Desired State Configuration Azure Extension


If you read this blog you already heard about few tools in order to apply a Desired State Configuration script to your system. Today i want to write about Azure DSC Extension. This extension, can be used in two ways. The first, and the crappiest, is using the GUI, and you know what? I won’t spend much time on it. And the second one is using PowerShell Azure SDK!

So let’s take a look at this DSC Azure Extension!


Azure DSC Extension Portal

Let’s open Virtual Machines parameters in Azure portal


Once parameters appears in the left window, click on Extensions and on the next window, you’ll see a BGInfo extension and a DSC one (if you already apply a DSC configuration).


If you want to deploy a new DSC configuration, just click on Add and choose the Microsoft PowerShell DSC extension in the list.


A new window with few blah blah appears explaining what DSC is, why you should use it, and advertise you that PowerShell v5 will be installed alongside this extension.


Click on create. And fill all fields on the next Window in order to have the configuration applied.

Please note that if you already have a configuration applied, it’ll be remplaced by this one.


And now your configuration will apply (or not)!

Apply a configuration with Desired State Configuration

The first thing to do is to get the last Azure PowerShell SDK on github.

Once this is done let’s build a configuration in order to enable IIS

Please look that you don’t have to generate a MOF file, it’s the Azure DSC Extension that will generate it. Also, do not forget to install xWebAdministration resource 😉

Now we will use DSC to setup the environment, create the Affinity group, the service the VM and apply the DSC Configuration to the VM ! To do this task, the configuration script and all the needed resources will be merged into a single .zip file and pushed to a storage account and downloaded by the Azure DSC extension.

After a few minutes, your VM is now deployed with the assigned configuration as you can see in your verbose screen

06 07


In order to detect a failure or a success in your deployment, Azure team has provided you a cmdlet for that: Get-AzureVMDscExtensionStatus

The first thing to do is to create an object containing all the VM informations and properties.

Once you get it, you just have to pipe $vm to the cmdlet

And you will get some useful informations.

Note that Status is Success and DscConfigurationLog contains all the verbose messages from LCM!

If you got an error in this message you can also log on your VM and check C:\WindowsAzure\Logs

Sans titre

The ones interesting are DscExtensionHandler.* files. If you open the last one (which is the one you applied with your script) you’ll see that everything is here to help you debug.

You can see every action and have a better understanding about how DSC Extension works behind the scene!

 Pester validation

In order to implement this script in your continuous delivery process, here is a Pester script to validate your deployed infrastructure.



Hope this’ll help you!

See you