Desired State Configuration for Linux - v1.1.1-294
PowerShell Desired State Configuration for Linux
Release Notes
Version 1.1.1-294
Table of Contents
- PowerShell Desired State Configuration for Linux
Release Overview
** Supported Linux operation system versions **
The following Linux operating system versions are supported for DSC for Linux.
- CentOS 5, 6, and 7 (x86/x64)
- Debian GNU/Linux 6, 7 and 8 (x86/x64)
- Oracle Linux 5, 6 and 7 (x86/x64)
- Red Hat Enterprise Linux Server 5, 6 and 7 (x86/x64)
- SUSE Linux Enterprise Server 10, 11 and 12 (x86/x64)
- Ubuntu Server 12.04 LTS, 14.04 LTS, 16.04 LTS (x86/x64)
SHA256 Checksums
| Package | SHA256 Checksum |
|---|---|
| dsc-1.1.1-294.ssl_098.x64.deb | 71ae4115a59527ef25de9eef19fda7fcfd23ccb81b677f2b90bfda28c4c4dd7b |
| dsc-1.1.1-294.ssl_098.x64.rpm | 9490252ea069afbbda474d9dc06232a0027f4e4ea3796bbca63fddf943c88ad4 |
| dsc-1.1.1-294.ssl_098.x86.deb | 344d5de2a7b01dd791dcc070c3a918d233e274117cf37b77cf33f5a1a698fa59 |
| dsc-1.1.1-294.ssl_098.x86.rpm | 1ef07debb2a0392ea02e5130723c4918856114cbb6015c5b4a2b5c9341b5f2af |
| dsc-1.1.1-294.ssl_100.x64.deb | 0f078694853591a5614b74ae5a7fdfaa5d63896d5ee51a97279e2ccf51d39815 |
| dsc-1.1.1-294.ssl_100.x64.rpm | 18c1e55dcb894ba558ca380327360a6164db549395b7e5bc0e94127827bc191a |
| dsc-1.1.1-294.ssl_100.x86.deb | b17639ece1c757130642d154d071061cbb58fb118eb20be1fcc8e5d985d99a2c |
| dsc-1.1.1-294.ssl_100.x86.rpm | 4937d476c55a80152fe73b4c453195eac7002935c3a313c650b8edf018e292ce |
Requirements
The following table describes the required package dependencies for DSC for Linux.
| Required package | Description | Minimum version |
|---|---|---|
| Glibc | GNU C Library | 2.4 - 31.30 |
| python | Python | 2.4 - 3.4 |
| omi | Open Management Infrastructure | 1.1.0-0 |
| openssl | OpenSSL Libraries | 0.9.8e or 1.0 |
| python-ctypes | Python CTypes library | Must match Python version |
| libcurl | cURL http client library | 7.15.1 |
| unzip* | De-archiver for .zip files | n/a |
* unzip is needed to install resource modules
Upgrading DSC for Linux from a Prior Version
Upgrading DSC for Linux from version 1.1 is supported using rpm or dpkg. Upgrading DSC for Linux from version 1.0 to this version (1.1.1) is not supported. If you have version 1.0 currently installed, remove it prior to installing version 1.1 with: rpm –e dsc or dpkg –r dsc
New features in this release
- Support for PS1 to MOF compilation on Linux with PowerShell for Linux
- register.py (
/opt/microsoft/dsc/Register.py) adds parameters for --ConfigurationName, --ConfigurationMode, --ConfigurationModeFrequencyMins, --RefreshFrequencyMins - Support for Ubuntu 16.04 LTS
Issues Resolved in this Release
- Authentication with a pull server may fail due to spurious client certificate regeneration
- SELinux settings prevent DSC consistency invoker schedule job from executing
- nxFile: Recursive settings applied inconsistently
- Support for OMI version 1.1.0
Issues resolved in Prior Releases
- OMI version 1.0.8-4 is supported
- Log rotation reliability is improved
- nxUser: password expiration incorrectly handled
- HTTP proxies not supported for Pull server operations
- Restore-DSCConfiguration does not restore the prior configuration
- nxPackage/nxScript: unreliable behavior is observed when the system locale is not UTF-8.
- nxPackage: On Ubuntu and Debian, packages that prompt for user input cause, such as MySQL server, prevent successful configuration
- nxService: in some cases, the running state of services is incorrectly detected
- nxPackage: when Ensure = Absent, installed packages fail to remove in some cases
Known Limitations
- In this release of Desired State Configuration for Linux, only Pull Servers based on WMF 5.0 April Preview or later are supported. To use a prior version of the Pull Server, continue to use Desired State Configuration for Linux 1.0.
- Partial Configurations are not supported in this release.
New Scenarios in DSC for Linux 1.1
Separation of node and configuration IDs
In prior versions, DSC currently used a configuration ID to uniquely identify a single configuration for a single node. This new feature separates the configuration ID into two distinct identifiers: Configuration Name and Agent ID. Configuration Name identifies the configuration for a computer; this ID can be shared by multiple nodes. Agent ID uniquely identifies a node; this ID must be unique for every node.
Metaconfig Updates for Separation of Computer and Configuration IDs
Because the ConfigurationNames are no longer GUIDs (they are now friendly names), anyone can determine them. To mitigate this issue, we added an extra level of security by adding a registration step before a node can start requesting configurations from a server. A node registers itself with the pull server with a shared secret (which the node and the server both know already), and the name of the configuration it will request. This shared secret need not be unique for each computer. Assumption: the shared secret is a hard-to-guess identifier, like a GUID. We call this shared secret RegistrationKey in the metaconfig.
[DscLocalConfigurationManager()]
Configuration SampleLinuxMetaConfig
{
Node “mylinuxserver”{
Settings
{
RefreshFrequencyMins = 30;
RefreshMode = "PULL";
ConfigurationMode =”ApplyAndMonitor“;
AllowModuleOverwrite = $true;
RebootNodeIfNeeded = $true;
ConfigurationModeFrequencyMins = 60;
}
ConfigurationRepositoryWeb ConfigurationManager
{
ServerURL = “https://PullServerMachine:8080/psdscpullserver.svc”
RegistrationKey = "140a952b-b9d6-406b-b416-e0f759c9c0e4"
ConfigurationNames = @(“MySQLRole”)
}
}
}
SampleMetaConfig
For more information on this feature and instructions for defining shared keys on the Pull Server, reference the WMF 5 Production Preview Release Notes.