Automate your processes in a serverless way

Transcript

1. Automate your processes in a serverless way NORWEGIAN POWERSHELL USER

   GROUP 20 NOVEMBER 2019

2. Automation across Azure lifecycle PROTECT SECURE MONITOR CONFIGURE GOVERN Security

   management Threat protection Backup Disaster recovery Policy management Cost management Configuration Update management Automation DEPLOY / MIGRATE App, Infra & Network monitoring

3. Serverless what? Serverless as a concept when you abstract from

   underlying infrastructure Azure Automation Serverless as a programming model – Functions as a Service Azure Functions

4. Automation in Azure (2014) Deploy and operate infrastructure and applications

   in Azure with a general-purpose automation service Deliver repeatable and consistent infrastructure as code. Create event-based automation to diagnose and resolve issues. Orchestrate your automation across Azure and 3rd party systems. API Single service to perform automation from Azure

5. Automation in Azure (2019) Deploy and operate infrastructure and applications

   in Azure using domain specific services Deliver repeatable and consistent infrastructure as code. Create event-based automation to diagnose and resolve issues. Orchestrate your automation across Azure and 3rd party systems. API Blueprints Logic Apps Functions ResourceManager Policy Deployment Manager DevOps DSC

6. Azure Automation  Automation Account  Runbooks  Modules 

   Assets (variables, secrets, connections)  Schedule or webhook  Runs – in Azure or anywhere (Hybrid Runbook Worker)  Watcher Tasks  VCS integration – GitHub, Azure Repos (Git, TFVC)  ARM templates support (!)  Monitoring – jobLogs, jobStreams, etc. to Log Analytics++

7. PowerShell in Functions General Availability PowerShell Core 6 PowerShell profile

   (profile.ps1 run at app startup) Custom module upload Logging & troubleshooting Local debugging Hybrid environments Managed identity integration Bindings • Parameters for in direction • Push-OutputBinding for out direction Concurrency / Threads • PSWorkerInProcConcurrencyUpperBound • FUNCTIONS_WORKER_PROCESS_COUNT • Use Start-ThreadJob instead of Start-Job

8. PowerShell managed module dependencies  PowerShell modules can be managed

   by service automatically  Service will keep the function app updated with the latest dependencies as they ship.  Control major version upgrade of the dependencies. Host.json Requirements.psd1 (PowerShell)

9. Azure Functions Features  Choice of language  Pay-per-use pricing

   model  Bring your own dependencies  Integrated security  Simplified integration  Flexible development  Open-source

10. Integrations  Azure Cosmos DB  Azure Event Hubs, Azure

    Notification Hubs  Azure Event Grid (EventGridTrigger)  Azure Service Bus (queues and topics), Azure Storage (blob, queues, and tables)  On-premises (using Service Bus)  Twilio (SMS messages)  Any service that can use webhooks (HTTPTrigger)  Azure Monitor Alerts  Logic Apps

11. Hosting plans  Consumption plan, Premium plan, and App Service

    plan.  Dictates the following behaviors:  How your function app is scaled.  The resources available to each function app instance.  Support for advanced features, such as VNET connectivity.

12. Technical specs  Timeouts for v2 runtime functions  Consumption

    plan: 5 mins (default), 10 mins (max)  App Service plan: 30 mins (default), unlimited (max)  Max response time for HTTP trigger: 230 seconds  Storage account required  Must be general purpose (v2) with LRS  Compute  Consumption plan: 1 vCPU, 1.5 GB RAM per Function host

13. Authoring experience  Azure Portal  Built-in editor  Test

    pane  IDE – Visual Studio Code  VCS (git) integration  Local development and debugging  Direct deployment to Azure (WebDeploy / zip package)

14. PATTERNS AND PRACTICES Event based automation in Azure

15. Common Automation Scenarios Deliver event-based automation with Azure Functions with

    native Azure services ➢ When VM is deleted, remove from monitoring system ➢ When resource group is created, look up cost center for region and add tag with number ➢ Add AD groups to new SQL servers ➢ When CPU spikes > 90% - send teams event. ➢ When storage account latency > 50% - open GitHub issue ➢ When certificates are about to expire, send email API event-based automation

16. Azure Event Grid Simplify event-based automation with a publish-subscribe model

     Simple HTTP-based event delivery.  Build better, more reliable automation through reactive programming. Common scenarios:  Add tags with looked up values when resource is created.  Grant access to resource group to ops / dev teams when it is created.  Send teams event when resource is deleted.  Respond to forwarded VM maintenance notification (scheduled events) https://github.com/Azure-Samples/virtual-machines-python-scheduled-events-central-logging

17. Event Grid Pub-Sub Model

18. Pattern A: Event Grid, Automation Account Event subscription Runbook (adds

    tags to a VM) Webhook Team - Channel Webhook

19. Pattern B: Event Grid, Logic App Event subscription Workflow Send

    E-mail action

20. Integrating with external systems with Logic Apps Orchestrate processes across

    various systems to perform end to end automation.  Over 300 connectors  Visual designer to focus on business process  Call Azure function to run automation code. Common scenarios:  Fulfill request based on approval in ServiceNow system.  Send customized email notification when automation task is completed

21. Azure Monitor Respond to Azure alerts to remediate or escalate

    to external system.  Native integration with action groups in Azure Monitor.  Respond to metrics or based on log search query. Common scenarios:  Send teams event when Azure functions are failing.  Restart service inside a VM when it is stopped.  Truncate table when SQL database reaches maximum size.

22. Pattern C: Azure Monitor, Logic App Activity Log Event Workflow

    Alert Action Group Action (webhook)

23. Pattern D: Security Center, Function App Function App Code Playbook

    (Logic App) Events Events Security Alerts Security Alerts Webhook REST API

24. Scheduled task Create timer tasks to automatically manage resources 

    Based on CRONTAB expression  Every hour "0 0 * * * *"  Support time zone with WEBSITE_TIME_ZONE app setting. Common scenarios:  Stop VMs at night and start up in the morning.  Perform SQL maintenance tasks.  Remove resources that are not longer needed based on a tag.

25. Http trigger / webhook Start automation on demand from external

    system like a webhook or exposing the http endpoint as an API for other automation.  Multiple auth mechanisms available  Integration with Azure API management  Trigger based on event in external system Common scenarios:  Trigger on demand automation like collecting logs for a failing service.  Onboard user to organizations resources, set up mailbox, grant access when triggered by Logic App.

26. Custom Resource Provider

27. How to get started MORE THAN JUST HELLO WORLD…

28. Serverless Library  https://serverlesslibrary.net  GitHub sign-in  Contribution 

    Title  URL to GH repo  Description  Technologies  Language  Solution area  ARM template URL

29. Rub a little DevOps on it

30. (Continuously) test and deploy to Azure  Azure Pipelines 

    Integration with GitHub, Azure Repos Git, TFVC, BitBucket Cloud, Subversion, Generic Git  Continuously build, test, and deploy to any platform and cloud  GitHub Actions  Build, test, and deploy your code right from GitHub. Make code reviews, branch management, and issue triaging work the way you want.  GA, available on every repo  GitHub Actions for Azure  Also GA, Open-sourced on GH  A set of actions – e.g. deployment to Azure Functions – ready to be used

31. Resources  Start / Stop VM example (from Eamon O'Reilly)

     https://serverlesslibrary.net/sample/24000d65-f927-4f6a-bdcc-e20b112e8fa9  https://github.com/eamonoreilly/StartStopPowerShellFunction  GitHub Actions for Azure (incl. deployment to PowerShell Azure Functions)  https://github.com/Azure/actions  Azure Functions Overview  https://docs.microsoft.com/en-us/azure/azure-functions/functions-overview  PowerShell Functions ‘Hello World’ (with VS Code)  https://docs.microsoft.com/en-us/azure/azure-functions/functions-create-first-function- powershell

32. Speaker’s bio

33. Thank you