Automation in Azure

AzureInfrastructure as code and automating deployment and scale-up/down in Azure is becoming the new normal. Solution architects and system administrators are becoming coders and scripting is becoming part of their day-to-day job, whilst in parallel a raft of vendors is providing products to try and help avoid this need to script and address the shortage of staff with those skills to script and code this now necessary functionality.

Today’s blog is just a collection of the hottest and most ubiquitous automation technologies you are likely to see in the Azure ecosystem augmenting and extending the limitations of the native functionality, plus some links to the best bloggers, how-to-guides, and places to find information.

Top Automation Technologies for Microsoft Azure

Project Bicep

bicepsARM (Azure Resource Manager) templates can be used to define your Azure infrastructure and can be written as JSON (JavaScript Object Notation) schema files. JSON is a widely used open standard file and data format. As such, it can take several lines of code to do some common Azure tasks and JSON itself is rather keen on defining scope with what always seems like an excessive number of every type of brackets, quote mark, comma and punctuation mark going. Microsoft has provided an alternative to JSON in Bicep, a domain-specific language designed to be succinct for Azure (and with less annoying commas/syntax marks). Bicep templates can then be converted (exploded) to their larger JSON equivalents and processed.

It’s a smart move by Microsoft as simplifying template creation will not only increase user adoption but also involve users committing to and investing in proprietary format and domain-specific skills. Thus, making shifting to a different cloud become a little more unpalatable.

See: GitHub – Azure/bicep: Bicep is a declarative language for describing and deploying Azure resources

If you are looking to find out more about Bicep, it won’t be long before you trip over Freek Berson and his blog, or his frequent partner-in-crime Esther Barthel. They’ve done some great video sessions, such as: Empowering ARM and JSON with Project ‘Bicep’ – Esther Barthel & Freek Berson – YouTube

And Empowering your WVD deployments with Project Bicep, experiences from the field, Freek Berson – YouTube

And Freek’s blog “ Using Project ‘Bicep’ (Preview) to create ARM Templates that deploy WVD!” remains a must read.

Other respected community contributors include Ciraltos’ Travis Roberts. Microsoft themselves have also put some great overviews out; Brendan Burn’s has a great Bicep 101 YouTube overview.

Terraform by HashiCorp

TerraformTerraform is an open-source infrastructure as code software tool for building, changing, and versioning infrastructure. Terraform is in many ways the opposite of Project Bicep. Rather than something more bespoke for Azure than the native JSON options, Terraform supports multiple clouds so users can use the same tool for GCP, Azure, and AWS.

There are two drivers to cloud agnostic tooling:

  • Many do want to avoid vendor lock in, and
  • The different cloud providers have their own strengths: Azure is strong with the AVD/Win10 DaaS market, Google (GCP) are strong on geography and maps, and AWS has a huge DevOps and web fleet/mobile apps base.

Terraform users often overlap with eG Enterprise users, who choose a single cloud-agnostic monitoring and AIOps solution vs. invest in native cloud tools and the associated vendor lock-in implications. Terraform can also be used for on-premises and cloud VDI solution vendors, such as VMware and Citrix (see Marius Sandbu’s blog: Running Terraform as part of VMware Cloud Automation). There are numerous Terraform+WVD (now AVD) blogs out there to get started with: the buildVirtual blog, Jake Walsh’s Blog or Dean Lawrence’s Blog.

GitHub

GithubDeclarative infrastructure, where infrastructure is defined by code is the obvious evolution for cloud and VDI infrastructure. It is a concept more matured around container/Kubernetes architectures and PaaS type products, an example being platform.sh where YAML templates source controlled via git are used to define and rollout large scale web fleets. Indeed, Azure Pipelines in their DevOps offering follows a similar model for deploying applications and code. It is highly likely that there will be increasingly tighter integration between products and tools such as Nerdio and Project Bicep and code control technologies such as GitHub to subject those infrastructure-as-code templates and scripts to rigorous change control as per pure code. Already eG Innovations provides a GitHub monitoring module for those customers that consider GitHub part of their critical infrastructure. Version controlling is going to become a more important theme in Workspace delivery as it already is in the land of K8s.

Packer

PackerPacker is an open-source tool for creating identical machine images for multiple platforms from a single source configuration. Stein-Erik is a CSA for Public Cloud @TietoEVRY in Norway and has written some great blogs around packer including a great comparison to Azure native Image Builder: Azure Image Builder or Packer for Windows Virtual Desktop | (alven.tech) as has Jake Walsh, Principal Consultant for CDW UK, Azure DevOps – using Packer to create images | Jake Walsh. Again, a popular choice for those looking for platform and cloud agnostic tools, who are deploying multiple technologies and stacks. Patrick van den Born and Rick Stijnman recently gave an outstanding presentation on how to get started with deploying Windows 10 Multi-Session with Azure DevOps, Terraform and Packer.

Nerdio

nerdioThis is a very popular choice, particularly with those new to VDI or Azure, with no predilections towards a specific VDI supplier, such as Citrix or VMWare for deploying AVD (Azure Virtual Desktops, was WVD). Nerdio is essentially a platform offering tooling and automation functionality around WVD on Azure. Nerdio was established in 2005 as a supplier for MSPs (Managed Service Providers) and as such, now has two distinct products: one focused on individual enterprises (Nerdio Manager for WVD) and the other (Nerdio Manager for MSP) specifically for MSPs managing multi-tenanted environments.

Nerdio Manager for WVD includes functionality to:

  • Help IT to automate and build processes around large WVD deployments and includes a UI designed to be used by engineering and helpdesk staff to deploy the environment and provide ongoing user management. Capabilities like desktop image management, performance monitoring, and user session control help eliminate the need for complex scripting.
  • Many use Nerdio to reduce Azure costs with schedule and event-driven autoscaling and to speed up WVD deployments with guided setup wizards, reducing engineering workload.
  • Assist the reinforcement of existing security policies and compliance. It addresses data residency concerns being deployed as a secure Azure application inside customer’s own Azure subscription in a geographic location of their choice.

On Amazon (AWS) WorkSpaces, SynchroNet CLICK occupies a similar remit as Nerdio does for Azure and it’s becoming more common for folks to evaluate the cloud plus their ecosystem partners rather than just the cloud i.e. what do you get with (Nerdio+Azure AVD) vs. (SynchroNet+Amazon WorkSpaces).

Chocolatey

ChocolateyChocolatey is software management automation for Windows that wraps installers, executables, zips, and scripts into compiled packages and allows you to use the command line to install packages from a central repository on to a Windows operating system. Basically, it enables administrator workflows more common to the world of Linux and apt-get. Microsoft has a fair amount of material covering this, here. Mainstream in Azure DevOps, there are some in the community using it as part of a pipeline to manage their WVD/AVD deployments: Managing Windows Virtual Desktop Images using Azure devOps.

Slightly Tangential but Jolly Useful Stuff

  • WVDAdmin is a community tool from Sepago’s Marcel Meurer that provides a native administration GUI for Azure Virtual Desktop (AVD) / Windows Virtual Desktop (WVD) designed for golden image workflows. Although not strictly in the automation bucket, many find it very handy for some tasks to avoid scripting, etc. Sometimes users are forced to script when such a tool might suit them better. It is also a good model as to how Azure can be extended for bespoke needs.
  • When automating deployments and writing templates you will of course need to work out the input values and various sizing parameters you are likely to need. There are a few useful tools around to help, such as Ryan Mangan’s Azure Files Sizing Calculator, created to assist with the appropriate sizing of FSLogix Profile containers and to help against the pitfalls of IOPs/user profile performance issues within a Windows Virtual Desktop environment.

Where does eG Enterprise fit in the world of infrastructure as code and deployment automation?

Setting up Azure Monitor and Log Analytics is a very manual process and inherently has some limitations particularly around thresholds and alerts. eG Enterprise offers several advantages above native Azure functionality to provide end-to-end Microsoft Azure monitoring:

  • Enabling correlated visibility of Azure VMs, hosted applications, and the cloud infrastructure
  • Built upon an AIOps platform, eG is able to auto-baseline your Azure environment and set dynamic thresholds enabling you to be alerted to performance deviations and anomalies
  • Out-of-the box dashboards and real user monitoring can measure your customers’ digital experience as they access your cloud applications
  • By using eG Enterprise’s built-in analytics and reports in your existing environment, prior to deploying on Azure, you can prepare for a smooth migration to Azure and quantify success
  • Integrate with your existing IT management ecosystem, such as Microsoft SCOM, Jira, Autotask ServiceNow, and more
  • As a third-party, cloud-neutral vendor covering all major public clouds including Azure, Amazon AWS, and Google GCP as well as all major VDI and remoting technologies (Citrix, VMware, Teradici), many organizations want to avoid investing in native tools if they use multiple clouds or want to avoid lock-in and retain options to migrate to another cloud or on-premises in the future
  • eG Enterprise uses AI that automatically discovers, maps, and visualizes service-level infrastructure dependencies across your entire Azure production environment as environments scale up or down

More interesting stuff

  • There are several excellent community webinars archived on the Azure Thursday site: https://www.azurethursday.com/past-sessions/. Covering topics such as Terraform, Packer, and numerous others associated with infrastructure as code like workflows.
  • One of the best places to find information about tools and products to help deploy, manage, and maintain AVD (was WVD) deployments is the community user groups. There is an excellent regular weekly community newsletter, which covers a wide range of technologies.
  • With this drive to DevOps like declarative infrastructure in the EUC, Cloud, and VDI ecosystems, we are starting to see Cloud and EUC customers using eG Enterprise to monitor their applications but also container and DevOps infrastructure. So, you might want to review our Kubernetes and Docker material.
  • The Weekly AVD User Group Newsletter is an awesome way to keep yourself up to date with everything to do with AVD/WVD, especially automation.