启用 Azure Automation State ConfigurationEnable Azure Automation State Configuration

本主题介绍如何设置通过 Azure Automation State Configuration 进行管理的计算机。This topic describes how you can set up your machines for management with Azure Automation State Configuration. 有关该服务的详细信息,请参阅 Azure Automation State Configuration 概述For details of this service, see Azure Automation State Configuration overview.

启用 Azure VMEnable Azure VMs

Azure Automation State Configuration 让你能够使用 Azure 门户、Azure 资源管理器模板或 PowerShell 轻松启用 Azure VM 以进行配置管理。Azure Automation State Configuration lets you easily enable Azure VMs for configuration management, using the Azure portal, Azure Resource Manager templates, or PowerShell. 在后台,在不需要管理员远程连接到 VM 的情况下,Azure VM Desired State Configuration 扩展会在 Azure Automation State Configuration 中注册 VM。Under the hood, and without an administrator having to remote into a VM, the Azure VM Desired State Configuration extension registers the VM with Azure Automation State Configuration. 由于 Azure 扩展以异步方式运行,因此检查 VM 设置状态中提供了跟踪其进度的步骤。Since the Azure extension runs asynchronously, steps to track its progress are provided in Check status of VM setup.

备注

将 DSC 部署到 Linux 节点时,要使用 /tmp 文件夹。Deploying DSC to a Linux node uses the /tmp folder. 临时下载 nxautomation 等模块进行验证,然后再将它们安装到适当的位置。Modules such as nxautomation are temporarily downloaded for verification before installing them in their appropriate locations. 为确保正确安装模块,适用于 Linux 的 Log Analytics 代理需要具有 /tmp 文件夹的读/写权限。To ensure that modules install correctly, the Log Analytics agent for Linux needs read/write permissions on the /tmp folder.

适用于 Linux 的 Log Analytics 代理以 omsagent 用户身份运行。The Log Analytics agent for Linux runs as the omsagent user. 若要向 omsagent 用户授予 >写入权限,请运行命令 setfacl -m u:omsagent:rwx /tmpTo grant >write permission to the omsagent user, run the command setfacl -m u:omsagent:rwx /tmp.

使用 Azure 门户启用 VMEnable a VM using Azure portal

若要使 Azure VM 能够通过 Azure 门户进行状态配置,请执行以下操作:To enable an Azure VM to State Configuration through the Azure portal:

  1. 导航至要在其中启用 VM 的 Azure 自动化帐户。Navigate to the Azure Automation account in which to enable VMs.

  2. 在“State Configuration”页中,选择“节点”选项卡,然后单击“添加” 。On the State Configuration page, select the Nodes tab, then click Add.

  3. 选择要启用的 VM。Choose a VM to enable.

  4. 如果虚拟机未安装 PowerShell 所需状态扩展且电源状态为“正在运行”,请单击“连接”。If the machine doesn't have the PowerShell desired state extension installed and the power state is running, click Connect.

  5. 在“注册”下,输入用例所需的 PowerShell DSC 本地配置管理器值Under Registration, enter the PowerShell DSC Local Configuration Manager values required for your use case. 可以选择性地输入要分配给 VM 的节点配置。Optionally, you can enter a node configuration to assign to the VM.

启用 VM

使用 Azure 资源管理器模板启用 VMEnable a VM using Azure Resource Manager templates

可以使用 Azure 资源管理器模板安装和启用 VM 以用于 State Configuration。You can install and enable a VM for State Configuration using Azure Resource Manager templates. 有关启用现有 VM 以用于 State Configuration 的示例模板,请参阅 Desired State Configuration 服务管理的服务器See Server managed by Desired State Configuration service for an example template that enables an existing VM for State Configuration. 如果要管理虚拟机规模集,请参阅 Azure 自动化管理虚拟机规模集配置中的示例模板。If you are managing a virtual machine scale set, see the example template in Virtual machine scale set configuration managed by Azure Automation.

使用 PowerShell 启用虚拟机Enable machines using PowerShell

可以在 PowerShell 中使用 Register-AzAutomationDscNode cmdlet,以启用用于 State Configuration 的 VM。You can use the Register-AzAutomationDscNode cmdlet in PowerShell to enable VMs for State Configuration.

备注

当前仅为运行 Windows 的计算机实施 Register-AzAutomationDscNode cmdlet,因为它仅触发 Windows 扩展。The Register-AzAutomationDscNode cmdlet is implemented currently only for machines running Windows, as it triggers just the Windows extension.

在各 Azure 订阅中注册 VMRegister VMs across Azure subscriptions

从其他 Azure 订阅中注册 VM 的最佳方式是使用 Azure 资源管理器部署模板中的 DSC 扩展。The best way to register VMs from other Azure subscriptions is to use the DSC extension in an Azure Resource Manager deployment template. Desired State Configuration 扩展与 Azure 资源管理器模板中提供了相关示例。Examples are provided in Desired State Configuration extension with Azure Resource Manager templates.

若要查找注册密钥和注册 URL 以作为模板中的参数,请参阅使用注册安全启用计算机To find the registration key and registration URL to use as parameters in the template, see Enable machines securely using registration.

启用 Windows 物理/虚拟计算机Enable physical/virtual Windows machines

可在 Azure Automation State Configuration 中启用本地运行的或在其他云环境中运行的 Windows 服务器。You can enable Windows servers running on-premises or in other cloud environments to Azure Automation State Configuration. 服务器必须具有 Azure 的出站访问权限The servers must have outbound access to Azure.

  1. 确保在为 State Configuration 启用的计算机上安装了新版本的 WMF 5Make sure that the latest version of WMF 5 is installed on the machines to enable for State Configuration. 此外,必须在用于启用 Windows 物理/虚拟计算机的计算机上安装 WMF 5。In addition, WMF 5 must be installed on the computer that you are using for enabling the machines.

  2. 请按照生成 DSC 元配置中的说明创建一个包含所需 DSC 元配置的文件夹。Follow the directions in Generate DSC metaconfigurations to create a folder containing the required DSC metaconfigurations.

  3. 使用以下 cmdlet 将 PowerShell DSC 元配置远程应用于要启用的计算机。Use the following cmdlet to apply the PowerShell DSC metaconfigurations remotely to the machines to enable.

    Set-DscLocalConfigurationManager -Path C:\Users\joe\Desktop\DscMetaConfigs -ComputerName MyServer1, MyServer2
    
  4. 如果无法从远程应用 PowerShell DSC 元配置,请将“元配置”文件夹复制到要启用的计算机。If you can't apply the PowerShell DSC metaconfigurations remotely, copy the metaconfigurations folder to the machines that you are enabling. 然后添加代码以在计算机上本地调用 Set-DscLocalConfigurationManagerThen add code to call Set-DscLocalConfigurationManager locally on the machines.

  5. 使用 Azure 门户或 cmdlet,验证计算机是否显示为在 Azure 自动化帐户中注册的“State Configuration”节点。Using the Azure portal or cmdlets, verify that the machines appear as State Configuration nodes registered in your Azure Automation account.

启用 Linux 物理/虚拟计算机Enable physical/virtual Linux machines

可以为 State Configuration 启用在本地或其他云环境中运行的 Linux 服务器。You can enable Linux servers running on-premises or in other cloud environments for State Configuration. 服务器必须具有 Azure 的出站访问权限The servers must have outbound access to Azure.

  1. 确保在为 State Configuration 启用的计算机上安装了适用于 Linux 的 PowerShell Desired State Configuration的最新版本。Make sure that the latest version of PowerShell Desired State Configuration for Linux is installed on the machines to enable for State Configuration.

  2. 如果 PowerShell DSC 本地配置管理器默认值与用例匹配,并且想要启用计算机以便从 State Configuration 提取信息并向其报告:If the PowerShell DSC Local Configuration Manager defaults match your use case, and you want to enable machines so that they both pull from and report to State Configuration:

    • 在要启用的每个 Linux 计算机上,使用 Register.py 启用使用 PowerShell DSC 本地配置管理器默认值的计算机。On each Linux machine to enable, use Register.py to enable the machine with the PowerShell DSC Local Configuration Manager defaults.

      /opt/microsoft/dsc/Scripts/Register.py <Automation account registration key> <Automation account registration URL>

    • 若要查找自动化帐户的注册密钥和注册 URL,请参阅使用注册安全启用计算机To find the registration key and registration URL for your Automation account, see Enable machines securely using registration.

  3. 如果 PowerShell DSC 本地配置管理器 (LCM) 默认值与用例不匹配,或者想要启用仅向 Azure Automation State Configuration 报告的计算机,请按照步骤 4-7 进行操作。If the PowerShell DSC Local Configuration Manager (LCM) defaults don't match your use case, or you want to enable machines that only report to Azure Automation State Configuration, follow steps 4-7. 否则,请直接跳到步骤 7。Otherwise, proceed directly to step 7.

  4. 请按照生成 DSC 元配置部分中的说明创建一个包含所需 DSC 元配置的文件夹。Follow the directions in Generate DSC metaconfigurations section to produce a folder containing the required DSC metaconfigurations.

  5. 确保在计算机上安装了新版本的 WMF 5,该计算机用于为 State Configuration 启用你的虚拟机。Make sure that the latest version of WMF 5 is installed on the computer being used to enable your machines for State Configuration.

  6. 添加如下代码,将 PowerShell DSC 元配置远程应用于要启用的计算机。Add code as follows to apply the PowerShell DSC metaconfigurations remotely to the machines to enable.

    $SecurePass = ConvertTo-SecureString -String '<root password>' -AsPlainText -Force
    $Cred = New-Object System.Management.Automation.PSCredential 'root', $SecurePass
    $Opt = New-CimSessionOption -UseSsl -SkipCACheck -SkipCNCheck -SkipRevocationCheck
    
    # need a CimSession for each Linux machine to onboard
    $Session = New-CimSession -Credential $Cred -ComputerName <your Linux machine> -Port 5986 -Authentication basic -SessionOption $Opt
    
    Set-DscLocalConfigurationManager -CimSession $Session -Path C:\Users\joe\Desktop\DscMetaConfigs
    
  7. 如果无法远程应用 PowerShell DSC 元配置,请将与远程计算机相对应的元配置从步骤 4 中所述的文件夹复制到 Linux 计算机。If you can't apply the PowerShell DSC metaconfigurations remotely, copy the metaconfigurations corresponding to the remote machines from the folder described in step 4 to the Linux machines.

  8. 添加代码,在为 State Configuration 启用的每台 Linux 计算机上本地调用 Set-DscLocalConfigurationManager.pyAdd code to call Set-DscLocalConfigurationManager.py locally on each Linux machine to enable for State Configuration.

    /opt/microsoft/dsc/Scripts/SetDscLocalConfigurationManager.py -configurationmof <path to metaconfiguration file>

  9. 使用 Azure 门户或 cmdlet,确保要启用的计算机当前在 Azure 自动化帐户中显示为注册的 DSC 节点。Using the Azure portal or cmdlets, ensure that the machines to enable now show up as DSC nodes registered in your Azure Automation account.

生成 DSC 元配置Generate DSC metaconfigurations

若要启用任何计算机以用于 State Configuration,可以生成 DSC 元配置To enable any machine for State Configuration, you can generate a DSC metaconfiguration. 此配置通知 DSC 代理从 Azure Automation State Configuration 提取信息和/或向其报告。This configuration tells the DSC agent to pull from and/or report to Azure Automation State Configuration. Azure Automation State Configuration 的 DSC 元配置可以使用 PowerShell DSC 配置或 Azure 自动化 PowerShell cmdlet 生成。You can generate a DSC metaconfiguration for Azure Automation State Configuration using either a PowerShell DSC configuration or the Azure Automation PowerShell cmdlets.

备注

DSC 元配置包含在自动化帐户中启用计算机以便进行管理所需的机密。DSC metaconfigurations contain the secrets needed to enable a machine in an Automation account for management. 请务必适当保护所创建的任何 DSC 元配置,或者在使用后将其删除。Make sure to properly protect any DSC metaconfigurations you create, or delete them after use.

元配置的代理支持由本地配置管理器(即 Windows PowerShell DSC 引擎)控制。Proxy support for metaconfigurations is controlled by the Local Configuration Manager, which is the Windows PowerShell DSC engine. LCM 在所有的目标节点上运行,负责调用 DSC 元配置脚本中包含的配置资源。The LCM runs on all target nodes and is responsible for calling the configuration resources that are included in a DSC metaconfiguration script. 通过在 ConfigurationRepositoryWebResourceRepositoryWebReportServerWeb 块中根据需要包含 ProxyURLProxyCredential 属性的定义,可以在元配置中包含代理支持。You can include proxy support in a metaconfiguration by including definitions of ProxyURL and ProxyCredential properties as needed in the ConfigurationRepositoryWeb, ResourceRepositoryWeb, and ReportServerWeb blocks. 例如,URL 设置为 ProxyURL = "http://172.16.3.6:3128";An example of the URL setting is ProxyURL = "http://172.16.3.6:3128";. ProxyCredential 属性设置为 PSCredential 对象,如在 Azure 自动化中管理凭据中所述。The ProxyCredential property is set to a PSCredential object, as described in Manage credentials in Azure Automation.

使用 DSC 配置生成 DSC 元配置Generate DSC metaconfigurations using a DSC configuration

  1. 在本地环境中,以计算机管理员身份打开 VSCode(或偏好的编辑器)。Open VSCode (or your favorite editor) as an administrator on a machine in your local environment. 计算机上必须已安装最新版本的 WMF 5The machine must have the latest version of WMF 5 installed.

  2. 在本地复制以下脚本。Copy the following script locally. 此脚本包含用于创建元配置的 PowerShell DSC 配置,以及用于开始执行元配置创建操作的命令。This script contains a PowerShell DSC configuration for creating metaconfigurations, and a command to kick off the metaconfiguration creation.

    备注

    State Configuration 节点配置名称在 Azure 门户中区分大小写。State Configuration Node Configuration names are case-sensitive in the Azure portal. 如果大小写不匹配,节点将不会显示在“节点”选项卡下。If the case is mismatched, the node will not show up under the Nodes tab.

    # The DSC configuration that will generate metaconfigurations
    [DscLocalConfigurationManager()]
    Configuration DscMetaConfigs
    {
         param
         (
             [Parameter(Mandatory=$True)]
             [String]$RegistrationUrl,
    
             [Parameter(Mandatory=$True)]
             [String]$RegistrationKey,
    
             [Parameter(Mandatory=$True)]
             [String[]]$ComputerName,
    
             [Int]$RefreshFrequencyMins = 30,
    
             [Int]$ConfigurationModeFrequencyMins = 15,
    
             [String]$ConfigurationMode = 'ApplyAndMonitor',
    
             [String]$NodeConfigurationName,
    
             [Boolean]$RebootNodeIfNeeded= $False,
    
             [String]$ActionAfterReboot = 'ContinueConfiguration',
    
             [Boolean]$AllowModuleOverwrite = $False,
    
             [Boolean]$ReportOnly
         )
    
         if(!$NodeConfigurationName -or $NodeConfigurationName -eq '')
         {
             $ConfigurationNames = $null
         }
         else
         {
             $ConfigurationNames = @($NodeConfigurationName)
         }
    
         if($ReportOnly)
         {
             $RefreshMode = 'PUSH'
         }
         else
         {
             $RefreshMode = 'PULL'
         }
    
         Node $ComputerName
         {
             Settings
             {
                 RefreshFrequencyMins           = $RefreshFrequencyMins
                 RefreshMode                    = $RefreshMode
                 ConfigurationMode              = $ConfigurationMode
                 AllowModuleOverwrite           = $AllowModuleOverwrite
                 RebootNodeIfNeeded             = $RebootNodeIfNeeded
                 ActionAfterReboot              = $ActionAfterReboot
                 ConfigurationModeFrequencyMins = $ConfigurationModeFrequencyMins
             }
    
             if(!$ReportOnly)
             {
             ConfigurationRepositoryWeb AzureAutomationStateConfiguration
                 {
                     ServerUrl          = $RegistrationUrl
                     RegistrationKey    = $RegistrationKey
                     ConfigurationNames = $ConfigurationNames
                 }
    
                 ResourceRepositoryWeb AzureAutomationStateConfiguration
                 {
                     ServerUrl       = $RegistrationUrl
                     RegistrationKey = $RegistrationKey
                 }
             }
    
             ReportServerWeb AzureAutomationStateConfiguration
             {
                 ServerUrl       = $RegistrationUrl
                 RegistrationKey = $RegistrationKey
             }
         }
    }
    
     # Create the metaconfigurations
     # NOTE: DSC Node Configuration names are case sensitive in the portal.
     # TODO: edit the below as needed for your use case
    $Params = @{
         RegistrationUrl = '<fill me in>';
         RegistrationKey = '<fill me in>';
         ComputerName = @('<some VM to onboard>', '<some other VM to onboard>');
         NodeConfigurationName = 'SimpleConfig.webserver';
         RefreshFrequencyMins = 30;
         ConfigurationModeFrequencyMins = 15;
         RebootNodeIfNeeded = $False;
         AllowModuleOverwrite = $False;
         ConfigurationMode = 'ApplyAndMonitor';
         ActionAfterReboot = 'ContinueConfiguration';
         ReportOnly = $False;  # Set to $True to have machines only report to AA DSC but not pull from it
    }
    
    # Use PowerShell splatting to pass parameters to the DSC configuration being invoked
    # For more info about splatting, run: Get-Help -Name about_Splatting
    DscMetaConfigs @Params
    
  3. 填写自动化帐户的注册密钥和 URL,以及要启用的计算机名称。Fill in the registration key and URL for your Automation account, as well as the names of the machines to enable. 所有其他参数都是可选的。All other parameters are optional. 若要查找自动化帐户的注册密钥和注册 URL,请参阅使用注册安全启用计算机To find the registration key and registration URL for your Automation account, see Enable machines securely using registration.

  4. 如果希望计算机向 Azure Automation State Configuration 报告 DSC 状态信息但不提取配置或 PowerShell 模块,请将 ReportOnly 参数设置为 true。If you want the machines to report DSC status information to Azure Automation State Configuration, but not pull configuration or PowerShell modules, set the ReportOnly parameter to true.

  5. 如果未将 ReportOnly 设置为 true,则计算机向 Azure Automation State Configuration 报告 DSC 状态信息并提取配置或 PowerShell 模块。If ReportOnly is not set, the machines report DSC status information to Azure Automation State Configuration and pull configuration or PowerShell modules. ConfigurationRepositoryWebResourceRepositoryWebReportServerWeb 块中相应地设置参数。Set parameters accordingly in the ConfigurationRepositoryWeb, ResourceRepositoryWeb, and ReportServerWeb blocks.

  6. 运行该脚本。Run the script. 现在,应有一个名为 DscMetaConfigs 的工作目录文件夹,其中包含要启用的计算机的 PowerShell DSC 元配置(作为管理员)。You should now have a working directory folder called DscMetaConfigs, containing the PowerShell DSC metaconfigurations for the machines to enable (as an administrator).

    Set-DscLocalConfigurationManager -Path ./DscMetaConfigs
    

使用 Azure 自动化 cmdlet 生成 DSC 元配置Generate DSC metaconfigurations using Azure Automation cmdlets

如果 PowerShell DSC LCM 默认值与用例匹配,并且你希望计算机能同时从 Azure Automation State Configuration 提取配置并向其报告状态信息,则可以使用 Azure 自动化 cmdlet 更轻松地生成所需的 DSC 元配置。If PowerShell DSC LCM defaults match your use case and you want to enable machines to both pull from and report to Azure Automation State Configuration, you can generate the needed DSC metaconfigurations more simply using the Azure Automation cmdlets.

  1. 在本地环境中,以计算机管理员身份打开 PowerShell 控制台或 VSCode。Open the PowerShell console or VSCode as an administrator on a machine in your local environment.

  2. 使用 Connect-AzAccount 连接到 Azure 资源管理器。Connect to Azure Resource Manager using Connect-AzAccount.

  3. 从要设置节点的目标自动化帐户下载想要启用的计算机的 PowerShell DSC 元配置。Download the PowerShell DSC metaconfigurations for the machines you want to enable from the Automation account in which you are setting up nodes.

    # Define the parameters for Get-AzAutomationDscOnboardingMetaconfig using PowerShell Splatting
    $Params = @{
        ResourceGroupName = 'ContosoResources'; # The name of the Resource Group that contains your Azure Automation account
        AutomationAccountName = 'ContosoAutomation'; # The name of the Azure Automation account where you want a node on-boarded to
        ComputerName = @('web01', 'web02', 'sql01'); # The names of the computers that the metaconfiguration will be generated for
        OutputFolder = "$env:UserProfile\Desktop\";
    }
    # Use PowerShell splatting to pass parameters to the Azure Automation cmdlet being invoked
    # For more info about splatting, run: Get-Help -Name about_Splatting
    Get-AzAutomationDscOnboardingMetaconfig @Params
    
  4. 现在,应有一个名为 DscMetaConfigs 的文件夹,其中包含要启用的计算机的 PowerShell DSC 元配置(作为管理员)。You should now have a DscMetaConfigs folder containing the PowerShell DSC metaconfigurations for the machines to enable (as an administrator).

    Set-DscLocalConfigurationManager -Path $env:UserProfile\Desktop\DscMetaConfigs
    

使用注册安全启用计算机Enable machines securely using registration

可以通过 WMF 5 DSC 注册协议为 Azure 自动化帐户安全地启用计算机。You can enable machines securely for an Azure Automation account through the WMF 5 DSC registration protocol. 此协议允许 DSC 节点向 PowerShell DSC 提取或报告服务器(包括 Azure Automation State Configuration)进行身份验证。This protocol allows a DSC node to authenticate to a PowerShell DSC pull or report server, including Azure Automation State Configuration. 节点将注册到位于注册 URL 的服务器,并使用注册密钥进行身份验证。The node registers with the server at the registration URL and authenticates using a registration key. 在注册期间,DSC 节点和 DSC 提取服务器/报告服务器将协商唯一证书,以便在注册后使用此节点向服务器进行身份验证。During registration, the DSC node and DSC pull/report server negotiate a unique certificate for the node to use for authentication to the server post-registration. 此过程可防止启用的节点彼此模拟,例如当节点遭到入侵并且具有恶意行为时。This process prevents enabled nodes from impersonating one another, for example, if a node is compromised and behaving maliciously. 注册之后,注册密钥不再用于身份验证,而是从节点中删除。After registration, the registration key is not used for authentication again, and is deleted from the node.

可以从 Azure 门户中“帐户设置”下的“密钥”中获取 State Configuration 注册协议所需的信息。You can get the information required for the State Configuration registration protocol from Keys under Account Settings in the Azure portal.

Azure 自动化密钥和 URL

  • “注册 URL”是“密钥”页中的“URL”字段。Registration URL is the URL field on the Keys page.
  • 注册密钥是“密钥”页上的“主访问密钥”或“辅助访问密钥”字段值。Registration key is the value of the Primary access key field or the Secondary access key field on the Keys page. 可以使用其中的任一密钥。Either key can be used.

为了增加安全性,可以随时在“密钥”页上重新生成自动化帐户的主访问密钥和辅助访问密钥。For added security, you can regenerate the primary and secondary access keys of an Automation account at any time on the Keys page. 密钥重新生成阻止日后的节点注册使用以前的密钥。Key regeneration prevents future node registrations from using previous keys.

重新注册节点Re-register a node

在将计算机注册为 Azure Automation State Configuration 中的 DSC 节点之后,有多种原因可能促使你需要将来重新注册该节点。After registering a machine as a DSC node in Azure Automation State Configuration, there are several reasons why you might need to re-register that node in the future.

  • 证书续订。Certificate renewal. 对于 Windows Server 2019 之前的 Windows Server 版本,每个节点会自动协商唯一的身份验证证书,该证书于一年之后过期。For versions of Windows Server before Windows Server 2019, each node automatically negotiates a unique certificate for authentication that expires after one year. 如果证书过期但未续订,则该节点将无法与 Azure 自动化通信,并将标记为 UnresponsiveIf a certificate expires without renewal, the node is unable to communicate with Azure Automation and is marked Unresponsive. 目前,当证书即将过期时,PowerShell DSC 注册协议无法自动续订证书,因此需要在一年之后重新注册这些节点。Currently, the PowerShell DSC registration protocol can't automatically renew certificates when they are nearing expiration, and you must re-register the nodes after a year's time. 重新注册之前,请确保每个节点运行的是 WMF 5 RTM。Before re-registering, ensure that each node is running WMF 5 RTM.

    与证书过期时间相距 90 天或更短时间内执行的重新注册,或者在证书过期时间之后任何时间点执行的重新注册,将生成新的证书并提供使用。Re-registration performed 90 days or less from the certificate expiration time, or at any point after the certificate expiration time, results in a new certificate being generated and used. Windows Server 2019 和更高版本提供了对此问题的解决方法。A resolution to this issue is included in Windows Server 2019 and later.

  • DSC LCM 值的更改。Changes to DSC LCM values. 可能需要更改在节点初始注册期间设置的 PowerShell DSC LCM 值,例如 ConfigurationModeYou might need to change PowerShell DSC LCM values set during initial registration of the node, for example, ConfigurationMode. 目前,只能通过重新注册更改这些 DSC 代理值。Currently, you can only change these DSC agent values through re-registration. 分配给节点的节点配置值是一种例外情况。The one exception is the Node Configuration value assigned to the node. 可以直接在 Azure 自动化 DSC 中更改此值。You can change this in Azure Automation DSC directly.

可以使用本文介绍的任何方法重新注册节点,就和最初注册节点一样。You can re-register a node just as you registered the node initially, using any of the methods described in this document. 重新注册节点之前,不需要从 Azure Automation State Configuration 中注销节点。You do not need to unregister a node from Azure Automation State Configuration before re-registering it.

检查 VM 设置的状态Check status of VM setup

State Configuration 可让你轻松启用 Azure Windows VM 以进行配置管理。State Configuration lets you easily enable Azure Windows VMs for configuration management. 在幕后,Azure VM Desired State Configuration 扩展用于向 Azure Automation State Configuration 注册 VM。Under the hood, the Azure VM Desired State Configuration extension is used to register the VM with Azure Automation State Configuration. 由于 Azure VM Desired State Configuration 以异步方式运行,跟踪其进度和排查其执行问题可能很重要。Since the Azure VM Desired State Configuration extension runs asynchronously, tracking its progress and troubleshooting its execution can be important.

备注

对于使用了 Azure VM Desired State Configuration 扩展的适于 State Configuration 的 Azure Windows VM,任何启用方法可能都需要花费多达一小时的时间,Azure 自动化才将 VM 显示为已注册。Any method of enabling Azure Windows VMs for State Configuration that uses the Azure VM Desired State Configuration extension can take up to an hour for Azure Automation to show VMs as registered. 之所以出现上述延迟,是因为 Azure VM Desired State Configuration 扩展在 VM 上安装了 WMF 5,这是启用适于 State Configuration 的 VM 的必要条件。This delay is due to the installation of WMF 5 on the VM by the Azure VM Desired State Configuration extension, which is required to enable VMs for State Configuration.

若要查看 Azure VM Desired State Configuration 扩展的状态,请执行以下操作:To view the status of the Azure VM Desired State Configuration extension:

  1. 在 Azure 门户中,导航到要启用的 VM。In the Azure portal, navigate to the VM being enabled.
  2. 在“设置”下面,单击“扩展”。 Click Extensions under Settings.
  3. 现在选择 DSC 或 DSCForLinux,具体取决于操作系统。Now select DSC or DSCForLinux, depending on your operating system.
  4. 有关详细信息,可以单击“查看详细状态”。For more details, you can click View detailed status.

后续步骤Next steps