Skip to content

Latest commit

 

History

History
98 lines (59 loc) · 4.44 KB

gke_monitor.md

File metadata and controls

98 lines (59 loc) · 4.44 KB

Overview

The following README will guide you on how to enable Azure Monitor for Containers for a Google Kubernetes Engine (GKE) cluster that is projected as an Azure Arc connected cluster.

In this guide, you will hook the GKE cluster to Azure Monitor by deploying the OMS agent on your Kubernetes cluster in order to start collecting telemetry.

Note: This guide assumes you already deployed a GKE cluster and connected it to Azure Arc. If you haven't, this repository offers you a way to do so in an automated fashion using Terraform.

Prerequisites

  • Clone this repo

    git clone https://github.com/microsoft/azure_arc.git
    
  • Install or update Azure CLI. Azure CLI should be running version 2.7 or later. Use az --version to check your current installed version.

  • Create Azure Service Principal (SP)

    To connect a Kubernetes cluster to Azure Arc, Azure Service Principal assigned with the "Contributor" role is required. To create it, login to your Azure account run the below command (this can also be done in Azure Cloud Shell).

    az login
    az ad sp create-for-rbac -n "<Unique SP Name>" --role contributor

    For example:

    az ad sp create-for-rbac -n "http://AzureArcK8s" --role contributor

    Output should look like this:

    {
    "appId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "displayName": "AzureArcK8s",
    "name": "http://AzureArcK8s",
    "password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "tenant": "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
    }
    

    Note: It is optional but highly recommended to scope the SP to a specific Azure subscription and Resource Group

Azure Monitor for Containers Integration

  • In order to keep your local environment clean and untouched, we will use Google Cloud Shell to run the gke_monitor_onboarding shell script against the GKE connected cluster.

  • Before integrating the cluster with Azure Monitor for Containers, click on the "Insights (preview)" blade for the connected Arc cluster to show how the cluster is not currently being monitored.

  • Edit the environment variables in the script to match your environment parameters, upload it to the Cloud Shell environment and run it using the . ./gke_monitor_onboarding.sh command.

    Note: The extra dot is due to the shell script has an export function and needs to have the vars exported in the same shell session as the rest of the commands.

    The script will:

    • Login to your Azure subscription using the SPN credentials
    • Download the OMS script
    • Retrieve cluster Azure resource ID as well as the cluster credentials (KUBECONFIG)
    • Execute the script which will create Azure Log Analytics workspace, deploy the OMS agent on the Kubernetes cluster and tag the cluster
    • Delete the downloaded script
  • Once the script will complete it's run, you will have an Azure Arc connected cluster integrated with Azure Monitor for Containers. At the end of it's run, the script generates URL for you to click on. This URL will open a new browser tab leading to the Azure Monitor for Containers Insights page.

    Note: As the OMS start collecting telemetry from the cluster nodes and pods, it will take 5-10min for data to start show up in the Azure Portal.

  • Click the "Connected Clusters" tab and see the Azure Arc connected cluster was added. Now that your cluster is being monitored, navigate trough the different tabs and sections and watch the monitoring telemetry for the cluster nodes and pods.