我的第一个 PowerShell 工作流 RunbookMy first PowerShell Workflow runbook

本教程指导在 Azure 自动化中创建 PowerShell 工作流 RunbookThis tutorial walks you through the creation of a PowerShell Workflow runbook in Azure Automation. 从一个简单的 Runbook 开始,将测试和发布该 Runbook,同时介绍如何跟踪 Runbook 作业的状态。You start with a simple runbook that you test and publish while explaining how to track the status of the runbook job. 然后,通过修改 Runbook 来实际管理 Azure 资源,这种情况下会启动 Azure 虚拟机。Then you modify the runbook to actually manage Azure resources, in this case starting an Azure virtual machine. 最后,通过添加 Runbook 参数使此 Runbook 更稳健。Lastly you make the runbook more robust by adding runbook parameters.

先决条件Prerequisites

要完成本教程,需要以下各项:To complete this tutorial, you need the following:

  • Azure 订阅。Azure subscription. 如果没有订阅,可注册试用版If you don't have one yet, you can sign up for a Trial.
  • 自动化帐户 ,用来保存 Runbook 以及向 Azure 资源进行身份验证。Automation account to hold the runbook and authenticate to Azure resources. 此帐户必须有权启动和停止虚拟机。This account must have permission to start and stop the virtual machine.
  • Azure 虚拟机。An Azure virtual machine. 停止和启动此虚拟机,因此它不应为生产用 VM。you stop and start this machine so it shouldn't be a production VM.

步骤 1 - 创建新的 RunbookStep 1 - Create new runbook

首先创建一个输出文本 Hello World 的简单 Runbook 。You start by creating a simple runbook that outputs the text Hello World.

  1. 在 Azure 门户中,打开自动化帐户。In the Azure portal, open your Automation account.

    通过自动化帐户页面可快速查看此帐户中的资源。The Automation account page gives you a quick view of the resources in this account. 应该已拥有某些资产。You should already have some assets. 大多数此类资产都是自动包括在新的自动化帐户中的模块。Most of those assets are the modules that are automatically included in a new Automation account. 还应具有在“先决条件”中提到的凭证资产。You should also have the Credential asset that's mentioned in the prerequisites.

  2. 在“流程自动化”下单击“Runbook”,打开 Runbook 的列表。 Click Runbooks under Process Automation to open the list of runbooks.

  3. 通过单击“+ 添加 Runbook”按钮,并单击“创建新 Runbook”,创建一个新 Runbook 。Create a new runbook by clicking on the + Add a runbook button and then Create a new runbook.

  4. 将该 Runbook 命名为 MyFirstRunbook-WorkflowGive the runbook the name MyFirstRunbook-Workflow.

  5. 在本例中,将要创建一个 PowerShell 工作流 Runbook,因此请选择“Powershell 工作流”作为“Runbook 类型” 。In this case, you're going to create a PowerShell Workflow runbook so select Powershell Workflow for Runbook type.

  6. 单击“创建”以创建 Runbook 并打开文本编辑器 。Click Create to create the runbook and open the textual editor.

步骤 2 - 将代码添加到 RunbookStep 2 - Add code to the runbook

可以直接将代码键入 Runbook 中,或者通过“库”控件选择 cmdlet、Runbook 和资产,并使用任何相关的参数将它们添加到 Runbook。You can either type code directly into the runbook, or you can select cmdlets, runbooks, and assets from the Library control and have them added to the runbook with any related parameters. 在本演练中,将直接键入 Runbook。For this walkthrough, you type directly into the runbook.

  1. Runbook 目前为空,只有必需的 workflow 关键字、Runbook 名称以及括住整个工作流的大括号。Your runbook is currently empty with only the required workflow keyword, the name of your runbook, and the braces that encases the entire workflow.

    Workflow MyFirstRunbook-Workflow
    {
    }
    
  2. 在大括号之间键入 Write-Output "Hello World"Type Write-Output "Hello World." between the braces.

    Workflow MyFirstRunbook-Workflow
    {
    Write-Output "Hello World"
    }
    
  3. 通过单击“保存” 保存 Runbook。Save the runbook by clicking Save.

步骤 3 - 测试 RunbookStep 3 - Test the runbook

在发布 Runbook 使其可在生产中使用之前,需对其进行测试以确保其能正常工作。Before you publish the runbook to make it available in production, you want to test it to make sure that it works properly. 测试 Runbook 时,可以运行其“草稿”版本并以交互方式查看其输出 。When you test a runbook, you run its Draft version and view its output interactively.

  1. 单击“测试窗格”打开测试窗格 。Click Test pane to open the Test pane.

  2. 单击“启动”以启动测试 。Click Start to start the test. 此选项应该是唯一的已启用选项。This option should be the only enabled option.

  3. 创建一个 Runbook 作业并显示其状态。A runbook job is created and its status displayed.

    作业状态初始为“排队”,该值指示它正在等待云中的 Runbook 辅助角色可用 。The job status will start as Queued indicating that it's waiting for a runbook worker in the cloud to come available. 在某个辅助角色认领此作业后,作业状态将变为“正在启动”,然后当 Runbook 实际开始运行时,此状态将变为“正在运行” 。It moves to Starting when a worker claims the job, and then Running when the runbook actually starts running.

  4. Runbook 作业完成后,会显示其输出。When the runbook job completes, its output is displayed. 在此示例中,应会显示 Hello World 。In your case, you should see Hello World.

    Hello World

  5. 关闭测试窗格以返回到画布。Close the Test pane to return to the canvas.

步骤 4 - 发布和启动 RunbookStep 4 - Publish and start the runbook

创建的 Runbook 仍处于“草稿”模式。The runbook that you created is still in Draft mode. 必须首先发布此 Runbook,然后才能在生产中运行它。You must publish it before you can run it in production. 当发布 Runbook 时,可以用草稿版本覆盖现有的已发布版本。When you publish a runbook, you overwrite the existing Published version with the Draft version. 在此示例中,由于刚创建了 Runbook,因此还没有已发布版本。In your case, you don't have a Published version yet because you just created the runbook.

  1. 单击“发布”以发布该 Runbook,并在出现提示时单击“是” 。Click Publish to publish the runbook and then Yes when prompted.

  2. 如果向左滚动以在“Runbook”窗格中查看该 Runbook,它会显示“已发布”的“创作状态” 。If you scroll left to view the runbook in the Runbooks pane now, it shows an Authoring Status of Published.

  3. 向右滚动查看 MyFirstRunbook-Workflow的窗格。Scroll back to the right to view the pane for MyFirstRunbook-Workflow.
    顶部的选项允许我们启动 Runbook,计划其在将来的某个时刻启动,或创建 webhook 以使其可以通过 HTTP 调用启动。The options across the top allow us to start the runbook, schedule it to start at some time in the future, or create a webhook so it can be started through an HTTP call.

  4. 由于只想要启动 Runbook,因此请单击“启动”,并在出现提示时单击“是” 。you just want to start the runbook so click Start and then Yes when prompted.

    启动 Runbook

  5. 此时会为你创建的 Runbook 作业打开作业窗格。A job pane is opened for the runbook job that you created. 可以关闭此窗格,但在此示例中,将它保持打开状态,以便查看该作业的进度。you can close this pane, but in this case you leave it open so you can watch the job's progress.

  6. 作业状态显示在“作业摘要”中并且与测试该 Runbook 时看到的状态相匹配 。The job status is shown in Job Summary and matches the statuses that you saw when you tested the runbook.

    作业摘要

  7. 一旦此 Runbook 状态显示“已完成”,单击“输出” 。Once the runbook status shows Completed, click Output. “输出”窗格打开后,可以看到 Hello World 。The Output pane is opened, and you can see your Hello World.

    作业摘要

  8. 关闭“输出”窗格。Close the Output pane.

  9. 单击“所有日志”打开 Runbook 作业的“流”窗格 。Click All Logs to open the Streams pane for the runbook job. 应该只会在输出流中看到 Hello World,但此视图也可以显示 Runbook 作业的其他流,例如,“详细”和“错误”(如果 Runbook 向其写入)。you should only see Hello World in the output stream, but this view can show other streams for a runbook job such as Verbose and Error if the runbook writes to them.

    作业摘要

  10. 关闭“流”页和“作业”页,以便返回到“MyFirstRunbook”页。Close the Streams page and the Job page to return to the MyFirstRunbook page.

  11. 单击“作业”打开此 Runbook 的“作业”页 。Click Jobs to open the Jobs page for this runbook. 此页列出此 runbook 创建的所有作业。This page lists all of the jobs created by this runbook. 由于只运行该作业一次,应该只会看到一个列出的作业。you should only see one job listed since you only ran the job once.

作业

  1. 可以单击此作业,打开在启动 Runbook 时查看过的同一“作业”页。You can click on this job to open the same Job page that you viewed when you started the runbook. 这样便可以回溯并查看为特定 runbook 创建的任何作业的详细信息。This action allows you to go back in time and view the details of any job that was created for a particular runbook.

步骤 5 - 添加身份验证来管理 Azure 资源Step 5 - Add authentication to manage Azure resources

已经测试并发布 Runbook,但到目前为止它不执行任何有用的操作。You've tested and published your runbook, but so far it doesn't do anything useful. 需要让其管理 Azure 资源。You want to have it manage Azure resources. 然而,除非已使用先决条件中提到的凭据对其进行身份验证,否则它将无法进行管理。It can't do that though unless you've authenticated using the credentials that are referred to in the prerequisites. 可使用 Connect-AzureRmAccount cmdlet 实现此目的 。You do that with the Connect-AzureRmAccount cmdlet.

  1. 通过单击 MyFirstRunbook-Workflow 窗格上的“编辑”打开文本编辑器 。Open the textual editor by clicking Edit on the MyFirstRunbook-Workflow pane.

  2. 由于不再需要 Write-Output 行,因此请直接删除它。you don't need the Write-Output line anymore, so go ahead and delete it.

  3. 将光标放在大括号之间的空白行上。Position the cursor on a blank line between the braces.

  4. 键入或复制并粘贴以下代码,此代码会使用自动化运行方式帐户处理身份验证:Type or copy and paste the following code that will handle the authentication with your Automation Run As account:

    # Ensures you do not inherit an AzureRMContext in your runbook
    Disable-AzureRmContextAutosave -Scope Process
    
    $Conn = Get-AutomationConnection -Name AzureRunAsConnection
    Connect-AzureRmAccount -ServicePrincipal -Tenant $Conn.TenantID `
    -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint -EnvironmentName "AzureChinaCloud"
    
    $AzureContext = Select-AzureRmSubscription -SubscriptionId $Conn.SubscriptionID
    

    Important

    Add-AzureRmAccountLogin-AzureRmAccount 现在是 Connect-AzureRMAccount 的别名。Add-AzureRmAccount and Login-AzureRmAccount are now aliases for Connect-AzureRMAccount. 如果 Connect-AzureRMAccount cmdlet 不存在,则可以使用 Add-AzureRmAccountLogin-AzureRmAccountIf the Connect-AzureRMAccount cmdlet does not exist, you can use Add-AzureRmAccount or Login-AzureRmAccount.

  5. 单击“测试” 窗格,以便测试 Runbook。Click Test pane so that you can test the runbook.

  6. 单击“启动”以启动测试 。Click Start to start the test. 完成后,你会收到类似于以下内容的输出,显示帐户中的基本信息。Once it completes, you should receive output similar to the following, displaying basic information from your account. 此操作是对凭据有效的确认。This action confirms that the credential is valid.

    身份验证

步骤 6 – 添加用于启动虚拟机的代码Step 6 - Add code to start a virtual machine

现在 Runbook 正在向 Azure 订阅进行身份验证,你可以管理资源。Now that your runbook is authenticating to your Azure subscription, you can manage resources. 将添加一个命令,用于启动虚拟机。you add a command to start a virtual machine. 可以在 Azure 订阅中选取任何虚拟机。而现在,需将该名称硬编码到 Runbook。You can pick any virtual machine in your Azure subscription, and for now you're hardcoding that name in the runbook. 如果要跨多个订阅管理资源,需要使用 -AzureRmContext 参数以及 Get-AzureRmContextIf you're managing resources across multiple subscriptions, you need to use the -AzureRmContext parameter along with Get-AzureRmContext.

  1. 在 Connect-AzureRmAccount 后面键入 Start-AzureRmVM -Name 'VMName' -ResourceGroupName 'NameofResourceGroup'(提供要启动的虚拟机的名称和资源组名称) 。After Connect-AzureRmAccount, type Start-AzureRmVM -Name 'VMName' -ResourceGroupName 'NameofResourceGroup' providing the name and Resource Group name of the virtual machine to start.

    workflow MyFirstRunbook-Workflow
    {
    # Ensures you do not inherit an AzureRMContext in your runbook
    Disable-AzureRmContextAutosave -Scope Process
    
    $Conn = Get-AutomationConnection -Name AzureRunAsConnection
    Connect-AzureRmAccount -ServicePrincipal -Tenant $Conn.TenantID -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint -EnvironmentName "AzureChinaCloud"
    
    $AzureContext = Select-AzureRmSubscription -SubscriptionId $Conn.SubscriptionID
    
    Start-AzureRmVM -Name 'VMName' -ResourceGroupName 'ResourceGroupName' -AzureRmContext $AzureContext
    }
    
  2. 保存 Runbook,并单击“测试”窗格,以便可以测试 Runbook 。Save the runbook and then click Test pane so that you can test it.

  3. 单击“启动”以启动测试 。Click Start to start the test. 一旦测试完成后,检查已启动的虚拟机。Once it completes, check that the virtual machine was started.

步骤 7 - 将输入参数添加到 RunbookStep 7 - Add an input parameter to the runbook

Runbook 当前会启动你在 Runbook 中硬编码的虚拟机,但如果可以在启动 Runbook 时指定虚拟机,它会更有用。your runbook currently starts the virtual machine that you hardcoded in the runbook, but it would be more useful if you could specify the virtual machine when the runbook is started. 现在将输入参数添加到 Runbook,以提供该功能。You add input parameters to the runbook to provide that functionality.

  1. VMNameResourceGroupName 的参数添加到 Runbook,并将这些变量与 Start-AzureRmVM cmdlet 配合使用,如以下示例所示。Add parameters for VMName and ResourceGroupName to the runbook and use these variables with the Start-AzureRmVM cmdlet as in the example below.

    workflow MyFirstRunbook-Workflow
    {
     Param(
      [string]$VMName,
      [string]$ResourceGroupName
     )  
    # Ensures you do not inherit an AzureRMContext in your runbook
    Disable-AzureRmContextAutosave -Scope Process
    
    $Conn = Get-AutomationConnection -Name AzureRunAsConnection
    Connect-AzureRmAccount -ServicePrincipal -Tenant $Conn.TenantID -ApplicationId $Conn.ApplicationID -CertificateThumbprint $Conn.CertificateThumbprint -EnvironmentName "AzureChinaCloud"
    Start-AzureRmVM -Name $VMName -ResourceGroupName $ResourceGroupName
    }
    
  2. 保存 Runbook 并打开“测试”窗格。Save the runbook and open the Test pane. 现在可以为测试中使用的两个输入变量提供值。You can now provide values for the two input variables that are in the test.

  3. 关闭“测试”窗格。Close the Test pane.

  4. 单击“发布”以发布 Runbook 的新版本 。Click Publish to publish the new version of the runbook.

  5. 停止在上一步中启动的虚拟机。Stop the virtual machine that you started in the previous step.

  6. 单击“启动”以启动 Runbook ResourceGroupNameClick Start to start the runbook. 键入要启动的虚拟机的 VMNameResourceGroupNameType in the VMName and ResourceGroupName for the virtual machine that you're going to start.

    启动 Runbook

  7. 一旦 Runbook 完成后,检查已启动的虚拟机。When the runbook completes, check that the virtual machine was started.

后续步骤Next steps