Step-By-Step: Automating Azure with Runbooks
Last week while I was traveling a reader (that’s you Jamie) reminded me that I had forgotten to write the promised part 2 of the “Getting Ready to use Azure Automation”. I don’t want to disappoint, so I jumped right on it.
Before diving into automation. I do recommend the following MVA modules as primer.
- Automating the Cloud with Azure Automation
- Microsoft Azure IaaS Deep Dive Jump Start
- Get Started with Windows Azure Today Jump Start
- Windows Azure for IT Pros Jump Start
Now, let’s do this.
Create an Automation Account
Before we start with the runbooks we need to create an automation account and populate it with objects that are needed by the runbooks. Just follows the steps listed in Step-by-Step: Get Ready to use Microsoft Azure Automation. But for today we added and additional asset.
I created the following settings in my Automation account:
| Type | Name |
| Certificate | ManagementCert |
| Automation-connection | Connection |
| All-VM-Access | Credential |
The Runbook scripts can reference objects stored in the automation account.
In our case, we stored a management certificate, a set of credentials, and a connection. The connection will use the certificate .PFX file, which contains the private key, to authenticate itself to the subscription when performing VM actions.
Upload a Windows PowerShell module to Azure Storage
In order to run the test we need to create a new storage account in which we will upload the Windows PowerShell module that will be installed in each VM.
In the Azure Management Portal, click STORAGE, click NEW, and then click QUICK CREATE.
I used the following name, auto7152311. In LOCATION/AFFINITY GROUP I selected US East since it’s the closest to me. and Click CREATE STORAGE ACCOUNT.
In the auto7152311 storage account click CONTAINERS and click ADD in the Action bar at the bottom.
In the New Containers dialogue box enter modules as the name and Public Container as the access. this is needed for one of the runbooks later.
I used Azure Storage Explorer (https://azurestorageexplorer.codeplex.com/) to upload PSWindowsUpdate.zip (You can find the file here (https://aka.ms/runbooks)
Create a new VM for automation testing
In this task, you will deploy a new VM to test your automation solution. The runbooks provided review all VMs in a subscription and provide information on missing updates. This VM will be created in the background while you complete the rest of this lab.
1- In Azure Management Portal, click NEW, click COMPUTE, click VIRTUAL MACHINE, and then click QUICK CREATE.
Provide the required information and then click CREATE A VIRTUAL MACHINE. In my Case I called the machine autoVM2311.
Import and publish runbooks
now we will import pre-created runbooks. Runbooks are Windows PowerShell automation scripts containing workflows, which are written to run in Azure Automation. yo can find more info on authoring your own runbooks here
There is little difference between Windows PowerShell automation scripts that run in Azure Automation, and those that run locally, making the scripts very portable.
In the Azure management portal, we need to navigate to AUTOMATION and CANITPRO-Auto , and then click RUNBOOKS.
I am making some sample runbooks available for you here (https://aka.ms/runbooks) save them locally to be used in this step-by-step tutorial.
Click IMPORT.
Click BROWSE FOR FILE, and then browse to where you saved the samples and select Connect-Azure.ps1.
Click Open, and then click the Done icon.
Repeat this process to import the following runbooks,
- Copy-FileFromAzureStorageToAzureVM.ps1
- Copy-ItemToAzureVM.ps1
- Install-ModuleOnAzureVM.ps1
- Update-AzureVM.ps1
you will end up with the following:
In RUNBOOKS, click Connect-Azure, and then click AUTHOR.
Click PUBLISH, and then click Yes.
Repeat this process to publish each remaining runbook EXCEPT Update-AzureVM. This runbook must be modified.
- All runbooks must be published in the order they are listed in the Azure management portal, otherwise publishing will fail due to dependencies. In this case, the sort order also matches the dependency order.
Click Update-AzureVM. and in the DRAFT view, make the following modifications. You can type directly in the code view.
| Location | Change | Change Description |
| Line 2 | Replace “#######” with “Automation-Connection” | Indicate the connection asset to use. |
| Line 4 | Replace “#######” with “All-Vm-Access” | Credentials to access each VM. |
| Line 7 | Replace “#######” with “auto7152311” | Indicate the name of your storage account |
| Line 8 | Replace “psmodules” with “modules” |
Indicate the storage container. |
Click SAVE, click PUBLISH, and then click YES.
Test the Update VM runbook
Note: Before we test the runbook on the VM we created earlier. We need to RDP into it and change the execution policy in PowerShell and enable Remote PowerShell by typing the following commands in a powershell console on that VM.
Set-ExecutionPolicy Unrestricted
Enable-PSRemoting –Force
Now that this is done, we can go back to the Azure management portal and navigate to AUTOMATION, CANITPRO-Auto, RUNBOOKS, click Update -AzureVM to get in the runbook. and click DASHBOARD.
On the bottom bar, click START, and then click YES.
When the runbook starts, click JOBS and select the job that just started .
- You can review the job status in the SUMMARY page. The summary page will not auto-refresh, so you must press F5 to refresh it.
- Wait for the STATUS to read Completed before proceeding.
Review the output pane for a list of needed updates in the VMs.
That’s it folks…. you just automated your first tasks in Azure…
I encourage you to try your hand at writing your own runbooks and harness that power.
Until next time I’m off for a few days on a much needed vacation.
Cheers!
Pierre Roman | Technology Evangelist
Twitter | Facebook | LinkedIn