Building PowerShell Applications that Operate on a Planetary Scale
This is a modal window.
Das Video konnte nicht geladen werden, da entweder ein Server- oder Netzwerkfehler auftrat oder das Format nicht unterstützt wird.
Formale Metadaten
| Titel |
| |
| Serientitel | ||
| Anzahl der Teile | 60 | |
| Autor | ||
| Lizenz | CC-Namensnennung - Weitergabe unter gleichen Bedingungen 3.0 Unported: Sie dürfen das Werk bzw. den Inhalt zu jedem legalen und nicht-kommerziellen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen und das Werk bzw. diesen Inhalt auch in veränderter Form nur unter den Bedingungen dieser Lizenz weitergeben. | |
| Identifikatoren | 10.5446/37369 (DOI) | |
| Herausgeber | ||
| Erscheinungsjahr | ||
| Sprache | ||
| Produzent | ||
| Produktionsjahr | 2018 |
Inhaltliche Metadaten
| Fachgebiet | ||
| Genre | ||
| Abstract |
|
1
10
14
18
24
25
26
32
34
40
41
44
46
54
00:00
MaßstabGebäude <Mathematik>ZeitabhängigkeitDemo <Programm>MAPHilfesystemSkriptspracheElektronische PublikationMethodenbankInstallation <Informatik>Kartesische KoordinatenZentrische StreckungMAPSystemplattformEvoluteDifferenteAliasingRückkopplungBasis <Mathematik>MultiplikationsoperatorInformationSoftwareAppletLoginInternetworkingVerzeichnisdienstQuellcodeDokumentenserverMethodenbankSkriptspracheWurzel <Mathematik>SystemverwaltungProgrammierungBildschirmfensterThermodynamisches SystemStochastische MatrixComputeranimation
05:21
RechenschieberEinfache GenauigkeitCoxeter-GruppeSpezialrechnerMaßstabGebäude <Mathematik>MAPSkriptspracheThermodynamisches SystemDigitalfilterChatten <Kommunikation>GruppenoperationQuick-SortDatenbankServerREST <Informatik>Dienst <Informatik>WarteschlangeTaskDatenbankPrioritätswarteschlangeSkriptspracheServerProjektive EbeneProzess <Informatik>BeanspruchungDatenmodellCodeAutomatische HandlungsplanungRechenschieberDatensatzIT infrastructure libraryProdukt <Mathematik>TypentheorieMultiplikationsoperatorSpeicherabzugKartesische KoordinatenKonfigurationsraumZusammenhängender GraphMethodenbankThermodynamisches SystemEinsGraphfärbungFigurierte ZahlRechter WinkelMotion CapturingPlug inDatenmanagementSoftwareInformationsmanagementURLBildschirmfensterBenutzerbeteiligungGrenzschichtablösungInformationMultiplikationSystemverwaltungFlächeninhaltEinfache GenauigkeitMetropolitan area networkTaskDienst <Informatik>Gebäude <Mathematik>Konfiguration <Informatik>Information RetrievalWeb SiteSoftwareentwicklerBenutzeroberflächeWeb-ApplikationVirtuelle MaschineEin-AusgabeDifferenteElektronische PublikationComputersicherheitCoxeter-GruppeComputeranimation
15:19
Gebäude <Mathematik>MaßstabThermodynamisches SystemDatenbankVektorrechnungREST <Informatik>TypentheorieTaskFramework <Informatik>SoftwaretestComputersicherheitVollständiger VerbandSkriptspracheBenutzerfreundlichkeitVirtuelle MaschineWeb SiteMessage-PassingWeb logROM <Informatik>CodeDifferenteÄhnlichkeitsgeometrieProzess <Informatik>Gerichtete MengeSystemzusammenbruchKontrollstrukturVersionsverwaltungInformationsmanagementComputersicherheitThermodynamisches SystemServerZusammenhängender GraphMultiplikationsoperatorBenutzerbeteiligungProgrammierumgebungGamecontrollerHalbleiterspeicherVirtuelle MaschineInformationREST <Informatik>BildschirmfensterDatenbankSpielkonsoleSkriptspracheDienst <Informatik>Projektive EbeneBitMultiplikationMAPMessage-PassingInformationsmanagementKlasse <Mathematik>PunktMethodenbankLoginTabelleDatensatzVerzeichnisdienstGüte der AnpassungUnternehmensarchitekturEndliche ModelltheorieKartesische KoordinatenIT infrastructure libraryEinfache GenauigkeitToken-RingSystemaufrufBeanspruchungCodeSoftwareKeller <Informatik>GruppenoperationProzess <Informatik>DifferenteBasis <Mathematik>FehlermeldungParametersystemTypentheorieComputeranimation
23:45
Web SiteREST <Informatik>Web logMessage-PassingROM <Informatik>ÄhnlichkeitsgeometrieDifferenteCodeProzess <Informatik>Gerichtete MengeDatenbankSystemzusammenbruchMaßstabVersionsverwaltungKontrollstrukturInformationsmanagementTaskGebäude <Mathematik>SkalierbarkeitComputersicherheitProgrammierumgebungCOMKomponente <Software>Thermodynamisches SystemVererbungshierarchieMethodenbankFunktion <Mathematik>Zusammenhängender GraphSoftwaretestLoginLeistung <Physik>Demo <Programm>ServerKraftDifferenteREST <Informatik>VererbungshierarchieOffene MengeMethodenbankWeb-SeiteInformationDienst <Informatik>Virtuelle MaschineQuaderBildschirmfensterDatensatzSoftwaretestFront-End <Software>FehlermeldungRückkopplungElektronische PublikationSkalierbarkeitLastComputersicherheitInformationsmanagementAbfrageInformation RetrievalMultiplikationsoperatorPunktZentrische StreckungGraphZehnFunktionalZusammenhängender GraphAbgeschlossene MengeDatenbankSkriptspracheVollständigkeitLoginThermodynamisches SystemKartesische KoordinatenInverser LimesProjektive EbeneComputeranimation
31:32
Demo <Programm>Gebäude <Mathematik>MaßstabLokales MinimumKraftREST <Informatik>Uniformer RaumStellenringDifferenteMethodenbankElektronische PublikationFunktionalArithmetische FolgeComputeranimation
33:07
Gebäude <Mathematik>MaßstabDemo <Programm>REST <Informatik>KraftKonvexe HülleMethodenbankFaserbündelQuaderNotebook-ComputerRückkopplungProgramm/QuellcodeComputeranimationVorlesung/Konferenz
35:13
MaßstabGebäude <Mathematik>BildschirmmaskeTaskSkriptspracheLeistung <Physik>GeradeMailing-ListeDatenbankBenutzerbeteiligungMessage-PassingStichprobenumfangFlächeninhaltAppletWeb logComputeranimation
37:49
MaßstabGebäude <Mathematik>SkriptspracheTaskResultanteBitZahlenbereichParametersystemREST <Informatik>VektorpotenzialMessage-PassingInstantiierungBenutzerbeteiligungComputeranimation
39:30
Demo <Programm>KraftServerMaßstabGebäude <Mathematik>Inverser LimesLeistung <Physik>BewegungsunschärfePrioritätswarteschlangeTaskSkriptspracheFehlermeldungInformationVirtuelle MaschineQuaderInstallation <Informatik>Quelle <Physik>InstantiierungProzess <Informatik>InformationsmanagementZusammenhängender GraphDemo <Programm>Computeranimation
43:37
BildschirmfensterDemo <Programm>MaßstabGebäude <Mathematik>KraftInverser LimesLokales MinimumBewegungsunschärfeDatenmanagementValiditätKartesische KoordinatenKonfigurationsraumComputeranimation
45:33
MaßstabGebäude <Mathematik>Rechter WinkelVerkehrsinformationKonfigurationsraumCodeKonfiguration <Informatik>Bit
46:55
Gebäude <Mathematik>MaßstabSoftwareDatensatzVersionsverwaltungBetafunktionComputeranimation
48:24
Gebäude <Mathematik>MaßstabBildschirmfensterProzess <Informatik>REST <Informatik>Syntaktische AnalyseComputeranimationVorlesung/KonferenzProgramm/Quellcode
49:57
MaßstabGebäude <Mathematik>Prozess <Informatik>InformationsmanagementTaskServerREST <Informatik>GruppenoperationZusammenhängender GraphMultiplikationsoperatorComputeranimationProgramm/QuellcodeVorlesung/Konferenz
51:32
MaßstabGebäude <Mathematik>Personal Area NetworkElektronische PublikationEinsThermodynamisches SystemAutomatische HandlungsplanungSkriptspracheDatenmanagementInformationsmanagementEinfache GenauigkeitPrioritätswarteschlangeGeradeWarteschlangeDokumentenserverZentralisatorKlasse <Mathematik>Computeranimation
52:57
MaßstabGebäude <Mathematik>DifferenteMultiplikationsoperatorRechter WinkelTaskInformationsmanagementPrioritätswarteschlangeThermodynamisches SystemLokales MinimumAbfrageMethodenbankProzess <Informatik>Computeranimation
54:41
Gebäude <Mathematik>MaßstabMAPProzess <Informatik>MethodenbankTaskThermodynamisches SystemNotebook-ComputerRückkopplungLastBenutzerbeteiligungInformationsmanagementGemeinsamer SpeicherClientLoginComputeranimation
56:24
MaßstabGebäude <Mathematik>MereologieProzess <Informatik>QuaderBildschirmfensterPatch <Software>RenderingAblaufverfolgungKeller <Informatik>SystemverwaltungMethodenbankTaskDienst <Informatik>ComputeranimationVorlesung/Konferenz
58:08
Gebäude <Mathematik>MaßstabBildschirmfensterInformationsmanagementMethodenbankVerzeichnisdienstTaskREST <Informatik>MereologieRegistrierung <Bildverarbeitung>Rechter WinkelDienst <Informatik>MultiplikationsoperatorQuaderInformationMailing-ListeComputeranimation
59:52
MaßstabGebäude <Mathematik>Rechter WinkelProzess <Informatik>QuaderPhysikalische TheorieREST <Informatik>Elektronische PublikationDienst <Informatik>MethodenbankGruppenoperationInformationsmanagementZusammenhängender GraphSoftwareentwicklerDatensatzSichtenkonzeptMereologieDatenbankTabelleDualitätstheorieBildschirmfensterComputeranimation
01:02:10
MaßstabGebäude <Mathematik>MUDLoginWechselseitige InformationREST <Informatik>Rechter WinkelInformationsmanagementMereologieProzess <Informatik>Gewicht <Ausgleichsrechnung>GruppenoperationPunktCoxeter-GruppeSpielkonsoleNeuroinformatikMetropolitan area networkDateiformatComputeranimation
01:03:57
MaßstabGebäude <Mathematik>LoopProzess <Informatik>EinsMethodenbankREST <Informatik>FehlermeldungInformationComputeranimationVorlesung/Konferenz
01:05:28
MaßstabGebäude <Mathematik>CodeVisuelles SystemZeiger <Informatik>FehlermeldungDefaultGeradeNotebook-ComputerParametersystemStützpunkt <Mathematik>SkriptspracheElektronische PublikationProzess <Informatik>RoutingZweiWeb-SeiteComputersicherheitDifferenteSchaltnetzMethodenbankFunktionalMultiplikationsoperatorLastCodep-BlockComputeranimation
01:08:00
Gebäude <Mathematik>MaßstabNormalvektorRechter WinkelBildschirmfensterURLRoutingGruppenoperationInformationsmanagementProzess <Informatik>ComputersicherheitInformation RetrievalLoopDienst <Informatik>QuaderPasswortInformationValiditätMethodenbankProgramm/QuellcodeComputeranimationVorlesung/Konferenz
01:11:00
MaßstabGebäude <Mathematik>Rechter WinkelRoutingHackerKonfiguration <Informatik>Freier ParameterKälteerzeugungMetropolitan area networkComputersicherheitElektronische PublikationInformationComputeranimation
01:13:12
MaßstabGebäude <Mathematik>Elektronische PublikationMathematikQuaderAdditionHeegaard-ZerlegungZeichenketteURLProzess <Informatik>Programm/QuellcodeComputeranimation
01:15:07
Gebäude <Mathematik>MaßstabFehlermeldungParametersystemFunktion <Mathematik>SkriptspracheQuaderRechter WinkelDienst <Informatik>ComputersicherheitFigurierte ZahlPunktProzess <Informatik>DebuggingVirtuelle MaschineInformationsmanagementMultiplikationsoperatorLoginArithmetisches MittelDatenmanagementWorkstation <Musikinstrument>TaskComputeranimation
01:18:44
Gebäude <Mathematik>MaßstabProzess <Informatik>TaskPrioritätswarteschlangeZweiBitInformationsmanagementVirtuelle MaschineThermodynamisches SystemGeradeFigurierte ZahlSpielkonsoleValiditätMAPBildschirmfensterComputeranimationProgramm/Quellcode
01:21:31
WarteschlangeServerDienst <Informatik>REST <Informatik>TaskDatenbankMaßstabGebäude <Mathematik>VektorrechnungTypentheorieFramework <Informatik>No-Free-Lunch-TheoremFarbverwaltungssystemRechter WinkelGrenzschichtablösungBildschirmfensterInformationsmanagementSkriptspracheBenutzerbeteiligungQuaderSpielkonsolePrioritätswarteschlangeInformationDatenbankAppletSkalierbarkeitSoftwaretestVirtuelle MaschineMultiplikationsoperatorCodierungCASE <Informatik>Message-PassingSichtenkonzeptIterationREST <Informatik>LoginKeller <Informatik>MultiplikationResultanteMaschinenschreibenTabelleTaskVererbungshierarchieTypentheorieProzess <Informatik>BitMAPProgrammierspracheKartesische KoordinatenKontrollstrukturZusammenhängender GraphEvoluteWeb-SeiteAutomatische HandlungsplanungDienst <Informatik>VerkehrsinformationProdukt <Mathematik>GruppenoperationDatenmanagementCodeDifferenteThermodynamisches SystemArithmetische FolgeDemo <Programm>Minkowski-MetrikComputeranimation
01:30:53
MaßstabGebäude <Mathematik>BrowserGeradeMultiplikationsoperatorREST <Informatik>MethodenbankRoutingBenutzerbeteiligungExogene VariableComputeranimation
01:32:37
MaßstabGebäude <Mathematik>ZweiRechter WinkelMultiplikationsoperatorFunktion <Mathematik>VisualisierungInformationPrioritätswarteschlangeRahmenproblemTaskElektronische PublikationSoftwaretestSkriptspracheZusammenhängender GraphHook <Programmierung>CodierungFortsetzung <Mathematik>MultiplikationInformationsmanagementVirtuelle MaschineMethodenbankProzess <Informatik>DifferenteLeistung <Physik>GruppenoperationEinfache GenauigkeitGüte der AnpassungSchreib-Lese-KopfKonfiguration <Informatik>BildschirmfensterServerImplementierungDatenbankREST <Informatik>GeradeSchedulingWeb-DesignerMereologieNeuroinformatikComputeranimation
01:38:52
MaßstabGebäude <Mathematik>TaskWarteschlangeKonfiguration <Informatik>TaskThermodynamisches SystemPrioritätswarteschlangeTouchscreenDatensatzLokales MinimumProgrammfehlerInformationsmanagementZweiMultiplikationsoperatorCodeVorzeichen <Mathematik>Physikalische TheorieGraphProzess <Informatik>MinimalgradSchnittmengeImplementierungTypentheorieMAPSkriptspracheMailing-ListeScheduling
01:44:01
Gebäude <Mathematik>MaßstabComputersicherheitKonfigurationsraumREST <Informatik>Rechter WinkelRückkopplungThermodynamisches SystemMultiplikationsoperatorAuthentifikationClientSchnittmengeGeradeKonfiguration <Informatik>SoftwareImplementierungBenutzerbeteiligungDemo <Programm>ServerBitDigitales ZertifikatFunktionalInstantiierungKette <Mathematik>Computeranimation
01:47:16
COMJSONXML
Transkript: Englisch(automatisch erzeugt)
00:10
Today we're going to talk about building PowerShell applications that operate on a planetary scale. So I'm Justin Sider. I'm the CIO of Belay Technologies. It's just a title. What I really do is use PowerShell every day.
00:25
I consider myself more of a consumer of PowerShell than some of the older guys here, more senior guys, who are going to get down to the nuts and bolts. I'm really just going to consume what the PowerShell team is going to deliver and what other community members deliver.
00:46
So see what we got. All right, quick agenda. I'm going to review my thoughts on the evolution of working with PowerShell. It's like seven-ish stages, represented by the kind of caveman thing going on. I'm going to review my problem that I have every day and
01:07
talk about the solution. We'll do a demo. If you have a laptop, I can take about 30 volunteers today. We'll see how that goes. Try something different. And then hopefully it turns into a discussion. I hope that you don't actually want to sit up here and listen to me for an
01:22
hour and a half. I want to hear from you guys, too. All right. Stage one. Also keep in mind that my primary background has been coming in through to PowerShell through VMware. I don't do a lot with Active Directory, Exchange, a lot of what the, you know,
01:41
Windows administrator tool sets going to be. Not that I've never done it, but it's not my primary role. I'm really using it as a platform to program software that helps me manage environments, whether it be VMware or our Java application I do on a daily basis. So stage one, you know, you start learning PowerShell, you're going to do
02:05
simple commands, right? Get VM, shut down VM guest, you're going to, you know, maybe use a parameter, maybe you don't. Pretty basic stuff. Stage two, we start walking a little bit and we're going to use get help, right?
02:21
You're going to learn how to use the functions, what's available. You know, you have to be admin to kind of get help, but that's a different story. It's gonna be fixed. All right. Pipeline. So, you know, these are probably what PowerShell is most famous for, I would say. I can see like Jeffrey Snover up on stage saying, you get a pipeline, you get a one-liner, and you get a one-liner.
02:45
But this is really where the magic happens for, you know, combining all the information together and really delivering a solution that is going to work well for us. Alright. Stage four, running a script. Most likely the first time you run a script is because someone else wrote it, right? You download it from the internet,
03:03
you reviewed it with your awesome knowledge, and you trust that that person isn't going to break your environment. So, has anyone just ran a script and not really cared what it did? Yeah.
03:21
So, I have two. I mean, at the beginning of, you know, your experience, you're like, I mean, this looks good, right? Whether or not they've typed out the commands or whether they haven't, you know, you're going off of aliases, and maybe it was an alias that they had local in their box, or maybe it was, I don't even know. I don't recommend to do that. Do your research.
03:44
Alright, so stage five and six, and you'll see it on the next slide, I'm not really sure which one comes first. So, you have writing your own script, and then stage six would be, you know, sourcing files, right? So, any feedback on what you guys kind of think would come first?
04:01
I don't know. Okay, and how many folks source files? Okay, and do you feel like that's a better or worse, I don't want to say worse, more advantageous than modules, right? Where you see
04:21
the advantage being modules or sourcing, okay? All right, I mean, I tend to lean towards modules. It can be overkill, right, depending upon the amount of work you want to do, but I think sourcing has its advantages.
04:44
Modules, of course, comes next. There's a lot to it. You know, one of the talks I'm looking forward to later this week is going to be building your own repository. A lot of the work I do is in a lab environment, so I don't have internet access, so I can't get things from the PowerShell gallery, right? So, I'm constantly taking
05:02
modules and moving them to different boxes, and hopefully getting them in the correct directory. Which is pretty simple because I kind of log in as administrator everywhere and run everything from the root PowerShell module directory, so
05:21
sorry about that. All right. So, the whole presentation is about, you know, operating stuff on a planetary scale, and the reason I'm up here is because I hate the current solutions that are out there today. I haven't been able to find anything that actually works for me, so there's things like Nagios, there's things like SolarWinds,
05:42
there's, you know, name some more tools that you use that, like, capture a piece of what you want to do, but, you know, you know, Nagios, for instance, right? I can monitor all the things in my environment, right? I have probably 2,300 checks right now. The issue I have is that something turns yellow or something turns red. What do you have to do?
06:03
You have to, like, figure out what that problem is, right, and then solve it. What I want to be able to do, and what I need my younger guys or less experienced guys, is just fix it, right? I just want a button. I want Nagios to have a button that says, like, Resolve, right? Fix this thing.
06:23
But I'm not up here trying to, like, sell you a GUI. I want you to be clear on that. You're gonna see a lot of GUI-ish type of things, but it's really the code underneath that, and that's the reason why I'm here, okay? So this slide came up yesterday, and sorry, I was off to the side. I couldn't really get a picture of it.
06:43
But, like, you need to be here, right, right where, I can't reach, right where it says Microsoft Azure, so that's where I need something to sit. I need something that can touch all of these different pieces, but I don't actually use that product, so
07:01
it's great that they offer that, but I can't use it, so configuration management is important, automation and scripting, monitoring to a certain degree, right? I mean, Nagios is great, but it really wants ones or zeros to give it the color. Anybody use Nagios? Something similar? Wow, nobody? All right, well, I guess I need to move on to something else.
07:22
You seem excited about it. Okay, so writing plugins for Nagios is a pain in the ass, so it really just wants to display color based on a zero, one, I think maybe a two, so every plugin you write has to, you know, be deterministic, and when you get into the thousands of checks,
07:42
Nagios doesn't really want to run a whole lot, so I think we have, like, 34 cores or 32 cores and 64 gigs of RAM on our Nagios server to kind of give us the picture of what's going on, but it's really individual pictures, right? So it doesn't tell you the story of, is production available, or
08:00
it's just telling you whether something's up or down. It can ping it, you know, it gets a one or a zero based on a service is running, so the single pane of glass, I, does anyone know if it exists? I mean, we sat through lunch yesterday where somebody was trying to sell you something. Is he in the room? And it sounds really cool,
08:21
you know, my question with that is, what do you do with all the stuff you have now? I mean, you're under contract, most likely, with different vendors to, for each of these pieces, right? So a solution like Tanium, I mean, do you just throw all those things away? I don't, I don't know. I probably have more questions than answers on that.
08:43
Not the job I want. All right, so writing applications. The way that I solve all this is, or started to solve all this, is I start writing applications, right? Things that can do all of those things for me, my way.
09:02
And I'll go through kind of, you know, the problems I had along the way, and then we'll get into seeing some of what I've done. Scripts are cool. They work. Modules are cool. They work. The issue is, you know, when you have an environment like this, or an environment that spans the globe, you have to make sure that all of those scripts, all those modules, are in the same place at the same time.
09:26
So you need a management plane that's serving your management plane, right? Does that make sense? So that is included in what I work on.
09:40
Applications can run 24-7. You don't have to actually have somebody there to actually kick off the script. So they're constantly monitoring. They're constantly running. They're giving you feedback. You can see things. There's logging. I'll talk about logging, and how I despise logging. The most important thing for applications is that you really want a single system of record.
10:03
And this is a trap that I fell into, and I'm still trying to recover from. You can easily stand up a, you know, a service or a project in Germany, and this is my Germany VMware configuration management tool.
10:21
That's great for Germany. But then you come over here, and you set up one in the US, and it works. But then you start moving assets. You start moving workloads, and now your configuration management is off because you've moved the workloads. And the Germany site doesn't know about anything from the US site, and the US site is vice-versa. So now you're getting conflicting information back on config management.
10:45
So a single system of record is going to be the best. Access by the entire team at the same time. So one of the things I looked at was, you know, using PowerShell Studio to build
11:01
PowerShell UIs. And if I was the only person on my team, I think it would be great. But the problem is I have to share it with the person that sits next to me and the person that sits next to him, and we're most likely not going to see the same data at the same time. So I kind of threw that out the window, and I don't think I ever really got started on it.
11:20
I like the idea, and then saying I write applications is kind of cool. The developers of the project I actually support don't really think I'm a developer. So And then there's a lot of tools out there that do like export to Excel, and I think that is probably the worst solution ever.
11:41
And even delivering HTML files, right? Because the problem is they're static files that don't get updated, right? They got to pull some data from somewhere, right? So you really need a web application back end that's going to deliver real-time data. And that real-time data is based on the input from the application, the PowerShell that's running out there. And then, you know, sorting, filtering,
12:03
retrievable history based on how long you want to keep stuff. I want to take action. Potentially deliver reports, emails, send stuff to chat. There's a lot of different options out there based on your environment itself. So I would, you know, explore those different options.
12:21
All right, so here's how I kind of go about solving the situation, right? So I have a central location for a database. You know, are people familiar with like database schemas, foreign keys, all those things? Like this is probably the most important thing I've ever learned as an administrator or engineer or anything like that.
12:45
It's so valuable if you haven't done it, you need to do it. I don't care if you set up MySQL on your local machine and just start storing information and learning how to manipulate data. So as far as a single system of record and maintaining a piece of information once and linking to that, you will greatly cut down on your amount of administration.
13:08
So each of these guys are individual components. They can pretty much sit anywhere on a network that you can reach the database. And it's all talking rest in between the different components.
13:22
So for today's stuff, there's no SSL, so I have a slide on security. I think everybody will love. And each of these guys perform their own tasks, right? The web, it's simple. It's just serving up web pages, right? It's PHP.
13:41
PHP is very similar in my mind to PowerShell. So it's kind of like an easy transition, easy understanding. The queue manager, pretty simple. It's managing a queue of tasks, right? So I don't care if it's to reboot a machine, if it's to collect information, if it's to update the database for whatever it is that you
14:01
need updated. There's gonna be submitted tasks. He'll go through and he'll assign it to a proper area where it can be actually worked. The W man is a workflow manager. He's performing the stuff. He's doing the work. One of the confusing things when you start looking at like my data model is you can have multiple queue managers and you can
14:21
have one through n workflow managers and that's basically to kind of separate by geographic location or to separate by task type. So maybe you have some Linux stuff and you know, you don't you want to be able to separate your scripts. So you can do that by basically tagging the tasks as they come in.
14:45
Scheduled tasks. How many people use scheduled tasks on Windows? How many people like it? Right, I mean if that machine goes away you have to remember that there are scheduled tasks on it. So I pull that out of Windows and now I'm basically running it as a service or well, I want to run it as a service.
15:03
You'll see the status on some of these some of these guys coming up. And I think alerts kind of speaks for itself and then future, I don't know. I don't know what else I need right now. So but it's gonna be a Rust for servers. Whatever comes up, it's gonna be Rust for servers, right? That's where everybody's moving to. Is this thing on too?
15:21
All right, I don't really want to talk about security because I think we could go down a rabbit hole for a couple hours on that. So it's your environment. You secure things the way that you need to secure it. I'm going to tell you it's REST. You know my web server is Apache. So I think that
15:40
you know, you would have to apply whatever environmental security controls you would want to do. And you can do it individually for each component based on what your requirements are. I work in a lab, so I don't really care about security most of the time. That's why I love my job. All right, so how it works again, everything's going over HTTP, HTTPS.
16:04
It's basically going to request information from the database and then it has a instruction set on what to do with that data and it can reach out to a target, reach out to multiple targets. It really depends on how you write your script, right? The whole idea is that it's a pluggable thing. So you're going to
16:20
you know, take your existing script that has in your environment and when you submit a task, you're going to submit it with some arguments. The workflow manager will take that, run the script with your arguments and it's going to return back information. So that would include logging and basically a pass or fail or you know, some type of system related error.
16:41
Hopefully that doesn't happen too much. Talked about that. I know what you're probably, yeah, another framework. Who's excited about that? Yeah, sorry. It's just a way to manage your infrastructure a little bit differently. I mean that's what I'm really going for.
17:02
All right. Struggles. You know, these are the things that I work through on a daily basis with what I'm working on. The first thing was, you know, I not only was I spanning the globe trying to write these things, I had multiple, right? So I had something to do my VMware stuff. I had something to
17:24
to manage users and groups from AD. Because you know, I don't want a junior guy logging into my AD server, but I'm in a lab. So I don't really have like enterprise level software. A solution for
17:40
VMware configuration management and all these were their separate stack. So if something went wrong, you know, I would have to go specific to that stack. So this new project that I'm putting out there is kind of to suck all of that in and take all that into consideration to spread that workload out, but have that single system of record.
18:02
I bring up security again. JSON web tokens, who likes those? Yep, no hands exactly. You know, the issue is that when you're talking about like a workflow manager or something performing tasks, you always have to make sure that you can authenticate to whatever it is you're trying to get. So if it's a REST call or, you know, maintaining those tokens is a pain in the butt. Maintaining credentials is a pain in the butt.
18:26
But you're gonna have to do it either way. In developing what I'm talking about, you know, going from an individual stack that had a single purpose was easy, but as, you know, you try to take into consideration
18:41
multiple tasks, multiple classes of tasks, I would think that I was at a point where, man, this thing's good. I'm ready to go. And then you find three more problems. And I think one of the issues is I defined my data model, wrote some of the PHP, took about a month break, and then came back in and tried to write the PowerShell.
19:03
And I have plenty of issues to put back in some stuff that I just completely glazed over. Monitoring and monitoring tools. So how do you check for this? You know, Nagios is a single check. So if I have a machine out there,
19:24
you know, I don't know if I want to list the machine five times with five different endpoints, five different services. So I don't know that I figured out a model where I can get a good grasp of, you know, when I deploy this out, are my endpoints up? Is the system running? So it's kind of the same issues that you're gonna run into with any application out there.
19:46
Documentation. I don't have a lot of it. It's in the code. And then, you know, one of the reasons I'm doing this and I was talking to a couple guys last night at dinner, is because my younger guys don't grasp running scripts. They don't grasp
20:09
how to solve problems on an enterprise level. They've come from desktop support and, you know, they just want to replace a box.
20:21
Doesn't always work that way. So, you know, I struggle with, you know, how do I teach them PowerShell? How do I get them excited to use it and not frustrated? So, I will gladly take any suggestions on that. Additionally, in running the systems that I'm running,
20:43
how do I teach them how to start it back up, right? You know, I'm an East Coast person. So, if it goes down today, I was either asleep or, you know, our hours are so off. How do I explain to them to get my service back up and running?
21:01
And I think that's true with probably any solution that you're going to work on. Things that didn't work. For logging, any solution you have can be overkill with logs, right? So, trying to log to a centralized solution sucks because everything has to have read access, write access to that directory.
21:25
So, I experimented with sending REST messages. So, I just send a REST message, put it into a table. I could classify it with high, medium, low. I had an outage and my script continued to go and threw like 12,000 rows into this database.
21:42
And I couldn't access the database anymore. So, like trying to take the things into consideration. It's like, you know, how much login is enough, but I don't want to put too much login in there. So, I ended up writing, or expanding on my PowerShell login module to basically allow me to flip on and off different versions.
22:04
So, it's kind of like taking the log for J. So, I can do debug, trace, error, console only. So, I can kind of save myself, you know, parsing through some stuffs and I'll classify each of my log messages. Memory,
22:22
running PowerShell on Windows can sometimes be memory intensive. I have one project and I'm going to beat up VMware a little bit. I have like 40 different vCenters I log into or need to maintain and about every five minutes, I'll go out and check something. Specifically, we're looking at NSX. So,
22:44
every five minutes I need to go hit all of my vCenters, make sure that the vCenter and the NSX manager are in sync and put their primary. There's no amount of scripting that's going to take into account. PowerCLI doesn't want me to log in today. So, what I did is I set up 40 different PowerShell processes that
23:03
always have an open session to a vCenter and I just hit that PowerShell session with a that set up a rest endpoint and I get any information from the vCenter I want. The issue is when you start doing like Git VM, you're getting a bunch of information from the vCenters, the memory for each of those 40 sessions
23:21
starts to really creep up. So, I had to implement up another rest endpoint that would monitor the memory and restart the endpoints whenever we reach, you know, 70-80%. And keep in mind, that's like a 48 gig machine or 48 gigs of RAM. So, that's always fun. I
23:41
thought one idea that I had was to use VMware tools to kind of do remote administration. Remember, I didn't, I didn't really, I don't really do Windows remoting and stuff like because I'm not really managing Windows machines or machines on a domain. I'm managing other services in my infrastructure.
24:05
So, for the VMware tools piece, so I'm talking about, yes, so I have a machine sitting on a vCenter or a Blade and I would use VMware tools to actually execute something on Box. And again, it's like a permission issue, right, because they're not joined a domain. So, I have to have execution and we're talking Windows, Linux,
24:26
kind of stuff. So, it didn't really work. It was just slow, just slow. So, rest endpoint. So, I put a rest endpoint on the machine, I can hit the rest endpoint, execute the script, get a return back, super fast.
24:42
I talked about the different solutions. I can run through a couple of them here that I have. And then, the other thing I did was direct access. So, I have a MySQL module for PowerShell and I was like, alright, well, I'll just, you know, when I'm spinning up my process, I can just use that module, connect to the database, get the information.
25:03
But, it doesn't handle closing and disposing of their sessions very well. Even when you do it. So, it would, MySQL is maintaining the connection and then you get to a point where you can no longer make any more connections. So, back to rest and I let rest handle all that stuff.
25:24
All right, so the project itself is a parent project. It's called Pembroke PS. It's fairly robust. It's still new. It's customizable. It's scalable. There's really no limits on how horizontal it can scale. I'm not talking about vertical scaling. Vertical scaling is where you're going to get into resource issues.
25:42
It's RESTful. Again, security. All these different components, they're going to be subcomponents. You can secure them however you need to inside your environment. Everything's in the PowerShell gallery. Ready to go? All right, here are the different components I currently have.
26:04
We have the parent module has the database schema in it. We have the UI, pretty self-explanatory. PS REST is going to be doing all of the common things related to REST. So, this will set up a new endpoint and then I have some common queries that are going to hit the database and retrieve data that's kind of common along all the components.
26:26
QMAN reviews and assigns tasks. The workflow manager executes the tasks. Utilities, those are common. PowerShell function things, not so much REST. And then alert and scheduler I'm working on, but
26:42
I kind of got caught up in getting all the other components out. All right, so current issues. I use Plaster to build all my modules, so I would love to talk to Mr. Marquette.
27:01
I can't run Pester tests in AppVayor. I don't know what's going on with that, but I'd love to ask you a couple questions. Additionally, dependent modules. So, locally that works fine, right? If I go in and edit my module file and say, you know,
27:21
install this module first before you install, you know, the module I'm trying to import or install. But again, in AppVayor, it just hates me. So, love to talk about that. Logging again. You can generate a lot of logging when you're kind of writing applications and determining, you know, what's a critical or an error versus
27:44
something that's just benign, doesn't really matter. Documentation, you know, how do I show people what this is, how to add a script to it, things like that. I feel like the PHP stuff I wrote is kind of intuitive, but I also sit with it every day.
28:03
So, you know, getting feedback on, you know, how to write documentation that allows people to use my tools, right? Not just from a technical standpoint, but from like a functional standpoint. And then PHP loading. So, you know, you hit a page and it's, you know, a row of records, or lots of rows of records. It's gonna load all that up front and then kind of page it for you.
28:25
I'd love for that to be like server-side. So, if anybody likes PHP, I'm open for it. So, yeah, yeah, so like once you're on the page and it's loaded, you can go through the data, sort, filter, everything, and it's super fast. It's just that initial load of like 3,000 rows that might take 15-20 seconds.
28:49
No, so. Dependencies, I have resps module that does all the rest endpoints for PowerShell on the back end. The PHP has built-in rest. I found a module online that allows it. A single file will allow you complete rest endpoints to all of your data.
29:06
And then the PowerShell login module I have there. All right. So, looking ahead, PowerShell 6, I haven't tested it. So if anybody has a Mac, I'd love for you to test it today. No? All right.
29:21
You do. Docker, I can definitely see Docker having a play in this for potentially the workflow manager aspect. I'm not as versed on Docker as I'd love to be. I definitely don't want to do Windows.
29:41
If you look at my blog, you'll see that I've talked about Windows and Docker and using Windows containers. It's cool. It's fun. But it's bloated. It's large. It's heavy. So the original problem I had was I was using that MySQL module and I couldn't get the DLL to load on nano.
30:02
So I was using the core, which is huge. And even nano is big when you when you're talking about... Does anybody know the current size of the PowerShell Linux container? I mean, it's probably megs. Maybe in the tens of megs versus gigs. So
30:21
once I get to a point where I feel like everything's stable, I can kind of look at six and then look at, you know, making sure that the container would work. As far as visualizations, it's pretty pretty standard UI, right? I don't have graphs or dashboards or anything like that. So I know there's a couple PowerShell projects out there.
30:43
And then, you know, looking at like Node.js or Angular. I've looked at it. I don't like it. And then security, right? I mean, eventually there will be security kind of baked in, but I'm gonna leave that to you guys right now. All right, demo time. So if you're running a laptop, pull it out,
31:06
install these modules. You can trust me, I swear. What I'd like to do is set you guys up as a workflow manager. I'll submit a bunch of tests and they're really just gonna run a return of one two or three or zero one two.
31:21
But I'll show you kind of the scalability and how easy it is to kind of get set up and running. And while that is happening, let's see. Let's see, did Mike Robbins come in? No? All right, so he was talking
31:43
earlier and he didn't know that Plaster would, you know, all of my functions are broken down individual files and he didn't know that during the deployment, it could actually roll those up into a single module file. So looking at my module in like VS code, can you all see this? Because they say to use this and I find it to be really painful to look at.
32:05
So a bunch of different modules you'll see listed there. But when you go to the actual module installed on disk, everything's rolled up into a single file and that is not the file I wanted. It was this one. So, oh, sorry. Yeah, so you're gonna want
32:27
WMAN, PS REST, REST PS, that's not confusing, and utilities. And then depending upon your auto load,
32:43
I don't know if it's, you know, putting it into administrator or whether or not, but you should be able to import them. Let me validate my IP, make it in progress.
33:34
So that IP is my laptop.
33:55
Right, so that's the purpose of the Pembroke PS module, right? That to me would be the top-level module.
34:02
But I don't know that that would need to be installed on every box because I don't need, if I just have something out there that's, you know, executing tasks, I don't know that I need like the UI bundle to be on there and things like that. So I mean, you can run all them on the same box if you, you know, have a small environment or you're just kind of messing around.
34:21
But ideally the idea is to kind of, you know, go horizontally. So, you know, each of the modules individually would have their own dependencies, and then if you want to do the full package, you could. So I'm open to questions and feedback too, like it's,
34:47
the whole idea is to be interactive. I've actually found it to be quite enjoyable to talk to different people leading up to the days, and it's actually kind of steered some of the stuff I've updated. So that's been kind of nice.
35:06
No. No, so workflow is really focused on the idea that you get to create your own. So, looking in here, I just have a few sample tasks, right? And they, it's literally like two or three lines of PowerShell.
35:24
And it'll return, you know, a pass task or a fail task, and the idea is that there's gonna be a sub task that follows potentially. And you get to define, you know, if I run this script to reboot this VM or power this VM off, and it succeeds, cool, now I'm gonna go remove it from inventory or clone it or whatever it is.
35:42
But if I fail that task, well, then I'm gonna provide, I'm gonna do something else. So you kind of get that, but you're getting it back in that visual form. So when you actually come back in and look at the task status, you know, each of those individual tasks that you're defining are listed here. As far as,
36:11
so in the database, so coming in here, this will list out the tasks that are available for a pass, tasks that are available for a fail.
36:22
So you get to create that relationship. List of resources as far as,
36:51
so some of it was done organically, right? I had a problem I needed to solve. I don't know, I definitely have stuff out on my blog that would be specific to each area. Maybe not so much about database. I kind of grew up, you know,
37:05
doing Oracle-ish things, and then I was like, well, why can't I, you know, if I'm administering this database for, you know, a Java web app, why can't I turn around and use it for, you know, maintaining my data, my, you know, stuff that I need?
37:31
So as far as Pembroke PS is concerned, it doesn't care, right? You get to define your script and your result
37:40
inside of your script. The only thing that I'm going to capture is whether or not it completed correctly. So let me hop in the code real quick. I think that might make a little bit more sense. So I do ship a couple things with it, but again, it's not like useful
38:00
in my mind. I mean, it's just, you know, basic script. So that's what, you know, these guys will be running it when they get it all set up. So, you know, here's a critical task. I set the result and I return it, right? So whatever you want to perform from this script you can do and you get to pass in arguments to it.
38:20
I don't care what those arguments are. I don't care what the script does. I'm just looking for when that script exits, I want a valid number. And if you don't give me a valid number, I give you an error, right? That's what you see on the, I think it was purple. So over here, it's gonna say system error, right? You ran the script,
38:42
the return was out of bounds, and I don't know what that was.
39:00
So talking about multi-tenant, I would assume that there might be a be able to have a SSL tunnel between the two, potentially. I mean if they're completely segregated and you can't pass traffic, two instances. Yeah, honestly, it's just rest messages. So I mean other than SSL to
39:23
the web UI. Everything else is just talking rest in between. All right, you guys ready for the next thing or you got errors? The other thing you might want to do is select a different number than one.
39:47
So pick something between five and thirty. So
40:01
I've manually put in information for the workflow managers. So if you register one, it marks it as registered, so you can't mark two of them with the same component ID. Otherwise it would be, you know, you have two instances running on the same software, which would be bad.
40:32
It could be, but I don't, how would my machine know? I mean, I'm not a spring developer. I'm not a Java developer, right? So
40:43
I don't Could I do it? Sure, but I would still have to have something on that box with, I guess, you know, my packages installed and running to know that when I hit this endpoint, this port, that now I want to register it. My thought process was I'm gonna go out, stand it up, do what they're doing, right?
41:02
Install the modules, and then register, and I'm in. So I don't want you to think that this is endpoint monitoring.
41:21
Think more task management, right? So you might have something, so I might put a machine out there that needs to touch all 40,000 machines and get a piece of information. But that single machine is reporting back, right? That's their workflow manager, and it's running a script.
41:41
You can set how many concurrent tasks that it'll run, and it'll go out and do the work for you. But I don't know that I'd want to, yes, sorry.
42:00
It is what they should be putting in. That's something we're gonna find out. What's that? All right. Hey, error handling works. So what IP do you have?
42:27
Yeah, I may have given you the wrong one. Let's try 10, 12, 7, 40. All right. This is the issue of having, like, every, that should be fine.
42:51
Yeah, so the purpose of the demo is gonna be, I'm running the queue manager, I'm gonna submit a bunch of tasks, and then those tasks are gonna be handed down to whoever is
43:00
setting up their stuff down there. And they'll see stuff kind of pop through and happen on their machine. You having any luck, or is it failing? You said you were 10.
43:34
That's fantastic. So much for that demo. All right, that's pretty fun. So much for trying new stuff. All right, let's see.
44:12
How about I set it up and run it?
44:25
I would say not that long, because I had a lot of the pieces already between, like, all those individual, like, stovepipe things I've been building over probably two or three years. The problem is when you start looking at trying to combine all those to have, like, a common management layer and separating things out. So
44:45
about two years ago, I wrote an application. Anybody familiar with Vester? So it's a
45:01
to validate VMware configuration. So, which is, again, great tool, command line's great. The issue I have is having a junior guy that sits next to me, it's kind of like his work. So, but him running that for 40 different vCenters would be very time-consuming. So I, you know,
45:23
took the opportunity, wrote a little UI for it, and you know, he can just run through, run the tests, see the failures, and then, you know, there is a remediate option. I don't, like I said, I don't know how familiar you guys are with it, but, you know, he can go through and just click remediate. It'll go and fix, switch the bit, whatever it is.
45:45
So, you know, behind the scenes, it's running PowerShell, PowerCLI module, the Vester module, and then I'm just basically wrapping that as a whole. I'm not really kind of getting any hooks into that code. But it kind of gives us a
46:01
pretty good feeling in the morning when we come in, we can schedule this to run at night, and you know, we'll know whether or not something has any kind of config drift. Kinda. Yeah, I wouldn't say it's full DSC because desired state,
46:22
99% of the time, you're gonna say fix it. Maybe, I don't know, I don't use DSC. Report it for sure. So, two different things in my mind, and I don't know what the right solution is. I think, yeah, that community goes back and forth a little bit on it.
47:08
Well, I was hopeful that the network wouldn't be that bad. I figured that you would at least be able to talk to students. Let's see,
47:21
five is not available. Did I put some in here or not? So they have a beta version of PowerCLI 10
47:44
out. Well, it's not beta anymore. It's official release. Have you met Kyle? So, Kyle is the, what's your title now? Technical Marketing for
48:02
vSphere APIs. So, before I stick my foot in my mouth and say what versions are available and what's supported, he would be the one to kind of answer that. I'll be happy to repeat it for the recording.
48:53
Alright, so when you start the workflow manager, there's gonna be a couple things that happen. It's gonna start a process to actually,
49:00
you know, look at the queue and see whether or not there's what the status is. So right now, I've registered it, but I haven't actually turned it on. And then it's also gonna set up a rest endpoint. So, I can actually go to another window that is hiding from me. So there it's running.
49:21
So that would shut it down. I actually just want to get a status.
49:40
So I'm just getting a status back for myself. So the return was zero. I know that doesn't, I'm putting back the log messages, too. But I would just grab that, parse it for zero. Status is good. I can update something if I want to update something. Or maybe I wouldn't run a command if I was gonna try to run a command. And then back in the UI,
50:01
I would start my guy up. So, so this workflow manager is just a process, essentially, that's running and it's gonna be able to perform tasks that get assigned to it.
50:23
No, so currently I'm polling the endpoint for the status. So, this process that is running down here, so
50:44
I call this my kicker process. It's sitting there running and basically holds the ID and knows where the rest server is and says, you know, is my component running? Should it be running? Should it be starting up? And then I take action based on that. So when it's running, when it's down, I don't do anything. When it's shutting down, I don't do anything.
51:01
The only time that this thing takes action is when I actually click the button to say start up. It sees that it starts up and then it will kick off another process that actually performs the work. Yes. No, there's no timeout. Well, define what you mean by timeout. No, runs infinitely. So now it's up and running and
51:32
there's a queue manager. Queue manager, I think I already started. So he's line number one. So the reason you would see multiple, right? So I was talking earlier about that, like that management plane.
51:45
I have the ability to send files to my workflow manager. So, you know, I don't know who it was talking about, you know, what scripts does it know to run? So most likely I'm gonna have a central repository of scripts that I want to run in my environment and I'll be able to
52:02
take those and ship them across the wire to all my subordinate machines so that I can have that kind of single panning of class of files out there to synchronize.
52:21
So now it's gonna, it's just gonna pick up tasks and start running them. I'm not sure. So this one just ran, system error. Yay. Some of them are actually designed to do that. Let me kick off a whole bunch. Always secure your environments.
53:00
When did they move the little refresh from like the right to the left? All right, so it should turn through these pretty quick. If there's an error, it will not submit a subtask, right, because we ended in an unknown state. So it'll be interesting to see how they kind of fire off.
53:21
You can have different wait times for these guys. So this wait time here is configurable. I'll have a button soon. I have an issue in for that so you can actually change it. So this is how long the queue manager is gonna wait before it goes through the queue of tasks again. And the same thing can be configured on the workflow manager so that you can determine how long you want him to wait around
53:44
before running more tasks. So I only have a 30-second wait right now. So it's pretty quick. You just start to see stuff kind of fire off. Max tasks, so that's gonna be how many tasks that you can perform at the same time. And that's gonna be based on your system resources, right? So wherever you're deploying this thing,
54:02
you know, if you're short on memory, you may not want to run that many tasks. Yeah. It will not run more. So I did get in catch-22 where I was configuring or I was assigning tasks
54:21
and the way that it works is the workflow manager is then gonna kick off a sub process. I don't use jobs, I don't use workflows, but the query was was too fast. So I would create the process, wait for the modules to load in that sub process, and during that time I would kick off that same process again
54:41
because the first step of that process after module load is to set the task as running. So I had to come up with like an intermediate stage to say you were assigned and then when I start you, you're actually gonna go into a staged status so that it's not assigned anymore, so I don't start it again. So this is like back to the thing where I was like, I don't know how to
55:04
document or explain how this thing works. Right? Like that's, so the questions are awesome because I'm like, alright, well, I mean, I know how it works but, you know, what do all these different things mean to you guys? Like, does it make sense? Do you see what's happening?
55:23
It's still early on, right? So it's not like as polished as it probably should be. You know, what's the feedback from you guys, the understanding of what I'm trying to accomplish, like in between and all the other things that are going on in your environment? So today they're stored all on my laptop.
55:45
What I do in my environment is I would map a drive from all of my workflow managers to a single share, whatever that share is. And then the web has access to the share and the workflow managers, so it writes to all the same location, then I can read from that.
56:08
No, because I'm usually just performing the task to the client, the client doesn't really care about me. So, you know, if I'm connecting into a vCenter or something, I'm not preventing any of the normal logging.
56:22
So it's going to know that I have a session open and it's going to see the tasks. I'm not pulling that. I have a process where I patch Windows machines, so I will pull like the WSUS log off the box or the Windows update.log, some different things off the box there. And those can be displayed. Part of that Vester implementation, I'll actually pull back
56:44
the XML. So with, you know, Pester or Vester, you can actually export the XML. So I don't know if I still have all these log files around. But yeah, I mean it gives you the raw XML if you wanted to look at that. I don't know why you would want to, but it's there.
57:05
It could be useful, I guess. I mean that's actually how I create the rendering in the UI. I actually parse through all the XML, get the stack traces out, bubble them up, rather than doing pass-through. And then this is a pretty long run of stuff. So, you know, I'm logging stuff all along the way.
57:27
So I mean that's the kind of stuff that you're going to see. Also built into this is retries. So you get a max retry, right? Because if you have like a task that creates a sub task,
57:42
you know, you could kind of get into an infinite loop, which would be potentially bad. So, you know, you can cap that it however many tasks you want to want to run. I tend to run everything as administrator.
58:02
So yeah, I mean that's a service account of, you know, I think as long as the modules are available, I don't see any reason why it wouldn't run. I was running into an issue, kind of troubleshooting some stuff last night, and
58:20
like this task window that comes up was living inside the module folder, and I couldn't execute that file. Right, so I had a right to get it out. So the part of the registration is that it's going to create basically a local directory. And it probably didn't make it there because you can't reach me and I bomb out before that.
58:41
So it creates a directory for the workflow manager and the rest folder, copies those files out of the module onto the C drive, and then I can execute things from there. So as long as the module has permission to run, I think it's going to be fine.
59:02
So services as far as, it's all just PowerShell. There was a time where I was thinking about like compiling the PowerShell and running it as a service.
59:22
I decided just to go with REST, and that's why I provide a REST endpoint for the workflow manager. So any kind of information you want to get from that workflow manager, you just hit it with the REST endpoint. You can write the check, you can, whatever you want to do. No, I mean, agent lists would
59:40
would be, I can inspect the VM like capturing SNMP traps or, right, I'm kind of inspecting it from the outside based on information that it's kind of pushing out. I mean, there is something running on the box.
01:00:07
Yep, okay So let me shut this guy off so it stops popping stuff up in our face Because that's no fun right so I just click stop right so that was one thing
01:00:28
I I struggled with at the beginning. I'm like how can I get a UI to like take action? and the short answer I have for For this is that this process here the the kicker guy. I don't really have a better name for it
01:00:45
He's constantly watching that table in that database with the component ID so this is Workflow manager ID one so he's looking at the row in the database and seeing what the status is Based on that status he can take action so
01:01:04
He is listening on a port So this is like part of the problem with the service right if I can't get the service to start up is that I have no View into the box to do to take any action right other than potentially windows remoting, which is which is an issue right?
01:01:21
So I'm taking a tool dual approach to this I have a process running on box that I started and then I have a rest endpoint So in theory I can hit the rest endpoint and kill that process to update the modules Right so now. I don't have to ever log into this box again, so long as it doesn't get rebooted Right and that's probably where a service might be better all right
01:01:42
I mean, I'm open to open to ideas, but in theory I can tell this rest endpoint to go get all the new modules new files tell it to shut down the kicker process and Then restart it pulls in all the new modules that process can then kill the rest endpoint And start the rest endpoint back up so the rest endpoint gets all the new modules
01:02:08
Tell you that I'm not really a developer I mean I'm sure that there are plenty of solutions out there, but part of the the draw for me was that none of this is compiled
01:02:22
So debugging it messing with it. It's I can do whatever I want whenever I want Not that you should but I don't have to compile anything right. I I just run it I can deploy stuff I mean the speed at which I can deploy deploy things to all my workflow managers
01:02:40
Without having to compile and restart processes is huge the the rest PS module I'm still getting back to the the question we had before so in the kicker Guy oh man does anybody actually use the white stuff like this this format like working at their computer
01:03:02
Like I this is painful Only for presentations all right So I mean here's a pretty quick little check right so the workflow manager status equals one one is down This kicker isn't gonna do anything. It just sits there and goes through the next process There's actually a weight at the bottom for that that we captured earlier if it's two it's running
01:03:23
I don't need this thing to do anything It's only when it's three is when I'm actually gonna take action and do something and at that point that's when I'm gonna go invoke a new console pop open the process and Start the rest endpoint well now the rest endpoints already run at this point
01:03:41
Does that make make sense There you could and you can using curl through PHP Hit a button and send a command To this endpoint over here That's actually listening So this guy's actually sitting here listening waiting for somebody to send it send it a command
01:04:12
So I mean that's how quick it is now, I'm I'm not doing anything meaningful here I'm just literally returning a zero for a status, but if the endpoint was down you would you would get an error so
01:04:24
It's pretty quick and easy Like I say the the ones I have for VMware standing up and having an open session are super useful because I don't have to Worry about going through the login process if I want to kind of loop through 40 different v-centers My my process now is just to loop through all 40 endpoints and get the information I need
01:04:44
so To do rest endpoints in PowerShell. I mean that's what this is Yeah, you want to see it. So the the module is rest PS. I think I don't know what's on it
01:05:31
Is there where you can just add a folder? Like to your already open folder. Where were you like two seconds ago? All right, so the way that this works
01:05:47
It sets up a HTTP listener on the port that you describe you can of course do SSL if you would like to I don't I'm in a lab. I don't like security and The big thing to kind of take out of this is there's a file that lists the routes
01:06:08
so When you deploy the endpoint, it's looking at this file to define the routes and the routes meaning what script you want to run It could be a script block. It doesn't have to be
01:06:21
A script per se so you can also pass in arguments Just like you would a regular endpoint. It's your job in your script to then parse the arguments further so There's a lot of files here, but the the line to actually start this is pretty simple so
01:06:44
I'll even you know do a default port but download the module and then run that And it'll just set up a HTTP listener that can run any script that you define to it the beauty of What I've done with that available routes file is that if you update that and end or add a script
01:07:05
Every time I auto load that so you don't have to shut the endpoint down to get a new function. Does that make sense? It's it's out in the gallery. It's it. I wrote it
01:07:21
I took a combination of two different packages that people had out there There's one guy who kind of routed to different web pages And then there was another one who? executed scripts, but it was fire and forget so that you wouldn't get a return back other than Whether or not you selected a correct route like if the routes not available you'll get a you get an error
01:07:43
But this guy kind of held on to the return So it's like I kind of pulled the two together because they were like very different code bases But I kind of took the best of both worlds that work best for me So you know if you fire off something That's not what I want working on a laptop kind of sucks, too
01:08:04
Let me move it to where you can actually see it all right, so this is just checking the status right pretty normal endpoint nothing too fancy If I change this and add anything to it. I'm gonna get back that there's no matching routes
01:08:25
So the endpoint doesn't take any action on some unknown location or unknown path And Then there's I can I can shut it down so and And that's a common one. It doesn't matter what method you send at it when you do endpoint shut down
01:08:43
It's gonna. It's gonna shut it down that window should have gone away, and it did so one nice thing
01:09:02
Is that this process? So this guy will actually start it back up So this is I shut down the workflow manager endpoint and his job is to actually start it back up when it's down So that's kind of the service aspect of it still making sense
01:09:28
You think that I mean do I love this module because it's it's great right take the security Or lack of security out of it and kind of makes you a little scared But as far as like getting information off a box or a box that's performing tasks. It's fantastic
01:09:43
It really lets me kind of distribute I don't say workloads, but For the VMware stuff like it's been lifesaver So this would be because I'm trying to retrieve information as fast as possible
01:10:05
right so if you had 40 v-centers in your environment, and you needed to Validate whether a Port group existed All of them are different logons How would you instrument it?
01:10:23
Right you'd probably do a loop like give me the v-center get the username and password and loop through That's a long just it's a time-consuming process So I can take one of these endpoints for each of those 40 v-centers stand it up And now all I have to do is hit an endpoint tell it what information I want the account you started off with
01:11:19
so
01:11:21
I'm not an ethical hacker right so I don't know I Don't know what you could gain access to other than over the HTTP port right you you expose that But as far as the things that's going to execute. It's only going to execute What is in the routes file everything else you're gonna get from me? It's gonna be no routes available Right so that's that's what I was kind of trying to show
01:11:44
here so You know status is available, I'm gonna get a valid return back But anything else is not exposed To the to
01:12:02
Return information back to the endpoint right right so yep hang on one second
01:12:26
That's I said disclaimer at the beginning man like security is So here's the endpoint file for that specific guy, so
01:13:02
So the other option I have is self-test Right so I just put these in as placeholders for you know get put post delete So the other command I could run would be self-test cool store turns back zero if I go in here and change this to
01:13:23
I'll just keep it again to make it simple picks it up on the fly
01:13:46
So that's super nice too as far as like a deployment, right? I don't I don't have to worry about shutting the endpoint down restarting it just to pick up a new file that You know has a minor change or you know is a new addition because I want to be able to get Different data off the box you want to see more for I mean you have any questions about what it's doing or how?
01:14:11
It's doing it. Yeah, so There's some weird stuff going on
01:14:23
With capturing The String that's coming in so I kind of split it And let's see So when it comes in I will I split the URL that's basically passing so we're using HTTP listener
01:14:45
They're coming in on a URL it takes that entire URL, and I can split that based on what they've requested Split it on the question mark just like a regular Endpoint would be and then it would be your job to do like the ampersands after that
01:15:03
So I don't know I don't have anything running on this that would take it But I don't know that it would throw an error other than I'm curious to see what the output would be here
01:15:22
Yeah, so it didn't It returns zero, but it didn't you can see so it like cut off the Arguments or whatever you would you would call that for the endpoint so like stripped off my hello world And put it into the argument so that would get passed to my PowerShell script as an argument
01:15:43
I would split it based on the equal sign and do whatever thing I wanted to do So you would you would define that in your available routes, right?
01:16:02
So I mean I've set all these up to run the same script now like we're Correct yeah, this was just I don't To write something to post would be you know like you're yeah I mean I guess I could put it
01:16:21
For an example right in here to like stop a process But I really don't want to be destructive on someone's box when they're like oh, let me stop. You know the workstation service This thing doesn't work right or maybe it does Yeah, so I don't I don't actually pass the method into the script because I'm assuming the management on the front end is actually
01:16:41
Taking care of that and by assuming meaning like I wrote it It's it's not going to execute a get script if you specify a put like I don't have to figure that out
01:17:02
So if it rebooted at this at this point in time there's nothing that would start it automatically on the box Not to say that something couldn't be added for that I question What that would be I don't know if that's or a run once. I don't know if that's adding it as a service I haven't really found too many clean ways to do like
01:17:23
PowerShell scripts running as a service it seems kind of hooking me right. I got to probably get some executable. That's gonna Just be in a path that it has an argument for the script does anybody do that now Yeah, I Don't know. I don't know the answer to that one
01:17:54
Yeah, so I mean that would be the other thing like I'd have to log in most likely right unless you have auto login But we don't need to talk about security
01:18:04
So at some point like I'm gonna if the if the machine reboots the the idea would be that I have something monitoring the status I would see that The endpoints no longer running, and then I would want to go out and figure out why my workflow manager the thing That's gonna be performing tasks Isn't doing anything, and then you know I could log into it start the process and carry on about my business
01:18:28
So if it's registered, and you start the process it'll reconnect and update Its status does that make sense you want to see it like
01:18:40
Okay all right, so let's just go with the fact that like the process ended right so that the endpoint is still up and I just kill the process Right so the w-man process is no longer running Right it had the title w-man ID whatever
01:19:05
So I disagree with myself a little bit Because which guy oh, no, that's a that's a task manager all right That's the queue manager Wonder what that was for a second. I haven't put host titles on everything yet. What's that?
01:19:46
No one hears it, but you all right, so it's the machine is already registered as a workflow manager to the system so I'm just taking the startup line and
01:20:06
Starts it right back up, and it's good to go It'll capture what the status is I think the only thing that I'll say it wouldn't do right now is if Both the kicker process and the actual workflow manager the one who's actually
01:20:22
Performing the tasks if they both Die and I just restart the process and the current status was running It would not start a new process. It would be it would kind of be hanging out there and running So that's something I would need to kind of figure out Maybe
01:20:41
Yeah, I don't think because I think if the status is running. I don't actually perform any I don't validate That it is running. I probably should add something for that does that make sense Because currently if if the endpoints not running I'm looking for a PowerShell console window with that name, and if it if I don't find that I start the endpoint up
01:21:01
So I probably could do a little bit better job of handling the actual workflow manager process that is running Am I crazy? No, I mean that's that's what this is for so I like
01:21:23
What yes, yeah so from from a high level I have The database is installed on my box. I'm running the web on my box, which is just I'm using wamp
01:21:45
And then I'm also running the workflow manager and the queue manager separate console windows right so so the v-centers would would be on the outside, so they're
01:22:03
They're tangential right they're further out Right so I don't I don't care what you're connecting to what scripts you're running to all I care is that when you run that script Whatever it does it reports back information right and then we can capture that information however you want right so
01:22:21
You know getting into like the the vester vester kind of stuff It's This table is set up a little bit differently for results But but the concept is the same right I run a test And I capture all the information about the cluster the host whatever it is
01:22:42
But the process the management process only cares that the test Was sent out the workflow manager ran the test and sent back all the result information It doesn't actually care about the v-center. I'm connecting to the data is stored. I store all that data in here, so You'll see that I have
01:23:03
Targets So targets being whatever you would want I have target types so you can define what the thing is that you're trying to run something against But I'm not trying to limit anybody as to what you can run against Additionally, there's the the concept of
01:23:21
Parent targets, so if I have a system with five v-centers. I could say you know run this check against Production and then it would split that out into five different tasks and Then though the parent task is is related to the child tasks, so I think make sense
01:23:45
And that's at a task level and at a target level so you can kind of group things together a little bit Also with the retries you can the retries will be linked as well through a different table
01:24:02
Getting into those details gets really confusing Which so you're talking about like when I was talking about having the 40 endpoints stood up if that process dies
01:24:21
I have a process that's looking for the endpoint getting that status, and if I see that that status is not running I will start up another endpoint for that v-center Yeah, right so the connection would break as soon as the connection breaks
01:24:45
The endpoint probably will go away because it can no longer maintain that connection So if it's running on port 8080 That endpoint would drop off I Have I have a process that I'm running right as a scheduled task to say every five minutes Go check all the endpoints that are available
01:25:03
right and if it sees that one isn't there I Send a command to I know you're gonna kill me right a management endpoint That's sitting on the box that says all right now start up an endpoint for this v-center on 8080 rest
01:25:24
Yeah, I'm just I'm using rest because Like I said, I didn't grow up using PowerShell remoting because I've been in the VMware world so to me I use PowerShell is just a programming language to to interact with other services that are out there, so
01:25:41
It's You absolutely could No, no, it's just like unfortunately. That's like right now would be the manual kind of piece, so I don't have it currently for
01:26:07
What I wanted to do with the demo and clearly that worked out very well Because I didn't want people actually mapping my drive But I think it yeah, I mean honestly that like this is why I'm working on this right so it
01:26:46
My place of work. I have multiple of these that handle different tasks within my infrastructure And it's a pain in the ass to manage five different stacks of things that All touch the same target set, so I'm performing different
01:27:03
tasks on the same equipment And it was really just a matter of why didn't know I needed to do that I've written that code. I want to stay away from that code, so Let me rewrite it and get it better right. I mean over the course of time your coding is gonna get better
01:27:20
And you may shy away from stuff. You've previously written so what I decided I Don't know how how many months ago. I was like I'm gonna Rebuild this one more time, and that's it And it's painful because before the original one I wrote was a task manager And it would go through and I work on an automated testing system for in a VMware environment
01:27:45
So we send machines out there. We we allow users to submit their tests and sometimes those machines just crash and burn And my Java application doesn't always clean it up nicely so I have something that can go out there and clean it up for them
01:28:01
The issue was it only had a queue manager that queue manager would kick off four tasks So I had no scalability Right so the next iteration I had a queue manager that could manage the tasks and just assign it out to a workflow manager to which I could have As many as I wanted so You know the evolution of it is kind of what it where it's at now
01:28:23
And I you know it's it's a work in progress In trying to understand whether or not people can actually use it other than myself Because I don't use Windows remoting, and I'm not on a domain, and you know it's a different solution potentially
01:28:41
But it can reach any service that's out there so As far as the map drives go I mean that could be a endpoint check you could you know determine whether or not the drive was there how much space is on the drive and Report that back You know as far as the task result this page that is
01:29:01
here My plan for this would be I'm going to For specifically for Esther UI which is the vester UI I'll have a basic task here, but all that result information is gonna be stored in a different table Like I don't need test results to be munged together with the actual task running itself
01:29:22
Let me know the task ran good, and then I can go over here and look at results of the tests It's really just gonna be logging
01:29:42
Yeah, I mean the only advantage. I have is that I can actually view the logs in here, so That's the one go away, though Okay, maybe I don't have those logs displayed yet But for like the queue manager and stuff. It's nice to be able to actually View the log while it's running or you know be able to troubleshoot you'd have to refresh to get the newest
01:30:05
Information, but having those logs available to say well this task failed and here's here's why or you know whatever those those cases might be I Don't know how easy it would be to you know I have the task ID So if I've done logging properly I could you know send a message to elk to say or Splunk and say you know
01:30:25
Pack it you know I Don't know if it would be like an like an iframe or what the I'm not exactly up on like all of the terminology so The API
01:30:43
Okay Okay, yeah, and you know for the endpoints too. You can actually That makes me think like it is just a rest server, so Yeah, that's not you shut down. It's
01:31:09
So from a web browser you get kind of what you would expect as well, so you get back a
01:31:32
JSON response just like you would expect from the endpoint I think the only thing I probably don't do very well with that module is you're not getting like the 200 back
01:31:44
So if you even if you were to do a web request versus the rest method you wouldn't you wouldn't get a status back So I think that's probably something I need to kind of add in there instead of you know sending back the invalid route Send back a 404 or something along those lines
01:32:08
So the probably the first one So the first time this ever really came to came up was that VMworld hackathon back in like August of 2016
01:32:21
We were working on the team was working on basically CM for NSX and I was like what if I just like wrote up a UI for it right like instead of you know instead of seeing something like
01:32:43
Second you know instead of seeing command-line stuff right when you're talking about looking at more than one item at a time You know it's difficult To kind of put all that together in your mind Right so trying to capture like this kind of information
01:33:16
Into something that's usable is kind of what the goal was right
01:33:21
They were working on the actual checks, and I was working on like the visualization of it Because I mean this is great if you're like working on a single project But if you're running this and I'm using I'm not VPNed in or into anything so I can't actually run the vester check But if I can turn this output right that's also XML into something that you can actually consider
01:33:44
or a junior guy could consume It's gonna be a lot more valuable right same information. I just get an option to display it I can you know I was sorting there I can filter on fail so
01:34:01
It's all kind of built in and easy like I'm like say I'm not a web developer So I'm sorry this is what you get right now someone wants to pick up angular. I'm More than happy like I say all the data is available from the database via rest so
01:34:20
So I'll say it probably started two years ago, but that's when I started doing like those those stovepipes and then Last year Probably around this time frame I wrote one that was Included like the deployment of multiple work managers and got the queuing and all that kind of stuff figured out
01:34:45
I've been running that for a while at at work But even that was very specific to the tasks. I was trying to accomplish And then I don't know exactly when I started putting all of this stuff because I didn't check stuff in
01:35:00
Immediately so all the commits are probably from like the last Four or five months all the codes in github. It's published to the gallery 100% pester testing on on anything that I've published past a script analyzer
01:35:25
Doesn't mean it works Now I mean it's been tested everything you know as long as you have connection it works So and apparently doesn't work on PowerShell 6 to implementation you got to get that our
01:35:43
Was that module I know that was for Windows PowerShell Yeah Yeah, right, so I don't want to run a command if I can't actually validate that the rest servers available so
01:36:00
Single ping if you're good, then I'll start trying to interact with you Nothing too fancy got a lot of people looking like glazed over I'm not sure if that's good or bad It's a lot to take in like that's what I tell my guys when I kind of you know implement something new for it
01:36:21
But it's not doing anything different than what you would do in your head Right just visualizing what a computer Needs to do for you is it's the tricky part Right, that's what I try to tell my people when I'm you know going through like logic and and how to get things started
01:36:49
Wamp comes in a package so I didn't have to worry about configuring anything The PHP package that I use it's a single file so It'll work with my sequel sequel light
01:37:03
Ms. Sequel so whatever database you want to hook it up to is fine It's just PHP so if you want to run it on IIS feel free but I mean it's just PHP and it just connects to a database so There's there's nothing saying you have to use wamp or
01:37:21
Not I mean I but I don't need you know whatever you guys need time wise I mean we're good we can wrap up We can poke around more. It's up to you guys. I'm sorry it
01:37:48
For groups as far as like groups of targets, so I don't have the scheduling piece in this yet I use it at work, but it is a different schema like I have to kind of
01:38:02
Redo the day so you have the data layer that you know defines how I store the data in the database and that's directly how the PowerShell is written And some of my stuff still uses this power wamp module I have which accesses the data directly so I need to convert that over to use just rest
01:38:22
so I don't want like it's I Haven't migrated that yet so but I mean the thought process would be there's Gonna be a table of available scheduled tasks, and I will review them like a queue manager And if the things line up I will Submit the task the queue manager will then assign the task and the work will get done and that way
01:38:47
It's not stored on a single machine for You know and you know Because it's setting up as a queue manager. You could actually have multiple schedulers sitting out there for You know different reasons. I don't I don't know
01:39:02
The value in that maybe out Yes absolutely so Priority is taken into account so Target types I want Task types
01:39:22
So priorities there, it's configurable so the queue manager will assign them by priority So when I do the query, it's you know giving me everything back in a list in ascending order based on priority It'll sign those out and then the workflow manager In theory the workflow manager if it you know has a max of four tasks
01:39:41
It should never get four more than four but I'll still start them by priority if all four of them get assigned at the same time and You can't have the same priority level as well. It's not gonna hurt
01:40:03
script yep Yes to like to actually click through here or
01:40:36
So I mean it would be as simple as adding it in like this one thing about PHP is you got to do double slash
01:40:44
Doesn't want to escape it So it adds it in as an availability and You could then submit a new task so from a target. I'll go in submit a new task It's not there
01:41:01
So I haven't set it up to say that this target can run this task or this a task can run against a specific target so I would have to go into Add a new one of these to say Target type as a system and I can add
01:41:22
2018 to it and here's where that max retry In there and now it's available, so I would I can submit it from here the queue manager would pick it up
01:41:45
I sign it out run it so you would be able to configure to a degree How fast it how fast the queue manager is checking the queue for something new?
01:42:01
So I like I have this one set for 30 seconds so every 30 seconds I'm gonna run through and determine whether or not there's any any tasks in the queue that are submitted or queued Right so I have submitted because I might want to triage something. I don't have any code in there right now, but to me This submitted is
01:42:21
Potentially valuable in the future, so I'll go through I look at anything that's submitted I flip it to queued once. It's queued. I look to see whether or not a task manager has an availability So I only select a task manager That's not at its max And then I'll assign that to that workflow manager the workflow manager comes through and sees that it has a new task assigned Starts the process it'll be complete so tasks
01:42:58
Can only have a single status so like the workflow for a task would be I submit it it gets queued it gets assigned
01:43:09
and Then it would get it would go running well actually goes staged running and then complete and Then there's no other option at that point
01:43:20
So that the task is just one and done the queue manager is looking for it The only other thing would be you could rerun it so if it failed you can just hit the rerun It'll hide that record and creates a new one which is going to be like on five different pages, so this was just submitted from
01:43:42
The previous screen so it might be easier to see from if I do that summit 2018 one so your question on this one, so this is back to the vester implementation yes
01:44:15
So what I would say is Use it your own risk right it depends on what the configuration is
01:44:22
so vester will Flip the bit on whatever Function or whatever feature it is So
01:44:41
Right so that's why it's an option And in the idea would be that you know this is really a Configuration that's bad. This isn't something new right you expect that your vCenter is going to be configured with this configuration right whether it be a NTP server or You know DRS enabled disabled whatever those settings are and this would be like out of line. That's what this is reporting
01:45:05
Does that make sense so I? Yeah, you know you'd have to use caution with remediate But the hope is that it's not it's a non breaking change, so
01:45:30
for the rest endpoint on the clients Right now everything's just set up to use HTTP so no authentication I Did that on purpose you can implement SSL?
01:45:41
Same thing with the website right so the web on the web side of it You have Apache you can secure it for whatever would meet your your environments requirements Right like I don't want to push security on you, and you should be doing XYZ you have the option I don't
01:46:12
Yes, yeah, I mean I'm not I'm not stopping it But for like demo purposes on a network where you could actually reach me. I didn't want to try and
01:46:22
handle SSL Right because he would need a certificate and match my chain. We would have to accept each other and like each other So for rest you're probably gonna use some kind of like JSON token Yeah
01:46:42
So You would you would want to set that up through the Rest API right through Apache or whatever is serving out your your web instance for this and then on the endpoints you would probably be doing a certificate as well as a You could do a token piece. I don't know how that would I haven't gotten that far into that so
01:47:06
I'm being asked to leave So thanks you appreciate it appreciate your time feedback