Multiple DSC PullServer services on one Server

[petr-stupka]

Hi,

i have one Server where i have two DSCPullServices configured. I have two nodes registered to those two services. Registration of Nodes is working fine.

Here DSC Pull server config:

        xDscWebService DSCPullSrv-PDS-Dev
        { 
            Ensure                   = 'Present' 
            EndpointName             = 'DSCPullSrv-PDS-Dev' 
            Port                     = 9444
            PhysicalPath             = "E:\DscService-PDS-Dev\PSDSCPullServer" 
            CertificateThumbPrint    = $certificateThumbPrint
            ModulePath               = "E:\DscService-PDS-Dev\Modules"
            ConfigurationPath        = "E:\DscService-PDS-Dev\Configuration" 
            State                    = 'Started'
            DependsOn                = '[WindowsFeature]DSCServiceFeature'     
            RegistrationKeyPath      = "E:\DscService-PDS-Dev"
            DatabasePath             = "E:\DscService-PDS-Dev\Database"
            UseSecurityBestPractices = $true            
        }

        xDscWebService DSCPullSrv-PDS-Test
        { 
            Ensure                   = 'Present' 
            EndpointName             = 'DSCPullSrv-PDS-Test' 
            Port                     = 9445
            PhysicalPath             = "E:\DscService-PDS-Test\PSDSCPullServer" 
            CertificateThumbPrint    = $certificateThumbPrint
            ModulePath               = "E:\DscService-PDS-Test\Modules"
            ConfigurationPath        = "E:\DscService-PDS-Test\Configuration" 
            State                    = 'Started'
            DependsOn                = '[WindowsFeature]DSCServiceFeature'     
            RegistrationKeyPath      = "E:\DscService-PDS-Test"
            DatabasePath             = "E:\DscService-PDS-Test\Database"
            UseSecurityBestPractices = $true            
        }

I found that both services are working fine in case of only one node is registered to any of the service.
But when i register second node against the other service and when i call Update-DscConfiguration -wait -Verbose then i got error:.

The attempt to 'get an action' for AgentId C6CCA06A-DFE1-11E7-80DD-005056A77DD0 from server URL https://dsc-dev.contoso.com:9445///PSDSCPullServer.svc/Nodes(AgentId='C6CCA06A-DFE1-11E7-80DD-005056A77DD0')/GetDscAction failed with server error 'ResourceNotFound(404)'.
For further details see the server error message below or the DSC debug event log with ID 4339.
ServerErrorMessage:- 'AgentID not found for C6CCA06A-DFE1-11E7-80DD-005056A77DD0.'
    + CategoryInfo          : ResourceUnavailable: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : WebDownloadManagerGetActionNodeConfigurationNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand
    + PSComputerName        : localhost

Pull is always working only for the service where first node has been registered as first (doesn't matter which service has been used as first). The service where next node has been registered is not able to provide pull configurations.

Is there special requirements in case of i want to have multiple DSCPullServices one one server?

Additionally i found this EventLog error on the failing service:

Unable to retrieve Dsc Agent Information with AgentID = C6CCA06A-DFE1-11E7-80DD-005056A77DD0. The underlying error is : Unable to retrieve Agent Id C6CCA06A-DFE1-11E7-80DD-005056A77DD0 from the database. The underlying error is "Object reference not set to an instance of an object.".

But as i said, registration reported no errors.

[petr-stupka]

Hi, i think i solved it. Creating separate WebAppPools solved the issue.

The DSCPullServer configuration used the same pool for both services and seems like there is conflict.

Option can be to add WebAppPoolName variable in xDscWebService resource.

[tmeckel]

This issue will be "fixed" when issue #463 has been addressed by a PR.

[tmeckel]

There is an issue with the created firewall exceptions which do not support multiple port i.e. servers. Thus prevents the deployment of multiple Pull Servers on the same machine.

https://github.com/PowerShell/xPSDesiredStateConfiguration/blob/f4b714e110d2dd131d7dfd949d91d9a1e402b481/DSCResources/MSFT_xDSCWebService/PSWSIISEndpoint.psm1#L464

When issue #536 is solved the creation of firewall exceptions must be disabled (it's considered deprecated anyway) to deploy multiple Pull Servers.

This is in fact not an issue because the current implementation in PSWSIISEndpoint.psm1 is able to handle multiple ports.

[mhendric]

@tmeckel are you saying this was never an issue, or that it's been resolved since the original post?

[tmeckel]

@mhendric My statement referred to my original post where I felt that the current implementation of the firewall rules would have a problem with multiple pull server instances. But this is not the case. That's why I left my original statement in there for a complete reference but used strikethrough characters.

[petr-stupka]

@tmeckel @mhendric I don’t think this original post have anything to do with firewall (it’s disabled in my case). It’s just about some conflicts in the pool. Being able to specify appPool will fix that (issue #463)

[mhendric]

Ok. I was trying to figure out if it was being suggested to close the Issue as a whole. Sounds like that's not the case.

[petr-stupka]

Since #463 may be the solution i’m fine to close it.

[mhendric]

If it is still an Issue, we should leave it open until #463 actually is checked in and solves it. I'll add a link in #463 back to this one so it happens automatically.

Edit: Nevermind. I thought #463 was a Pull Request, not another Issue.

[tmeckel]

@mhendric as I already said to @PlagueHO in #463 I can provide a PR for specifying an "externally created" AppPool typically with the xWebAppPool DSC resource of xWebAdministration I already implemented this at a customer site. I've to get the code though :-D

[mhendric]

Works for me. Closing as a duplicate of #463. Thanks!