[置顶] [10] Window PowerShell DSC 学习系列----目标节点和Pull 服务器底层通信原理剖析

时间:2021-10-04 00:37:28

在本节中,笔者将会用wireshark抓包,并分析目标节点如何和Pull 服务器通信的?注意笔者本机装的Window Management Framework 5.1,如果是其他的版本,可能请求的URI会不一样,请大家注意。首先需要安装Wireshark,然后让wireshark监听Pull服务器的8080端口。

(1)GET /PSDSCPullServer.svc/Action/ConfigurationContent 请求

当客户机节点注册成功后,其马上就会到pull51w2k12nssl服务器上,根据客户机器上面的ConfigurationID,去取最新的MOF文件。

如下图所示意。

Request:

目标节点发送GET请求到Pull Server(pull51w2k12nssl)去获取ConfigurationContent

GET /PSDSCPullServer.svc/Action(ConfigurationId='262c2f84-38e0-4610-b771-10e3f72281b6')/ConfigurationContent HTTP/1.1
ProtocolVersion: 2.0
Host: pull51w2k12nssl:8080

Response:

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 3000
Content-Type: application/octet-stream
Server: Microsoft-IIS/8.5
ProtocolVersion: 2.0
Prefer: return-content
Checksum: F947C9A459FA6C777387BA67CA13844BFC40A624400E079CA8DAD9802F68EF90
ChecksumAlgorithm: SHA-256
X-Content-Type-Options: nosniff
request-id: 28c7ae25-76ba-0001-27b0-c728ba76d201
DataServiceVersion: 1.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 25 Jan 2017 06:08:19 GMT
/*
@TargetNode='dscc51w2008nssl'
@GeneratedBy=Admin
@GenerationDate=01/24/2017 13:16:13
@GenerationHost=PULL51W2K12NSSL
*/
instance of MSFT_FileDirectoryConfiguration as $MSFT_FileDirectoryConfiguration1ref
{
ResourceID = "[File]DirectoryCopy";
 Type = "Directory";
 Ensure = "Present";
 DestinationPath = "C:\\Users\\Public\\target";
 ModuleName = "PSDesiredStateConfiguration";
 SourceInfo = "C:\\dsc\\FileResourceCopy.ps1::8::9::File";
 Recurse = True;
 SourcePath = "C:\\Users\\Public\\demo";
ModuleVersion = "1.0";  ConfigurationName = "FileResourceCopy"; };
instance of MSFT_LogResource as $MSFT_LogResource1ref
{
SourceInfo = "C:\\dsc\\FileResourceCopy.ps1::17::9::Log";
 ModuleName = "PsDesiredStateConfiguration";
 ResourceID = "[Log]AfterDirectoryCopy";
 Message = "Finished running the file resource with ID DirectoryCopy";
ModuleVersion = "1.0"; DependsOn = {     "[File]DirectoryCopy"};  ConfigurationName = "FileResourceCopy"; };
instance of OMI_ConfigurationDocument
                     {
 Version="2.0.0";
                          MinimumCompatibleVersion = "1.0.0";
                          CompatibleVersionAdditionalProperties= {"Omi_BaseResource:ConfigurationName"};
                          Author="Admin";
                          GenerationDate="01/24/2017 13:16:13";
                          GenerationHost="PULL51W2K12NSSL";
                          Name="FileResourceCopy";
                     };

查看C:\Windows\system32\Configuration目录,发现Current.mof文件已经下载成功。 

Directory: C:\Windows\system32\Configuration
Mode                LastWriteTime         Length Name
----                -------------         ------ ----
d-----        1/24/2017   2:59 PM                BaseRegistration
d-----        1/24/2017   2:59 PM                ConfigurationStatu
d-----        1/25/2017   2:08 PM                ConfigurationStatus
d-----        1/24/2017   2:59 PM                PartialConfigurations
d-----        1/24/2017   2:59 PM                Registration
d-----        1/24/2017   2:59 PM                Schema
-a----        1/25/2017   2:08 PM           3222 Current.mof
-a----        1/25/2017   1:53 PM             64 Current.mof.checksum
-a----        1/25/2017   2:09 PM            540 DSCEngineCache.mof
-a----        1/25/2017   2:09 PM           1858 DSCResourceStateCache.mof
-a----        1/25/2017   2:08 PM           1360 DSCStatusHistory.mof
-a----        1/25/2017   1:53 PM           1864 MetaConfig.mof

Pull服务器根据ConfigurationID返回ConfigurationContent

下载成功后,其会把上面得到的MOF文件放到C:\Windows\system32\Configuration目录下面

PS C:\Windows\system32\Configuration> dir

如果配置的是通过Configuration的名字进行获取的话,则其URI应该如下

GET /PSDSCPullServer.svc/Nodes(AgentId='199404F3-E202-11E6-80B8-BE117D36B7A4')/Configurations(ConfigurationName='unzipFile')
/ConfigurationContent HTTP/1.1ProtocolVersion: 2.0Host: pull51w2k12nssl:8080

http://10.33.2.86:8080//PSDSCPullServer.svc/

(2)第一次发 Post GetAction HTTP请求

目标节点节点执行成功后,其会把其执行的状态返回给Pull服务器。

目标节点发送Post 请求到Pull Server(pull51w2k12nssl)

Request:

POST /PSDSCPullServer.svc/Action(ConfigurationId='262c2f84-38e0-4610-b771-10e3f72281b6')/GetAction HTTP/1.1
Accept: application/json
ProtocolVersion: 2.0
Content-Type: application/json; charset=utf-8
Host: pull51w2k12nssl:8080
Content-Length: 150
Expect: 100-continue
Connection: Keep-Alive

{"Checksum":"F947C9A459FA6C777387BA67CA13844BFC40A624400E079CA8DAD9802F68EF90","NodeCompliant":"False","ChecksumAlgorithm":"SHA-256","StatusCode":"0"}


Response:

pull51w2k12nssl 回复的信息为

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 102
Content-Type: application/json;odata=minimalmetadata;streaming=true;charset=utf-8
Server: Microsoft-IIS/8.5
ProtocolVersion: 2.0
X-Content-Type-Options: nosniff
request-id: 28c7ae25-76ba-0000-40af-c728ba76d201
DataServiceVersion: 3.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 25 Jan 2017 05:30:58 GMT

{"odata.metadata":"http://pull51w2k12nssl:8080/PSDSCPullServer.svc/$metadata#Edm.String","value":"Ok"}


在上面的Post方法中,其会返回一些JSON的键值对,下面分别对其进行描述


@NodeCompliant  

目标节点的配置是否和存储在Pull服务器上的配置同步了

@状态码(Status Code)

目标节点会上传一些状态码(Status Code),意思是最后一次Pull操作的状态,到Pull服务器上。那么这些状态码分别代码什么含义呢?

请参考下面的描述。

Status Code

Description

0

Pull operation was successful

1

Download Manager initialization failure

2

Get configuration command failure

3

Unexpected get configuration response from pull server

4

Configuration checksum file read failure

5

Configuration checksum validation failure

6

Invalid configuration file

7

Available modules check failure

8

Invalid configuration Id In meta-configuration

9

Invalid DownloadManager CustomData in meta-configuration

10

Get module command failure

11

Get Module Invalid Output

12

Module checksum file not found

13

Invalid module file

14

Module checksum validation failure

15

Module extraction failed

16

Module validation failed

17

Downloaded module is invalid

18

Configuration file not found

19

Multiple configuration files found

20

Configuration checksum file not found

21

Module not found

22

Invalid module version format

23

Invalid configuration Id format

24

Get Action command failed

25

Invalid checksum algorithm

26

Get Lcm Update command failed

27

Unexpected Get Lcm Update response from pull server

28

Invalid Refresh Mode in meta-configuration

29

Invalid Debug Mode in meta-configuration


(3)每隔固定时间发 Post GetAction HTTP请求

目标节点节点执行成功后,其会把其执行的状态返回给Pull服务器(pull51w2k12nssl),注意这个请求会定时发送。

下面这个例子的NodeCompliance的状态已经变成为True,因为这是第二次发了。


Request:
 
POST /PSDSCPullServer.svc/Action(ConfigurationId='262c2f84-38e0-4610-b771-10e3f72281b6')/GetAction HTTP/1.1
Accept: application/json
ProtocolVersion: 2.0
Content-Type: application/json; charset=utf-8
Host: pull51w2k12nssl:8080
Content-Length: 150
Expect: 100-continue
Connection: Keep-Alive

{"Checksum":"F947C9A459FA6C777387BA67CA13844BFC40A624400E079CA8DAD9802F68EF90","NodeCompliant":"True","ChecksumAlgorithm":"SHA-256","StatusCode":"0"}


Response:

pull51w2k12nssl 回复的信息为

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 102
Content-Type: application/json;odata=minimalmetadata;streaming=true;charset=utf-8
Server: Microsoft-IIS/8.5
ProtocolVersion: 2.0
X-Content-Type-Options: nosniff
request-id: 28c7ae25-76ba-0000-40af-c728ba76d201
DataServiceVersion: 3.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 25 Jan 2017 05:30:58 GMT

{"odata.metadata":"http://pull51w2k12nssl:8080/PSDSCPullServer.svc/$metadata#Edm.String","value":"Ok"}

(4)如果Pull服务器上的MOF文件删除了,则Pull服务器返回404状态码

Request: 

POST /PSDSCPullServer.svc/Action(ConfigurationId='262c2f84-38e0-4610-b771-10e3f72281b6')/GetAction HTTP/1.1
Accept: application/json
ProtocolVersion: 2.0
Content-Type: application/json; charset=utf-8
Host: pull51w2k12nssl:8080
Content-Length: 150
Expect: 100-continue
Connection: Keep-Alive

{"Checksum":"F947C9A459FA6C777387BA67CA13844BFC40A624400E079CA8DAD9802F68EF90","NodeCompliant":"True","ChecksumAlgorithm":"SHA-256","StatusCode":"0"}


Response: 

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Content-Length: 2195
Content-Type: application/json;odata=minimalmetadata;streaming=true;charset=utf-8
Server: Microsoft-IIS/8.5
ProtocolVersion: 2.0
X-Content-Type-Options: nosniff
request-id: 28c7ae25-76ba-0001-b3b4-c728ba76d201
DataServiceVersion: 3.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 25 Jan 2017 07:23:25 GMT


{"odata.error":{"code":"","message":{"lang":"en-US","value":"Checksum file not located for 
C:\\Program Files\\WindowsPowerShell\\DscService\\Configuration\\262c2f84-38e0-4610-b771-10e3f72281b6.mof.checksum."},
"innererror":{"message":"Checksum file not located for C:\\Program Files\\WindowsPowerShell\\DscService\\Configuration
\\262c2f84-38e0-4610-b771-10e3f72281b6.mof.checksum.","type":"System.IO.FileNotFoundException","stacktrace":""},
"MODATA.Exception.ErrorRecord":{"odata.type":"MODATA.Exception.DataServiceException","ErrorCode":"",
"MessageLanguage":"en-US","StatusCode":404,"Message":"Checksum file not located for C:\\Program Files\\WindowsPowerShell
\\DscService\\Configuration\\262c2f84-38e0-4610-b771-10e3f72281b6.mof.checksum.",
"Data":[],"InnerException":{"Message":"Checksum file not located for C:\\Program Files\\WindowsPowerShell\\DscService
\\Configuration\\262c2f84-38e0-4610-b771-10e3f72281b6.mof.checksum.","Data":[],"InnerException":null,"TargetSite":null,
"StackTrace":null,"HelpLink":null,"Source":null,"HResult":-2147024894},"TargetSite":null,"StackTrace":"   
at Microsoft.Management.Odata.Core.OperationManagerAdapter.InvokeMethod(IInvoker invoker, String functionName, 
String resourceTypeName, Boolean ignoreNotImplementedException)\r\n   at Microsoft.Management.Odata.Core.
OperationManagerAdapter.InvokeOperationManagerFunction[T](Func`1 func, String functionName, String resourceTypeName, 
Boolean ignoreNotImplementedException, T defaultResultForNotImplementedException)\r\n   at Microsoft.Management.Odata.
Core.OperationManagerAdapter.InvokeAction(ResourceType resourceType, IEnumerable`1 resourceKeys, String actionName,
 IEnumerable`1 inputParameters, ResourceType returnType)\r\n   at Microsoft.Management.Odata.Core.DataServiceInvokable.
InvokeActionOnAst(RequestAstNode root)\r\n   at Microsoft.Management.Odata.Core.DataServiceInvokable.Invoke()\r\n   
at Microsoft.Management.Odata.Core.DataServiceUpdateProvider.SaveChanges()\r\n   at System.Data.Services.DataService`
1.HandleNonBatchRequest(RequestDescription description)\r\n   at System.Data.Services.DataService`1.HandleRequest()",
"HelpLink":null,"Source":"Microsoft.Management.OData","HResult":-2146233079}}}

从上面的返回的HTTP的404可知,其还会返回具体出错的原因。

(5)利用Get命令获取服务器上的Module和resource,返回404错误

GET http://pull51w2k12nssl:8080/PSDSCPullServer.svc/Module(ConfigurationId='262c2f84-38e0-4610-b771-10e3f72281b6',ModuleName='xPSDesiredStateConfiguration',ModuleVersion='5.1.0.0')/ModuleContent HTTP/1.1
ProtocolVersion: 2.0
Host: pull51w2k12nssl:8080
Content-Length: 4

如果相应的Module没有在Pull Server准备好,则会返回 404 找不到的错误 
HTTP/1.1 404 Not Found
Cache-Control: no-cache
Content-Length: 224
Content-Type: application/xml;charset=utf-8
Server: Microsoft-IIS/8.5
ProtocolVersion: 2.0
Prefer: return-content
X-Content-Type-Options: nosniff
request-id: 28c7ae25-76ba-0000-f1b1-c728ba76d201
DataServiceVersion: 1.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 25 Jan 2017 08:19:47 GMT

<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code /><m:message xml:lang="en-US">Resource not found for the segment 'Module'.</m:message></m:error>


 解决方法,

标签:

相关文章