Azure Automation: Implement the Hybrid Runbook Worker

October 28, 2015 at 7:23 am in Azure, Azure Automation by Florent

With Azure Automation, it is possible to execute some scripts in your local datacenter, directly from Azure. In this article, I will explain to you how to do this, by executing a script who checked the service of OMS on a specific computer and restart it if he is stopped.

The principe of the Hybrid Runbook Worker is to install an agent directly on a machine who is in your datacenter and send actions from Azure to this machine.

The first step is to create an Operations Management Suite account. Log in to https://www.microsoft.com/oms and create a new Workspace. Give a name, choose a location and give an email address:

image

If you have multiple subscription linked to your account, choose the subscription where you want to link the OMS workspace:

image

Now that OMS is available, go to Solutions Gallery and choose Automation:

image

Click on it and choose Add to add the Automation Account plugin in the OMS interface:

image

The plugin is now available:

image

Click on it to configure it. Choose the automation account that you want to link to OMS:

image

After some seconds, you will be able to see the number of runbooks and the number of jobs in the main page:

image

It’s now time to install the OMS agent on the machine in the datacenter. I choosed the SMA server to install the agent. To download the agent, click on the Settings part and choose the type of agent that you want to download. For your information, because you added the Automation plugin, the agent is different that the initial OMS agent, to just monitor your infrastructure:

SNAGHTML3fb9cdf

Launch the installation on a server:

image

image

image

Choose the Connect the agent to Microsoft Azure Operational Insights:

image

Provides the workspace ID and the key that you can found in OMS, in the settings part, where you downloaded the plugin:

SNAGHTML3fd9237

image

The installation is now done:

image

On the server where you installed the agent, you can check if the Azure Automation has been pushed, by checking if the C:\Program Files\Microsoft Monitoring Agent\Agent\AzureAutomation folder exists:

image

Go back to the OMS portal to see if your server is connected:

image

We will now give the possibility to our Automation Account to launch Hybrid Runbook. To do this, execute the following PowerShell scripts:

cd “C:\Program Files\Microsoft Monitoring Agent\Agent\AzureAutomation\7.2.7037.0\HybridRegistration”
Import-Module HybridRegistration.psd1

Add-HybridRunbookWorker –Name SCUGBE -EndPoint “URL `
-Token “Primary Access Key” -Verbose

SNAGHTML4008671

Following the information that you need to fill in your PowerShell Script

SNAGHTML4015615[4]

Now, you can execute your Runbook that needs an On-Premise access, directly from Azure Automation. To show you how it works, I created a new Runbook named Get-HealthService-Status with 2 Assets. One variable, with computer named, separated by a “,” and one credential with login/password that has the administrative privilege on each server:

image

SNAGHTML40624db

Following is the code that I will execute in my Azure PowerShell Runbook:

$Servers = Get-AutomationVariable “ComputerName”
$Cred = Get-AutomationPSCredential -Name ‘LocalAdmin’

$Servers = $Servers.split(“,”);

foreach($Server in $Servers){

$service = Get-WmiObject -Class Win32_Service -ComputerName $Server -Filter “Name=’HealthService'” -Credential $Cred
if ($service.state -eq “Stopped”){

$service.StartService()
Write-Output “The service HealthService is now running on computer $Server”

} else {

Write-Output “The service HealthService is already running on computer $Server”

}
}

image

Publish it and click on Start. Choose to run it on Hybrid Worker and choose the group:

image

Click on OK to execute it. When the job is completed, go to the output to see the result:

image

We can see that for the first server, the service was already running, but on the second one, it has been started.

It is usefull to check if a critical service is running, for example every our, without having SCOM and restart it in case of failure. You can customize this script by sending an email for example if you restarted the service.

Enjoy this new feature Sourire