Home / IT & Computer Science / AWS / Microsoft Future Ready: DevOps Development, Implementation and Azure Automation / Creating Your Own Runbooks
Creating Your Own Runbooks
.
Hello, and welcome back to this exciting video on authoring and testing your runbooks right from within Azure Automation. We’ll just do a demo. The things I will cover in the demo are a quick look at runbooks, the type of runbooks that are available. We’ll create our first run book, which does some meaningful interaction with Azure, and then just talk a little bit about what to do when things don’t work out the way you expect them to work. All right, so I’ll just flip right into the Azure Portal here. OK, so I’m going to use the Azure automation account that I’ve created. And I’m going to click on Runbooks. And from within here, I’m going to add a new runbook.
Now when I come into the screen to add a new runbook, there are a few options available in the runbook type. The first one is PowerShell. Second one is graphical, PowerShell workflow, and graphical– graphical PowerShell workflow. And the key difference between PowerShell and graphical is that PowerShell is the good old PowerShell script based. The graphical is where you can, from a GUI, simply select the modules and the functions from within the modules and drag them into a canvas and then start assembling them into a workflow of what you would like the script to do. It’s really targeted at non-IT system administrators, people that have less experience with PowerShell.
After all, why should you know a language to its greatest detail in order to do some kind of automation? The drawback, however, with the graphical runbook is that it is not supported within the Git-based repository. So you can’t version it using the same repository model. It can only be executed within the Azure automation, which means if you wanted to experiment with it outside, then that’s unfortunately not possible. The other two things at the bottom there are workflow. Now workflow is, as the name kind of suggests, it’s a way of creating a workflow and then being able to fail and recover from that workflow. So for example, I could create a PowerShell workflow runbook which has five steps.
And if it fails on step three, then I have the ability to resume the operation from step three onwards so that I don’t have to run step one, two, and three. Now this could be really, really useful if you’re running a long process which does database truncation. You’ve done the hard work of truncating the database by step three. You don’t want to go off and redo those steps because they might have some repercussions. The advantage with the workflow model is that it keeps in memory all the inputs and outputs up until that point. And it magically just makes them appear.
So all the variable values and their state are available for the next set of steps that need to be executed. And the graphical PowerShell workflow is really just the same thing but for the graphical runbooks. Now that we’re clear what the runbook types are, let’s just select the basic PowerShell one to begin with. Let’s call it IAC demo. And the purpose of this runbook that I’m creating is to take an input of a resource group name and then use that resource group name to go and search for all the VMs that match the pattern of the resource group name and then run an operation to switch those virtual machines within those resource groups off.
Now this is a very common ask by administrators, right? I want to be able to switch off infrastructure that’s not in use because in a subscription model, you always end up paying for things that you don’t use. So why not have some automation to switch them off when you don’t need them? So let’s call this auto switch off VMs, and let’s click Create. So as I create this runbook, I get into the same familiar PowerShell editing pane where I’ve got access to my assets, my runbook, my commandlets. Now I’m going to help draw up what the skeleton of the runbook would look like so that we’re on the same page.
But then I’m going to cheat a little bit and copy some of the code that I’ve written before. So the first thing we need is the user input, user input for the resource group name. The second thing we need is we need to connect to Azure, yeah? Because you can’t do your automation to switch stuff off if you’re not connected and authorised against Azure. The next thing we’re going to do is we’re going to retrieve all resource groups. Well, correct that– virtual machines that match the resource group name. And then the last thing is really switch these machines off. OK, so as I said, I’m going to copy some code that I’ve written before here.
And it’s really just for interest of time. I can rewrite it again. So here’s I’m taking an input for resource group name. Then I’m connecting to Azure. And in that process, see, what I’m doing is I am using one of the variables. So we looked at the assets before and the variable type asset. So I’m simply leveraging one of the variable type assets where I’m storing the subscription ID of the Azure subscription where I want to run this automation. Then I’m using the run as account to authenticate my Azure automation against Azure. And there beyond, I’m just creating a connection to Azure resource manager and then setting the context of your resource manager to the subscription that it applies to.
So let’s just copy this code here.
Now again, if I was doing it in enterprise, I would put a try catch block around it, make sure I’m handling any failures on connectivity, and then rather than just letting the runbook fail. The next thing is now that you’re successfully connected you need to get the VM. So I’m just going to simply run the Azure RMVM command and then philtre that on the resource group name which I’m taking as an input from the user as a parameter. So copy that across.
And then the next step here is really just to loop through all the VMs that have been returned and then forcing a shutdown operation on them and then just checking in a loop to make sure that they’ve been shut down and, if they haven’t been shut down, reporting that you were unable to shut them down and then printing the reason why it couldn’t do it. So let’s take it here and paste it in here. Now we’ve got our partial runbook effectively. So what I’m going to do is I’m going to save this run book.
And I will– as a good DevOps person, I will click test because I want to make sure that the runbook works before I publish it out to a broader audience. And you see apart from having the ability to test my runbook, I also have an option to put in the variables for my runbook here as well. So let’s use the naming convention here of resource group name as asterisk TAAR asterisk. That’s because I’ve already got a virtual machine here, and the research group name for that includes TAAR. And what I want a demo here is running this runbook to simply discover this specific virtual machine in that resource group and switching it off. So let’s click on Start.
Now the job is queued, and because it’s at this point creating an instance, an isolated instance to test your run, it does take a few minutes to complete this operation.
As you can see now, the, status has changed from queued to running. And at this point, the script is starting to execute. It usually takes about 5 to 10 minutes for the entire operation to complete.
Now you see the result comes back where it’s successfully connected to the Azure subscription. It’s set the context of the execution of this runbook to the specific subscription for which the variable was pulled in because that had the subscription ID. It’s now executing the rest of the steps in that process wherein it’s going to try and query for resource group that match the input criteria that I specified here.
Ta-da! As you can see there, the machine MEP dev TAR successfully stopped. The status of the execution of this test is green, completed. But you’re like, you’re recording this video. Surely you must have done this behind the scenes. But let me prove it to you that this is just being executed by the automation engine and not me manually going off and switching off the virtual machine in the background. So let me navigate to the other page where I have the MEP dev TAR machine. And as you can see, its current state is stopped and deallocated.
But if I click on the resource group where the virtual machine resides and I click on activity log, right, so as we can see from the activity log here, the event was initiated– at least starting the VM event was triggered by me. And then this event to deallocate the VM was triggered by the automation account as you can see on your screen. Cool, so using a very simple runbook, we’ve managed to switch off the VM that’s not in use. Now you know, there’s no end to how much you can do with runbooks. Let me give you another example.
What if you wanted to publish the name and details of every virtual machine that gets switched off to your PowerShell runbook into a Slack channel, into a common channel so that you could drive some more analytics from there? So for example, if I wanted to see what are the VMs that are constantly being switched off, maybe they’re being underutilised, right? Maybe s can downsize them. Maybe I can get rid of them. Maybe no one’s using them. Well, you could go off and create a script to integrate with Slack yourself, or you could tap into the brilliant ecosystem of open source around PowerShell. In this case, I’m going to exactly do that.
So if I go back into the automation account and I go a few steps back, from the runbook section, you have the option to browse a gallery. So if I click on Browse gallery, this opens up the runbook gallery that is available in the open source. And as you can see, if I do a search on Slack, I can see that there’s a runbook already available. If I wanted to search for maybe Office 365, see what kind of automation scripts are already available for that. It’s a good way of maybe taking some inspiration or examples on how things can be done.
Or if you find a solution that just works for you, you can obviously imported within your subscription to achieve it. Without going into too much detail, I’m going to show you how you would actually hook up runbooks to virtual machines or to other parts or resources within Azure. So if I click on the runbook that has already been published and I click on Webhooks, Webhooks gives me the ability to expose that runbook as a REST end point. So if I click on Add Webhook, it simply allows me to create a Webhook. Let’s just call it Slack publish, you know? And I can set an expiration for it. So this one by default expires in two years time.
But if I wanted to have Webhooks that expire sooner than that or later than that, then that’s configurable. This URL is what you need effectively to trigger this runbook from another process. So I’m just going to copy this end point, click OK, click Create. And then what I’m going to do is navigate back into my VM here that I just switched off using the Azure automation. And within that, you have the option of going into the resource group and looking for the virtual machine itself. Now each virtual machine or broadly every asset within Azure has an alerting mechanism set up with it now.
In the case of this virtual machine, if I click on Alert Rule, it exposes all the underlying fundamentals like CPU utilisation, memory utilisation, resource utilisation. And it’s just not point in time.
It’s a historic trend. So if I wanted to see and set up a rule to say every time the CPU utilisation drops below 5% for more than two hours, I want to take an action, then I can set up an alert and set up the action just right from within the Azure portal. So let me click on the alert rule and say add a new alert metric. And from within the metric, I can call it something– less utilised, for example, here. And then scroll down and say, if the percentage CPU utilisation is less than, say, 5% over a period of one hour, well, then the machine is probably not being used. It’s worth switching it off.
And then the basic runbooks of switching stuff off are just available across Azure now. So you don’t really need to leverage Azure automation as a Webhook to do it. You could do it by the out of box runbooks that are available. But if you wanted to publish to a Slack channel, for example, then that runbook trigger needs to be done using Webhook. So I just created a Webhook, and I copied the endpoint. I can paste it in here. And then I can click OK. So what that is doing now is creating an alert rule.
So every time the utilisation of this machine drops below 5% utilisation for more than an hour, this runbook would get triggered, which effectively is a Slack channel publish runbook which will simply publish some details to a Slack channel. And as I said, right, there’s really no end to what you can automate or how you automate it
Now that you have a clear understanding of the basics of Runbooks, you’re ready to create your own runbooks.
Creating Your Own Runbooks
You can create your own runbooks from scratch or modify runbooks from the Runbook Gallery where there is a rich ecosystem of runbooks available for your own requirements.
There is also a vibrant open-source community creating runbooks that you can use to directly apply to your use cases. You can choose from three different runbook types based on your requirements and Windows PowerShell experience.
If you prefer to work directly with the PowerShell code, you can use a PowerShell runbook or a PowerShell Workflow runbook that you can edit offline or with the textual editor in the Azure portal.
If you prefer to edit a runbook without being exposed to the underlying code, you can create a graphical runbook by using the graphical editor in the Azure portal.
This article is from the online course:
Microsoft Future Ready: DevOps Development, Implementation and Azure Automation
Created by
This article is from the free online
Microsoft Future Ready: DevOps Development, Implementation and Azure Automation
Reach your personal and professional goals
Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.
Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.
