Jakob Gottlieb Svendsen

System Center OrchestratorService Management Automation Automating System Center 2012 R2

@JakobGSvendsenhttp://blog.coretech.dk/jgs/

Who am I• Chief Developer / Consultant / Trainer

• Coretech A/S, System Center Gold Partner– Offices in

• Titles– System Center Cloud and Data Center Management MVP

– Member of the System Center Influencers Team

• Areas– Orchestrator / Service Management Automation / Windows Azure

Pack

– Extensions for System Center (PS,VB.NET,C#.NET)

• Communities– Co-Founder of the Danish PowerShell User Group (www.psug.dk)

• Author / Training– Service Manager 2012 Unleashed (contributing author – Released

October 2014)

– Mastering System Center Orchestrator 2012 – 3 day workshop

– Service Management Automation - 3 day Workshop (New!)

Agenda

• Short Introduction• Scenario: Azure Pack Integration• Scenario: SCCM/Intune – Monitor Jailbreaks• Monitors in SMA• Scenario: SCOM/SCVMM – Extend VM Drive• SCOM – Using Recovery Action• Scenario: SCSM/SCCM – Import Computer(s)

Core

Resource clouds

Automation Billing Tenantmanagement

Hostingplan

Hardware

IaaSVirtual

machines

PaaSService

bus

PaaSWebsites

IaaSNetwork

PaaSDatabaseAzure Pack Operations Manager

Infrastructure & application monitoring, alerting & usage

Data Protection ManagerContinuous protection of key applications & workloads

Service ManagerIT service management & request authoring

OrchestratorIntegration & automation of key technologies & processes with SMA & Service Manager

Virtual Machine ManagerFabric, library & cloud management

Service Delivery stack

Service Management Automation (SMA)

• System Center 2012 R2 Orchestrator adds support for

PowerShell Workflows through the SMA feature

• Browser-based runbook authoring integrated into the Azure Pack Portal

• Supports requirements for scale and high availability

• Import PS modules and create additional modules and runbooks

• Check out the Building Clouds Blog for an Introduction to SMA

http://aka.ms/IntroToSMA

Demo

Introduction

SCOM CI Connector

Service Manager

OperationsManager

MonitoredInstances

Operations Manager CI Connector

Any Monitored Resources

*nix / bsdNetworkCustom classes

Import All MPs from Operations Manager to Service Manager

OPTIONS

• GridPro– Designed the same way as the original Out-Of-The-Box Orchestrator connector

– Strict relationship runbook and template, using SMA runbook templates

– Self Service Integration into Windows Azure Pack Gallery with GridPro Request Management

• Cireson– Works is a more flexible – less strict way

– Workflow event subscription

– Stand alone Self service portal

Contact Coretech / Me for more info / purchase

Scenario: SCCM/Intune – Monitor Jailbreaks

Microsoft Intune

Mobile devices

Building PowerShell Monitors

• Monitor using a loop (While)

• Check the target (New alertsetc.)

• Trigger Action

• Sleep for x seconds

Building PowerShell Monitors - Refresh

• Refresh Monitor every once in a while

– Depends on purpose and output size of runbook

• 24 hours, 1 hour, 20 minutes etc.

– Loop until refresh time

– Restart runbook using web service

• Use $WorkFlowCommandName

SCCM/Intune – Monitor Jailbreaks – Extension

• Day 1: Warn User• Day 3: Block User (Mail etc.)• Day 7: Wipe Phone!• 2nd time…..

Get-Employee | Remove-EmployeeNew-Employee

SCOM – SMA Monitor

Scenario: SCOM/SCVMM – Extend VM Drive

Demo

SCOM/SCVMMExtend VM Drive

Basic – Using Resolution State

Building PowerShell Monitors - Query

• Limit Query to minimum– “Mark” the objects

• SCOM Alert – Resolution State

– Use last search date/time• SCOM Alert – TimeRaised

• Active Directory – WhenChanged

• NOTICE – Assets are Universal Time!

Demo

SCOM/SCVMMExtend VM DriveOptimized Query

Monitors – Not too many

• Try not to get too many Monitors connecting to the same system

– Consolidate Monitors into one

– Use other techniques to trigger the runbook

• SCSM – Workflows

• SCOM - Recovery Action

SCOM – Using Recovery Action

Demo

SCOM/SCVMMExtend VM DriveRecovery Action

SCOM/SCVMM – Extend VM Drive - Extension

• The source of the alert/problem is not fixed!

• Make sure you monitor when this happens

– SCSM – Incidents

– Reports

Did I Cheat??

Just a little bit!Logical disk space check interval was 5 seconds

Compared to every 15 minutes by default.

Scenario: SCSM/SCCM – Import Computer(s)

Mac Address Barcode

• Some manufacturers addextra text

• Needs to be removed before import

This manufacturer adds “23S”

Demo

SCSM/SCCM

Import Computer(s)

SCSM –> SMA Connectors

• GridPro– Designed the same way as the original Out-Of-The-Box Orchestrator

connector

– Strict relationship runbook and template, using SMA runbook templates

– Self Service Integration into Windows Azure Pack Gallery with GridProRequest Management

• Cireson– Works is a more flexible – less strict way

– Workflow event subscription

– Stand alone Self service portal

SCSM/SCCM – Import Computer(s) –Extension

• Import List of Computers– Submit a CSV File via Form

• Add other properties – Primary User (SCSM/SCCM)– Serial Number etc.

• Cireson Assset Management– Create Hardware Asset– Contact Coretech!

Best Practice

• Modularity! Modularity! Modularity!

• Example:

Keep Monitor, Check and Fix

in seperate runbooks

for simplicity and easy testing

Best Practice

• One Monitor + Multiple Actions on different results

• Example:– One Monitor for all SCOM Alerts.

– One ”Dispatcher” runbook to execute an action based on alert details

Best Practice

• Error Handling!

• Use Try / Catch

Links

• My Blog

http://blog.coretech.dk/jgs’

• Building Clouds Blog

http://blogs.technet.com/b/privatecloud/

• Tips & Tricks Wiki – Ryan Andorfer

http://social.technet.microsoft.com/wiki/contents/articles/26616.quick-tips-and-tricks-for-runbook-writing.aspx