service management automation (sma) from zero to hero
Post on 07-Dec-2014
340 Views
Preview:
DESCRIPTION
TRANSCRIPT
Service Management AutomationFrom zero to hero….
Michael RüefliCloud Architect @itnetx gmbh (CH)Email: michael.rueefli@itnetx.chBlog: www.miru.chTwitter: @drmiru
What I am focused on…
Agenda
Why SMA?SMA architecture and conceptsInstallation and configurationBasics on PowerShell workflowsRunbook NestingAbout Modules / Integration with other systemsAuthoring / Debugging / LoggingCurrent limitationsNotes from the field / best practiceUseful resources to get started
So which one to go for?
SC Orchestrator
SMA
Better together ?
Why go for SMA?
Consistent author experienceRunbooks can be authored and tested exernally Very flexible, very scalableLightweight infrastructure64Bit Architecture Because we all love Powershell and its ecosystem
SMA Architecture
SMA Solution StackWAP Admin
Portal
REST APIWeb Service
WorkerWorkerWorker
SMA DB
SCOM
SCSMSCCM
SCVMM
SCORCH
SMA Web Service &Runbook Worker
Admin Portal
Typical Enterprise DeploymentPortal and Web Service Load BalancedMultiple Workers for Load DistributionHA SQL DBAlwaysOn or WFC
SMA Web Service &Runbook Worker
Admin Portal
SQL Always On SQL Always On
Installation(1) WAP Admin Portal via Web Platform Installer
Admin SiteAdmin Auth SiteAdmin APIPowershell APITenant API
(2) SMA Powershell Module via SCORCH Media(3) Web Service / Runbook Workers via SCORCH Media(4) Update to current Rollup Pack 2
DEMOSMA Deployment
Administration
How…Web-based runbook authoringSMA Powershell ModuleoDATA REST API
What…Powershell workflowsManage runbooks and jobsHistorical job state, output and debug info
SMA Object TypesRunbooksJobsAssets
Connection ObjectsVariablesPS CredentialsSchedules
Output Streams
PowerShell Workflows
About_Powershell_WorkflowsCode looks like a Function
Compiled on the fly into XAML code for WWF, executed by WWF engine
Limited CMDLET support (but we have inline scripts)
Support for selective parallel / sequential executions
Support for checkpoints / resumes
Powershell Workflow AnatomyParameter Block
Get Connection Info
Inline Script
Variable / Parameter Scoping3 Scopes (Workflow, InlineScript, PS Remote Session)$USING passes Variable from WF to InlineScriptPS Remoting not available as native WF action
Has to be invoked within an InlineScriptVariables from root scope to be re-instantiated
Alternative: Use -PSComputerName for InlineScript remoting
Variable / Parameter Scoping
VS.
DEMOCreating Runbooks
Runbook nestingINLINE (Synchronous call of child runbook)
Pro• Parent and child run in the same job
context• Parent waits for completion• Exceptions and output stream from
child directly available to parent• Supports complex input parameters
Con• Parallel execution can be limited• Child runbook must be published
before the parent runbook• Care has to be taken when naming
child runbooks to prevent conflicts with CMDLETs
Runbook nestingEXTERN (Aynchronous call of child runbook via Web Service)
Pro• Parent and child run in different job
context, allows parallel spin offs• Supports calling of runbooks from
other SMA instances
Con• Getting return data from child
runbooks is not straight forward• Input parameters have to be
«primitive» to survive the JSON serialization through web service
External Systems Integration
PS Modules <-> SCORCH IPsSCORCH uses Integration PacksSMA uses PowerShell ModulesImport PS Modules into SMAPortable Modules for complex code
DEMO Practical Example:Hyper-V Replica Management
Current Limitations• Multi Tenancy for SMA Admin Portal• No Access to SMA from Tenant Portal• Delegation for Assets and Runbooks to Tenants and
Admins• Selection of specific Runbook Worker when
executing / calling Runbooks• Limited Schedule Options
Notes from the field
Field Notes: Debugging / LoggingVerbose / Debug / Progress output per runbook
Use Progress / Debug options with caution (DB growth)Use write-verbose instead of write-outputProper use of try {} Catch {} blocksPrefer logging of proper errors instead of "throwing" exceptionsLog to a central location for simplified troubleshootingUse a custom PS Module for Error Logging and call it within RBs
Field Notes: Runbook Authoring• Name WFs like CMDLETs, respect approved Verbs
http://msdn.microsoft.com/en-us/library/ms714428(v=vs.85).aspx
• Name WFs with a custom prefix (prevent future conflicts)
• Follow general SCORCH Runbook authoring guidelineshttp://blogs.msdn.com/b/microsoft_press/archive/2013/09/18/free-ebook-system-center-designing-orchestrator-runbooks.aspx
• Use proper tagging, multiple tags can help with grouping
• Use Community SMA Module for external authoring in ISEhttp://blogs.technet.com/b/orchestrator/archive/2014/03/27/authoring-sma-runbooks-in-the-powershell-ise.aspx
Field Notes: Security• Do not assign high privileges to Worker Service
Account
• User SMA connection- / credendial-objects instead
• Use dedicated credentials for different target systems
• Do not use clear text passwords in Runbooks
Useful ResourcesSMA White Paper V1.03http://gallery.technet.microsoft.com/Service-Management-fcd75828
Building Clouds Bloghttp://blogs.technet.com/b/privatecloud
System Center Orchestrator Bloghttp://blogs.technet.com/b/orchestrator
Powershell Workflows introductionhttp://blogs.technet.com/b/heyscriptingguy/archive/2012/12/26/powershell-workflows-the-basics.aspx
WIN A TICKET FOR SCU EUROPE17. – 19. SEPT. 2014BASEL (SWITZERLAND)Question:Within a PS Workflow, non-native Workflow actions can be executed inside an
…………….
THANK YOU!
Michael RüefliCloud Architect @itnetx gmbh (CH)Email: michael.rueefli@itnetx.chBlog: www.miru.chTwitter: @drmiru
top related