AMA: Will DSC Make It?

Jeremy writes:

With dsc headed for it’s third major rewrite in nearly as many years, is it something that you think will turn into a fully fleshed out and complete product? Or will it just end up as an interesting footnote that never found its place? Or something different altogether?

I hope you’ll ask a question, too! Visit here for info.

I’ll argue the “major rewrite” that was v4 to v5; it wasn’t that major.

But, I have the same worry, at this point. I’m waiting to see how the cross-platform DSC shapes up, but I think Microsoft has made some baseline architecture decisions that hamper DSC. I think the LCM is too “smart” and has had to much invested in it, versus a smarter, centralized “server” component instead. I think they’ve added complexity – using “DependsOn” instead of a top-to-bottom execution – for no reason (the intent with DependsOn was to support “eventual” multi-threading, which we’ve yet to see and which will be problematic on its own if we do). I think the “punt” on a Pull Server – only providing a “sample” with the product but never denoting it as such or providing source code, and pushing people to Azure for the “real” solution – was a terrible misstep.

Worse, it’s like literally nobody else in Microsoft has bought into it in any significant way. SQL Server should have a much richer set of resources. SCCM should be using DSC under the hood for its Configuration Auditing feature. But the entire rest of Microsoft has basically ignored DSC. It’s like the company doesn’t even want to be in the “configuration management” game, and are just ceding the space to Puppet/Chef/Ansible/Salt/Etc. I think the company will regret that one day, but I think it’s where we are right now.

I think Snover had the right idea and basically the right architecture. DSC was the fourth and final item in the “Monad Manifesto,” so he’d been thinking about this since the mid-2000s at least. The current rewrite (which is indeed a rewrite) is a good move: they’re moving away from using CIM to “run” the LCM, rewriting the whole thing in C++ instead of .NET, etc. All good. So I’m holding out some hope; this’ll also get us the DSC code in open source, which we’ve never had before, and I think a lot of its annoying bits can be fixed or mitigated a lot more easily that way.

But it’s the stark lack of tooling, with approximately zero third parties jumping in to provide solutions, that’s a little scary.

So I don’t know. The jury is out to lunch, but they’re very much in session, and we’ll have to see what happens next before I feel more confident making a prediction. Microsoft could still pull it off, if they try hard enough. I think.

9 thoughts on “AMA: Will DSC Make It?

  1. Derek

    We tried using just DSC when it was released and wrote a lot of tooling around it to get more of the features we wanted like reporting and our own resources. It ended up being a nightmare to maintain though and we switched to Puppet. That actually saved DSC for us. Puppet had the reporting and management features we wanted and we could still write custom DSC resources like we wanted.
    I mostly prefer the platform approach instead of MS owning the one true solution since we’ve had a lot of heartburn over tools like SCCM and SCOrch.

  2. jbchrist

    God I hope it makes it.

    I absolutely love DSC and have been using to deploy many SharePoint farms. With that being said, It is a complicated to setup but once its setup, it runs well. I hope my decision to be an learn adn be an expert in it does not go to waste.

  3. Orin Thomas (@orinthomas)

    Agree with you completely. When MS stops paying close and deep attention to a project, it’s often time to start the clock on its demise. In some ways they are getting more like Google, distracted by the ever new. It is having an impact as customers are starting to wonder how much time a new thing has before the post launch ennui sets in and the project gets Forefronted/Windows Phoned/Silverlighted.

  4. Justin King

    To use a rather famous quote:

    E’s not pinin’! ‘E’s passed on! This parrot is no more! He has ceased to be! ‘E’s expired and gone to meet ‘is maker! ‘E’s a stiff! Bereft of life, ‘e rests in peace! If you hadn’t nailed ‘im to the perch ‘e’d be pushing up the daisies! ‘Is metabolic processes are now ‘istory! ‘E’s off the twig! ‘E’s kicked the bucket, ‘e’s shuffled off ‘is mortal coil, run down the curtain and joined the bleedin’ choir invisible!! THIS IS AN EX-PARROT!!

    Look, configuration management is/was a very real problem and it was a very big idea behind fixing it. Heck I jumped on the bandwagon pretty early. The thing is, when this “rapid provisioning” became a thing it was discovered that we could completely turn the model on it’s head and solve it in a different way: immutable architecture.

    Chef, Puppet Ansible are all already functioning products that can get the job done, and whats more is we can see the sun setting on their time. There’s just no POINT to rewriting it anymore. Netflix has become the immutable poster child of rapid deployment, container technologies have shown still more ways to guarantee code makes it from dev to prod with no change … and the word of IT is rushing towards a world where fleets of servers are nameless, shapeless resource pools for code and all that difficult patching, upgrading, and configuration changing happens in a controlled pipeline that tests results before they are released.

    The bigger problem I see is that Windows servers are almost completely incapable of living in this new world that’s forming. Nano looked like it might be a step forward, then they stepped back and called it container only. So instead we have a host of aging issues then are in dire needs of overhauling:

    1. Base OS still takes way too long to install compared to a minimal linux box.
    2. Patching said OS is a night and day nightmare too. You can fully apt-get upgrade linux in minutes where as Windows could be a 45 minute to a multi-hour job!
    3. Orchestrating tasks sequences in a tool like SCCM vs. the lean tools like packer make this brutally apparent.
    *Thank heavens for Chocolatey, otherwise installing would be a nightmare as well.
    4. OS still ships huge with prepackaged roles and apps instead of simply pulling roles and functions from a package repo or container.

    Speaking of containers … they added support but there’s a massive ecosystem of services missing before you can do any serious container support in Windows:

    1. No Scheduler.
    2. No Service Discovery/KV store.
    3. No container repository.
    4. No lightweight CICD system to kick things off.

    I guess that’s all going to be Azure only? Are we going to one day see Kubernetes for Windows arise (at which point Win server is just competing with CoreOS/RedHat OpenShift for trivial value add …sure I guess).

    I’ve moved way beyond DSC … but this is all stuff out there NOW … and DSC has no part in any of it. Just return the parrot and move on.

    1. gaelcolas

      I very much agree with this actually.
      But you’ve already moved beyond… That means you actually learned the CM way first.
      I doubt people who haven’t are in any good shape to just get into the container or serverless model. In the end, it depends a lot on the workload you’re managing…
      I’ve seen people failing with the Container model because they did not get the artefacts management principles to start with… Trying to apply an old model to new tools.

      1. Justin King

        I completely agree with that as well, heck i still struggle with it daily (“do I really need to do this” or “why do people do … oh THAT’S why”) .

        You’re also right that things like Chef/Puppet for CM is a stepping stone, and a very natural one. But the thing is … they are _Established_ … and don’t need DSC to succeed in order to contribute. That’s why i think it’s too late for DSC. The niche it’s trying to fill _is_ a stepping stone … and other tools already do the job.

  5. gaelcolas

    Hey Don, great article, and spot on (again!). Yet, I found that people’s interpretation (on twitter) of what you say are risky…
    DSC as a solution is not there, and I don’t see Azure DSC as a working solution for many (like for those tied to on-premises infrastructure, obviously).

    The problem I see is people not getting into Configuration Management at all because Microsoft’s PS DSC is not endorsed by the big names in the Windows Management space (for good reasons). For some, DSC does not sound a complete enough solution to be worth the effort of learning/trying, and they keep going with manual and/or partially imperative automation instead. [Thinking about it, that’s the early/late majority segments in the diffusion of innovation is about: waiting for something to be mainstream in a market segment]

    The *Nix world has been doing automation for a very long time, and that’s why CM tools have flourished in this space. Windows automation has only started recently with PowerShell (I think vbscript wasn’t “productive” for end-to-end automation, nor the OSes ready), but Microsoft’s customer still have the mindset of waiting to buy a solution from Microsoft, instead of understanding the actual problem and trying to solve them.

    I’ve learned that the CM tool is, in the end, a (relatively) small part of the Infrastructure Management Equation.
    If DSC does not cut it for your company (and I’m not talking about not working in a PowerPoint), you should still learn Configuration Management, and pick *literally* any other tool to start learning.
    Learning (some) DSC is not a waste as you can re-use resources in any other CM tool, and the principles and concepts are similar in different CM.
    One of the key element to learn is Artefact management (via build pipelines), and applied to infrastructure.
    The container model is only an evolution from this (shift left), not a completely new idea (my point is that learning Configuration Management sets you on track for understanding the container model easily).
    Serverless is going even further than the Container model leveraging cloud as a commodity (for now, only Public Cloud is a commodity IMO. Azure Stack might change that in the next 3 years).

    Worth saying as well that MSFT announced at PS Summit & PS Conf EU that they are using the new LCM already in Azure for some of their products. There’s a lot to say and ask about this, but I believe they do understand that’s key to success for the LCM…

  6. panzerbjrn

    Unless DSC becomes a fundamental part of MS products, it’s dead as a dodo.
    Here in London’s finance district, most IT guys either haven’t heard of it, or don’t care because there are other better products that do the same.
    Being a contractor about town, I’m usually the only one who even knows PowerShell (Beyond the occasional one liner that people use google to find)…

Comments are closed