management Infrastructure 1.1.0-0
openssl OpenSSL Libraries 0.9.8e or 1.0
python-ctypes Python CTypes library Must match Python version
libcurl cURL http client library 7.15.1
unzip* De-archiver for .zip files n/a

* unzip is needed to install resource modules

Upgrading DSC for Linux from a Prior Version

Upgrading DSC for Linux from version 1.1 is supported using rpm or dpkg. Upgrading DSC for Linux from version 1.0 to this version (1.1.1) is not supported. If you have version 1.0 currently installed, remove it prior to installing version 1.1 with: rpm –e dsc or dpkg –r dsc

New features in this release

  • Support for PS1 to MOF compilation on Linux with PowerShell for Linux
  • register.py (/opt/microsoft/dsc/Register.py) adds parameters for --ConfigurationName, --ConfigurationMode, --ConfigurationModeFrequencyMins, --RefreshFrequencyMins
  • Support for Ubuntu 16.04 LTS

Issues Resolved in this Release

  • Authentication with a pull server may fail due to spurious client certificate regeneration
  • SELinux settings prevent DSC consistency invoker schedule job from executing
  • nxFile: Recursive settings applied inconsistently
  • Support for OMI version 1.1.0

Issues resolved in Prior Releases

  • OMI version 1.0.8-4 is supported
  • Log rotation reliability is improved
  • nxUser: password expiration incorrectly handled
  • HTTP proxies not supported for Pull server operations
  • Restore-DSCConfiguration does not restore the prior configuration
  • nxPackage/nxScript: unreliable behavior is observed when the system locale is not UTF-8.
  • nxPackage: On Ubuntu and Debian, packages that prompt for user input cause, such as MySQL server, prevent successful configuration
  • nxService: in some cases, the running state of services is incorrectly detected
  • nxPackage: when Ensure = Absent, installed packages fail to remove in some cases

Known Limitations

  • In this release of Desired State Configuration for Linux, only Pull Servers based on WMF 5.0 April Preview or later are supported. To use a prior version of the Pull Server, continue to use Desired State Configuration for Linux 1.0.
  • Partial Configurations are not supported in this release.

New Scenarios in DSC for Linux 1.1

Separation of node and configuration IDs

In prior versions, DSC currently used a configuration ID to uniquely identify a single configuration for a single node. This new feature separates the configuration ID into two distinct identifiers: Configuration Name and Agent ID. Configuration Name identifies the configuration for a computer; this ID can be shared by multiple nodes. Agent ID uniquely identifies a node; this ID must be unique for every node.

Metaconfig Updates for Separation of Computer and Configuration IDs

Because the ConfigurationNames are no longer GUIDs (they are now friendly names), anyone can determine them. To mitigate this issue, we added an extra level of security by adding a registration step before a node can start requesting configurations from a server. A node registers itself with the pull server with a shared secret (which the node and the server both know already), and the name of the configuration it will request. This shared secret need not be unique for each computer. Assumption: the shared secret is a hard-to-guess identifier, like a GUID. We call this shared secret RegistrationKey in the metaconfig.

[DscLocalConfigurationManager()] 
Configuration SampleLinuxMetaConfig 
{ 
    Node “mylinuxserver”{     
        Settings         
            {             
             RefreshFrequencyMins = 30;
             RefreshMode = "PULL";
             ConfigurationMode =”ApplyAndMonitor“;
             AllowModuleOverwrite  = $true;
             RebootNodeIfNeeded = $true;
             ConfigurationModeFrequencyMins = 60;
         }  

        ConfigurationRepositoryWeb ConfigurationManager
         {
             ServerURL = “https://PullServerMachine:8080/psdscpullserver.svc”
             RegistrationKey = "140a952b-b9d6-406b-b416-e0f759c9c0e4"
             ConfigurationNames = @(“MySQLRole”)         
            }
          } 
        }  

    SampleMetaConfig  

For more information on this feature and instructions for defining shared keys on the Pull Server, reference the WMF 5 Production Preview Release Notes.