Terraform 启用 VM Insights
Posted
技术标签:
【中文标题】Terraform 启用 VM Insights【英文标题】:Terraform enable VM Insights 【发布时间】:2021-06-12 11:07:03 【问题描述】:有人设法通过 terraforms Insights 为 VM 启用了吗?
我能够创建虚拟机,启用日志记录,但不能启用洞察力..
我见过这个问题:但没有找到明确的答案.. How to enable azure vm application insights monitoring agent using terraform
这是我用于测试的完整 terraform 脚本,我直接在 azure 的云 shell 上运行它。
# Configure the Azure provider
provider "azurerm"
# The "feature" block is required for AzureRM provider 2.x.
features
variable "prefix"
default = "tfvmex"
resource "azurerm_resource_group" "main"
name = "$var.prefix-resources"
location = "West Europe"
resource "azurerm_virtual_network" "main"
name = "$var.prefix-network"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
resource "azurerm_subnet" "internal"
name = "internal"
resource_group_name = azurerm_resource_group.main.name
virtual_network_name = azurerm_virtual_network.main.name
address_prefixes = ["10.0.2.0/24"]
resource "azurerm_network_interface" "main"
name = "$var.prefix-nic"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
ip_configuration
name = "testconfiguration1"
subnet_id = azurerm_subnet.internal.id
private_ip_address_allocation = "Dynamic"
resource "azurerm_virtual_machine" "main"
name = "$var.prefix-vm"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
network_interface_ids = [azurerm_network_interface.main.id]
vm_size = "Standard_DS1_v2"
# Uncomment this line to delete the OS disk automatically when deleting the VM
# delete_os_disk_on_termination = true
# Uncomment this line to delete the data disks automatically when deleting the VM
# delete_data_disks_on_termination = true
storage_image_reference
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
storage_os_disk
name = "myosdisk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
os_profile
computer_name = "hostname"
admin_username = "testadmin"
admin_password = "Password1234!"
os_profile_linux_config
disable_password_authentication = false
tags =
environment = "staging"
resource "azurerm_storage_account" "main"
name = "omstesttest22"
resource_group_name = azurerm_resource_group.main.name
location = "westus"
account_tier = "Standard"
account_replication_type = "GRS"
tags =
environment = "staging"
resource "azurerm_log_analytics_workspace" "law02"
name = "$var.prefix-logAnalytics"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
sku = "PerGB2018"
retention_in_days = 30
resource "azurerm_log_analytics_solution" "example"
solution_name = "ContainerInsights"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
workspace_resource_id = azurerm_log_analytics_workspace.law02.id
workspace_name = azurerm_log_analytics_workspace.law02.name
plan
publisher = "Microsoft"
product = "OMSGallery/ContainerInsights"
#===================================================================
# Set Monitoring and Log Analytics Workspace
#===================================================================
resource "azurerm_virtual_machine_extension" "oms_mma02"
name = "test-OMSExtension"
virtual_machine_id = azurerm_virtual_machine.main.id
publisher = "Microsoft.EnterpriseCloud.Monitoring"
type = "OmsAgentForLinux"
type_handler_version = "1.12"
auto_upgrade_minor_version = true
settings = <<SETTINGS
"workspaceId" : "$azurerm_log_analytics_workspace.law02.workspace_id"
SETTINGS
protected_settings = <<PROTECTED_SETTINGS
"workspaceKey" : "$azurerm_log_analytics_workspace.law02.primary_shared_key"
PROTECTED_SETTINGS
希望很清楚。 谢谢!
【问题讨论】:
您是否遇到了一些错误?如果有,能否提供错误信息?"workspaceId" : "$azurerm_log_analytics_workspace.law02.workspace_id", 有错别字吗?有多余的逗号吗?
ups.. 上传代码我更改了 azurerm_storage_account 的名称并添加了一个无效的名称.. 已经更新了 id。
@NancyXiong 也是真的......我的错,删除了我添加见解的一些尝试,并且逗号丢失了。
【参考方案1】:
从document 开始,VM 洞察需要在每个要监控的虚拟机上安装以下两个代理。
Log Analytics 代理。从虚拟机或虚拟机规模集收集事件和性能数据,并将其传递到 Log Analytics 工作区。 Azure 资源上的 Log Analytics 代理的部署方法使用适用于 Windows 和 Linux 的 VM 扩展。 依赖代理。收集有关在虚拟机上运行的进程和外部进程依赖项的已发现数据,这些数据由 VM 见解中的映射功能使用。依赖项代理依赖 Log Analytics 代理将其数据传送到 Azure Monitor。 Azure 资源上的依赖代理的部署方法使用适用于 Windows 和 Linux 的 VM 扩展。经过我的验证,您可以将 DependencyAgent 扩展添加到您现有的代码中。
resource "azurerm_virtual_machine_extension" "da"
name = "DAExtension"
virtual_machine_id = azurerm_virtual_machine.main.id
publisher = "Microsoft.Azure.Monitoring.DependencyAgent"
type = "DependencyAgentLinux"
type_handler_version = "9.5"
auto_upgrade_minor_version = true
更多信息,请阅读Configure Log Analytics workspace for VM insights和Enable VM insights guest health (preview)
【讨论】:
我将对此进行测试。我会尽快给一些反馈 这正是缺少的。谢谢【参考方案2】:请使用产品“OMSGallery/VMInsights”(而不是“OMSGallery/ContainerInsights”)
resource "azurerm_log_analytics_solution" "..."
solution_name = "..."
location = ...
resource_group_name = ...
workspace_resource_id = ...
workspace_name = ...
plan
publisher = "Microsoft"
product = "OMSGallery/VMInsights"
【讨论】:
【参考方案3】:使用 Terraform 部署它:
部署一个日志分析工作区和一个与该工作区关联的 VMInsights 解决方案。
resource "azurerm_log_analytics_workspace" "law"
name = "LogAnalyticsWorkspace"
location = "Your location"
resource_group_name = "Your resource group"
sku = "PerGB2018"
retention_in_days = "your retention in days"
internet_ingestion_enabled= true
internet_query_enabled = false
tags = "Your tags"
resource "azurerm_log_analytics_solution" "vminsights"
solution_name = "VMInsights"
location = "Your location"
resource_group_name = "Your resource group"
workspace_resource_id = azurerm_log_analytics_workspace.law.id
workspace_name = azurerm_log_analytics_workspace.law.name
tags = "Your tags"
plan
publisher = "Microsoft"
product = "OMSGallery/VMInsights"
像往常一样使用 OMSAgent 和 DependencyAgentWindows 扩展部署 VM:
resource "azurerm_windows_virtual_machine" "vm"
......
......
适用于 Windows 的 OMS: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/oms-windows
resource "azurerm_virtual_machine_extension" "omsext"
name = "OMSExtension"
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
publisher = "Microsoft.EnterpriseCloud.Monitoring"
type = "MicrosoftMonitoringAgent"
type_handler_version = "1.0"
auto_upgrade_minor_version = true
settings = <<SETTINGS
"workspaceId": "$azurerm_log_analytics_workspace.law.id"
SETTINGS
protected_settings = <<PROTECTED_SETTINGS
"workspaceKey": "$azurerm_log_analytics_workspace.law.primary_shared_key"
PROTECTED_SETTINGS
tags = "Your tags"
适用于 Windows 的 DA 代理: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/agent-dependency-windows
resource "azurerm_virtual_machine_extension" "DAAgent"
name = "DAAgentExtension"
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
publisher = "Microsoft.Azure.Monitoring.DependencyAgent"
type = "DependencyAgentWindows"
type_handler_version = "9.10"
auto_upgrade_minor_version = true
tags = "Your tags"
【讨论】:
【参考方案4】:这里有几篇关于这个主题的文章,也许你可以参考:
Azure Monitor for application monitoring with Terraform Azure Insights: Terraform; Log Analytics Workspaces; Custom scripts with Arc-enabled servers; Virtual WAN resources【讨论】:
以上是关于Terraform 启用 VM Insights的主要内容,如果未能解决你的问题,请参考以下文章
在同一资源组中创建两个 VM,但 Terraform 不希望销毁第一个
使用 terraform 删除特定资源,即 vm、nic、nsg