Automation

As mentioned earlier, the Azure Automation service lies at the heart of configuration management, process automation, and other automation-related capabilities in OMS. The Automation service uses Azure technologies and Windows PowerShell to provide you with process-automation capabilities using runbooks, and configuration-management capabilities using desired state configuration (DSC) for your Windows and Linux resources that may reside on-premises, in Azure, or other cloud service.

To automate processes such as long-running and repetitive tasks, you will make use of a set of tasks called runbooks. These enable you to perform automated processes in Azure Automation. You can perform automation tasks with runbooks just like you can with PowerShell, because runbooks in Azure Automation are based on Windows PowerShell or PowerShell workflows. Azure Automation runbooks execute in Azure and can be run against any cloud resources and any other resources that you can access. To execute runbooks against your on-premises resources, you can make use of the Hybrid Runbook Worker feature, which enables you to designate one or more computers on premises as resources, on which Azure Automation can execute runbooks to manage resources on premises.

Each worker will require the Microsoft Management Agent (MMA) and will connect to both the Automation account in Azure Automation and OMS Log Analytics. Azure Automation delivers the runbooks to the workers, and all other automation processes are executed in Azure Automation. You can then monitor the behavior of the management agent using Log Analytics. There are other considerations for making the Hybrid Runbook Worker feature highly available using groups, and we'll explore these later in this book.

Azure Automation also provides you with configuration management capabilities, using Azure Automation DSC. Azure Automation DSC is based on PowerShell DSC fundamentals, and is, in fact, a cloud-based solution for PowerShell DSC, and uses a declarative PowerShell syntax to enable you to manage, deploy, enforce, and monitor configuration for your computers. Because it is cloud based, you will manage your DSC resources in Azure Automation and apply your desired configurations to any computers on premises or in the cloud. Your computers then retrieve the configurations from a DSC pull server in Azure. You can then use the reporting capabilities in Azure Automation DSC to monitor the application according to your criteria, and identify and manage drift.

The following diagram depicts the Azure Automation data flow, process automation using runbooks in Azure and Hybrid Runbook Workers on premises, and configuration management using Azure Automation DSC: