Skip to main content

Monitoring OpenShift on Azure Using the Log Analytics Agent

Hands-On Lab

 

Photo of Jesse Hoch

Jesse Hoch

DevOps Training Architect II

Length

03:30:00

Difficulty

Intermediate

In this lab you will be deploying the Log Analytics agent for Azure in OpenShift to allow you to be able to monitor OpenShift from the Azure portal.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Monitoring OpenShift with Azure

Introduction

In this hands-on lab, we will explore the Container Monitoring solution. We will create a new project called omslogging, a service account called omsagent, and make sure the service account has the permissions it needs. Lastly, we will download the ocp-omsagent.yaml from the Git repo for the lab, and deploy the agent using that YAML file.

Solution

Log in to the Azure Portal using the credentials provided on the lab instructions page.

Configure Cloud Shell

  1. If prompted with a Welcome to Microsoft Azure get started window, click Maybe layer.

  2. On the left-hand side navigation menu, click All Resources.

  3. Let's set up Cloud Shell by clicking the Cloud Shell button in the top-right corner of the screen:

    !["Azure Cloud Shell"]( https://raw.githubusercontent.com/linuxacademy/content-az-300-lab-repos/master/images/cloudshell.PNG "Azure Cloud Shell")

  4. Begin configuring the Cloud Shell, click Bash.

  5. Leave the default for the storage mounted window.

  6. Click Show advanced settings.

  7. Leave the existing subscription, resource group, and storage account.

    Note: If the storage account does not populate, ensure that South Central US is selected for the Cloud Shell region field .

  8. Under Storage account, click the radio button for Use existing.

  9. Under File share, choose the radio button Create new and specify okdcloudshell as the new file share.

  10. Click Create Storage.

    Note: We should see a status of Cloud Shell.Succeeded.

Download SSH Keys for the Lab

  1. We will need to pull down the SSH keys to be able connect to the VMs using SSH. First, make the .ssh directory, if it isn't already there, with:

    mkdir .ssh
  2. Then, cd into the directory with:

    cd .ssh
  3. Now, use wget to pull down the SSH keys using these links:

    wget https://raw.githubusercontent.com/linuxacademy/content-openshift-origin-azure/master/ssh/id_rsa
    wget https://raw.githubusercontent.com/linuxacademy/content-openshift-origin-azure/master/ssh/id_rsa.pub
  4. Check the files with:

    ls
  5. Set the correct permissions with:

    chmod 600 id_rsa*

Run the Lab Prep Scripts

  1. Use cd to go back to our home directory.

  2. On the left-hand side navigation menu, click Virtual machines.

  3. Click bastionVM-0.

  4. Click the Connect button.

  5. On the Connect to virtual machine window, click the "Copy to clipboard" icon button for the Login using VM local account section.

  6. Paste it into the Bash environment terminal. It should look similar to this:

    ssh azureuser@104.214.65.210
  7. Type y for yes when asked to continue connecting.

    Note: We will need to SSH into each VM and run a prep script.

  8. After we SSH into the a VM, we will first need to install wget. We will need to download the associated script for the node found in the Git repo for the lab. The link is https://raw.githubusercontent.com/linuxacademy/content-openshift-origin-azure/tree/master/scripts/

    Here are the VMs:

    • For the bastionVM-0 it would be bastionPrep.sh
    • For the masterVM-0 it would be masterPrep.sh
    • For the infraVM-0 it would be infraPrep.sh
    • For the appnodeVM-0 it would be nodePrep.sh

    For example, the format will look like this for bastionVM-0:

    wget https://raw.githubusercontent.com/linuxacademy/content-openshift-origin-azure/master/scripts/bastionPrep.sh
  9. Once the download completes, we will need to make the script executable like:

    sudo chmod +x bastionPrep.sh
  10. Finally, we must run the script:

    sudo ./bastionPrep.sh

    Note: This will take approximately 10-15 minutes to run.

  11. Make sure that sudo is used or the script will fail:

    sudo yum -y install wget

    Note: Remember to repeat this process (using steps 1-11 as a reference) for each VM.

Install OpenShift

  1. Use Ansible to run the prerequisites.yml and the deploy_cluster.yml playbooks to install OpenShift:

    ansible-playbook prerequisites.yml
    ansible-playbook deploy_cluster.yml

    Note: The deploy_cluster.yml playbook may take approximately 30 minutes to complete.

  2. The install may get hung, but a retry file is created for us and can be used like so to run it again:

    ansible-playbook deploy_cluster.yml --limit @/usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.retry
  3. Use exit to logout of the bastion host.

  4. Click Virtual machines in the left-hand side menu in the Microsoft Azure portal.

  5. Click masterVM-0.

  6. Click Connect.

  7. On the Connect to virtual machine window, click the "Copy to clipboard" icon button for the Login using VM local account section for the SSH command.

  8. Paste the SSH command into the Bash environment terminal, that look like this:

    ssh azureuser@40.84.153.202
  9. Check the nodes:

    oc get nodes

    Note: We should see a STATUS of Ready.

Deploy the OMS Agent in OpenShift

  1. Click Virtual machines section on the left-hand side navigation menu.
  2. Click masterVM-0.
  3. Click the Connect button.
  4. In the Connect to virtual machine window, click the "Copy to clipboard" icon button for the Login using VM local account.
  5. Paste it into the Bash environment terminal. It should look similar to this:

    ssh azureuser@40.84.153.202
  6. Create a project called omslogging:

    oc adm new-project omslogging --node-selector=`zone=default`
  7. After the project is created, run the following:

    oc project omslogging
  8. Create a service account named omsagent:

    oc create serviceaccount omsagent
  9. Grant the cluster role cluster-reader to the service account:

    oc adm policy add-cluster-role-to-user cluster-reader system:serviceaccount:omslogging:omsagent
  10. Set the Security Context Constraint to privileged for the service account:

    oc adm policy add-scc-to-user privileged system:serviceaccount:omslogging:omsagent
  11. Download the ocp-omsagent.yaml file from the Git repo:

    wget  https://raw.githubusercontent.com/linuxacademy/content-openshift-origin-azure/master/scripts/ocp-omsagent.yaml
  12. Deploy the agent using the oc create command:

    oc create -f ocp-omsagent.yaml
  13. Check our DaemonSet:

    oc describe ds oms

    Note: We will primarily see 0s because we do not have any nodes scheduled.

Conclusion

Congratulations — you've completed this hands-on lab!