Software Management with PowerShell DSC and Chocolatey - PowerShell Summit 2017

Chocolatey The package manager for Windows Software Management with DSC and Chocolatey Rob Reynolds @ferventcoder

Rob Reynolds • Creator and Founder of Chocolatey • Enjoys long walks on the beach and designing solutions that make hard things easy • Co-wrote infrastructure framework   known as the Chuck Norris Framework • Over 10 years experience in   infrastructure automation • Obsesses over user experience • Microsoft MVP for whatever they are calling .NET area now

Agenda • The Story of Windows Automation • Windows Software Ecosystem • Chocolatey • Chocolatey + DSC

Let’s talk about a story… possibly your story

The Story of Modern Automation for Windows

You probably use or have used traditional tools

Traditional Tools • Manual Configuration • Golden Images • Endpoint management tools • Not necessarily bad, just are harder to fit into modern automation approaches

Modern Automation • Feature-Rich • Infrastructure as Code (IaC) • Source Control • Testable Infrastructure • Reporting • Centralized Management

PowerShell DSC • Microsoft • Building on PowerShell • Desired State • Modern Approaches • Framework - couple it with full Configuration Management Platforms like Puppet / Chef when appropriate

So you modernized your Windows automation

DevOps == Rainbows and Unicorns “Umm…”

Rainbows and Unicorns “Just go with it…”

Something was not quite right…

Configuration Management alone is missing something

Software Management / Package Management is necessary for great Configuration Management

Software management may account for 50-90% of your automation

Windows Software Ecosystem • Over 20 installer formats and thousands of installers in the wild • Zips and other archive formats • Software installers are messy • It’s like the Wild West

PowerShell DSC - Package Resource • You may have used Package Resource • Finding the PackageID (MSI Product Code GUID) • Non-MSI? • Upgrades?

“Fortunately there is a better way”

But does it work well in organizational sense?

Well, obviously - what does it represent though?

Let’s take a step back and evaluate what’s possible

Chocolatey - Sane Software Management • Easily manage the software lifecycle • Native installers, zips, binaries • PowerShell module simplifies work • Packages are independent building blocks • Integrates with configuration management • Business friendly features

Chocolatey - The Approach • Single, unifying interface - control the chaos • Decentralized - multiple places to get packages, including internal • PowerShell • Flexible • Secure • Reliable 6+ years - proven technology

Community Package Repository • https://chocolatey.org/ packages • Community Feed / Community Maintained • Moderated as of October 2014 • Everything goes through VirusTotal • Organizations Should Not Depend b/c Trust and Control

Hosting Your Own Package Server • https://chocolatey.org/docs/how-to-host-feed • Non-Windows Hosting • Artifactory • Sonatype Nexus • NuGet Gallery proper • ProGet / MyGet • NuGet.Server / Chocolatey.Server • Puppet - chocolatey/chocolatey_server module • Visual Studio Team Services

Chocolatey Packages • Zip files + Versioning, Dependencies & PowerShell • Metadata - Software Information / Package Information • PowerShell - https://chocolatey.org/docs/helpers-reference • 30+ Built-in functions - turn hard tasks into 1 liners • Handle additional missing installer logic (like add to PATH) • Add options missing from installer arguments • Files - drop in binaries, native installers

Creating Packages • https://chocolatey.org/docs/create- packages • choco new • Generates package files with most of the work done • Create your own packaging templates!

Package Builder “Generates software deployment packages”

Package Builder • Package Builder automatically creates high quality packaging from an installer/zip in 5-10 seconds • Determines everything necessary for silently installing software • Supports passing urls (and checksums) - downloads files first • Allows customization • Supports exe, msi, 7z, zip, msu, and msp files

Package Internalizer “Convert existing packages to offline”

Package Internalizer • Take advantage of existing packages without dependency on the internet • Downloads existing package and all remote resources • Recompiles package to use those internal resources • Option to download and point to other locations • Ability to host packages on private internal repositories • Visual Interface coming

You detect a theme for feature names

Package Synchronizer - Auto Sync • Chocolatey maintains state based on packages. System state can be manipulated outside of Chocolatey • Any Chocolatey command will trigger synchronization in licensed editions of Chocolatey • Package Synchronizer syncs with manual software removal • Syncs w/software that automatically upgrades, such as Chrome

Package Synchronizer - All Packages in Programs and Features • Any Chocolatey package installed will result in an entry in Programs and Features, even if it doesn't have a native install • Supporting legacy inventory reporting systems is now a snap • Do not need to build MSIs / Installers for internal use just to support legacy reporting

Package Synchronizer - Choco Sync Command • Brings all software in Programs and Features under Chocolatey management • Generates packaging and baselines to Chocolatey install • Provides packaging code to take back to source control

Other Features • https://chocolatey.org/docs/ release-notes-licensed • Auto-uninstaller more effective thanks to more checks and Package Synchronizer • Install/upgrade passing secrets • Ubiquitous Directory Switch • More built-in PowerShell functions • Uninstall non-Chocolatey managed software • Self-Service Installer • Package Throttle / Package Modernizer / Package Grid • Upcoming Central Management UI • Others

Roadmap • WSA support / Windows Nano Support • More Security / More UX • Package enhancements • Package signing / security enhancements • Extend Nuspec further - name, version, release, architecture (release is in, doesn’t work with anything yet so don’t use it) • Package Management Provider - hoping to finish here at Summit!

cChoco DSC Resource • Manages Chocolatey installation • Manages Choco sources • Manages packages • https://github.com/ PowerShellOrg/cChoco • https:// www.powershellgallery.co m/packages/cChoco/2.3.0.0

cChocoInstaller • Manages Chocolatey installation • Manage install location • Can work offline, however currently requires specifying a script to run locally

cChocoSource • Manage available package sources • Add or remove, does not disable • Add credentials • Add priorities for sources • Will need new source items - 0.10.4+ • Bug somewhere currently, so hold on this one

cChocoPackageInstall • Ensure software package installation • Optional params, chocoParams, Version, Source, and AutoUpgrade • Allows customizing complete choco call • Recommend not setting source until it is fixed - https:// github.com/PowerShellOrg/ cChoco/issues/44 (pass source through chocoParams)

cChoco - Get Involved • If you are looking for a place to contribute, this is a good place

+ • Rob • @ferventcoder • ferventcoder at gmail Evaluate Chocolatey for Business in your environment - special discounts available conference attendees - reach out at https:// chocolatey.org/contact for details

Software Management with PowerShell DSC and Chocolatey - PowerShell Summit 2017

More Related Content

What's hot

Similar to Software Management with PowerShell DSC and Chocolatey - PowerShell Summit 2017

More from Rob Reynolds

Recently uploaded

Software Management with PowerShell DSC and Chocolatey - PowerShell Summit 2017