Introduction to Service Management Automation

Introduction to Service Management Automation

Service Management Automation (SMA) is a new component in System Center for process automation.

Before looking into the technical details, lets have a look at what practical use cases there are for an automation product like SMA:

  • Automate maintenance tasks such as orchestrating patching of Windows Failover clusters, stop and start services as well as starting and stopping virtual machines in a defined order when doing maintenance work
  • Automate business processes such as creating, changing and removing user accounts, password resets and automating file transfers
  • Automating tasks in a service catalog and change management such as creating virtual machines and automatic configuration of backups
  • Dynamic resource allocation based on load or calendar. A practical example might be extending a web farm with additional instances before the Christmas holidays
  • Respond to alarms from operations tools such as System Center Operations Manager
  • Integrations across systems, such as automatically creating an incident in an incident management system based on an event from an operations system

SMA is not a separate component in the System Center suite on the same level as the other components such as Configuration Manager and Virtual Machine Manager, the installation files is included in the installation media for Orchestrator:

clip_image002

As we can see based on the above screenshot, SMA has 3 components:

  • Runbook Worker – Executes runbook jobs. These might be scheduled or triggered manually.
  • PowerShell Module – Cmdlets for administering SMA.
  • Web Service – Web API (REST OData) used to several tasks such as communication with Windows Azure Pack, distribute runbook-jobs to runbook workers as well as delegating permissions.

In addition a SQL-database is needed to store data (needs to be specified during installation).

From an architecture level there are similarities between System Center Orchestrator (SCO) and Service Management Automation (SMA). The main difference in the user experience is that SCO has a graphical interface with drag and drop support, while SMA is 100% based on Windows PowerShell Workflow.

PowerShell Workflow, introduced in PowerShell 3.0, is built upon Windows Workflow Foundation. PowerShell Workflow makes it possible to orchestrate long-running activities and automate complex tasks, such as deploying a service containing several servers. PowerShell Workflow got several capabilities such as executing activities in parallell, resume execution after a failure (such as network outage) and continue after a reboot. Details and links to more information about PowerShell Workflow is available in the article «When Windows PowerShell Met Workflow» on the Windows PowerShell Team blog.

Portal

SMA itself does not have a built-in portal, the only way to define runbooks is using the PowerShell cmdlets or the web service. Windows Azure Pack for Windows Server is a free component for hosting providers and enterprises which provides a user experience consistent with Windows Azure:

clip_image004

One of the components in Windows Azure Pack is Automation, which is based on a connection to the SMA web service. This makes it possible to use the Automation component available in Windows Azure Pack as a web portal for SMA:

clip_image006

The first item we see when entering the Automation portal is Dashboard, which provides an overall view of the defined runbooks.

Runbooks provides a view of all runbooks defined, with options for sorting based on status, tags or search query:

clip_image008

Clicking on a runbook brings you to a dedicated dashboard for the selected runbook, where statistics for the runbook jobs is available:

clip_image010

Jobs provides history and output from each job instance, which has be executed for the runbook:

clip_image012

Author shows the published version of the runbook:

clip_image014

Draft provides the ability to edit and test the code defined in the runbook: clip_image016

All runbooks have to start with the keyword for PowerShell Workflow followed by the name of the runbook. Optionally a param block can be provided in order to define parameters for the runbook. The actual code is defined after the param block.

If parameters is defined, values for these may be provided when starting the runbook:

clip_image018

These values can also be provided if the runbook is sceduled.
Schedules may be defined in the next menu item:

clip_image020

clip_image022

The last menu item for a runbook is Configure, giving options such as providing a description, tags and enabling debugging and logging:

clip_image024

Debugging and logging will require much space in the database, and should only be enabled during troubleshooting.

The last item we will have a look at in the Automation portal in Windows Azure Pack is Assets:

clip_image026

An Asset may be PowerShell modules or one of the following:

clip_image028

Connections is connections to other systems, such as other System Center components like Data Protection Manager and Virtual Machine Manager. Credentials and variables can be defined globally in order to avoid hardcoding them in runbooks. The last type of asset is scheduled, which we have already looked at.

Architecture

When PowerShell Workflow is used outside of SMA, state («persistence») is stored locally on the machine executing the workflow. With SMA we get a highly available workflow, because persistence is stored in a SQL-database.

This makes it possible to build a highly available automation platform, by configuring a highly available SQL-service (using clustering or AlwaysOn) as well as 2 or more servers with the SMA Runbook Worker and Webservice installed:

clip_image030

Source of illustration: System Center Orchestrator Engineering Team Blog

At the Build conference in April 2014 Microsoft also announced Microsoft Azure Automation preview, making it possible to leverage SMA without an on-premise automation platform.

Summary

Since SMA is based on PowerShell Workflow its possible to automate everything which can be accomplished from PowerShell. Unlike Orchestrator which can be extended by Integration Packs, SMA can be extended using PowerShell modules.

The first version of the product (“V1”) lacks some functionality available in Orchestrator, such as the ability to configure runbook permissions. This is a feature an enterprise using SMA would find useful in order to delegate access to runbooks based on for example Active Directory security groups.

There are no official statements regarding the strategy around Orchestrator and SMA will be in the future, but its not unlikely that SMA will overtake Orchestrators role in the Microsoft ecosystem when more functionality comes in place.

Resources

Overview of Service Management Automation

Microsoft Azure Automation preview

Windows Azure Pack for Windows Server

Getting Started with Windows PowerShell Workflow

Intro to SMA

SMA Capabilities in Depth

Jan Egil Ring works as a Lead Architect on the Infrastructure Team at Crayon, Norway. He mainly works with Microsoft server-products and has a strong passion for Windows PowerShell. In addition to being a consultant, he is a Microsoft Certified Trainer. He has obtained several certifications such as MCSE: Server Infrastructure and MCSE: Private Cloud. He is also a multiple-year recipient of the Microsoft Most Valuable Professional Award for his contributions in the Windows PowerShell technical community.

NO COMMENTS

Leave a Reply