Monday, August 30, 2021

Azure & Desired State Configuration Part 3/4

Scenario

 

In Part 1  and Part 2  we saw how we could deploy a web server on a new VM in using a Desired State Configuration file using Azure Devops and even The Azure Portal. The next section will describe one of the most powerful Automation tools in our arsenal, the Azure Automation Account. To understand how it ties in with DSC we will first start with an overview of the features at our disposal.

 

Part 3: Azure Automation Account Overview Functionality

What will I need? 

- Azure Subscription (with Permissions to read resources)

- Azure Automation Account

- Visual Studio Code

- Azure DevOps Organization connected to Azure Automation (Use source control integration in Azure Automation | Microsoft Docs)

 Steps

  1. Let’s start with the overview page of the Automation Account. Ever heard of Azure Update Management? Yes, the solution that patches your servers. Well, that uses an Automation Account in the background. You will also see features like Inventory and Change Tracking and you can read up on these in our official documentation (Azure Automation Change Tracking and Inventory overview | Microsoft Docs). For this blog series we are focusing on DSC and in this article, Automation in general.

wernerrall_0-1628083927509.png

 

  1. What does the Automation account have to do with DSC? Well there are two answers to this question. If we go into the “Shared Resources” section and click on “Modules Gallery” guess what comes up. DSC Resources! Does this mean I don’t have to write all my own DSC script to utilize these? Yes! We have access to DSC scripts that have been written by the community and even Microsoft internal teams.

wernerrall_1-1628083927622.png

 

  1. How do I use these “Modules”? First of all you will click on them and then click Import.

wernerrall_2-1628083927676.png

 

  1. Upon successful import these modules will show up under “Shared Resources” and you can start using them in scripts and runbooks. What is a runbook? A runbook is basically a script that I write and deploy to my servers (In Azure, On-Premises and even other clouds). Runbooks can reference many modules which is why you want to do the module import in the first place.

wernerrall_3-1628083927748.png

 

  1. What if I wanted to write my own runbook? Will runbooks update if I push them to my Repo in Azure DevOps so I can collaborate with my team? Let’s take a look at that by creating a simple PowerShell script that will ping the Google DNS Servers.

wernerrall_4-1628083927773.png

 

  1. Now I will commit the file to my Azure DevOps Repo

wernerrall_5-1628083927796.png

 

  1. One cool feature of Azure Automation is that it connects to my Azure Devops Source Control. This means my file will automatically sync into my runbooks section

wernerrall_6-1628083927843.png

 

  1. If this does not happen “fast enough” for me I can also start a manual Sync as seen below.

wernerrall_7-1628083927880.png

 

  1. Once the runbook has been created I can click on it

wernerrall_8-1628083927933.png

 

  1. I can then click on Start to start the runbook

wernerrall_9-1628083927974.png

 

  1. To view the output I can click on output of the Job

wernerrall_10-1628083928013.png

 

  1. I have other options to execute the runbooks like linking it to a schedule for example every day at 9:00pm.

wernerrall_11-1628083928059.png

 

  1. (ADVANCED) I also have the option to use a Webhook and combining it with PowerAutomate and PowerApps to create an Application on my Mobile device that starts the Runbook whenever I want.

wernerrall_12-1628083928087.png

 

wernerrall_13-1628083928109.png

 

wernerrall_14-1628083928141.png

 

wernerrall_15-1628083928174.png

 

Video

 

 

Conclusion

In this article we explored all the features an Azure Automation Account brings to the table. In the next and final part of the series we will explore how we can use Azure Automation Account to make our lives easier when using DSC.

Posted at https://sl.advdat.com/3mKEYHC