Azure Automation overview
Microsoft Azure Automation provides a way for users to automate the manual, long-running, error-prone, and frequently repeated tasks that are commonly performed in a cloud and enterprise environment. It saves time and increases the reliability of regular administrative tasks and even schedules them to be automatically performed at regular intervals. You can automate processes using runbooks or automate configuration management using Desired State Configuration.
Automating processes with runbooks
A runbook is a set of tasks that perform some automated process in Azure Automation. It may be a simple process such as starting a virtual machine and creating a log entry, or you may have a complex runbook that combines other smaller runbooks to perform a complex process across multiple resources or even multiple clouds and on premise environments.
For example, you might have an existing manual process for truncating a SQL database if it’s approaching maximum size that includes multiple steps such as connecting to the server, connecting to the database, get the current size of database, check if threshold has exceeded and then truncate it and notify user. Instead of manually performing each of these steps, you could create a runbook that would perform all of these tasks as a single process. You would start the runbook, provide the required information such as the SQL server name, database name, and recipient e-mail and then sit back while the process completes.
What can runbooks automate?
Runbooks in Azure Automation are based on Windows PowerShell or Windows PowerShell Workflow, so they do anything that PowerShell can do. If an application or service has an API, then a runbook can work with it. If you have a PowerShell module for the application, then you can load that module into Azure Automation and include those cmdlets in your runbook. Azure Automation runbooks run in the Azure cloud and can access any cloud resources or external resources that can be accessed from the cloud. Using Hybrid Runbook Worker, runbooks can run in your local data center to manage local resources.
You can create your own runbooks from scratch or modify runbooks from the Runbook Galleryfor your own requirements. There are three different runbook types that you can choose from based on your requirements and PowerShell experience. If you prefer to work directly with the PowerShell code, then you can use a PowerShell runbook or PowerShell Workflow runbookthat you edit offline or with the textual editor in the Azure portal. If you prefer to edit a runbook without being exposed to the underlying code, then you can create a Graphical runbook using the graphical editor in the Azure portal.
Automating configuration management with Desired State Configuration
PowerShell DSC is a management platform that allows you to manage, deploy and enforce configuration for physical hosts and virtual machines using a declarative PowerShell syntax. You can define configurations on a central DSC Pull Server that target machines can automatically retrieve and apply. DSC provides a set of PowerShell cmdlets that you can use to manage configurations and resources.
Azure Automation DSC is a cloud based solution for PowerShell DSC that provides services required for enterprise environments. You can manage your DSC resources in Azure Automation and apply configurations to virtual or physical machines that retrieve them from a DSC Pull Server in the Azure cloud. It also provides reporting services that inform you of important events such as when nodes have deviated from their assigned configuration and when a new configuration has been applied.
Creating your own DSC configurations with Azure Automation
DSC configurations specify the desired state of a node. Multiple nodes can apply the same configuration to assure that they all maintain an identical state. You can create a configuration using any text editor on your local machine and then import it into Azure Automation where you can compile it and apply it nodes.
Following are just a few examples of what are the kinds of automation scenarios with Azure Automation.
- Create and copy virtual machines in different Azure subscriptions.
- Schedule file copies from a local machine to an Azure Blob Storage container.
- Automate security functions such as deny requests from a client when a denial of service attack is detected.
- Ensure machines continually align with configured security policy.
- Manage continuous deployment of application code across cloud and on premises infrastructure.
- Build an Active Directory forest in Azure for your lab environment.
- Truncate a table in a SQL database if DB is approaching maximum size.
- Remotely update environment settings for an Azure website.
How does Azure Automation relate to other automation tools?
Service Management Automation (SMA) is intended to automate management tasks in the private cloud. It is installed locally in your data center as a component of Microsoft Azure Pack. SMA and Azure Automation use the same runbook format based on Windows PowerShell and Windows PowerShell Workflow, but SMA does not support graphical runbooks.
System Center 2012 Orchestrator is intended for automation of on-premises resources. It uses a different runbook format than Azure Automation and Service Management Automation and has a graphical interface to create runbooks without requiring any scripting. Its runbooks are composed of activities from Integration Packs that are written specifically for Orchestrator.