Powershell DSC 自帶了一些常見的資源。如果需要新的,可以下載下傳安裝 DSC Resource Kit 10或者從Powershell Gallery下載下傳。
比如說檢視目前已經安裝了的資源
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<code>PS C:\Windows\system32> </code><code>Get-DscResource</code>
<code>ImplementedAs Name ModuleName Version Properties </code>
<code>------------- ---- ---------- ------- ---------- </code>
<code>Binary File {DestinationPath, Attributes, Checksum, Content...</code>
<code>PowerShell Archive PSDesiredStateConfiguration 1.1 {Destination, Path, Checksum, Credential...} </code>
<code>PowerShell Environment PSDesiredStateConfiguration 1.1 {Name, DependsOn, Ensure, Path...} </code>
<code>PowerShell Group PSDesiredStateConfiguration 1.1 {GroupName, Credential, DependsOn, Description...}</code>
<code>Binary Log PSDesiredStateConfiguration 1.1 {Message, DependsOn, PsDscRunAsCredential} </code>
<code>PowerShell Package PSDesiredStateConfiguration 1.1 {Name, Path, ProductId, Arguments...} </code>
<code>PowerShell Registry PSDesiredStateConfiguration 1.1 {Key, ValueName, DependsOn, Ensure...} </code>
<code>PowerShell Script PSDesiredStateConfiguration 1.1 {GetScript, SetScript, TestScript, Credential...} </code>
<code>PowerShell Service PSDesiredStateConfiguration 1.1 {Name, BuiltInAccount, Credential, Dependencies...</code>
<code>PowerShell User PSDesiredStateConfiguration 1.1 {UserName, DependsOn, Description, Disabled...} </code>
<code>PowerShell WaitForAll PSDesiredStateConfiguration 1.1 {NodeName, ResourceName, DependsOn, PsDscRunAsC...</code>
<code>PowerShell WaitForAny PSDesiredStateConfiguration 1.1 {NodeName, ResourceName, DependsOn, PsDscRunAsC...</code>
<code>PowerShell WaitForSome PSDesiredStateConfiguration 1.1 {NodeCount, NodeName, ResourceName, DependsOn...} </code>
<code>PowerShell WindowsFeature PSDesiredStateConfiguration 1.1 {Name, Credential, DependsOn, Ensure...} </code>
<code>PowerShell WindowsOptionalFeature PSDesiredStateConfiguration 1.1 {Name, DependsOn, Ensure, LogLevel...} </code>
<code>PowerShell WindowsProcess PSDesiredStateConfiguration 1.1 {Arguments, Path, Credential, DependsOn...} </code>
<code>PowerShell xArchive xPSDesiredStateConfiguration 3.5.0.0 {Destination, Path, CompressionLevel, DependsOn...</code>
<code>PowerShell xDSCWebService xPSDesiredStateConfiguration 3.5.0.0 {CertificateThumbPrint, EndpointName, AcceptSel...</code>
<code>PowerShell xGroup xPSDesiredStateConfiguration 3.5.0.0 {GroupName, Credential, DependsOn, Description...}</code>
<code>PowerShell xPackage xPSDesiredStateConfiguration 3.5.0.0 {Name, Path, ProductId, Arguments...} </code>
<code>PowerShell xPSEndpoint xPSDesiredStateConfiguration 3.5.0.0 {Name, AccessMode, DependsOn, Ensure...} </code>
<code>PowerShell xRemoteFile xPSDesiredStateConfiguration 3.5.0.0 {DestinationPath, Uri, Credential, DependsOn...} </code>
<code>PowerShell xService xPSDesiredStateConfiguration 3.5.0.0 {Name, BuiltInAccount, Credential, Dependencies...</code>
<code>PowerShell xWindowsOptionalFeature xPSDesiredStateConfiguration 3.5.0.0 {Name, DependsOn, Ensure, LogLevel...} </code>
<code>PowerShell xWindowsProcess xPSDesiredStateConfiguration 3.5.0.0 {Arguments, Path, Credential, DependsOn...}</code>
下面是一些常見的例子:
拷貝檔案 資源叫做 File
<code>configuration TestFile {</code>
<code> </code><code>Node sydittest {</code>
<code> </code><code>File ZipFile {</code>
<code> </code><code>Ensure = </code><code>"Present"</code>
<code> </code><code>Type = "Directory“ </code><code># Default is “File”</code>
<code> </code><code>Force = </code><code>$True</code>
<code> </code><code>Recurse = </code><code>$True</code>
<code> </code><code>SourcePath = </code><code>'\\sydit01\test'</code>
<code> </code><code>DestinationPath = </code><code>'C:\Downloads'</code> <code># On Sydittest</code>
<code> </code><code>}</code>
<code> </code><code>}</code>
<code>}</code>
<code>TestFile -OutputPath c:\DSC\Mod5Config</code>
<code>Start-DscConfiguration</code> <code>-computername sydittest -Path c:\dsc\Mod5Config -Wait -Verbose -force</code>
<a href="http://s3.51cto.com/wyfs02/M01/73/B5/wKiom1YEwVugUCWkAAU4kF_qMaU164.jpg" target="_blank"></a>
檢視該zip檔案已經拷貝了
<a href="http://s3.51cto.com/wyfs02/M01/73/B5/wKiom1YEwVzA-UjjAADe-KBDutw222.jpg" target="_blank"></a>
2.解壓zip檔案,資源叫做 Archive
<code>configuration TestArchive {</code>
<code> </code><code>Archive Unzip{</code>
<code> </code><code>Destination = </code><code>'C:\unzip'</code>
<code> </code><code>Path = </code><code>'c:\downloads\temp.zip'</code>
<code> </code><code>Checksum = </code><code>'SHA-256'</code>
<code> </code><code>Validate = </code><code>$true</code>
<code> </code><code>Force = </code><code>$true</code>
<code> </code><code>Ensure = </code><code>'Present'</code>
<code>TestArchive -OutputPath c:\DSC\Mod5Config</code>
<code>Start-DscConfiguration</code> <code>-computername sydittest -Path c:\dsc\Mod5Config -Wait -Verbose -Force</code>
<a href="http://s3.51cto.com/wyfs02/M01/73/B3/wKioL1YEwWHRDSUVAAaZPq18p4U036.jpg" target="_blank"></a>
該檔案已經解壓到指定目錄
<a href="http://s3.51cto.com/wyfs02/M00/73/B3/wKioL1YEwWLDwGwWAAEgckiAjds849.jpg" target="_blank"></a>
3. 建立環境變量 資源叫做Environment
<code>configuration TestEnvVar {</code>
<code> </code><code>Environment NewVar{</code>
<code> </code><code>Name = </code><code>'MYNEWVAR'</code>
<code> </code><code>Value = </code><code>'Value to store'</code>
<code>TestEnvVar -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M02/73/B5/wKiom1YEwV_TQzhfAASLq1Tt0v4829.jpg" target="_blank"></a>
确認該環境變量已經建立
<a href="http://s3.51cto.com/wyfs02/M02/73/B5/wKiom1YEwWDDvsZ-AAFW7jSx0Q8102.jpg" target="_blank"></a>
4.建立本地使用者 資源是User
這個是幾個資源裡面相對麻煩的一個,因為預設傳遞的是明文,他不會允許你推送的,我需要明确告訴他允許明文。
<code>configuration TestUser</code>
<code>{</code>
<code> </code><code>param</code>
<code> </code><code>( </code>
<code> </code><code>[PSCredential]</code><code>$Credential</code>
<code> </code><code>)</code>
<code> </code><code>node sydittest</code>
<code> </code><code>{ </code>
<code> </code><code>User TestUser</code>
<code> </code><code>{</code>
<code> </code><code>UserName = </code><code>$Credential</code><code>.UserName</code>
<code> </code><code>Password = </code><code>$Credential</code>
<code> </code><code>Description = </code><code>'User created by DSC'</code>
<code> </code><code>PasswordNeverExpires = </code><code>$true</code>
<code> </code><code>PasswordChangeNotAllowed = </code><code>$true</code>
<code>$ConfigData</code> <code>= @{ </code>
<code> </code><code>AllNodes = @( </code>
<code> </code><code>@{ </code>
<code> </code><code>NodeName = </code><code>'sydittest'</code>
<code> </code><code>PSDscAllowPlainTextPassword=</code><code>$true</code>
<code> </code><code>} </code>
<code> </code><code>) </code>
<code>} </code>
<code>TestUser -ConfigurationData </code><code>$ConfigData</code> <code>-Credential (</code><code>Get-Credential</code><code>) -OutputPath c:\DSC\Mod5Config</code>
可以看見是明文發送的,如果是生産環境,需要用證書加密的才行。
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEyUCBNcanAAEcYlhfnwE913.jpg" target="_blank"></a>
推送出去
<a href="http://s3.51cto.com/wyfs02/M00/73/B6/wKiom1YEwW-w1E34AAR2dCkByxc670.jpg" target="_blank"></a>
可以看見使用者已經建立了
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEwXSBPno9AAD7EE09yQE825.jpg" target="_blank"></a>
5.建立本地組 資源 Group
<code>configuration TestGroup {</code>
<code> </code><code>Group CreateGroup {</code>
<code> </code><code>GroupName = </code><code>'TestGroup'</code>
<code> </code><code>Description = </code><code>'This is a DSC test group'</code>
<code> </code><code>Members = </code><code>'administrator'</code>
<code> </code>
<code>TestGroup -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M01/73/B3/wKioL1YEwWaCzhr8AATXDQsO6qI418.jpg" target="_blank"></a>
6.建立系統資料庫鍵 資源 Registry
<code>configuration TestRegistry {</code>
<code> </code><code>Registry CreateReg {</code>
<code> </code><code>Key = </code><code>'HKEY_Local_Machine\Software\DSCTest'</code>
<code> </code><code>ValueName = </code><code>'DSCTestGood'</code>
<code> </code><code>ValueType = </code><code>'string'</code>
<code> </code><code>ValueData = </code><code>'True'</code>
<code>Testregistry -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEwWii0gJNAAOX-p9OTFk632.jpg" target="_blank"></a>
确認成功建立
<a href="http://s3.51cto.com/wyfs02/M00/73/B5/wKiom1YEwWaDfC3VAAHHSve_5ac780.jpg" target="_blank"></a>
7. 建立程序(運作某個程式) 資源是 Windowsprocess
<code>configuration TestProcess {</code>
<code> </code><code>WindowsProcess CreateNotepad {</code>
<code> </code><code>Path = </code><code>'notepad.exe'</code>
<code> </code><code>Arguments = </code><code>''</code>
<code> </code><code>WindowsProcess CreatePaint {</code>
<code> </code><code>Path = </code><code>'mspaint.exe'</code>
<code>TestProcess -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M00/73/B5/wKiom1YEwWfBLXGXAAOLZriLRuc207.jpg" target="_blank"></a>
8. 更改服務的狀态
<code>configuration TestService {</code>
<code> </code><code>Service StartAudio {</code>
<code> </code><code>Name = </code><code>'Audiosrv'</code>
<code> </code><code>State = </code><code>'Running'</code>
<code> </code><code>StartupType = </code><code>'Automatic'</code>
<code>TestService -OutputPath c:\DSC\Mod5Config</code>
更改前
<a href="http://s3.51cto.com/wyfs02/M00/73/B3/wKioL1YEwWvDYdpiAACyuvwnn6M371.jpg" target="_blank"></a>
更改
<a href="http://s3.51cto.com/wyfs02/M01/73/B5/wKiom1YEwWmhPW6lAAPmKKrUZUA167.jpg" target="_blank"></a>
更改後
<a href="http://s3.51cto.com/wyfs02/M01/73/B3/wKioL1YEwW6i7dRHAADDjpn3BUI020.jpg" target="_blank"></a>
9. 腳本資源
這個是當現有的資源都無法滿足需求的時候,可以進行自定義資源。裡面有3個子子產品,test,set,get
首先通過 test 判斷狀态,傳回一個boolean值,如果是true,忽略;如果是false,那麼在set裡面進行處理;相當于于一個if else的判斷語句。get可以通過getdsc的指令擷取目前狀态
下面的例子是判斷如果bits服務開啟,那麼關閉
<code>configuration TestScript {</code>
<code> </code><code>Script TestScript {</code>
<code> </code><code>GetScript = {</code>
<code> </code><code>@{</code>
<code> </code><code>GetScript = </code><code>$GetScript</code>
<code> </code><code>SetScript = </code><code>$setScript</code>
<code> </code><code>TestScript = </code><code>$TestScript</code>
<code> </code><code>Result = (</code><code>Get-Service</code> <code>-name bits).status</code>
<code> </code><code>} </code>
<code> </code><code>}</code>
<code> </code><code>SetScript = {</code>
<code> </code><code>stop-Service</code> <code>-name bits</code>
<code> </code><code>TestScript = {</code>
<code> </code>
<code> </code><code>$Status</code><code>=(</code><code>Get-service</code> <code>-name bits).status</code>
<code> </code><code>$Status</code> <code>-eq</code> <code>'stopped'</code>
<code>Testscript -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M02/73/B6/wKiom1YEwWuANp5LAADpEgqjp-c956.jpg" target="_blank"></a>
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEwXGxB2XwAAQb_LkUyU8397.jpg" target="_blank"></a>
本文轉自 beanxyz 51CTO部落格,原文連結:http://blog.51cto.com/beanxyz/1698158,如需轉載請自行聯系原作者
![Windows系統下通過CMD指令行或運作視窗打開常用附件和功能[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)