My week with the Powershell Deployment Toolkit (PDT

Michal-Matrix-screen-saver_1

 

Many of your will recognize this picture from The Matrix. Well this is what it sort of feels like to watch the PowerShell Deployment Toolkit installer PowerShell script run as it coordinates the installation of all the System Center 2012 SP1 roles. Amazing!

I needed to rebuild my home lab and wanted to leverage the Toolkit to install all the System Center roles. Having a home lab environment with the exact reference architecture as to what Microsoft provides for its field employees seems like a valuable exercise. I also hope this post can provide some insight for others that are looking to build a home lab environment for System Center 2012 SP1 using the PowerShell Deployment Toolkit.

This will be at least a two part series, as I was unable to complete an entire run through before taking a few days off for Memorial Day.

If you want more of an introduction into PDT, you can refer to Rob Willis post over at the Building Clouds Blog on TechNet. In short, the Toolkit is used to rebuild the System Center Demo (SCDemo) environments for all the Microsoft Tech and Sales teams, and now they have released the technology to the rest of the community!

http://blogs.technet.com/b/privatecloud/archive/2013/02/08/deployment-introducing-powershell-deployment-toolkit.aspx

Another great reference is the session hosted by Rob Willis at MMS this year, you can replay the session over on Channel9.

http://channel9.msdn.com/Events/MMS/2013/SD-B302

My home lab consists of one physical computer (HV01) running Windows Server 2012 with the Hyper-V role enabled and it is a DHCP/DNS client of my D-Link Cloud Router/Firewall with a reserved IP address of 192.168.0.120. The server is powered by an Intel Core i5 2400, which has full virtualization support and not a bad buy with a decent motherboard at $240. I currently have 16GB of RAM, but after the first few runs with PDT, I plan to double that to 32GB. You will not be able to startup all the role servers (only 6 will start) with 16GB of RAM unless you change the startup memory values for the VM’s.

In Hyper-V Manager, you will need to create one Hyper-V Virtual Switch called “External” that is bound to your physical NIC. This is a simple home lab that will not be segmented from the rest of my home network; everything can talk to everything else for simplicity of the environment.

To get started with the Toolkit, you need to download it from the TechNet Gallery here:

http://gallery.technet.microsoft.com/PowerShell-Deployment-797b3c6d

Here is an updated version 1004 workflow.xml available here that fixes a few issues, one of them I ran into this past week.

http://blogs.technet.com/b/privatecloud/archive/2013/05/22/deployment-pdt-workflow-xml-1004-now-available.aspx

Once you have download the PDT, unzip it to C:\PDT\PDT2.4.1003.

I copied all the files from PDT2.4.1003 and created a new directory, under C:\PDT called PDT2.4.1004 and then also copied the new version 1004 workflow.xml to this location. I originally had the toolkit directories on a different drive and ran into a few issues that were solved by keeping everything on the System drive.

The downloader script will download all the bits and prerequisites you need to install the full System Center 2012 SP1 suite, so let’s get started, because this will take a while if you are not on super-fast internet.

Before running the downloader script, you will need to have the 64-bit version of Winrar installed.

The first issue I encountered with the downloader script was that it only downloading the first 43 kbytes of the Windows Server 2012 ISO. I guessed that it was a rights issue, because normally you can only download the Windows Server 2012 evaluation after logging into live.com and filling out and confirming your information.

The next thing I tried was to go through the evaluation download process and get to a point where it prompts you to download the ISO, AND THEN kick off downloader.ps1 script, but this also failed. The next thing I tried was to copy the downloaded ISO file to the \TEMP\Downloads\WindowsServer2012 directory and then see if downloader would take it from there. This also failed.

The final solution I found was to just mount the Windows Server 2012 evaluation ISO and copy the bits to \TEMP\WindowsServer2012.

Once the Windows Server 2012 evaluation bits are copied to the \TEMP\WindowsServer2012 folder, you can then run the downloader.ps1 script and it will process all the files successfully.

While all the bits were downloading, I began work on setting up my Active Directory domain controller server. All lab VM’s will use differencing hard drives with a parent for the OS to save disk space.

It is important that you use the Convert-WindowsImage PowerShell script available at the following link to create your sysprep OS images:

http://gallery.technet.microsoft.com/scriptcenter/Convert-WindowsImageps1-0fe23a8f

The Convert-WindowsImage script creates a one volume sysprep OS image. If you use the standard procedures for sysprep images, you will end up with two volumes that will cause failures when creating the System Center role server VM’s later with the VMCreator script.

Upzip and execute the script from PowerShell using .\Convert-WindowsImage.ps1 -ShowUI.

I still had my Windows Server 2012 Evaluation DVD mounted as D, so used the following options:

  • Source: D:\Sources\install.wim
  • Options: ServerStandardEval, VHDX, Fixed, 60GB
  • Working Directory: E:\Hyper-V\VHD

From the E:\Hyper-V\VHD directory, renamed the newly created VHDX to WS2012StdEval.vhdx

If you have a few VHD’s to create, all this can be scripted and the command-line options are documented in the script center link provided above.

Now time to create the Domain Controller VM. From Hyper-V Manager:

  • Create new VM
    • Name: DC01
    • RAM: 1024
    • CPU: 1
    • Network: External
    • Disk: no hard disk
  • Create new disk
    • Format: VHDX
    • Type: Differencing
    • Parent: E:\Hyper-V\VHD\WS2012StdEval.vhdx
    • Name: DC01.vhdx
    • Location: E:\Hyper-V\VHD
  • Settings of DC01, add new IDE hard disk, select E:\Hyper-V\VHD\DC01.vhdx
  • Start DC01, wait
  • Connect to DC01 and personalize
    • Enter Administrator password
    • Turn on Remote Desktop
    • Turn off Firewall
    • Edit TCP/IP properties
      • IP Address: 192.168.0.121 (reserved in my Router via DHCP)
      • Default Subnet Mask of 255.255.255.0
      • Default Gateway: 127.0.0.1
      • Primary DNS: 127.0.0.1
      • Secondary DNS: 192.168.0.1 (Home router)
  • Set TimeZone
  • Install Software Updates and reboot
  • Log on as local administrator
  • From Server Manager on DC01, Add roles and Features
  • Active Directory Domain Services and DNS
    • Promote this server to a Domain Controller
    • Add new forest
    • Root domain: CONTOSO.COM
    • Choose all defaults for DNS
    • Check option to restart if necessary
  • After DC01 has restarted, logon using Domain admin account
  • From Server Manager, Tools, DNS, Properties of DC01, confirm DNS is set to forward to your home router (mine already was) so that all your VM’s can resolve internet addresses.
  • Create System Center 2012 SP1 Service accounts and groups. I choose to simplify the accounts used for my home lab.
    • Groups
      • SQLAdmins
      • SCAdmins
    • Accounts
      • SCInstaller (added to Domain Administrators group)
      • Sc_svc (service acct for all roles)
      • Sc_dw (data write and access acct)
      • Sc_dr (data read and reporting acct)

Hopefully by this time all your bits have downloaded, if not, go get yourself some lunch.

This next step requires a reboot, so if your downloader is still running, it is better to wait. Now my physical Hyper-V server (HV01) is joined to my home CONTOSO.COM domain. You could have called your domain anything, but CONTOSO.COM is already defined in the toolkit scripts, so it is just one less thing to edit…

OK, bits are downloaded, Hyper-V host is joined to my CONTOSO domain, time to deploy my System Center 2012 SP1 role servers. First thing we need to do is review the Variable.xml and modify it to fit your environment. I already knew that having only 16GB of RAM in my host would limit how many VM’s I could deploy, so my first goal was to combine as many roles as possible. Based on Microsoft documentation, the minimum number of role servers you can have is four. DPM, OM Mgmt, SM Mgmt and SM DW Mgmt servers cannot coexist and must be installed on separate systems. To that, you must also have one Windows Server 2008R2 server for SharePoint Foundation and the Service Manager web parts.

I tried multiple combinations to see if I could trick PDT to collapse the roles onto 5 servers, but kept getting validation errors. I can imagine the orchestration of these various combinations to be quite a bit of extra work, so keeping the roles segregated is understandable. One of my future projects will be to have PDT deploy based on the Private Cloud Management Product Line Architecture that was recently released.

I was able to collapse the VMM and AppCtr roles on to one server and choosing not to install the Service Provider Foundation services, I should be able to get by with only 7 servers instead of 9 servers in the default variables.xml. Here is the layout for my System Center 2012 SP1 role servers:

  •  Server11.contoso.com
    • Windows Server 2012
    • SQL Server 2012
    • VMM DB
    • VMM Mgmt
    • AppCtr DB
    • AppCtr Srv
  • Server12.contoso.com
    • Windows Server 2012
    • SQL Server 2012
    • Orch DB
    • Orch Mgmt
    • Orch RB Primary
    • Orch Web
    • Orch RB Designer
  • Server13.contoso.com
    • Windows Server 2012
    • SQL Server 2012
    • OM DB
    • OM DW
    • OM Rpt/SSRS
    • OM Mgmt
    • OM Console
    • OM Web Console
  • Server 14.contoso.com
    • Windows Server 2012
    • SQL Server 2012
    • SM DB
    • SM Web Content
    • SM Mgmt
  • Server15.contoso.com
    • Windows Server 2012
    • SQL Server 2012
    • SM DW
    • SM SSAS
    • SM SSRS
    • SM DW Mgmt
  • Server16.contoso.com
    • Windows Server 2012
    • SQL Server 2008R2 (Why?)
    • CM DB
    • CM Prov
    • CM Site
  • Server17.contoso.com
    • Windows Server 2008R2 SP1
    • SharePoint Foundation
    • Service Manager Webparts

Interesting that SQL Server 2008R2 is chosen for Configuration Manager 2012!

Modifications to the original variable.xml:

  • Installer Service Account: CONTOSO\SCInstaller
  • All System Center service accts: sc_svc
  • All System Center groups to: SCAdmin
  • Data Accts: sc_dw
  • Data read and reporting: sc_dr
  • Decreased the number of servers to 7
  • Default VM folders to: E:\Hyper-V\VM
  • Changed Max memory of SM and OM servers (Server 13,14,15) to 8096
  • Added WS2008 vhdx for server17

Here is my edited PDT files.

Small PDT

Now that you have your roles defined, it’s time to create some VM’s to host your System Center 2011 SP1 roles. If you have your variables.xml setup correctly, it’s just a matter of running the VMCreator.ps1 script from your PDT folder. Again, having only 16GB of RAM, it was only able to startup 6 of my VM’s after they are created. I waited until most of them got though their configuration and they settled back down to 1024, then I was able to start the last VM.

More information on the VMCreater is here:

http://blogs.technet.com/b/privatecloud/archive/2013/02/18/deployment-the-pdt-vm-creator.aspx

The Windows Server 2008 VM did not domain join, so I had to do it manually. It looks like the network settings did not take, so it did not have the AD DNS IP and could not see the domain. I added the TCP/IP properties and was then able to join it to the Contoso.com domain.

I also had to enable WinRM manually on the Windows Server 2008R2 SP1 VM using WinRM QuickConfig

Once the VM’s are created, it’s time to run the Installer.ps1 script from your PDT folder. One issue I encountered was that the Installer script assumed the directory with all the bits were on the same drive it was run from. I originally had this on another drive, but once I moved my PDT folder to the System drive, it pulled all the bits downloaded using the downloader.ps1 script earlier.

My first run, prior to setting the max memory for SMM, SMDWM and OM failed, most likely due to memory preq for those roles.

My second run failed installing .NET, this too might be memory related, or a timeout issue with 7 servers trying to compete for low memory.

Next steps for me is to increase memory to 32GB on my host server and try another run through, or possibly taking CM and the WS2008 SharePoint Foundations server out of the mix…

Even with these failures, I am extremely impressed with the possibilities now available with the PowerShell Deployment Toolkit. Once I get the kinks worked out in my lab, I look forward to the full orchestration provided by this tool!

 

2 thoughts on “My week with the Powershell Deployment Toolkit (PDT

Leave a Reply