Spark the future.

May 4 – 8, 2015Chicago, IL

Automation Overview and Roadmap for Windows Server and System CenterEamon O'Reilly; Jeffrey Snover

BRK2452

Agenda1. Automation Trends

Cloud Technologies Modern Management

2. Windows Server, System Center & Azure automation investments What is available in Windows Server R2 / System Center R2 and Azure today. What is coming in vNext

3. Areas of focus PowerShell & PowerShell Workflow JEA (Just Enough Admin) PowerShell Desired State Configuration Linux and hybrid management support

Automation Trend

Adopt Cloud Technologies

Modern Managemen

t

Integrate into different cloud providers

Enable self service of IT offerings

Enable DevOps

Management as a Service

Automation solution across heterogeneous environments

Automation at scale

AutomationWindows Server, System Center, Azure

PartnersO

EMsManageme

nt Products

ISVsAutomation

Products

Windows Server

PowerShell PowerShell Workflow

Just Enough Admin

Desired State Configuration

MicrosoftSyste

m Cent

erServi

ce Management

Automation

Orchestrator

Azure

Azure

Automation

Azure

DSC

PowerShell Investments

The story of PowerShell is the story of sustained

investment

PowerShell Progression

Version Server Key FeatureMonad Manifesto Server 2000 Vision and

prototype

PowerShell Progression

Version Server Key FeatureMonad Manifesto Server 2000 Vision and

prototypePowerShell 1.0 Server 2008 .Net Cmdlets*

* .Net Cmdlets, Interactive shell, language, object pipeline & utilities, namespaces, debugger, security, adaptive type system, Help

PowerShell Progression

Version Server Key FeatureMonad Manifesto Server 2000 Vision and

prototypePowerShell 1.0 Server 2008 .Net CmdletsPowerShell 2.0 Server 2008 R2 Remoting*

* Remoting, Script cmdlets, comment-based help, modules, transactions, data language, splatting, try-catch, block comments, script I18N, background jobs, eventing, PowerShell_ISE, Out-Gridview

PowerShell Progression

Version Server Key FeatureMonad Manifesto Server 2000 Vision and

prototypePowerShell 1.0 Server 2008 .Net CmdletsPowerShell 2.0 Server 2008 R2 RemotingPowerShell 3.0 Server 2012 Coverage*

* Coverage, CDXML, workflow, updateable Help, singleton/collections fix, delegates, constrained & simplified language, module autoloading, DLR & AST, web and JSON support, scheduled/WMI/workflow jobs, robust remoting, RunAs and constrained runspaces, PSWeb services, POWA, snippets, intelliSense, Show-Comand, WINPE, Explorer Integration

PowerShell Progression

Version Server Key FeatureMonad Manifesto Server 2000 Vision and

prototypePowerShell 1.0 Server 2008 .Net CmdletsPowerShell 2.0 Server 2008 R2 RemotingPowerShell 3.0 Server 2012 CoveragePowerShell 4.0 Server 2012 R2 Desired State

Config*

• DSC, Save-Help, Where() & Foreach() methods, workflow debugging, lots of fixes and incremental improvements

PowerShell ProgressionVersion Server Key FeatureMonad Manifesto Server 2000 Vision and

prototypePowerShell 1.0 Server 2008 .Net CmdletsPowerShell 2.0 Server 2008 R2 RemotingPowerShell 3.0 Server 2012 CoveragePowerShell 4.0 Server 2012 R2 Desired State

ConfigPowerShell 5.0 Server V.Next DevOps*

* DSC++, package manager, Azure extension agent, script analyzer, classes, using, security++, information stream, CMS, parse by example, Pester, PSReadline, remote debugging/file copy/script editing, network switches, OData

Scripting Security & Protection Ubiquitous and comprehensive transcription Deep script block logging Protected event logging PowerShell Information stream Cryptographic message cmdlets Secure code generation APIs Constrained PowerShell endpoints (JIT/JEA)

New Utility Cmdlets Compress-Archive / Expand-Archive Convert-String / ConvertFrom-String NoNewLine on File and Content cmdlets Symbolic link support Format-Hex New-Guid Clipboard cmdlets New-TemporaryFile Clear-RecycleBin Get-ChildItem -Depth

New Modules

PSReadLine (tab completion++) NetworkSwitchManager (network switches) PnpDevice (devices and drivers) Pester (unit test framework) ODataUtils (generate cmdlets from OData)

Community & Development PSScriptAnalyzer (scripting best practices) PowerShellGet (find and install modules) PowerShell Gallery (module repository) PackageManagement (package manager) Side-by-side module versioning Classes, lexical scoping, and 'using' keyword

Remote Management Remote script debugging Remote script editing in ISE Host process attach and debug File copy over PowerShell sessions PowerShell remoting over VMBus

PowerShell 5.0 Additions

Demo – PowerShell 5.0

Jeffrey Snover

Integrate into existing systems with PowerShell integration modules

Extend by building PS modules to enable integrating into other systems

Optimize and extend existing processes

Accelerate time to value with flexible process workflows

Improve service reliability across multiple tools, systems, and department silos

Deliver flexible and reliable services

Enable operations to focus on work that adds business value

Reduce error-prone manual activities while lowering costs

Lower costs and improve predictability

System Center Automation Investments

Automation

Author

OperateIntegrate

Automate OperationalTasks

AchieveOn Demand Delivery

Integration Orchestration Automation

System Center 2012 – Orchestrator Deliver automated solutions in Datacenter ITOrchestrator

User Interface• Standalone Management Console • Access Permissions (RBAC)

Authoring• Graphical, forms-based authoring of runbooks• Visualize end-to-end orchestration• Testing console to validate end to end process

Runbook Engine• Highly available • Custom workflow engine • Databus to easily pass information between

activities

Integration• Integration packs for Microsoft and 3rd party

systems• Orchestrator toolkit to extend into custom

systems

Automation response to incidents

Remediate incident

SLA adherence issues

Integrate OM into 3rd party

Alert on operations manager or 3rd party monitoring system, perform diagnostics & remediation.

Monitor for SLA issues in the environment (SQL server space running out) and automatically add new capacity based on policy.

Notify users of a subscription who have underutilized VMs and shutdown / delete if not used.

Disaster Recovery

Patch Remediation

Backup VM & workloads

Restore VM & workloads

Integrate into SCCM / WSUS / 3rd party system for orchestrated patching of WAP, VMWare, OpenStack infrastructure

Automate backup of private cloud infrastructure as new capacity is added / removed

Orchestrate DR solution for services built on top of private cloud

Integrate into SCCM / WSUS / 3rd party system for orchestrated patching of private cloud infrastructure

Automate backup of infrastructure as new capacity is added / removedOrchestrate DR solution for private cloud services

Patch Azure, Amazon, service provider IaaS VMs without downtime.

Enable regeneration of storage account keys while avoiding downtime in the application.

Backup IaaS VMs on a schedule.

Alert on operations manager or 3rd party monitoring system, perform diagnostics & remediation.Monitor for SLA issues in the environment (SQL server space running out) and automatically add new capacity based on policy.Notify users of a subscription who have underutilized VMs and shutdown / delete if not used.Alert on a VM then turn on tracing, collect logs, upload to Storage and make available in Visual Studio for troubleshooting.Monitor for when a new service gets created, and configure it for the right tracing / backup policy.

User request scenarios

Provisioning

Change Control

Integrate multiple Service Desks

Capacity Management

Release Management

Compliance requirements

Integrate into Service Manager / 3rd party systems for change control on cloud services / plans / infrastructure

Deploy new infrastructure and cloud services by integrating all of the management systems.

Integrate cloud services into CMDB to enable change control

Integrate into Service Manager / 3rd party systems for change control on private cloud services / plans / infrastructureDeploy new infrastructure and services by integrating all of the management systems.Integrate WAP services into CMDB to enable change controlDeploy VM on an Azure/On-Premises cloud and enable monitoringDeploy application from Git, run validation tests, and swap to production if tests passMonitor SharePoint online for an approval to update a service and update the service once approved

Traditional Datacenter Scenarios

Patch / Update / Backup

Orchestration

Change Control & Provisioning

Monitoring & Remediation

,Azure & other public cloudsWith private clouds (HyperV, VMWare, OpenStack)

Top Customer Asks for Orchestrator

Engine

• Multi-tenancy support to enable separation between departments • 64 Bit support for performance and 64bit PowerShell modules• Native support for PowerShell ( 3.0 / 4.0 / 4.5 support)• Checkpoints so customers don’t have to maintain state of runbook in separate store• Automatic distribution of jobs across runbook workers • Global variables that can be changed at runtime• Performance improvements

Management• Full administration through command line• Full web service support for all capabilities from authoring, operations, & administration using REST & client libraries for other languages• Ability to patch runbook servers without downtime • Role based access control• Auditing

Integration• Additional integration packs for various Microsoft / 3rd party systems• Keep integration packs current with latest product updates• Improved SDK toolkit

User Interface

• Portal experience so designer does not need to be installed everywhere• Rich PowerShell editing experience• Ability to work on draft runbook while still having production job running• Runbook versioning with source control integration• Granular export of runbooks and assets • Dynamic connections to systems. • Search functionality across runbooks or activities • Better debugging support• Improved scheduling capabilities

Build on PowerShell

PowerShell Workflow

• Use Windows PowerShell syntax• Multi-device management • Running a single task to manage complex, end-to-end processes • Automated failure recovery • Connection and activity retries

Centralized store

• Credentials / certificates• Global variable • Global connection for runbooks• Modules• Runbooks (draft / published versioning)• Scheduling

Highly Available

• Runbook servers to process jobs• Odata Web service to submit / retrieve status• SQL Server clustering / always on

Historical Analysis

• Historical view of runbook jobs• Reporting through Excel PowerPivot for ROI• View runbook used for all jobs

PowerShell Workflow

Centralized store

Highly Available

Historical Analysis

Service Manageme

nt Automation

/ Azure

SMA / Azure Automation

Engine

• Multi-tenancy support to enable separation between departments • 64 Bit support for performance and 64bit PowerShell modules• Native support for PowerShell ( 3.0 / 4.0 / 4.5 support)• Checkpoints so customers don’t have to maintain state of runbook in separate store• Automatic distribution of jobs across runbook workers • Global variables that can be changed at runtime• Performance improvements

Management• Full administration through command line• Full web service support for all capabilities from authoring, operations, & administration using REST & client libraries for other languages• Ability to patch runbook servers without downtime • Role based access control• Auditing

Integration• Additional integration packs for various Microsoft / 3rd party systems• Keep integration packs current with latest product updates• Improved SDK toolkit

User Interface

• Portal experience so designer does not need to be installed everywhere• Rich PowerShell editing experience• Ability to work on draft runbook while still having production job running• Runbook versioning with source control integration• Granular export of runbooks and assets • Dynamic connections to systems. • Search functionality across runbooks or activities • Better debugging support• Improved scheduling capabilities

Serv

ie M

anagem

ent

Auto

matio

n / A

zure

A

uto

matio

n

Complete Partial complete – More investments plannedPlanned

System Center 2012 R2 Orchestrator with Service Management Automation for Private Clouds

SMA with Azure PackUser Interface• Web portal

Authoring• PowerShell Authoring• Service Administrator can create runbooks to

automate all aspects of cloud infrastructure, plan delivery, and maintenance activities

Runbook Engine• Highly available• PowerShell Workflow based engine

Integration• PowerShell Module based integration• Use existing PowerShell modules for Microsoft and

3rd party systems• Create PowerShell modules for additional

resources/systems

On demand delivery of on-premises and cloud resources with process automation

Increase productivity

On premises and any cloud

Enable DevOps Highly available, scalable

Hybrid Runbook Worker­ Install on-premises or any cloud­ No inbound open ports required­ Highly available architecture

PowerShell DSC­ Pull service to support large scale­ Supports on-premises or any cloud­ Management / Reporting

Linux Support­ Native SSH module­ Linux support for DSC

Gallery­ Native automation assets (Runbooks,

PS Scripts, Assets, Modules, DSC)­ Automation Packs (Grouping of

Assets)

Graphical Authoring­ Author processes visually that span

systems­ Forms based authoring using databus

Migration to cloud­ SCO Integration Packs­ Runbooks

Role Based Access Control

What’s Next

Automate On-Premises & Cloud

Workflow & DSC

Graphical & PowerShell authoring

Integrate across systems

Windows & Linux

Automate deployments and orchestrate any cloud

Gallery

Engine Jobs

Hybrid Worker

AzureAmazonService Providers

Automation

SCO

Orchestrator

SMA

Hyper-VVMWareOpenStack

Demo

Eamon O’Reilly

PowerShell Desired State Configuration

PowerShell Desired State Configuration

• Simplifies configuration

• Prevents configuration drift

• Flexible deployment options

• Enables continuous deployment

• Modules available from PS Gallery

DSC Push Model

Configuration Staging Area(Contains DSC

data)3rd party

languages and tools

Authoring Phase(May include imperative as well as declarative code)

Staging Phase- Fully declarative

configuration representation using DMTF standard MOF instances

- Configuration is calculated for all nodesPowerShell

“Make it So” Phase(Declarative configuration is reified through imperative providers.)

Parser and Dispatcher

Resources

When authoring in PowerShell:• Declarative syntax extensions• Schema-driven Intellisense• Schema validation (early-binding)

Resources implement changes:• Monotonic• Imperative• Idempotent

Local Configuration

Store

DSC Pull Model

Pull Server(Contains DSC data

and Modules)

PS DSC terms / process

Configuration scripts:

Applied To:

Node Configurations (.MOF config document)

Compiled

Nodes

1…N1…N perconfiguration script

1…N pernode configuration

Via Push or Pull

Demo – PowerShell DSC with Azure AutomationEamon O’Reilly

• Cloud cadence enables new features to be delivered faster

• Customers can migrate to cloud optimized solution over time,reducing risk

• Hybrid management enables single automation across all clouds

Cloud optimized

Traditional

Automation investments over time

• Automate the creation, deployment, monitoring, and maintenance of resources

• Rich workflow consistency through PowerShell Workflow based runbooks• One automation solution for Azure, public clouds and on-premises • Automation from the cloud enables faster adoption and onboarding of new

capabilities into the organization

Cloud Automation Investment Cadence

In Review – Key TakeawaysGet in front of Automation Trends

Cloud TechnologiesModern Management

Windows Server, System Center & Azure automation investmentsPowerful automation available today in Windows Server R2 / System Center R2 and Azure today.Major investments happening across Windows Server, System Center, Azure Automation over the

next year

Use the right tool for the jobPowerShell & PowerShell WorkflowJEA (Just Enough Admin)PowerShell Desired State ConfigurationLinux and hybrid management support

Learn more with FREE IT Pro Resources

Free technical training resources: On-demand online training: http://aka.ms/cloudautomation

Expand your Automation Knowledge

Free ebooks:System Center: Introduction to Microsoft Automation Solutions: http://aka.ms/automation-ebook

System Center: Designing Orchestrator Runbooks: http://aka.ms/orchestrator-runbooks-ebook

Join the IT Pro community: Twitter @MS_ITPro

Get hands-on: Free virtual labs: System Center 2012 R2: Automation and Self-Service: http://aka.ms/automation-lab

Windows Azure Pack: Understand Service Management Automation: http://aka.ms/sma-lab

Visit Myignite at http://myignite.microsoft.com or download and use the Ignite Mobile App with the QR code above.

Please evaluate this sessionYour feedback is important to us!

© 2015 Microsoft Corporation. All rights reserved.