Last year, Bob Walker shared a post about automating developer machine setup with Chocolatey. In this post, I show you how I created a runbook that uses Chocolatey to install every application I use in my day to day role. You can use this approach to install and configure pre-approved software for different job types across your organization, making it as easy as possible for new people, or people who need a fresh install or who have upgraded their hardware, to install and configure the software they need as quickly as possible.
- What is Chocolatey
- Why use runbooks and Chocolatey
- Tools to install the OS
- Runbook configuration
- Publish the runbook
- Run the runbook
- Other scenarios
- Upgrading Chocolatey packages
What is Chocolatey
Chocolatey is a package manager for Windows. It’s an open-source project that provides developers, operations, and everybody in between a way to manage, install, and upgrade software across their Windows estate. Chocolatey focuses on making managing Windows software more straightforward, streamlined, and accessible to everyone using a Windows computer. If you want to find out more about installing Chocolatey without runbooks, check out the Chocolatey Install doc.
You don’t need Runbooks to use Chocolatey, and it’s as simple as opening an Administrator Windows PowerShell window and running a script to install something like google chrome:
choco install googlechrome -y
If you wanted to install more than a single application, you could write PowerShell scripts and execute them locally:
Write-Host "Installing Chocolatey Apps" choco install sql-server-management-studio sql-server-2019 github-desktop git firefox -y
You could extend this out to all of your required applications, and source control the script somewhere with read access so the script can be run by users or during machine provisioning. This would automate almost all of your application installation.
Chocolatey is an open-source tool, and you can get lots of pre-configured packages from the site. In my experience, though, most organizations write their own packages, and you can do this too. You learn more about this on the Create Chocolatey Package page. The main reasons for writing your own package are:
- Company purchased licenses that need to be contained in the package.
- Custom configuration, such as a backup agent that needs to replicate to SiteA from SiteB.
- Community package may not exist.
If you are writing your own package, consider sharing it with the Chocolatey community. You can read more about that on the Chocolatey site.
You can install Octopus from a Chocolatey package. We publish each new version as soon as it’s available, which happens automatically from our TeamCity build server once it’s available on our website. Read more about the Octopus Deploy Chocolatey Package.
To install Octopus Deploy as a Chocolatey package, you can run the following:
choco install OctopusDeploy -y
You still need to configure Octopus after using Chocolatey to install, you can automate this, and there‘s more information on Automating Octopus Installation.
Why use runbooks and Chocolatey
Runbooks is my favorite feature of Octopus Deploy. Due to my operations background, I see how it can automate all those mundane, time-consuming operations tasks.
Another benefit of using Chocolatey in Octopus Runbooks is that it helps enable self-service when it comes to applications. You can grant people access to the Octopus project and the runbook so they can run their own installation of Chocolatey packages.
You can use runbooks to automate this part so you can focus on more interesting problems:
- Routine Operations
- Emergency Operations
- Database Operations
- AWS Operations
- Azure Operations
- GCP Operations
Tools to install the OS
This blog will not deal with installing the Operating System on your developer machine. There are lots of great tools out there that you can use to load the latest Windows Desktop and Server Operating Systems, and I am going to assume you’ve added the Octopus Tentacle as part of this process. Some tools I’ve used in the past when prepping servers, laptops, and desktops are:
Generally, public cloud providers also provide tools to allow you to do Infrastructure as Code such as:
Before you start, you need to install an Octopus Tentacle on your laptop.
I'm using the Octopus Samples instance, the next thing I did was add a new space called Target - Windows.
As part of the new space configuration, I created:
- An Octopus environment named Provisioning:
- Added my laptop as a deployment target and assigned it the target role Computer. I used a Polling Tentacle as my laptop was on my local network, but I was using Octopus Cloud and didn’t want to open my firewall:
- Checked the Infrastructure tab showed my new laptop and that it’s healthy:
- Created a project called Computer Provisioning:
- Created a Lifecycle called Computer Lifecycle and added just the Provisioning environment to it, and then assigned it to the project:
The first thing you need to do is browse to the project and add the runbook:
I created a runbook called Install Developer Machine Dependencies:
Set timezone, input, and region
One thing that annoys me about setting up Windows is having to configure my non-default regions, which isn’t the US. I use a PowerShell script to set this for all my laptops, desktops, and servers. The below works for me, and you can tweak it to your requirements:
#Set home location to the United Kingdom Set-WinHomeLocation 0xf2 #override language list with just English GB $1 = New-WinUserLanguageList en-GB $1.Handwriting = 1 Set-WinUserLanguageList $1 -force #Set system local Set-WinSystemLocale en-GB #Set the timezone Set-TimeZone "GMT Standard Time"
A US equivalent, on the East Coast, would look something like:
#Set home location to the United States Set-WinHomeLocation 0xf4 #override language list with just English US $1 = New-WinUserLanguageList en-US $1.Handwriting = 1 Set-WinUserLanguageList $1 -force #Set system local Set-WinSystemLocale en-US #Set the timezone Set-TimeZone "Eastern Time Zone"
Check if Chocolatey is installed
Next, I used was a community-contributed step template called Chocolatey - Ensure Installed. This step’s only purpose is to check if Chocolatey is installed and to install if it’s not.
Install Chocolatey package step
Paul Broadwith of Chocolatey recently updated the Chocolatey community step template to install all of the Chocolatey packages in a single step.
The applications I needed on my new laptop are below:
git vscode sql-server-management-studio slack github-desktop rdmfree googlechrome firefox dotnetfx dotnetcore 7zip visualstudio2019professional nordvpn lastpass-chrome lastpass docker-desktop chromium googledrive google-drive-file-stream kubernetes-helm kubernetes-cli minikube zoom notepadplusplus nugetpackageexplorer sdio virtualbox jre8 vlc python foxitreader putty.install sysinternals snagit vagrant packer terraform
Install Chocolatey Package step parameters
The following parameters are available:
- Version (Optional): You can use this to specify a specific version of the software you want to install. If you’re using more than one package per step and want to set particular software versions, you will need to configure that Chocolatey install and add the version in an additional step.
- Cache Location (Optional): You can use this to specify a cache’s non-default location. I found this useful when installing SQL without having the Tentacle run as an administrator. I found SQL can be a little tricky to install without running the Tentacle Service as a local administrator. You can specify a folder such as
C:\Octopus\Applicationsas the cache, which the Local System User has full access to.
- Package Source (Optional): This is probably the single most crucial parameter in this step. If you’re doing this at home, it might be acceptable to use the Chocolatey Package Repository, which is the default setting. However, if you’re doing this for a company, please consider using your own package source repositories, such as Nexus, Artifactory, or MyGet.
The Chocolatey Package resource is built by the community for the community. If you’re using the community repository for Enterprise or large scale package installation, you will likely be rate limited. Be careful, and be kind to the community.
The last two options cover whether you want to see the download progress in your logs. Generally, I turn them off as this can result in hundreds of thousands of log files. The other is to allow for additional parameters:
Installing IIS & dependencies
The next step was to configure IIS and its dependencies. I used our IIS Runbooks examples and ran this install IIS, and all of its features.
I’m not a fan of the default website in IIS, so I like to remove it by default. I used the community step template called IIS Website - Delete and then specified Default Web Site. It will now remove the Default Web Site as part of this provisioning runbook in Octopus.
I use HyperV as my laptop and server hypervisor when I can, and I wanted to enable it as part of the laptop provisioning process. I used the Run a Script built-in template for this task and used PowerShell to enable HyperV:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
The last thing I wanted to do was to avoid installing all of the Windows updates that had been released since my laptop had been prepped. I used a community step template called Windows - Apply Windows Updates, which will automatically install and reboot your machine as long as you set the parameter to True.
Publish the runbook
Runbooks can be in either a draft or published state. You need to publish the runbook before you can execute it.
Run the runbook
You have the space, the project, the lifecycle, the environment, the laptop, and the runbook in Octopus. The next step is to run and test the runbook to ensure it does what you want it to do.
To run the Runbook:
- Open the runbook project.
- Select Operations ➜ Runbooks.
- Select the runbook you created.
- Select Run.
- Select the environment.
- Hit the Run button
At this point, you can grab a coffee because it will take a little while to install all of the applications and dependencies. After your coffee run, the runbook should have completed. Your computer should now be fully configured and ready instead of going through the pain of next, next, finish installs and application configuration:
At this point, you should see all of the new applications installed on your computer.
You can see that this is useful for installing applications not just for ops, DevOps, and developers but other job types. You can create additional runbooks for other job types that need different applications. For instance, a business analyst may want PowerBI, and a DBA might wish to install SQL Toolbelt. You could even allow people access to runbooks to install and configure pre-approved software.
When installing SQL, you will probably want to create your own Chocolatey Package. SQL is a bit tricker to install as it requires an administrator account to install quickly, and you will also want to configure things such as default users, groups, and locations of the database and log files.
When using Octopus to install SQL Developer Edition or SQL Express, you can do it without the Tentacle running as a local administrator. You will still need to use the optional location for the files. Another gotcha is that if you run the install under a Service account with a named service account, by default, that will use that user as the default SQL administrator. You will need to connect with that account to give yourself access.
Upgrading Chocolatey packages
As you can see, you can use Octopus to install applications via Chocolatey, but software gets patched, new features and security enhancements are added all the time. What happens when you want or need the latest version of the software you installed using runbooks and Chocolatey?
You upgrade it with Chocolatey and runbooks. This is easy to do, and one of my favorite commands on logging in to a server, or for running using a runbook is:
choco upgrade all -y
This command will run on the computer, check against the latest version against the Chocolatey repository you have configured, download the new package, and install it. Think of this as almost a Windows Update but for your Chocolatey package. You can set this up using runbooks and using the Deploy a Script step template and using the upgrade command:
After you’ve created the runbook, select Run, and it will run the Chocolatey script and upgrade all of your applications:
Upgrading Chocolatey Packages on a scheduled trigger
To set this up, select the triggers option under Operations, and select Add scheduled trigger.
This will take you to add a New scheduled trigger page, and you will need to input:
- Select the Runbook to run on the scheduled trigger
- Select the environment
- Select a schedule of daily or alternative schedule
- Select the Interval at which it should execute
- Select the time the schedule should execute
This will trigger daily at the time you set. I selected 12.30 pm as that’s when most people go to lunch.
You can see all of the configuration in this blog on our samples instance by logging in as Guest and selecting the Target - Windows space.
Octopus Runbooks and Chocolatey work well together and gives you a lot of flexibility to help you automate the installation and configuration of laptops, desktops, and servers both on-premises and in the cloud. They take away the need to install thousands or potentially tens of thousands of applications across your organization’s infrastructure. If you want to see this in action, I recently presented a webinar with Paul Broadwith from Chocolatey about Operations automation with Octopus Runbooks and Chocolatey, which demonstrated how easy this is to do with runbooks on cloud infrastructure.