As an avid consumer of my MSDN monthly Azure credits I found I was consuming compute cost during hours I wasn't working or using the environment and for a long time I didn't bother learning how to use the "Automation" feature in Azure due to the learning curve. I've taken some time to figure out how to use it and offer my findings in this post.
First lets talk about the various components which make up the Automation feature in Azure:
Azure Automation ComponentsAutomation Account: The Automation Account is a placeholder for your other objects which include Runbooks, Assets, Scale configuration, etc.
Assets: An Asset can be a "Connection", a "Credential", a "Variable", or a "Schedule" object which can be linked or referenced in your Runbooks.
Runbooks: The Runbook is essentially the script containing the commands you want to issue to your environment. A Runbook can contain references to Assets such as a reusable "Credential".
Creating your Automation CredentialThe newer way of connecting to your Azure tenant from the Automation environment is to use an account in your Azure AD environment, adding it as an Asset (Credential), then referencing it in your connectivity to your environment.
- Click on the Active Directory navigation link on the left side of your Azure portal
- Click on the Azure AD environment associated with your Azure tenant and click the Users tab
- Click the Add User button on the taskbar and add an account called "Azure Automation" with a UPN of "email@example.com"
- NOTE: Once you receive the password for the account you must log in at least once to change the password otherwise your Runbook will fail. You can do this by opening a private IE window and logging in to change the password. Remember this password as we will use it to create an Asset shortly.
- Click on the Settings link in the left navigation window then click on Administrators
- Click the Add button on the toolbar and add your Azure Automation AD account as a Co-Administrator to your subscription
- Click on the Automation navigation section and click on your Automation Account
- Click the Assets tab and click Add Setting on the toolbar
- Choose Add Credential, choose Windows PowerShell Credential, and type a name (i.e. AzureAutomationAccount) and click the Next button
- Type the User Name and Password making sure to specify the full UPN (firstname.lastname@example.org) and click the Checkmark to complete
Creating your first Runbook...
- Click on the Automation link in your Azure tenant, then click the Create button on the toolbar at the bottom of the screen
- Give the account a name and set the Region
- Click on the account to open it, select the Runbooks tab, then click the New button on the toolbar
- Click Quick Create, give the Runbook a name (i.e. StartTestCloudService), give it a description, make sure your automation account is selected, and click on the create link
- Click the Runbook which will take you to the Author tab right away
Anatomy of your Runbook scriptWe need to make a connection to the Azure environment which is done by issuing the following command:
$cred = Get-AutomationPSCredential -Name AzureAutomationAccount
We store the credentials in a variable called $cred which we pass to the function below. This makes it possible for an Administrator to establish a co-administrator ID without giving the password out to another person who might be using the account for scripting purposes.
Add-AzureAccount -Credential $cred
This command will connect to your Azure tenant using the credentials stored in the Asset you created earlier.
Select-AzureSubscription -SubscriptionName "Visual Studio Ultimate with MSDN"
NOTE: Depending on your environment, you may need to change the subscription name to your actual subscription name. So how do you find this information? Well, I suggest downloading the Azure PowerShell tools from: http://azure.microsoft.com/en-us/downloads/#cmd-line-tools. Start the Azure PowerShell tool and log into your account using the Add-AzureAccount function above. After authenticating, type Get-AzureSubscription and note the SubscriptionName parameter's value.
You're now ready to start issuing commands to your VMs. To start VMs in a particular cloud service use:
To stop all VMs in a cloud service, use:
Stop-AzureVM -Name * -ServiceName
Using the "-Force" parameter will ensure the script properly de-allocates your Cloud Service resources including the shared Virtual IP. Without this switch the runbook will fail to shut down all the VMs.
You can save and test your Runbook using the buttons on the bottom toolbar when in "editing" mode to make sure everything is working. When complete, click the Publish button which will allow you now to schedule your Runbook.
Scheduling my RunbookNow that we've created a Runbook, we want to schedule it to run on a daily basis at 018:00 every day:
- Click on the Automation section of your Azure portal and open your Automation Account
- Click on your Runbook and click the Schedule tab
- Click on the Link button and choose Link to a New Schedule
- Specify a name (i.e. 18:00 every day) and click Next
- Select Daily and type 18:00 for the time leaving 1 as the recur every value and click the Checkmark
NOTE: If you need to change the start date, time, or frequency of your Schedule asset it doesn't appear to be and editable object through the UI or Azure PowerShell (i.e. Set-AzureAutomationSchedule) so you likely have to create a new one, link it, and un-link the old one.
That's all for today folks. Enjoy!