You can use the Hybrid Runbook Worker feature of
Azure Automation to run runbooks directly on the computer that's hosting the
role and against resources in the environment to manage those local resources. This
is useful if you want to automate tasks in other clouds and on-premises
environments.
The best way to start a Hybrid Runbook Worker is
to read the procedure the instruction from Microsoft first. However, the steps
are little difficult to follow, you can use the procedure with detailed
information published by Anderson here. After we configured few Hybrid Runbook
Workers, we found there are few tricks that need to be aware of in order to
configure them quickly.
1. The first trick is configure Azure Hybrid
Runbook Worker will need to create and configure the following resources.
- Azure automation account
- Azure resource groups
- Log Analytics
- OMS Workspace
All the resources need to be in the
same location! Since not all locations are available for the four resources
listed above and only few locations are common to all the four resources. My
suggestion is to look at the available OMS Workspace first since it has
lest available locations and find the common location to create each resource. I had issue in the last resource creation and I'm not able to find the resource group and had to recreate again from scratch.
2. The second trick is you can configure
the same on-premise VM/server to run as Hybrid
Runbook Worker for multiple Azure tenants. For each Azure environment, you need
to run the following command to login and it will configure the worker
connecting to that Azure.
Login-AzureRmAccount
3. The third trick is to automate the procedure
to get all needed information to run PowerShell to create Hybrid Runbook Worker.
New-OnPremiseHybridWorker.ps1
-AutomationAccountName <NameofAutomationAccount> -AAResourceGroupName
<NameofResourceGroup> -OMSResourceGroupName <NameofOResourceGroup>
-HybridGroupName <NameofHRWGroup> -SubscriptionId
<AzureSubscriptionId> -WorkspaceName <NameOfLogAnalyticsWorkspace>
You can see there are many parameters
you need to collection by different PowerShell and it’s tedious to put the right perimeter to pass to the script. Here is the enhanced PowerShell to the one published by Anderson to automate the process. All the
parameters are captured by PowerShell and assigned to variable and passed to
final script.
# Step 1 - Login
Login-AzureRmAccount
# Step #2 – Get WorkspaceName and OMSResourceGroupName
$NameOfLogAnalyticsWorkspace
= Get-AzureRMOperationalInsightsWorkspace | select Name
$NameofOResourceGroup = Get-AzureRMOperationalInsightsWorkspace
| select ResourceGroupName
# Step #3 - Het AutomationAccountName and AAREsourceGroupName
$NameofAutomationAccount
= Get-AzureRMAutomationAccount | select AutomationAccountName
$NameofResourceGroup
= Get-AzureRMAutomationAccount | select ResourceGroupName
# Step #4 – Get SubscriptionID. Please note this assume you have only one Subscription!
$AzureSubscriptionId = Get-AzureRMSubscription
| select SubscriptionId
# Step #5 – Define HybridGroupName you need
$NameofHRWGroup = “QCSBXHybGroup0”
New-OnPremiseHybridWorker.ps1
-AutomationAccountName $NameofAutomationAccount
-AAResourceGroupName $NameofResourceGroup
-OMSResourceGroupName $NameofOResourceGroup -HybridGroupName $NameofHRWGroup -SubscriptionId $AzureSubscriptionId
-WorkspaceName $NameOfLogAnalyticsWorkspace
4. The forth trick is you will run
into error below when using Azure Credential if you have Azure Automation PowerShell ISE Add-On was also
installed on the hybrid worker server.
AzureAutomationAuthoringToolkit: Warning - Local value for PSCredential asset "onpremCred" not found. When you are using Credential in the PowerShell code like below.
$onpremCred = Get-AutomationPSCredential -Name "onpremCred"
The issue is You can verify Azure Automation Powershell ISE add-on is impacting the call. You can verify if the following package inslatted and you can delete the whole folder.
AzureAutomationAuthoringToolkit
folder under C:\Program Files\WindowsPowerShell\Modules
5. The last trick is you monitor Azure
Hybrid Runbook Workers from Azure portal. You can go to Portal Azure and click the highlighted "Hybrid Worker" details icon. It will display the hybrid worker server name.
No comments:
Post a Comment