Tuesday, January 31, 2017

PowerShell : Trust network share to load modules & ps1


Do you have a central network share, where you store all the scripts or PowerShell modules ?
What happens if you try to run the script from a network share ? or if you have scripts (local) which invoke scripts or import PowerShell modules stored on this network share ?

Well you would see a security warning like below (Note - I have set execution policy as 'Unrestricted' not 'bypass' here):

Run a .ps1 from the network share

Well this is a similar warning, which you get when you download scripts from Internet.
As the message says run Unblock-File cmdlet to unblock the script and then run it, let's try it.

Tuesday, November 08, 2016

Gotcha with Puppet Windows client

Making a quick note to document the version gotcha encountered while running puppet client on Windows.

I downloaded the latest and greatest available version of the puppet client on a Windows Server 2012 R2 box, but when running the puppet agent for the first time interactively to generate the certificate request to the puppet master server it blew up with below error message.

  1. Quickest way to get the puppet binaries all accessible is "Start Command Prompt with Puppet" shortcut.

  2. Once in the cmd prompt, run puppet_interactive. This will run the puppet agent on demand and when run for the first time issue a certificate request to the puppet master to sign. But this threw up the below error :

    Error: Could not request certificate: Error 400 on SERVER: The environment must be purely alphanumeric, not 'puppet-ca'

Thursday, November 03, 2016

Vagrant using Hyper-V

I have been looking at learning puppet for a while now and to try it out, wanted to quickly deploy a puppet master & node (Ubuntu) on top of my Hyper-V host.

Below are the quick & easy steps I followed mostly for my own reference (n00b alert) :

  1. Enable Hyper-V on the node, this goes without saying :) (reboot after this step).
    #region enable Hyper-V                                                                        
    Add-WindowsFeature -Name Hyper-V -IncludeAllSubFeature -IncludeManagementTools
  2. Install Vagrant using chocolatey.
    #region install vagrant
    Import-Module PackageManagement                                                               
    Install-Package -name vagrant -force -ForceBootstrap

Thursday, May 19, 2016

PowerShell + Pester : counter based mocking

Recently, I have been writing/ reading a lot of Pester tests (both Unit and Integration) for infrastructure validation.

One of the classic limitation hit during mocking with Pester is that you can have different mocks based on different arguments to a parameter (e.g using parameterFilter with Mock ) but not based on a counter.

For Example - See below, I have two mocks for Get-Process cmdlet based on the name passed to it.

Mock -CommandName Get-Service -ParameterFilter {$Name -eq 'winrm'} -mockwith {[PSCustomObjet]@{Status='Running'}}
Mock -CommandName Get-Service -ParameterFilter {$Name -eq 'bits'} -mockwith {[PSCustomObjet]@{Status='Stopped'}

This is really helpful, but there is a case where we want different mocks to occur based on a an incremental counter (number of times) a function/Cmdlet etc. are called in our script.

Monday, May 09, 2016

PowerShell : check script running on nano

If you are authoring scripts targeting Nano server specifically then there are two checks which you can bake into (maybe add them to the default nano authoring snippet in ISE) them.

Saturday, May 07, 2016

PowerShell + AzureRM : Automated login using Service Principal

Do you remember ?
In the older Azure Service Management model, we had an option to import the publish settings file and use the certificate for authenticating. It saved a lot of hassle.

That method is deprecating now but we have something better which we can use in the newer ARM model.

BTW for record I find it really annoying to enter credentials each time when I want to quickly try something out on Azure. So I have been using two techniques for automated login to the AzureRM portal.

  • Storing Service principal creds locally (encrypted at rest using Windows Data Protection API) and using that to login.
  • Using Certificate based automated login (another post).

Friday, March 04, 2016

Test connectivity via a specific network interface

Recently while working on a Private cloud implementation, I came across a scenario where I needed to test connectivity of a node to the AD/DNS via multiple network adapters. 

Many of us would know that having multiple network routes is usually done to take care of redundancy. So that if a network adapter goes down, one can use the other network interface to reach out to the node.

In order to make it easy for everyone to follow along, below is an analogy for the above scenario:

My laptop has multiple network adapters (say Wi-Fi and Ethernet) connected to the same network. Now how do I test connectivity to a Server on the network only over say Wi-Fi network adapter?

Wednesday, February 24, 2016

PowerShell : Nested Remoting (PSRemoting + PSDirect)

Well the title is interesting enough, right ?
I saw some interesting comments when I posted the below pic around the release of Server 2016 TP3 in our PowerShell FB group:

In this post, I try to tell how I use this simple trick in my everyday use.

Friday, February 12, 2016

PowerShell : Getting started with MutEx

After setting up the context for the use case of the MutEx in previous post, it is time to do our homework on the topic.


MutEx as per the MSDN documentation is:
"A synchronization primitive that grants exclusive access to the shared resource to only one thread. If a thread acquires a mutex, the second thread that wants to acquire that mutex is suspended until the first thread releases the mutex."

Thursday, February 11, 2016

PowerShell : Use Case for MutEx

This post is to give you context on a practical use case of using MutEx in PowerShell.

From the MSDN documentation for the MutEx class , MutEx is :

"A synchronization primitive that can also be used for interprocess synchronization."

Mut - Mutually 
Ex - Exclusive

Recently while deploying AzureStack, I saw multiple failed deployments, partly because of me not paying attention. 

But since it failed, I had to go and look at the code in an effort to see what went wrong.

AzureStack runs all the deployment tasks for creating a POC by using scheduled tasks (runs in System context) heavily.

Also the status of the deployment  is tracked by using XML files (these are placed under C:\ProgramData\Microsoft\AzureStack\), so they have to avoid conflicts in reading and writing of these XML files from these tasks which are separate PowerShell processes.