X

Apple, meet orange: The power of cross-platform PowerShell

Apples and oranges

Apples and oranges may both be fruit, but they’re very different in how they taste. Have you ever heard of duck pomme? Or pork roast with orange sauce? And don’t even get me started about mixing apples and oranges into the same dish. The same is true for Windows, Mac, and Linux. Each platform is different in the way you use and administer them. And getting them to play along together in the same environment can be quite a challenge sometimes. But now there’s a secret sauce you can use to combine Windows, Mac, and Linux systems and workloads together into a more management blend. That secret is cross-platform PowerShell, and I’ve managed to get hold of an expert who can tell us more about it. Ashley McGlone is known by most of us in the IT world as the GoateePFE. Ashely recently walked away from his job as Microsoft Premier Field Engineer for a company he had never heard of before named Tanium. But more about that later. The important thing is that he’s still helping people learn and love (and cook with) PowerShell.

My interview with Ashley McGlone

Ashley McGlone (Credit: Microsoft)

MITCH: Ashley what’s cross-platform PowerShell all about?

ASHLEY: Great question, Mitch. So here’s a question for you: Why do people love PowerShell at all? Because it is super powerful and super efficient. Who wants to write 40 lines of VBScript or Python or batch or shell when you can do it in one or two lines of PowerShell? Now you can use your favorite scripting language across Windows, Mac, and *nix, AND you have a super-sweet editor (VS Code) that will work on all those platforms. Shoot. You can even do it on a Raspberry Pi!

MITCH: Why did Microsoft decide to extend PowerShell beyond Windows to the Mac and Linux platforms?

ASHLEY: When you read Jeffrey Snover’s original vision document for PowerShell, the Monad Manifesto, he actually called this out more than 15 years ago. The goal of PowerShell was to create a friendly and familiar scripting language for people of all operating systems. He tells a story of demoing PowerShell for a CIO in the early days, and the guy got mad. “Are you telling me this is only for my Windows admins? I want this for my Unix admins, too.” Now everybody can be happy with PowerShell everywhere.

MITCH: What are some of the possible benefits organizations can realize from using cross-platform PowerShell?

ASHLEY: Daily administration becomes easier. From a single system, I can connect to any OS remotely using PowerShell to do ad hoc administration. Then imagine the ability to write a single codebase of administrative scripting tools. Yes, you can do that with Python today, but it takes a lot more code. For example, I can write a single PowerShell script to scan all my systems for uptime and patch status remotely, regardless of operating system or where they reside.

For example, recently I was using my new Mac to review log files. In three lines at the terminal, I had PowerShell installed. Then I was able to fluidly parse the JSON log files I had to study. As a Windows guy, it felt entirely natural to be using PowerShell in the terminal. Using VS Code’s git integration makes it super easy to edit and update PowerShell code in my repo online, all from Mac or Linux or Windows. This is a new world where Microsoft plays nice on any device.

MITCH: What are some of the challenges getting PowerShell to work on non-Windows platforms like Mac and Linux?

ASHLEY: Before we could put PowerShell on other operating systems we needed the dependency of .NET. Now that .NET Core (or Standard) is available on Mac and *nix, PowerShell follows. It is crazy to see .NET references in your scripts that run on Linux, for example. But they can work there now.

PowerShell Core will have a reduced set of functionality compared to what Windows admins are familiar with, but that is because of unique features by operating system. Today everyone knows PowerShell for the Windows things that it does. But the other operating systems do not have Windows services, registry, etc. However, there is much they do have in common: files, processes, etc. PowerShell Core is what is common to all possible hosts. But then within that host OS you can leverage other PowerShell modules unique to the OS.

The PowerShell team has also solved the challenge of remoting. Windows Remote Management (WinRM) is not native to these other platforms, but SSH is. You can install OpenSSH on Windows, and now PowerShell remoting can use that protocol as the transport. Or you can add WinRM capabilities to the other operating systems. Either way, you can get remoting working in both directions. In my lab I have OpenSSH installed on a Windows 10 box, and it works really well.

MITCH: What’s the best way for someone to get started working with cross-platform PowerShell?

ASHLEY: I was surprised how easy it was to get started. If you go to the PowerShell GitHub page you will find good install and configuration instructions for many popular operating systems. Also explore the demos folder for steps to configure things like remoting. Earlier this year, I also published a walk-through article on the PowerShell team blog. And in October I spoke at a local IT conference where I shared some PowerShell Core demo scripts and links.

MITCH: Let’s end our interview by having you tell us a bit about your new role at Tanium.

ASHLEY: Wow. I was drawn to Tanium, because it solves so many problems that are common for every IT shop. I was blown away when I saw it scan over 400,000 endpoints for system data in 15 seconds! It was like science fiction. I could write PowerShell remoting scripts and run them in parallel, yet I would never get performance like that. Whether it is general system inventory, data collection, discovery, patching, cyberforensics, or you-name-it, Tanium gives you real-time visibility and control over every endpoint in your environment. You no longer have to rely on stale system stats when you are trying to fight malware that is seizing your environment right now. Tanium gives you instant response to detect and remediate threats. There are many competitors in this space, but no one else offers a unified platform providing this speed, scale, and simplicity. I’m glad to be here.

MITCH: Ashley, thanks very much for sharing some of your time with us and good luck on your new job! You can find Ashley on Twitter as @GoateePFE.