在用Window PowerShell DSC管理服务器的时候,会遇到下面的类似的场景,比如,先在一台域控制服务器上安装域控(Active Directory),等域控制服务器A安装好后,在把另外一台机器B加入到域控服务器A中;还有一种常见的场景是,比如,先安装数据库服务器,然后在安装应用服务器;不管是何种情况都牵涉到了跨机器间的依赖;刚好,在DSC5.x中提供了一个DSC的资源专门做这个事情,这个资源就是WaitForAll,WaitForAny以及WaitForSome。下面咱们先看一个简单的例子。
Configuration WaitForDemo {
Import-DscResource -ModuleName PSDesiredStateConfiguration
Node doTestAction
{
File backupFile{
Ensure="Present"
Checksum="SHA-1"
Type="Directory"
Recurse=$true
SourcePath="C:\software"
DestinationPath="C:\softwareBak";
}
}
Node doWaitForAction
{
WaitForAll ComputerA
{
ResourceName = '[File]backupFile'
NodeName = 'computerA'
RetryIntervalSec = 15
RetryCount = 30
}
File generateFile{
Ensure="Present";
Contents="Waitfor test";
DestinationPath="C:\test\hellowworld4.txt"
DependsOn ='[WaitForAll]ComputerA
'
}
}
}
$mofPath="C:\Program Files\WindowsPowerShell\DscService\Configuration"
WaitForDemo -OutputPath $mofPath
New-DscCheckSum -ConfigurationPath $mofPath
New-DscCheckSum -ConfigurationPath "C:\Program Files\WindowsPowerShell\DscService\Modules"
其中让computerA在注册DSC Pull服务器的时候,注册doTestAction.mof,computerB注册doWaitForAction.mof文件。
不知道大家发现没有,在Node doWaitForAction的配置中,我们显式的依赖了computerA的backupFile的Resource,也就是说必须等ComputerA的backupFile的DSC的resource的状态返回True的时候,computerB的generateFile的DSC resource才会被执行。
好了,原理说完了,例子也说完了;但是不知道大家有没有想过,为什么computerB知道ComputerA的任务已经完成了呢?是ComputerB通过DSC Pull服务器不断查询DSC的Report服务器得到的结果吗?还是computerB直接调用ComputerA的某项服务器查询ComputerA的backupFile的DSC的resource的状态是否已经返回True了呢。
笔者通过抓包工具发现,其实是computerB直接调用ComputerA的某项服务器查询ComputerA的backupFile的DSC的resource的状态是否已经返回True。具体过程咱们来分析。
![[置顶] [30] Window PowerShell DSC 学习系列----如何解决跨节点(across computers)依赖?](https://image.shishitao.com:8440/aHR0cHM6Ly93d3cuaXRkYWFuLmNvbS9nby9hSFIwY0RvdkwybHRaeTVpYkc5bkxtTnpaRzR1Ym1WMEx6SXdNVGN3TmpFMU1qQTBPREU1T0RNd1AzZGhkR1Z5YldGeWF5OHlMM1JsZUhRdllVaFNNR05FYjNaTU1rcHpZakpqZFZrelRtdGlhVFYxV2xoUmRsa3lhR2hpYlU1c1lWYzBkMDFFWXowdlptOXVkQzgxWVRaTU5Vd3lWQzltYjI1MGMybDZaUzgwTURBdlptbHNiQzlKTUVwQ1VXdEdRMDFCUFQwdlpHbHpjMjlzZG1Vdk56QXZaM0poZG1sMGVTOURaVzUwWlhJPQ%3D%3D.jpg?w=700&webp=1 "[置顶] [30] Window PowerShell DSC 学习系列----如何解决跨节点(across computers)依赖?")
从上图可以看出,经过三次TCP/IP握手之后,computerB会给computer发送一个HTTP 的Post的请求。请求的URI为wsman,端口的5985
那么到底发送了什么消息呢?
POST /wsman HTTP/1.1Connection: Keep-AliveContent-Type: application/soap+xml;charset=UTF-8User-Agent: Microsoft WinRM ClientContent-Length: 1614Host: computerA:5985<?xml version="1.0" encoding="utf-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:w="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd" xmlns:p="http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd"> <s:Header> <a:To>http://computerA:5985/wsman</a:To> <w:ResourceURI s:mustUnderstand="true">http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/windows/DesiredStateConfigurationProxy/MSFT_DscProxy</w:ResourceURI> <a:ReplyTo> <a:Address s:mustUnderstand="true">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address> </a:ReplyTo> <a:Action s:mustUnderstand="true">http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/windows/DesiredStateConfigurationProxy/MSFT_DscProxy/GetResourceState</a:Action> <w:MaxEnvelopeSize s:mustUnderstand="true">512000</w:MaxEnvelopeSize> <a:MessageID>uuid:DBB05C5C-5E11-498D-888E-D55F627DE47D</a:MessageID> <w:Locale xml:lang="en-US" s:mustUnderstand="false"/> <p:DataLocale xml:lang="en-US" s:mustUnderstand="false"/> <p:SessionId s:mustUnderstand="false">uuid:BD34BBB3-A6E3-44E9-A098-F48C7A564C34</p:SessionId> <p:OperationID s:mustUnderstand="false">uuid:FC2CD0FE-B9A4-4167-890C-8FC937C2D487</p:OperationID> <p:SequenceId s:mustUnderstand="false">1</p:SequenceId> <w:OperationTimeout>PT60.000S</w:OperationTimeout> </s:Header> <s:Body> <p:GetResourceState_INPUT xmlns:p="http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/windows/DesiredStateConfigurationProxy/MSFT_DscProxy"> <p:ConfigurationData>WwBGAGkAbABlAF0AYgBhAGMAawB1AHAAQwBNAFMA</p:ConfigurationData> </p:GetResourceState_INPUT> </s:Body></s:Envelope>
那么返回的结果呢?
HTTP/1.1 200 Content-Type: application/soap+xml;charset=UTF-8Server: Microsoft-HTTPAPI/2.0Date: Wed, 07 Jun 2017 20:32:14 GMTConnection: closeContent-Length: 1207<?xml version="1.0" encoding="utf-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:x="http://schemas.xmlsoap.org/ws/2004/09/transfer" xmlns:w="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd" xmlns:p="http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd" xml:lang="en-US"> <s:Header> <a:Action>http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/windows/DesiredStateConfigurationProxy/MSFT_DscProxy/GetResourceStateResponse</a:Action> <a:MessageID>uuid:68F10B95-1BF1-414C-95FD-12FDC89A5D7D</a:MessageID> <p:OperationID s:mustUnderstand="false">uuid:FC2CD0FE-B9A4-4167-890C-8FC937C2D487</p:OperationID> <p:SequenceId>1</p:SequenceId> <a:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:To> <a:RelatesTo>uuid:DBB05C5C-5E11-498D-888E-D55F627DE47D</a:RelatesTo> </s:Header> <s:Body> <p:GetResourceState_OUTPUT xmlns:p="http://schemas.microsoft.com/wbem/wsman/1/wmi/root/microsoft/windows/desiredstateconfigurationproxy/MSFT_DscProxy" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cim="http://schemas.dmtf.org/wbem/wscim/1/common"> <p:state>true</p:state> <p:ReturnValue>0</p:ReturnValue> </p:GetResourceState_OUTPUT> </s:Body></s:Envelope>
从上面可以查看出,其会返回一个state和returnvalue,从而知道是否所依赖的computerA节点的相应的DSC 资源(Resource)已经执行成功了。