Powershell DSC 自带了一些常见的资源。如果需要新的,可以下载安装 DSC Resource Kit 10或者从Powershell Gallery下载。
比如说查看当前已经安装了的资源
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<code>PS C:\Windows\system32> </code><code>Get-DscResource</code>
<code>ImplementedAs Name ModuleName Version Properties </code>
<code>------------- ---- ---------- ------- ---------- </code>
<code>Binary File {DestinationPath, Attributes, Checksum, Content...</code>
<code>PowerShell Archive PSDesiredStateConfiguration 1.1 {Destination, Path, Checksum, Credential...} </code>
<code>PowerShell Environment PSDesiredStateConfiguration 1.1 {Name, DependsOn, Ensure, Path...} </code>
<code>PowerShell Group PSDesiredStateConfiguration 1.1 {GroupName, Credential, DependsOn, Description...}</code>
<code>Binary Log PSDesiredStateConfiguration 1.1 {Message, DependsOn, PsDscRunAsCredential} </code>
<code>PowerShell Package PSDesiredStateConfiguration 1.1 {Name, Path, ProductId, Arguments...} </code>
<code>PowerShell Registry PSDesiredStateConfiguration 1.1 {Key, ValueName, DependsOn, Ensure...} </code>
<code>PowerShell Script PSDesiredStateConfiguration 1.1 {GetScript, SetScript, TestScript, Credential...} </code>
<code>PowerShell Service PSDesiredStateConfiguration 1.1 {Name, BuiltInAccount, Credential, Dependencies...</code>
<code>PowerShell User PSDesiredStateConfiguration 1.1 {UserName, DependsOn, Description, Disabled...} </code>
<code>PowerShell WaitForAll PSDesiredStateConfiguration 1.1 {NodeName, ResourceName, DependsOn, PsDscRunAsC...</code>
<code>PowerShell WaitForAny PSDesiredStateConfiguration 1.1 {NodeName, ResourceName, DependsOn, PsDscRunAsC...</code>
<code>PowerShell WaitForSome PSDesiredStateConfiguration 1.1 {NodeCount, NodeName, ResourceName, DependsOn...} </code>
<code>PowerShell WindowsFeature PSDesiredStateConfiguration 1.1 {Name, Credential, DependsOn, Ensure...} </code>
<code>PowerShell WindowsOptionalFeature PSDesiredStateConfiguration 1.1 {Name, DependsOn, Ensure, LogLevel...} </code>
<code>PowerShell WindowsProcess PSDesiredStateConfiguration 1.1 {Arguments, Path, Credential, DependsOn...} </code>
<code>PowerShell xArchive xPSDesiredStateConfiguration 3.5.0.0 {Destination, Path, CompressionLevel, DependsOn...</code>
<code>PowerShell xDSCWebService xPSDesiredStateConfiguration 3.5.0.0 {CertificateThumbPrint, EndpointName, AcceptSel...</code>
<code>PowerShell xGroup xPSDesiredStateConfiguration 3.5.0.0 {GroupName, Credential, DependsOn, Description...}</code>
<code>PowerShell xPackage xPSDesiredStateConfiguration 3.5.0.0 {Name, Path, ProductId, Arguments...} </code>
<code>PowerShell xPSEndpoint xPSDesiredStateConfiguration 3.5.0.0 {Name, AccessMode, DependsOn, Ensure...} </code>
<code>PowerShell xRemoteFile xPSDesiredStateConfiguration 3.5.0.0 {DestinationPath, Uri, Credential, DependsOn...} </code>
<code>PowerShell xService xPSDesiredStateConfiguration 3.5.0.0 {Name, BuiltInAccount, Credential, Dependencies...</code>
<code>PowerShell xWindowsOptionalFeature xPSDesiredStateConfiguration 3.5.0.0 {Name, DependsOn, Ensure, LogLevel...} </code>
<code>PowerShell xWindowsProcess xPSDesiredStateConfiguration 3.5.0.0 {Arguments, Path, Credential, DependsOn...}</code>
下面是一些常见的例子:
拷贝文件 资源叫做 File
<code>configuration TestFile {</code>
<code> </code><code>Node sydittest {</code>
<code> </code><code>File ZipFile {</code>
<code> </code><code>Ensure = </code><code>"Present"</code>
<code> </code><code>Type = "Directory“ </code><code># Default is “File”</code>
<code> </code><code>Force = </code><code>$True</code>
<code> </code><code>Recurse = </code><code>$True</code>
<code> </code><code>SourcePath = </code><code>'\\sydit01\test'</code>
<code> </code><code>DestinationPath = </code><code>'C:\Downloads'</code> <code># On Sydittest</code>
<code> </code><code>}</code>
<code> </code><code>}</code>
<code>}</code>
<code>TestFile -OutputPath c:\DSC\Mod5Config</code>
<code>Start-DscConfiguration</code> <code>-computername sydittest -Path c:\dsc\Mod5Config -Wait -Verbose -force</code>
<a href="http://s3.51cto.com/wyfs02/M01/73/B5/wKiom1YEwVugUCWkAAU4kF_qMaU164.jpg" target="_blank"></a>
查看该zip文件已经拷贝了
<a href="http://s3.51cto.com/wyfs02/M01/73/B5/wKiom1YEwVzA-UjjAADe-KBDutw222.jpg" target="_blank"></a>
2.解压zip文件,资源叫做 Archive
<code>configuration TestArchive {</code>
<code> </code><code>Archive Unzip{</code>
<code> </code><code>Destination = </code><code>'C:\unzip'</code>
<code> </code><code>Path = </code><code>'c:\downloads\temp.zip'</code>
<code> </code><code>Checksum = </code><code>'SHA-256'</code>
<code> </code><code>Validate = </code><code>$true</code>
<code> </code><code>Force = </code><code>$true</code>
<code> </code><code>Ensure = </code><code>'Present'</code>
<code>TestArchive -OutputPath c:\DSC\Mod5Config</code>
<code>Start-DscConfiguration</code> <code>-computername sydittest -Path c:\dsc\Mod5Config -Wait -Verbose -Force</code>
<a href="http://s3.51cto.com/wyfs02/M01/73/B3/wKioL1YEwWHRDSUVAAaZPq18p4U036.jpg" target="_blank"></a>
该文件已经解压到指定目录
<a href="http://s3.51cto.com/wyfs02/M00/73/B3/wKioL1YEwWLDwGwWAAEgckiAjds849.jpg" target="_blank"></a>
3. 创建环境变量 资源叫做Environment
<code>configuration TestEnvVar {</code>
<code> </code><code>Environment NewVar{</code>
<code> </code><code>Name = </code><code>'MYNEWVAR'</code>
<code> </code><code>Value = </code><code>'Value to store'</code>
<code>TestEnvVar -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M02/73/B5/wKiom1YEwV_TQzhfAASLq1Tt0v4829.jpg" target="_blank"></a>
确认该环境变量已经创建
<a href="http://s3.51cto.com/wyfs02/M02/73/B5/wKiom1YEwWDDvsZ-AAFW7jSx0Q8102.jpg" target="_blank"></a>
4.创建本地用户 资源是User
这个是几个资源里面相对麻烦的一个,因为默认传递的是明文,他不会允许你推送的,我需要明确告诉他允许明文。
<code>configuration TestUser</code>
<code>{</code>
<code> </code><code>param</code>
<code> </code><code>( </code>
<code> </code><code>[PSCredential]</code><code>$Credential</code>
<code> </code><code>)</code>
<code> </code><code>node sydittest</code>
<code> </code><code>{ </code>
<code> </code><code>User TestUser</code>
<code> </code><code>{</code>
<code> </code><code>UserName = </code><code>$Credential</code><code>.UserName</code>
<code> </code><code>Password = </code><code>$Credential</code>
<code> </code><code>Description = </code><code>'User created by DSC'</code>
<code> </code><code>PasswordNeverExpires = </code><code>$true</code>
<code> </code><code>PasswordChangeNotAllowed = </code><code>$true</code>
<code>$ConfigData</code> <code>= @{ </code>
<code> </code><code>AllNodes = @( </code>
<code> </code><code>@{ </code>
<code> </code><code>NodeName = </code><code>'sydittest'</code>
<code> </code><code>PSDscAllowPlainTextPassword=</code><code>$true</code>
<code> </code><code>} </code>
<code> </code><code>) </code>
<code>} </code>
<code>TestUser -ConfigurationData </code><code>$ConfigData</code> <code>-Credential (</code><code>Get-Credential</code><code>) -OutputPath c:\DSC\Mod5Config</code>
可以看见是明文发送的,如果是生产环境,需要用证书加密的才行。
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEyUCBNcanAAEcYlhfnwE913.jpg" target="_blank"></a>
推送出去
<a href="http://s3.51cto.com/wyfs02/M00/73/B6/wKiom1YEwW-w1E34AAR2dCkByxc670.jpg" target="_blank"></a>
可以看见用户已经创建了
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEwXSBPno9AAD7EE09yQE825.jpg" target="_blank"></a>
5.创建本地组 资源 Group
<code>configuration TestGroup {</code>
<code> </code><code>Group CreateGroup {</code>
<code> </code><code>GroupName = </code><code>'TestGroup'</code>
<code> </code><code>Description = </code><code>'This is a DSC test group'</code>
<code> </code><code>Members = </code><code>'administrator'</code>
<code> </code>
<code>TestGroup -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M01/73/B3/wKioL1YEwWaCzhr8AATXDQsO6qI418.jpg" target="_blank"></a>
6.创建注册表键 资源 Registry
<code>configuration TestRegistry {</code>
<code> </code><code>Registry CreateReg {</code>
<code> </code><code>Key = </code><code>'HKEY_Local_Machine\Software\DSCTest'</code>
<code> </code><code>ValueName = </code><code>'DSCTestGood'</code>
<code> </code><code>ValueType = </code><code>'string'</code>
<code> </code><code>ValueData = </code><code>'True'</code>
<code>Testregistry -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEwWii0gJNAAOX-p9OTFk632.jpg" target="_blank"></a>
确认成功创建
<a href="http://s3.51cto.com/wyfs02/M00/73/B5/wKiom1YEwWaDfC3VAAHHSve_5ac780.jpg" target="_blank"></a>
7. 创建进程(运行某个程序) 资源是 Windowsprocess
<code>configuration TestProcess {</code>
<code> </code><code>WindowsProcess CreateNotepad {</code>
<code> </code><code>Path = </code><code>'notepad.exe'</code>
<code> </code><code>Arguments = </code><code>''</code>
<code> </code><code>WindowsProcess CreatePaint {</code>
<code> </code><code>Path = </code><code>'mspaint.exe'</code>
<code>TestProcess -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M00/73/B5/wKiom1YEwWfBLXGXAAOLZriLRuc207.jpg" target="_blank"></a>
8. 更改服务的状态
<code>configuration TestService {</code>
<code> </code><code>Service StartAudio {</code>
<code> </code><code>Name = </code><code>'Audiosrv'</code>
<code> </code><code>State = </code><code>'Running'</code>
<code> </code><code>StartupType = </code><code>'Automatic'</code>
<code>TestService -OutputPath c:\DSC\Mod5Config</code>
更改前
<a href="http://s3.51cto.com/wyfs02/M00/73/B3/wKioL1YEwWvDYdpiAACyuvwnn6M371.jpg" target="_blank"></a>
更改
<a href="http://s3.51cto.com/wyfs02/M01/73/B5/wKiom1YEwWmhPW6lAAPmKKrUZUA167.jpg" target="_blank"></a>
更改后
<a href="http://s3.51cto.com/wyfs02/M01/73/B3/wKioL1YEwW6i7dRHAADDjpn3BUI020.jpg" target="_blank"></a>
9. 脚本资源
这个是当现有的资源都无法满足需求的时候,可以进行自定义资源。里面有3个子模块,test,set,get
首先通过 test 判断状态,返回一个boolean值,如果是true,忽略;如果是false,那么在set里面进行处理;相当于于一个if else的判断语句。get可以通过getdsc的命令获取当前状态
下面的例子是判断如果bits服务开启,那么关闭
<code>configuration TestScript {</code>
<code> </code><code>Script TestScript {</code>
<code> </code><code>GetScript = {</code>
<code> </code><code>@{</code>
<code> </code><code>GetScript = </code><code>$GetScript</code>
<code> </code><code>SetScript = </code><code>$setScript</code>
<code> </code><code>TestScript = </code><code>$TestScript</code>
<code> </code><code>Result = (</code><code>Get-Service</code> <code>-name bits).status</code>
<code> </code><code>} </code>
<code> </code><code>}</code>
<code> </code><code>SetScript = {</code>
<code> </code><code>stop-Service</code> <code>-name bits</code>
<code> </code><code>TestScript = {</code>
<code> </code>
<code> </code><code>$Status</code><code>=(</code><code>Get-service</code> <code>-name bits).status</code>
<code> </code><code>$Status</code> <code>-eq</code> <code>'stopped'</code>
<code>Testscript -OutputPath c:\DSC\Mod5Config</code>
<a href="http://s3.51cto.com/wyfs02/M02/73/B6/wKiom1YEwWuANp5LAADpEgqjp-c956.jpg" target="_blank"></a>
<a href="http://s3.51cto.com/wyfs02/M02/73/B3/wKioL1YEwXGxB2XwAAQb_LkUyU8397.jpg" target="_blank"></a>
本文转自 beanxyz 51CTO博客,原文链接:http://blog.51cto.com/beanxyz/1698158,如需转载请自行联系原作者
![Windows系统下通过CMD命令行或运行窗口打开常用附件和功能[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)