Azure 自动化简介An introduction to Azure Automation

本文概述了 Azure 自动化并回答了一些常见问题。This article provides a brief overview of Azure Automation and answers some common questions. 有关不同功能的详细信息,请访问本概述中提供的链接。For more information about the different capabilities, visit the links throughout this overview.

关于 Azure 自动化About Azure Automation

Azure 自动化提供基于云的自动化和配置服务,用于支持 Azure 环境和非 Azure 环境之间的一致管理。Azure Automation delivers a cloud-based automation and configuration service that supports consistent management across your Azure and non-Azure environments. Azure 自动化包括流程自动化、配置管理、更新管理、共享功能和异类功能。It comprises process automation, configuration management, update management, shared capabilities, and heterogeneous features. 在部署、操作和解除工作负荷与资源期间,自动化可以提供全面的控制。Automation gives you complete control during deployment, operations, and decommissioning of workloads and resources.


流程自动化Process automation

利用 Azure 自动化中的流程自动化可以自动完成频繁进行的、耗时的、易出错的云管理任务。Process automation in Azure Automation allows you to automate frequent, time-consuming, and error-prone cloud management tasks. 此服务使你可以专注于能够让业务增值的工作。This service helps you focus on work that adds business value. 还可以通过自动化来减少错误和提升效率,从而降低运营成本。By reducing errors and boosting efficiency, it also helps to lower your operational costs. 在 Azure 自动化中执行 Runbook中详细介绍了流程自动化操作环境。The process automation operating environment is detailed in Runbook execution in Azure Automation.

流程自动化支持将 Azure 服务与部署、配置和管理端到端流程时所需的其他公共系统相集成。Process automation supports the integration of Azure services and other public systems required in deploying, configuring, and managing your end-to-end processes. 该服务允许以图形方式、在 PowerShell 中或使用 Python 创作 RunbookThe service allows you to author runbooks graphically, in PowerShell, or using Python. 可以使用混合 Runbook 辅助角色跨本地环境进行协调,实现统一管理。By using a Hybrid Runbook Worker, you can unify management by orchestrating across on-premises environments. 可以通过 Webhook 从 ITSM、DevOps 和监视系统触发自动化,从而满足相关请求并确保持续交付和操作。Webhooks let you fulfill requests and ensure continuous delivery and operations by triggering automation from ITSM, DevOps, and monitoring systems.

配置管理Configuration management

Azure 自动化状态配置是一个基于云的解决方案,适用于为企业环境提供服务的 PowerShell Desired State Configuration (DSC)。Azure Automation state configuration is a cloud-based solution for PowerShell desired state configuration (DSC) that provides services for enterprise environments. 使用此功能可以在 Azure 自动化中管理 DSC 资源,并将配置应用于 Azure 云中 DSC 拉取服务器上的虚拟机或物理机。Using this feature, you can manage your DSC resources in Azure Automation and apply configurations to virtual or physical machines from a DSC pull server in the Azure cloud. 可以在云中或本地的 Windows 或 Linux 上监视并自动更新物理机和虚拟机的计算机配置。You can monitor and automatically update machine configurations across physical and virtual machines, on Windows or Linux, in the cloud or on-premises.

Azure 自动化状态配置服务提供丰富的报告和搜索功能。The Azure Automation state configuration service provides rich reporting and search capabilities. 可以使用这些功能查找有关操作系统中进行了哪些配置的详细信息。You can use these features to locate detailed information about what is configured within an operating system. 一个重要的相关功能是报告主要事件,例如,当节点状况不符合为节点分配的配置时发出的事件。An important related feature is the reporting of major events, for example, events issued when nodes deviate from their assigned configurations.

更新管理Update management

Azure 自动化包含适用于跨混合环境的 Windows 和 Linux 系统的更新管理解决方案。Azure Automation includes the update management solution for Windows and Linux systems across hybrid environments. 使用此解决方案可以洞察 Azure、其他云和本地的更新合规性。With this solution, you get visibility into update compliance across Azure and other clouds, and on-premises. 使用更新管理可以创建计划的部署,用于在定义的维护时段内协调更新的安装。Update management allows you to create scheduled deployments that orchestrate the installation of updates within a defined maintenance window. 如果不应在计算机上安装某项更新,可以使用更新管理功能从部署中排除该项更新。If an update shouldn't be installed on a machine, you can use update management features to exclude it from a deployment.

共享功能Shared capabilities

Azure 自动化提供许多共享功能,包括共享资源、基于角色的访问控制、灵活计划、源代码管理集成、审核和标记。Azure Automation offers a number of shared capabilities, including shared resources, role-based access control, flexible scheduling, source control integration, auditing, and tagging.

共享资源Shared resources

Azure 自动化包含一组共享资源,方便用户大规模地完成环境的自动化操作和配置。Azure Automation consists of a set of shared resources that make it easier to automate and configure your environments at scale.

  • 计划 - 在预定义的时间触发自动化操作。Schedules - Trigger Automation operations at predefined times.
  • Python 2 包 - 支持用于自动化帐户的 Python 2 Runbook。Python 2 packages - Support Python 2 runbooks for your Automation account.
  • 凭据 - 安全地存储可供 Runbook 和配置在运行时使用的敏感信息。Credentials - Securely store sensitive information that runbooks and configurations can use at runtime.
  • 连接 - 存储用于连接到系统的常用信息的名称/值对。Connections - Store name-value pairs of common information for connections to systems. 模块作者将在 Runbook 和配置中定义连接,以便在运行时使用。The module author defines connections in runbooks and configurations for use at runtime.
  • 证书 - 定义要在身份验证中使用的信息,以及用于保护由 Runbook 或 DSC 配置在运行时访问的已部署资源的信息。Certificates - Define information to be used in authentication and securing of deployed resources when accessed by runbooks or DSC configurations at runtime.
  • 变量 - 保存可在不同的 Runbook 和配置中使用的内容。Variables - Hold content that can be used across runbooks and configurations. 可以更改变量值,而无需修改引用这些值的 Runbook 或配置。You can change variable values without having to modify any of the runbooks or configurations that reference them.

基于角色的访问控制Role-based access control

Azure 自动化支持使用基于角色的访问控制 (RBAC) 来调控对自动化帐户及其资源的访问。Azure Automation supports role-based access control (RBAC) to regulate access to the Automation account and its resources. 若要详细了解如何对自动化帐户、Runbook 和作业配置 RBAC,请参阅 Azure 自动化的基于角色的访问控制To learn more about configuring RBAC on your Automation account, runbooks, and jobs, see Role-based access control for Azure Automation.

源代码管理集成Source control integration

Azure 自动化允许源代码管理集成Azure Automation allows source control integration. 在可以将 Runbook 或配置签入源代码管理系统的情况下,此功能会以代码的形式提升配置。This feature promotes configuration as code where runbooks or configurations can be checked into a source control system.

异类支持(Windows 和 Linux)Heterogeneous support (Windows and Linux)

自动化已设计为可在整个混合云环境以及 Windows 和 Linux 系统中运行。Automation is designed to work across your hybrid cloud environment and also your Windows and Linux systems. 它提供一致的方式,用于自动化和配置所部署的工作负荷以及运行这些工作负荷的操作系统。It delivers a consistent way to automate and configure deployed workloads and the operating systems that run them.

常用自动化方案Common scenarios for Automation

Azure 自动化支持在基础结构和应用程序的整个生命周期内进行管理。Azure Automation supports management throughout the lifecycle of your infrastructure and applications. 常见方案包括:Common scenarios include:

  • 编写 Runbook - 以常用的语言创作 PowerShell、PowerShell 工作流、图形、Python 2 和 DSC Runbook。Write runbooks - Author PowerShell, PowerShell Workflow, graphical, Python 2, and DSC runbooks in common languages.
  • 生成和部署资源 - 使用 Runbook 和 Azure 资源管理器模板在整个混合环境中部署虚拟机。Build and deploy resources - Deploy virtual machines across a hybrid environment using runbooks and Azure Resource Manager templates. 集成到 Jenkins 和 Azure DevOps 等开发工具中。Integrate into development tools, such as Jenkins and Azure DevOps.
  • 配置 VM - 使用基础结构和应用程序的配置评估和配置 Windows 与 Linux 计算机。Configure VMs - Assess and configure Windows and Linux machines with configurations for the infrastructure and application.
  • 分享知识 - 将有关组织如何交付和维护工作负荷的知识传输到系统中。Share knowledge - Transfer knowledge into the system on how your organization delivers and maintains workloads.
  • 监视 - 隔离导致问题的计算机更改,采取补救措施,或者将这些更改上报到管理系统。Monitor - Isolate machine changes that are causing issues and remediate or escalate them to management systems.
  • 保护 - 在安全警报被引发时隔离计算机。Protect - Quarantine machines if security alerts are raised. 设置来宾内要求。Set in-guest requirements.
  • 监管 - 为团队设置 RBAC。Govern - Set up RBAC for teams. 恢复未使用的资源。Recover unused resources.

自动化定价Pricing for Automation

可以在定价页上查看与 Azure 自动化相关的价格。You can review the prices associated with Azure Automation on the pricing page.

后续步骤Next steps