嗨,我正在尝试创建一个 ARM 模板,以使用 ARM 模板在我的 Linux VM 上设置 Azure Linux 诊断扩展,以监视挂载点。
我指的是以下文档来实现相同的目的:
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/diagnostics-template
但是,在研究Microsoft提供的其他文档时,我发现Windows和Linux诊断代理具有不同的监视参数。
窗户: https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/diagnostics-windows
Linux:https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/diagnostics-linux
适用于Windows的ARM JSON是:
"resources": [
{
"name": "Microsoft.Insights.VMDiagnosticsSettings",
"type": "extensions",
"location": "[resourceGroup().location]",
"apiVersion": "2015-06-15",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('vmName'))]"
],
"tags": {
"displayName": "AzureDiagnostics"
},
"properties": {
"publisher": "Microsoft.Azure.Diagnostics",
"type": "IaaSDiagnostics",
"typeHandlerVersion": "1.5",
"autoUpgradeMinorVersion": true,
"settings": {
"xmlCfg": "[base64(concat(variables('wadcfgxstart'), variables('wadmetricsresourceid'), variables('vmName'), variables('wadcfgxend')))]",
"storageAccount": "[parameters('existingdiagnosticsStorageAccountName')]"
},
"protectedSettings": {
"storageAccountName": "[parameters('existingdiagnosticsStorageAccountName')]",
"storageAccountKey": "[listkeys(variables('accountid'), '2015-05-01-preview').key1]",
"storageAccountEndPoint": "https://core.windows.net"
}
}
}
]
有谁知道Linux诊断代理的"settings"和"protectedSettings"是什么?
我在这里回答我自己的问题。
与适用于 Windows 的 Azure 诊断代理进行比较时,差异在于:
type在properties.这将对应于LinuxDiagnostic而不是IaaSDiagnostics.typehandlerversion:这基本上是LAD版本。最新的是3.0.protectedSettings: 可以按以下方式编写:{ "storageAccountName" : "the storage account to receive data", "storageAccountEndPoint": "the hostname suffix for the cloud for this account", "storageAccountSasToken": "SAS access token", "mdsdHttpProxy": "HTTP proxy settings", "sinksConfig": { ... } }
mdsdHttpProxy 和 sinksConfig 参数是可选的,只有在进行了相同的设置时才需要配置。有关此内容的更多信息,请参阅此处(在受保护的设置部分中(。
settings: 这将采用以下形式:{ "ladCfg": { ... }, "perfCfg": { ... }, "fileLogs": { ... }, "StorageAccount": "the storage account to receive data", "mdsdHttpProxy" : "" }
这里(在公共场合(详细讨论了其中的每一个。
对我有用的Linux诊断扩展的示例如下:
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2017-12-01",
"location": "[resourceGroup().location]",
"name": "[concat(variables('vmName'), '/Microsoft.Insights.VMDiagnosticSettings')]",
"tags": {
"displayName": "AzureDiagnostics"
},
"properties": {
"publisher": "Microsoft.Azure.Diagnostics",
"type": "LinuxDiagnostic",
"autoUpgradeMinorVersion": true,
"typeHandlerVersion": "3.0",
"protectedSettings": {
"storageAccountName": "[parameters('storageAccountName')]",
"storageAccountEndPoint": "https://core.windows.net",
"storageAccountSasToken": "[parameters('sasToken')]"
},
"settings": {
"StorageAccount": "[parameters('storageAccountName')]",
"ladCfg": {
"diagnosticMonitorConfiguration": {
"syslogEvents": {},
"sampleRateInSeconds": 15,
"eventVolume": "Medium",
"metrics": {
"resourceId": "[resourceId('Microsoft.Compute/virtualMachines', variables('vmName'))]",
"metricAggregation": [
{ "scheduledTransferPeriod": "PT1H" },
{ "scheduledTransferPeriod": "PT1M" }
]
},
"performanceCounters": {
"performanceCounterConfiguration": [
{
"annotation": [
{
"displayName": "Filesystem % free space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentfreespace",
"counterSpecifier": "/builtin/filesystem/percentfreespace",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Filesystem % used space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentusedspace",
"counterSpecifier": "/builtin/filesystem/percentusedspace",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Filesystem used space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "usedspace",
"counterSpecifier": "/builtin/filesystem/usedspace",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Filesystem read bytes/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "bytesreadpersecond",
"counterSpecifier": "/builtin/filesystem/bytesreadpersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem free space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "freespace",
"counterSpecifier": "/builtin/filesystem/freespace",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Filesystem % free inodes",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentfreeinodes",
"counterSpecifier": "/builtin/filesystem/percentfreeinodes",
"type": "builtin",
"unit": "Percent"
}
]
}
}
}
}
}
}
]
# Download the sample Public settings. (You could also use curl or any web browser)
wget https://raw.githubusercontent.com/Azure/azure-linux-extensions/master/Diagnostic/tests/lad_2_3_compatible_portal_pub_settings.json -O portal_public_settings.json
# Build the VM resource ID. Replace storage account name and resource ID in the public settings.
my_vm_resource_id=$(az vm show -g $my_resource_group -n $my_linux_vm --query "id" -o tsv)
sed -i "s#__DIAGNOSTIC_STORAGE_ACCOUNT__#$my_diagnostic_storage_account#g" portal_public_settings.json
sed -i "s#__VM_RESOURCE_ID__#$my_vm_resource_id#g" portal_public_settings.json
# Build the protected settings (storage account SAS token)
my_diagnostic_storage_account_sastoken=$(az storage account generate-sas --account-name $my_diagnostic_storage_account --expiry 2037-12-31T23:59:00Z --permissions wlacu --resource-types co --services bt -o tsv)
my_lad_protected_settings="{'storageAccountName': '$my_diagnostic_storage_account', 'storageAccountSasToken': '$my_diagnostic_storage_account_sastoken'}"
# Finallly tell Azure to install and enable the extension
az vm extension set --publisher Microsoft.Azure.Diagnostics --name LinuxDiagnostic --version 3.0 --resource-group $my_resource_group --vm-name $my_linux_vm --protected-settings "${my_lad_protected_settings}" --settings portal_public_settings.json
受保护的设置映射到 JSON 中的受保护设置。该 JSON 文件应映射到不受保护的设置
如果您阅读本文,它还告诉您如何配置其他内容,例如接收器\计数器\等