Automating the Azure infrastructure using a command-line interface

Clockwork

JSON Templates

Imagine you repeatedly need to provide a network configuration to a specific environment, consisting of a domain controller, a SQL server, and web servers. You could create sophisticated scripts with the help of either the CLI or PowerShell to set up environment.

The Resource Manager provides a means for using templates to define all the parameters for configuring the target environment (Figure 3). The templates are Java Script Object Notation (JSON). Because JSON is a standard, you do not need to use a specific tool. Instead the JSON files can be edited and transported with the various utilities depending on the task. You could edit JSON files with Visual Studio or even a plain old text editor, although a text editor is not likely to be suitable in everyday practice because JSON files are quite extensive and not at all forgiving of syntax errors.

Figure 3: Creating an Azure environment using an Azure Resource Manager template takes time, but the results are impressive once you get there.

Another easy tool for working with templates is the Azure Resource Manager Template Visualizer (Armviz – Figure 4). You will find the Armviz project on Github [6], along with a video tutorial to get you started.

Figure 4: Armviz offers a convenient overview of template resources.

Armviz provides "Quick Start Templates" to help you create a configuration. Browsing and learning is pretty easy given the number of templates. The other buttons should be largely self-explanatory. Click Open existing template to read a JSON file on the administrator's PC and display the file graphically for editing.

The Edit parameter definitions command lets you define variables that are queried and filled when processing a JSON file. In this way, for example, you can prompt for passwords to admin accounts and thus avoid storing them in plain text in JSON files. Things get very exciting when you double-click on one of the icons in the workspace. You can edit the object; of course, everything is in JSON syntax and there is an option for checking your input directly for correct notation. You will find a rich collection of JSON templates in the Azure Documentation Center [7]. In the menubar at the top, look for Resources and then go to Templates , where you will find many examples waiting for download. Once you are finished with the design of the template and want to implement it in Azure, you have several options depending on your system and command interface. For instance, at the Mac command line, enter the following:

> azure group deployment create ita-resgroup ita-deployment -f /users/klaus/jsonfiles/Testlab.json

See the Microsoft documentation for a discussion of how to apply a template using PowerShell [8]. For an environment consisting of a domain controller, SQL Server, a web server, and a member server, deployment takes about 20 minutes, and if you're using a proven JSON template, you have the assurance that the deployment will be correct.

Automation Needed

If you are working on automating tasks in Azure, there is no escape from the Azure Automation service. You need an Automation account, which is part of your Azure subscription, and you can then perform actions on a defined set of servers using what are known as runbooks. Runbooks are based on PowerShell and can include anything from simple tasks, such as starting servers, to arbitrarily complex scenarios. You have the possibility to create new runbooks or select runbooks from the catalog to suit your needs.

PowerShell Desired State Configuration (DSC) may be a familiar term to most administrators. You can use DSC to configure the desired state for specific targets. Incorporating DSC into Azure Automation gives you additional punching power. Technical articles on the topic of automation [9] are available with many details.

Azure Automation is not limited to machines in Azure; even on-premise servers can include this type of automation. Like Azure Active Directory, Azure Automation is one of those services that is free of charge up to a certain usage limit, and then available for a fee after that. Given a job execution time of less than 500 minutes and less than five nodes for DSC, you are still in the free zone. Even if you need more, the costs are still manageable: At around EUR5 (~$5) per month for the use of unlimited nodes in DSC and EUR0.00017 per minute for order execution, the costs are bearable if you compare the benefits.

Shutting Down Servers Correctly

Every minute you run a VM on Azure costs money. What often causes surprises is the fact that servers that are shut down are still billed if you forget to deallocate the storage. If you shut down a server with the following CLI command

> azure vm stop -n ita-srv2016 -g ita-resgroup

it may no longer be running, but its storage allocation in Azure is maintained and is still billed against your subscription. It takes the following command

> azure vm deallocate -n ita-srv2016 -g ita-resgroup

to free up the allocated resources and stop the cost clock from ticking. The same applies if you are logged on to a server via RDP and then shut it down. The memory is not released. A final look at the portal is worthwhile to check the status of the VMs or preferably run a script to shut down all servers.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus