Today as the Teched Europe kicks off with the Keynote there where several new announcements and one was that Azure Automation and the Runbook gallery now are General Available.
If you have not tried the Automation during the preview then you now can create a Automation account from the portal and start playing!
Click on create and name it something smart and to what subscription it should be part of, right now not all regions in azure can be used for the automation accounts. The following regions can be chosed:
South east Asia
When you have an account you can see the first page where some good links reside for you to dig into and learn more about the Azure Automation:
When you want to create your first Runbook, Microsoft has the Runbook Gallery that you can use to get speed in the automation process as there are several scripts that can help you get started, maybe there is already a script that fits or maybe just need a small customization to get it to do exactly what you want!
Out of the box you get one module in each Automation account and that is the Azure Module, and it is the latest version right now 0.8.9. There is a possibility to add your own modules, scripts, credentials and certificates.
So what is the cost for running azure Automation? Now you get 500 minutes of runtime in your subscription but you can change that if you run out of “free” time to standard and then you will be billed, the 500 minutes as described below is for all your automation accounts in that subscription.
As every responsible dad out there I have set up an Minecraft server to my daughter so she can play with her friends!
I have deployed a Windows Server on Azure in which I installed the Minecraft server with the right mods, apparently that is important 😉 I have not myself got lost in the Minecraft world, maybe because I grew up in the 80´s and had games that was mega-pixel and now I want that high definition graphics!
To see that it is working and alive I wanted some kind health check so here Azure Automation comes into play! Of course there would have been easier ways but I want try new stuff and also test and see how Azure Automation works and can be utilized.
So I created a runbook that checks the status and try to remediate the issue if it is not working:
# Easy script to check health of my daughters Minecraft server and take action if stopped
I have utilised the YAMS so that the Minecraft Server is handled by a Windows Service. If there is some outage or maintenance on Azure the VM can be restarted and then it is good to know that the Minecraft Server will start even if no user is logged in. If for some reason the YAMS service is stopped or the Minecraft Server has stopped my runbook can remidiate that!
In Azure Automation I can schedule a check every 1 hour:
And as you can see when checking a job it reports that my Minecraft server is working!
To connect to the VM´s powershell endpoint I have added SessionOption -SkipCACheck thus letting me connect without getting a cert from a trusted certificate authority or importing the servers cert. Saw this option on Tim´s blog post and borrowed it:-)
In the deployed VM I have also done as explained in the PowerShell Tip from powershell.com to be able to connect to it as it is not part of a domain and when PowerShell remoting is enabled it uses Kerberos by default and the Minecraft server is standalone thus Kerberos not working!
Probably I will do some tweaking and update the script later but you can at least see the possibilities and power of using Azure automation!
So you are an IT Pro or maybe an CIO or CTO and have been sleeping under your desk the latest years or so? But the IT Operations departments are under a lot of stress these days coping in being able to deliver the services to the business in the pace that they demand! Do you recognize this? For example your development division request 50 VM´s and wanted them yesterday, Your response is that come back in a week or two….
Many IT departments are seeing their internal customers such as Dev or Business going outside of the organisation and buying their services directly from Azure or another public cloud provider delivered instantly and that also cheaper than you could produce internally..
Here the Hybrid way of thinking becomes important and why, well you will not be able to compete with all the services that the public cloud can give you in a cheaper and more reliable way so IT Operations of tomorrow will utilize the public cloud as their own and be able to use it for their needs where their private cloud lacks functionality or capacity and in that way respond to the requests from the departments.
Giving the users an self service portal where they can order and see the cost of their engagements is an important part of this and when you implement this you have to have automation as a key part because the users want things to happen when they press the build button!
Taking Microsofts Azure data centers as an example, they have automated enormously and that from the physical layer all the way into the virtual machines and networks. How does this automation gain you with your environment and becoming more agile and not just run around putting out fires but being able to address the needs of the company IT challenges today and also tomorrow!
Some say that we are in the second machine age and that the IT will have to change big time. Just look at the public cloud Company’s and their services, if they would have done things in a traditional way they would have to charge xx times the amount the charge for their services and also be xx more manpower on the data centers to cope with the day to day operation.
In the latest year Microsoft have released several automation solutions that have been developed and gives you the tools for this must-have automation platform. First of is the Service Management Automation (SMA) which is a robust orchestration engine based on PowerShell workflows and this has also been released as Azure Automation. Secondly we have Microsofts investment in Desired State Configuration and here this also utilize PowerShell. The DSC have some development left but it is so powerful and really large web services utilize this today and keeping their massive services compliant and up to date! DSC can be used for provisioning different things including third party software solutions and for example, Microsoft Azure offers different web services (jomla, wordpress etc) deployed in an automated way probably with some DSC technology behind the curtains.
Of course this gigantic automation project will not be done over a night and will cost quite a bit of money in initial investment but the winning and surviving IT Department is the one successful in their automation processes!
9 years ago I started an onboarding automation process and on that time I had VB script to work with but that manual labor every time a new employee was hired was painful and so boring and already at that time I found the will and inspiration to learn techniques to automate. Still today there are several processes in companies that are perfect candidates for automation but for some reason still being done manually…
Let me help you get Strategic in your IT (automation) delivery!
So I have been during these two last days been in deep waters to find out a customers demands and the possibility to add more than one external IP to the same NVGRE enabled VM network within WAP and VMM and the Hyper-V Network Virtualization Gateway this as the ports from the external application the customer has cannot be altered and they need to access several different VM´s simultaneously.
Described in this visio diagram the customer wish is:
As you maybe know, within the VMM when you have configured the HNV there is no possibility to add more external addresses in the GUI and configure port forwarding.
So how to do this then, well there is a way and that is called PowerShell on the HNV Gateway and first you add the external address and then add the NAT rules
Last week I had two webinars together with Veeam in the subject of “Automating daunting virtualization tasks”. Now these have been uploaded and shared on Veeams web. One is in swedish and one in english. during the webinar I show some different tasks that can be managed and handled with the Service Management Automation (SMA) and utilizing PowerShell.
Next task that can be automated that you always will have a percentage free on the C drive for the VM´s (it both shrinks and expands), I am utilizing the generation 2 VM´s so for this to work your VM´s have to be configured with this latest virtual hardware version on Hyper-V 2012 R2
# Configure VM VHD size according to internal size + percentage of free space
As you can see when I extend the size I make the VHDx about 230 MB larger to be able to set the partition to the size calculated regarding the overhead of the virtual disk, so if I would have tried to make both the VHDx and partition 15GB it would fail..
The rest of the scripts will be uploaded later in a follow up post. Of course there can be improvements in the ways to do things and if you have any comments or ideas please share 🙂
On wednesday the 19th of March I will together with Veeam have a web seminar with the topic:
Automate daunting virtualization tasks with SMA
Now that you have set up your virtualization environment, you’ll want to automate it. In this webinar, you will learn how to do this with Service Management Automation(SMA) and how to integrate automated tasks into the Hyper-V virtualization environment. You will use different runbooks to automate some boring but necessary tasks that IT admins have to do.
This webinar will show you how to:
Automate patching of virtualization hosts
Expand virtual hard disks based on usage
Automatically update integrational components on VMs
Automatically update virtual hard disk templates
Clean old snapshots that have been forgotten
If you want to register and be part of this crazy one hour with the Swedish Chef you can do it on the following link
And guess what, It comes in a swedish version also! Check out in the following link and if you understand Swedish, register here!
The last two days I was on the road and presented my session on migrate to Hyper-V and that on the Nordic System Center Summit that was hosted by my company Lumagate. We visited both Stockholm and Oslo.
Both Travis Wright and Chris Ross from Cireson was with us and had some really interesting sessions!
In my presentation I described the different ways to migrate and how to prepare for a large migration and that in different ways of automation.
I got a question from a customer why they should choose System Center Orchestrator instead of vCenter Orchestrator.
Both products work in the automation field and can do quite much, as they both are extendable and you can develop add-ons, the possibilities are almost endless!
In the case of the System Center Orchestrator, it is included in the System Center suite so if you already use some of the components and have the licenses in place then you can start automating a lot more.
In the case of vCenter Orchestrator, it is included in the vCenter license that you buy in your vSphere suite.
Both orchestrators are very easy to start working with as they are gui based. the vCenter Orchestrator integrates into the vSphere client and from there you can easily start the wanted workflow. With both you can create workflows/runbooks and let users connect to a web console to kick of the action.
Example of a runbook from SCO
Example of a workflow from vCO
In both there are possibilities to automate for example Active Directory and users. Onboarding processes when new employees start is an example of an process that often involves quite some manual intervention and benefits from automation. Giving end users and system owners the possibility to create and manage their own virtual machines through a web portal is another example that would offload the IT departments technicians busy day. The list of examples goes on and on…
System Center Orchestrator Architectural overview:
vCenter Orchestrator Architectural overview:
License required only for endpoints being managed.
No additional System Center licenses are needed for management servers or SQL Server technology.
vCenter standard license, no extra cost
Third Party Plugin/IP
Custom Plugin/IP development
Manage VMware vSphere
Manage System Center
No (not out of the box,requires quite a bit of customization)
So what orchestrator should you go with? Well it depends of course and here is my opinions,
If you have a VMware environment but run mostly Windows Servers and Microsoft applications and already have one or more System Center roles deployed the favor is in the SCO hand as SCO integrates so well with the Microsoft software using the supported Integration Packs and you also can with the VMware IP manage the vSphere environment. The rich amount of activities that the Integration Packs consists of makes it easy to start automating and quickly expand the scope and get some serious automation results in the whole stack! The SCO community helps you a lot when creating runbooks and that with the possibility to import a whole set of runbooks from other IT Pro´s can get your automation goal to be achieved quickly.
If you have a VMware environment and do not use any System Center roles and also have a more diverse load of VM´s with different operating systems, but still want to start automating your environment I would recommend the vCO. One big advantage that the vCO has is that it comes with a wide range of workflows already created and ready to be customized which helps you in the speed to automate.
From a licensing perspective it should be noted that as described in the table, you must have a System Center license on every physical device you plan to automate with System Center Orchestrator. On the virtualization hosts you would use the Windows Datacenter and System Center Datacenter licenses that gives you unlimited VM´s that you can manage. On single physical hosts you must use a System Center Standard license, but as I said above, if you already have another System Center Role you probably have the licensing in place :-). vCenter Orchestrator comes with the vCenter license and there is no extra licensing cost for managing single hosts or Active Directory.
Today I have been exploring a bit in patching hyper-v hosts with windows updates and hotfixes and when we have a cluster we can use the CAU ( Cluster Aware Updating) that can help you in the process of getting those hotfixes on in a automated fashion but that does not work on single hosts..
And then we can use the WUSA and that wrapped in a foreach with a little while loop to handle that not a new wusa starts before the preceding one is done as it cannot be run several instances simultaneously (maybe there is a better way to do this of course but this works 😉 )