VM Scale Set Configuration managed by Azure Automation

  • Code Sample
Browse code

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Deploy To Azure US Gov Visualize

This repo serves to prove an ARM template to deploy a VM Scale Set where virtual machines are deployed as registered nodes in the Azure Automation Desired State Configuration service, and node configuration is guaranteed consistent after deployment, and the AADSC service components are provided in the same deployment template.

The Azure Resource Manager template includes:

  • Deploy virtual machines in Scale Set with autoscale rules defined
  • Distribute VHD files across 5 storage accounts
  • Configure Azure Automation DSC service with configuration and modules to manage the virtual machines
    • Note that the Local Configuration Manager setting Mode will be set to ApplyandAutoCorrect
  • Boostrap the virtual machines as registered nodes of the service using DSC extension
  • Load balance traffic to web servers across the VM Scale Set
  • NAT remote management ports across VM Scale Set

Tested scenarios:

  • End to end deployment
  • Modify configuration of live VM Scale Set by updating Configuration in AADSC
  • Report on VM configuration consistency from AADSC
  • Add and remove nodes from the VM Scale set and maintain consistency
  • Deployed VM's return to configuration after a forced drift out of compliance
  • VM AutoScale based on CPU % with bursted VM's remaining in consistent state through DSC

Future work:

  • Add Operational Validation
  • Deliver web app using Containers managed by DSC

Release Notes

2019-02-20: Updated and revised entire solution to align with 101-automation-configuration example. Also added runbook solution for tombstoning stale nodes per customer request.

To verify the nodes are deployed and configured (manual operational validation)

The webServer configuration adds the Windows Features to support IIS and manages the Windows Firewall settings to allow access to the default site. To verify, open the Public FQDN of the deployment in a browser and confirm the default IIS page.

To clone the module to your local machine from Git Shell

git clone https://github.com/Azure/azure-quickstart-templates/blob/master/201-vmss-automation-dsc

Prior Examples

Register an existing Azure virtual machine as a managed DSC node in Azure Automation DSC Deployment of Multiple VM Scale Sets of Windows VMs Copy a DSC Configuration to Azure Automation and compile azure-myriad - this repo is a great resource for learning about VM Scale Sets!

Tags: Microsoft.Resources/deployments, Microsoft.Automation/automationAccounts, modules, configurations, uri, compilationjobs, runbooks, Microsoft.Network/virtualNetworks, Microsoft.Network/publicIPAddresses, Microsoft.Network/loadBalancers, Microsoft.Compute/virtualMachineScaleSets, DSC, Microsoft.Insights/autoscaleSettings, ChangeCount