Moving forward with PowerShell and Windows Server 2016

This post was authored by Keith Bankston, Senior Program Manager, Windows Server.

Jeffrey Snover talked about the various eras for Windows Server in his recent blog titled, Ten reasons you’ll love Windows Server 2016 #10: Nano Server, adding that Windows Server 2016 represents the next era of Windows Server computing by providing numerous new features to deploy a strong cloud server. PowerShell has evolved to support and automate Windows Server in each of these eras.

The Windows Server cloud era provides new concepts and capabilities to bring customers to the next level of computing with a strong platform of technologies, leveraging and building upon earlier concepts. The Windows Server cloud ara also strongly encourages new models and approaches via the new minimal Nano Server installation option. PowerShell moves forward as a tool for DevOps with Desired State Configuration and support for Open Source technologies (such as Pester and DevOps tool vendors).

The matrix below puts the current Windows and PowerShell Eras into perspective.

The eras of Windows Server

 

Server for the masses – Windows NT

Server GUI

Enabled anyone to set up and run server workloads.

VB Scripting and DOS commands

No PowerShell.

Rare automation, normally manual GUI steps.

Enterprise server era – Windows 2000 Server, Windows Server 2003

Windows Active Directory and Group Policy

Eased management of many servers by providing consistent authentication and configuration across the enterprise.

Complete language for shell and scripting delivered on an extensible framework.Delivers new concepts of structured data pipelines and extended object semantics.

PowerShell begins!

Enables automation across many servers reducing errors, cost and downtime. Strong support from early adopters forms passionate community.

Datacenter server era – Windows Server 2008, Windows Server 2012

Windows virtualization, network and storage management, Remote Server Administration Tools

Enabled managing interconnected, networked servers hosted in remote datacenters.

Provides broad cmdlet coverage, full featured remoting, composable modules, workflows and the integrated scripting editor across all Windows SKUs and Downlevel via WMF.

Full PowerShell – Age of automation on Windows.

Leveraged on millions of machines, PowerShell enables a large and powerful community to completely automate Windows management across the Datacenter.

Cloud server era – Windows Server 2016

Windows Server adds support for Containers, Docker, Server management tools (SMT).

Nano Server installation option.

Aligns with DevOps methodologies & enables transition to public or private clouds. Provides a headless server with minimal footprint, attack surface and increased uptime.

Provides new configuration-as-code capabilities via PowerShell Desired State Configuration (DSC), Operational Validation Testing and PackageManagement remote debugging.

Shifts to a stronger system programmer scripting language with PowerShell classes, Pester Unit tests, Code analysis tools, Visual Studio and Visual Studio Code support.

Addresses popularity and security with audit logs and ships security improvements in JEA (Just Enough Admin privileges).

Rebuilds itself over CoreCLR supporting Nano Server.

PowerShell and the cloud era

Leveraging the strength of community and inbox package management, the open-source-driven PowerShell Gallery provides 100s of modules and resources downloaded in the 100,000s to support automation and DevOps on Windows Servers.

The cloud era: Windows Server 2016 and PowerShell 5

Windows Server embraces the new cloud era by adding support for new scenarios and enabling two primary focus areas for management:

1.    Ease the transition of server workloads into the cloud by supporting DevOps, and enabling consistent management of enterprise, private and public cloud systems.
2.    Provide Nano Server, a lightweight installation option that is small, fast and easily maintained for the cloud host, guest and container.

 

DevOps, Windows and PowerShell

Windows Server was previously silent on the interface between Devs and Ops and provided no clear set of choices or recommendations. Windows Server 2016 resolves the interface between Dev and Ops and PowerShell provides the foundation for this across the DevOps lifecycle with:

•    PowerShell Desired State Configuration (DSC). Introduced in Windows Server 2012r2, DSC enables defining configuration as code, providing consistency for dev and production environments.
•    Direct access to DSC resources enables a range of DevOps tools for management, including Chef and Puppet.
•    PowerShell Package Management via Windows Server Application (WSA) & l Package Management cmdlets. This provides a consistent approach to controlling what is installed on servers and enables selectively installing Server Roles for Nano Server.
•    Containers & Docker, managed via PowerShell Package Management cmdlets. Container and Docker images enabled.
•    PowerShell Gallery, Powershell GetHub repo and PowerShellGet cmdlets. Enables users to get and improve community resources to speed solution delivery.
•    Pester test framework for PowerShell code. Added to Windows in Windows 10, it allows devs to provide tests that accompany their PowerShell code. It also allows admins to quickly and precisely determine which parts of their environment are working and which are not.
•    PowerShell remote debugging, ISE improvements and Script Analyzer. Speeds delivery of solutions based on PowerShell.
•    Secure operations using Just Enough Administration to allow people to perform specific admin tasks without giving them full admin privileges.
•    Defining Classes using PowerShell. Allows developers to write PowerShell types in a manner they are familiar with, and reduces the code needed for DSC solutions.

The addition of these features provides tools that support the transition to DevOps processes, and ensures consistency for management apps across dev, test and production for on-premises and cloud-hosted solutions.

 

Management of Nano Server

Nano Server is a new installation option, providing the smallest Windows Server needed to build the cloud OS infrastructure or application host in a guest or container. This also makes it ideal for born-in-the-cloud applications running .NET core, ASP .Net Core and 3rd party frameworks, such as Node.JS, Ruby and Python.

Nano Server is designed to be managed by PowerShell, and is configured using PowerShell and DSC.

•    Nano Server can be managed via PowerShell Remoting. Nano Server has no GUI, so IT Pros use familiar PowerShell remote management tools added in Windows Server 2012 to connect to and manage Nano Server.
•    PowerShell Core for Nano Server has been rewritten to work on .NET Core. .NET Core is a smaller, component-based and portable version of.NET, which means this version of PowerShell shares those same characteristics.
•    Server Roles for Nano Server are added using PowerShell Package Management cmdlets. Add only the Roles needed for the workload you are running using a single set of PowerShell cmdlets.
•    PowerShell DSC enables consistent configuration of Nano Server. Group Policy is not part of Nano Server, so DSC provides the consistency management platform.

Although Nano Server is designed to be managed by PowerShell, using PowerShell is not required. Nano Server can also be managed remotely using existing MMC snap-ins, Server Manager and the new web-based Server Management Tools (SMT).

Delivering Nano Server meant removing anything that was not required for cloud server workloads, including the GUI and Group Policy, as well as any server roles, PowerShell workflows and cmdlets that need the full .NET. Removing Group Policy means using PowerShell DSC to provide configuration consistency. Group Policy is better suited to enterprise scenarios, where the domain hierarchy and directory OU define which settings to apply to new users and computers. DSC is better designed to support DevOps and provides a cloud-scale management platform for capturing configuration in code that is not dependent upon Active Directory or limited by application settings exposed for GP use. We blogged previously about client management, Group Policy not being included in Nano Server and managing security settings on Nano Server, and we will add more information in the near future.

 

Moving PowerShell forward at cloud pace

The innovation PowerShell is delivering with Windows Server 2016 provides a platform to facilitate the transition into the cloud and DevOps era. Moving forward, PowerShell will continue to provide new value, keeping up with the pace of industry innovation. The PowerShell team moves technology to an open source and web-based delivery model on a case-by-case basis as business models and technology permit. For example, the Pester test framework started in open source has been added to Windows. Likewise, many modules containing PowerShell DSC Resources for Windows components are delivered rapidly via the PowerShell Gallery and on GitHub, allowing for a more complete and up-to-date Windows management experience. Windows remains the premier PowerShell platform and enables its customers to get immediate benefit from these technologies.

For more detail on the new features in Windows Server 2016, and to see what we are adding via open source channels, visit the PowerShell home page.