Start Azure Automation runbook from powershell

With the new Azure Automation cmdlets I wrote about in the previous post we are now able to start runbooks from outside of Azure.
Here is an example how to start a runbook and also get the output from the runbook:

$AzureAccount = "Name of Azure Automation Account"
$RBname = "Name of runbook to start"
$Params = @{"Param1" = "Value1";"Param2" = "Value2"}

$RBjob = Start-AzureAutomationRunbook -AutomationAccountName $AzureAccount -name $RBname -Parameters $Params

DO {
    $RBjobId = Get-AzureAutomationJob -AutomationAccountName $AzureAccount -id $RBjob.Id
    $RBjobstatus = $RBjobId.Status
    } Until ($RBjobstatus -eq "Completed")

Get-AzureAutomationJobOutput -AutomationAccountName $AzureAccount -Id $RBjob.Id -stream Any

Azure Automation Powershell cmdlets

With the Azure Tool kit being updated last week we got a couple of cmdlets for Azure Automation, so now we are able to start, stop get jobs and so on from our runbooks in Azure Automation from on-premises.

Here are the new cmdlets:

To download the updated powershell module go here: http://azure.microsoft.com/en-us/downloads/

For reference on the new cmdlets, go here: http://msdn.microsoft.com/en-us/library/dn690262.aspx

Azure VPN with Vyatta

Setting up a router for Hyper-V

Worth mentioning is that this only works with a Static Gateway in Azure!

With the help from this post Using a virtual router for your lab and test environment from Johan Arwidmark, and this post Vyatta Virtual Router on Hyper-V from Stefan Stranger I managed to set up a virtual machine with Vyatta to act as a router for my lab enviroment.

Connect lab enviroment to Azure VPN
I created virtual networks and a Gateway in my Azure subscription with the help of this guide Step-By-Step: Create a Site-to-Site VPN between your network and Azure
And with a couple of blog posts on Vyatta, ipsec, Azure VPN and some “trial and error” I came up with the following Vyatta config:

# Configure IKE group
set vpn ipsec ike-group IKE-POLICY lifetime '28800'
set vpn ipsec ike-group IKE-POLICY proposal 1 encryption 'aes128'
set vpn ipsec ike-group IKE-POLICY proposal 1 hash 'sha1'
set vpn ipsec ike-group IKE-POLICY proposal 1 dh-group '2'

# Configure ESP group
set vpn ipsec esp-group ESP-POLICY lifetime '3600'
set vpn ipsec esp-group ESP-POLICY pfs disable
set vpn ipsec esp-group ESP-POLICY proposal 1 encryption 'aes128'
set vpn ipsec esp-group ESP-POLICY proposal 1 hash 'sha1'

# Enable VPN on the nic
set vpn ipsec ipsec-interfaces interface 'eth0'

# Set up the connction to the Azure gateway
set vpn ipsec site-to-site peer [IP of the Gateway] authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer [IP of the Gateway] authentication pre-shared-secret '[your pre-shared-secret]'
set vpn ipsec site-to-site peer [IP of the Gateway] connection-type respond
set vpn ipsec site-to-site peer [IP of the Gateway] default-esp-group 'ESP-POLICY'
set vpn ipsec site-to-site peer [IP of the Gateway] ike-group 'IKE-POLICY'
set vpn ipsec site-to-site peer [IP of the Gateway] local-address '192.168.0.254' # Vyatta external ip
set vpn ipsec site-to-site peer [IP of the Gateway] tunnel 1 local prefix '192.168.78.0/24' # Lab enviroment subnet
set vpn ipsec site-to-site peer [IP of the Gateway] tunnel 1 remote prefix '10.10.0.0/22' # Azure subnet

commit

save

# Exclude the site-to-site VPN from NAT
set nat source rule 5 destination address '10.10.0.0/22'
set nat source rule 5 source address '192.168.78.0/24'
set nat source rule 5 outbound-interface 'eth0'
set nat source rule 5 'exclude'

set nat source rule 20 source address '10.10.0.0/22'
set nat source rule 20 destination address '192.168.78.0/24'
set nat source rule 20 outbound-interface 'eth0'
set nat source rule 20 'exclude'

commit

save

Used blog posts:
Windows Azure mit VPN (Vyatta) verbinden
Configure a Site-to-site VPN using the Vyatta Network Appliance
Troubleshooting a Vyatta Site-to-site VPN connection

System Center 2012 Operations Manager Versions

System Center 2012 Operations Manager RTM – 7.0.8560.0

System Center 2012 Operations Manager RTM Update Rollup 1 – 7.0.8560.1021 (http://support.microsoft.com/kb/2686249)
System Center 2012 Operations Manager RTM Update Rollup 2 – 7.0.8560.1027 (http://support.microsoft.com/kb/2706783)
System Center 2012 Operations Manager RTM Update Rollup 3 – 7.0.8560.1036 (http://support.microsoft.com/kb/2756127)

System Center 2012 Operations Manager SP1 – 7.0.9538.0

System Center 2012 Operations Manager SP1 Update Rollup 1 – 7.0.9538.1005 (http://support.microsoft.com/kb/2785682)
System Center 2012 Operations Manager SP1 Update Rollup 2 – 7.0.9538.1047 (http://support.microsoft.com/kb/2802159)
System Center 2012 Operations Manager SP1 Update Rollup 3 – 7.0.9538.1069 (http://support.microsoft.com/kb/2836751)
System Center 2012 Operations Manager SP1 Update Rollup 4 – 7.0.9538.1084 (http://support.microsoft.com/kb/2879276)
System Center 2012 Operations Manager SP1 Update Rollup 5 – 7.0.9538.1106 (http://support.microsoft.com/kb/2904680)
System Center 2012 Operations Manager SP1 Update Rollup 6 – 7.0.9538.1109 (http://support.microsoft.com/kb/2929885)

System Center 2012 R2 Preview Operations Manager – 7.1.10139.0

System Center 2012 R2 Operations Manager – 7.1.10226.0
System Center 2012 R2 Operations Manager Update Rollup 1 – 7.1.10226.1011 (http://support.microsoft.com/kb/2904734)
System Center 2012 R2 Operations Manager Update Rollup 2 – 7.1.10226.1015 (http://support.microsoft.com/kb/2929891)

Using Powershell in Orchestrator

Create subscribers from .CSV

Here is a small powershell script for creating multiple subscribers from a CSV-file.

Your file should look like this:

"Name","Email","SMS","IM"
"Marsellus Wallace","marsellus.wallace@opsmode.com","12345678","marsellusw"

And the code looks like this:

$NotificationSubscribers = Import-Csv "D:\temp\SCOMNotificationSubscribers.csv"

foreach($NotificationSubscriber in $NotificationSubscribers)
{
$Name = $NotificationSubscriber.Name
$eMail = $NotificationSubscriber.Email
$SMS = $NotificationSubscriber.SMS
$IM = $NotificationSubscriber.IM

Add-SCOMNotificationSubscriber -Name $Name -DeviceList $eMail,"sms:$SMS","sip:$IM"
}

Creating a xplat script monitor from the console, System Center 2012 Operations Manager

Announced in the Technet forum last week was the new ability to create a UNIX/Linux Shell Command Monitor. Download the file from here, run it and after importing the file called Microsoft.Unix.ShellCommand.Library.mpb you will be able to create a two and/or three state UNIX/Linux script monitor from within the Operations Manager console.

image

To create a monitor simply start the Create a Unit monitor wizard.

Make your choices:

image

Give the monitor a Name select Monitor target and choose if it will be enabled.

Select how often your script will run on the agent.

In the Shell Command details you need to provide your command or path to binary/script without line breaks. So my little script that checks if a file exists.

#!/bin/bash
if ! [ -f /tmp/OPSMGR.SE ];
then
echo "Error"
else
echo "OK"
fi

Needs to be put in a file on the agent or as a one-liner. Otherwise it wont be possible to continue the wizard and a red exclamation will show, like in this picture

image

Putting the script in one line makes it look like this, I removed #!/bin/bash so the line wont be marked as a comment..

if ! [ -f /tmp/OPSMGR.SE ]; then echo "Error"; else echo "OK"; fi

image

Specifying the Error Expression

image

Specifying the Healthy Expression

image

Finish the wizard and your monitor is now running.

image

Running both OpsMgr 2012 beta and 2007 R2 consoles on the same workstation

Connecting to a OpsMgr 2012 beta management server with a OpsMgr 2007 R2 console doesn’t work either does connecting with the 2012 beta console to a 2007 R2 RMS.

If you like me wants to be able to connect to both a 2012 beta management group and a 2007 R2 management group you can run 2 consoles on the same workstation. Just start with running the OpsMgr 2012 beta setup on your workstation, if an OpsMgr R2 console is already installed it will be upgraded, otherwise just install the console. If you don’t want to go through the setup GUI just run this from an elevated command prompt: setup.exe /silent /install /components:OMConsole /UseMicrosoftUpdate:[0|1]

When this is done, load your R2 media and install the console from that one.

This will give you two folders in %programfiles%:

folder

And also on the Start menu and Programs and Features:

startmenu 

features

Now we are able to run the consoles simultaneously

console

But you will soon notice that the Connect to Server.. windows is showing now and then when opening a console. This is also mentioned in this post:
http://www.opsmode.com/2011/03/manage-multiple-management-groups-with-powershell/

connect to

To get rid of this I edit the shortcut and add /Server:OPS-OMbeta-MS01.opsmgr.se for my 2012 console and /Server:OM.opsmode.local for the 2007 R2 console
"C:\Program Files\System Center Operations Manager 2007\Microsoft.MOM.UI.Console.exe" /Server:OM.opsmode.local
"C:\Program Files\System Center Operations Manager 2012\Console\Microsoft.EnterpriseManagement.Monitoring.Console.exe" /server:OPS-OMbeta-MS01.opsmgr.se

Download Management Packs, OpsMgr 2007 and 2012 Beta

One nice features is the possibility to download MP’s from the Catalog in the OpsMgr Console.
I really like being able to download MP’s to disk, that way I can back up the actual .MP file. Not having to download a .MSI, installing it and remove it from Programs and Features / Add/Remove programs if I don’t want it there. What you don’t get when you download it from the Console is the Management Pack Guide, and that one needs to be read before importing the MP.
So, to get hold of the guide document from the Console you do as follows.

Go to Administration, right click Management Packs (you can right click anywhere) and chose Download Management Packs.

Chose your download location and then click Add

Search for the MP you want to download, and select it in the list. Then click Properties

image

And there you have it!

image

A nice feature here would be to right click and Save As, but that doesn’t work. How ever you can click it and it will open in Word, if you don’t have Word installed you can mark it and copy the the link with Ctrl+C and paste it in a browser to open it on another machine.

Web Console prerequisites, OpsMgr 2012

When installing the Web Console there is a couple of components that is required, the Operations Manager 2012 Supported Configuration (http://technet.microsoft.com/en-us/library/hh205990.aspx) list these:

  • Recommended processor speed: 2.8 GHz or faster.
  • Minimum memory: not less than 2 GB.
  • Operating System: Windows Server 2008 R2
  • Processor Architecture: must be AMD64
  • Internet Information Services (IIS) v7.5 or later, with the IIS Management Console and the following role services installed:
    • Static Content
    • Default Document
    • Directory Browsing
    • HTTP Errors
    • HTTP Logging
    • Request Monitor
    • Request Filtering
    • Static Content Compression
    • Web Server (IIS) Support
    • IIS 6 Metabase Compatibility
    • ASP.NET
    • Windows Authentication
  • Default website: must have an http or https binding configured
  • Both .NET Framework 3.5 SP1 and .NET Framework 4 is required for setup to run. For more information, see the following.

 

The role services is easily installed with powershell, which makes it a little quicker then using Server Manager GUI:

Import-Module ServerManager
Add-WindowsFeature NET-Framework-Core,Web-WebServer,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Asp-Net,Web-Http-Logging,Web-Request-Monitor,Web-Windows-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Metabase

As you might see I’ve also added NET-Framework-Core  (.NET Framework 3.5.1) there as well.

When the IIS install is ready you should install .NET Framework 4. (http://www.microsoft.com/download/en/details.aspx?id=17851)

If you installed .NET Framework 4 before installing the IIS you’ll get an error:

The ASP.NET 4.0 handler is not registered with IIS.
The ASP.NET 4.0 handler is not registered with IIS 

To fix this, the Operations Manager 2012 Deployment document states that you should run:

%WINDIR%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -r

I suggest that that you add the -enable option (%WINDIR%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -enable -r), that enables the ASP.NET ISAPI extension. And gets rid of this prerequisites error:

Web Console cannot operate properly because the ISAPI and CGI Restrictions in Internet Information Services (IIS) are disabled or missing for ASP.NET 4.0.
Web Console cannot operate properly because the ISAPI and CGI Restrictions in Internet Information Services (IIS) are disabled or missing for ASP.NET 4.0.

Lastly do a restart of the server before running the setup again.