azure - 尝试通过 terraform 添加 LinuxDiagnostic Azure VM Extension 并出现错误
问题描述
我正在尝试通过 terraform 添加 LinuxDiagnostic 扩展。
虚拟机是:
azure_image_publisher = "Redhat"
azure_image_offer = "RHEL"
azure_image_sku = "7.8"
我的部署如下所示:
resource "azurerm_virtual_machine_extension" "diagnostics_linux" {
count = local.is_windows == true ? 0 : 1
name = "LinuxDiagnostic"
virtual_machine_id = azurerm_virtual_machine.main.id
publisher = "Microsoft.Azure.Diagnostics"
type = "LinuxDiagnostic"
type_handler_version = "3.0"
auto_upgrade_minor_version = "true"
settings = <<SETTINGS
{
"storageAccount": "${var.stackSettings.azurerm_storage_account.name}",
"ladCfg": {
"diagnosticMonitorConfiguration": {
"eventVolume": "Medium",
"metrics": {
"metricAggregation": [
{
"scheduledTransferPeriod": "PT1M"
},
{
"scheduledTransferPeriod": "PT1H"
}
],
"resourceId": "/subscriptions/${var.stackSettings.azure_subscription_id}/resourceGroups/${var.stackSettings.azurerm_resource_group}/providers/Microsoft.Compute/virtualMachines/${azurerm_virtual_machine.main.id}"
},
"syslogEvents": { /** list of syslogs **/},
"performanceCounters": {/** list of perf counters **/}
},
"sampleRateInSeconds": 15
}
}
SETTINGS
protected_settings = <<SETTINGS
{
"storageAccountName": "${var.stackSettings.azurerm_storage_account.name}",
"storageAccountKey": "${var.stackSettings.azurerm_storage_account.primary_access_key}",
"storageAccountEndPoint": "https://core.windows.net"
}
SETTINGS
depends_on = [azurerm_virtual_machine.main]
}
每次我尝试通过 terraform 申请时,都会收到错误消息:
Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension 'LinuxDiagnostic'. Error message: \"Extension operation Enable failed:'NoneType' object has no attribute 'get_fluentd_syslog_src_config'\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionLinuxDiagnosticsTroubleshoot "
on ..\..\..\..\modules\Azure-Server\v1\main.tf line 284, in resource "azurerm_virtual_machine_extension" "diagnostics_linux":
284: resource "azurerm_virtual_machine_extension" "diagnostics_linux" {
我的 Windows 诊断扩展工作正常,我通过门户直接从工作部署中获取 JSON。
寻求有关我可能会丢失的帮助。或者,如果有人有 XML LAD 版本,我也会尝试(在任何地方都找不到)。
谢谢!
编辑
完整的工作解决方案(包括获取讨厌的 SAS 令牌和读取 json 文件而不是巨大的 terrform 块!) Terraform 配置:
/**
Linux Diagnostic Agent
The linux diagnostic agent is rather complicated to get working.
You need:
1. A static timestamp for start/expiry time
2. A SAS token from the storage account with custom permissions
3. Importing multiple large jsons with custom cleanup
This is taken care of for everything below
**/
//== Provider used to store timestamp SAS token lifetime ==//
provider "time" {
version = "~> 0.4"
}
//== Store 10 years in the future ==//
resource "time_offset" "linux_oms_sas_expiry" {
count = local.is_windows == true ? 0 : 1
offset_years = 10
}
//== Store (now - 10) days to ensure we have valid SAS ==//
resource "time_offset" "linux_oms_sas_start" {
count = local.is_windows == true ? 0 : 1
offset_days = -10
}
//== SAS Token required for Diagnostic Extension ==//
/**
The permissions are based on the linux powershell sas creation here: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/diagnostics-linux
**/
data "azurerm_storage_account_sas" "linux_oms" {
count = local.is_windows == true ? 0 : 1
connection_string = var.stackSettings.azurerm_storage_account.primary_connection_string
https_only = true
resource_types {
service = true
container = true
object = true
}
services {
blob = true
table = true
queue = false
file = false
}
start = time_offset.linux_oms_sas_start[0].rfc3339
expiry = time_offset.linux_oms_sas_expiry[0].rfc3339
permissions {
read = true
write = true
delete = true
list = true
add = true
create = true
update = true
process = true
}
}
//=== Install Diagnostic Extension ===//
resource "azurerm_virtual_machine_extension" "diagnostics_linux" {
count = local.is_windows == true ? 0 : 1
name = "LinuxDiagnostic"
virtual_machine_id = azurerm_virtual_machine.main.id
publisher = "Microsoft.Azure.Diagnostics"
type = "LinuxDiagnostic"
type_handler_version = "3.0"
auto_upgrade_minor_version = "true"
settings = <<SETTINGS
{
"StorageAccount": "${var.stackSettings.azurerm_storage_account.name}",
"ladCfg": {
"diagnosticMonitorConfiguration": {
"eventVolume": "Medium",
"metrics": {
"metricAggregation": [
{
"scheduledTransferPeriod": "PT1H"
},
{
"scheduledTransferPeriod": "PT1M"
}
],
"resourceId": "${azurerm_virtual_machine.main.id}"
},
"performanceCounters": ${file("${path.module}/azure_jsons/azure_extension_diagnostics_linux_performancecounters.json")},
"syslogEvents": ${file("${path.module}/azure_jsons/azure_extension_diagnostics_linux_syslogevents.json")}
},
"sampleRateInSeconds": 15
}
}
SETTINGS
protected_settings = <<SETTINGS
{
"storageAccountName": "${var.stackSettings.azurerm_storage_account.name}",
"storageAccountSasToken": "${data.azurerm_storage_account_sas.linux_oms[0].sas}",
"storageAccountEndPoint": "https://core.windows.net",
"sinksConfig": {
"sink": [
{
"name": "SyslogJsonBlob",
"type": "JsonBlob"
},
{
"name": "LinuxCpuJsonBlob",
"type": "JsonBlob"
}
]
}
}
SETTINGS
depends_on = [azurerm_virtual_machine.main]
}
azure_extension_diagnostics_linux_performancecounters.json:
{
"performanceCounterConfiguration": [
{
"annotation": [
{
"displayName": "Disk read guest OS",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "readbytespersecond",
"counterSpecifier": "/builtin/disk/readbytespersecond",
"type": "builtin",
"unit": "BytesPerSecond"
},
{
"annotation": [
{
"displayName": "Disk writes",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "writespersecond",
"counterSpecifier": "/builtin/disk/writespersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Disk transfer time",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "averagetransfertime",
"counterSpecifier": "/builtin/disk/averagetransfertime",
"type": "builtin",
"unit": "Seconds"
},
{
"annotation": [
{
"displayName": "Disk transfers",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "transferspersecond",
"counterSpecifier": "/builtin/disk/transferspersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Disk write guest OS",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "writebytespersecond",
"counterSpecifier": "/builtin/disk/writebytespersecond",
"type": "builtin",
"unit": "BytesPerSecond"
},
{
"annotation": [
{
"displayName": "Disk read time",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "averagereadtime",
"counterSpecifier": "/builtin/disk/averagereadtime",
"type": "builtin",
"unit": "Seconds"
},
{
"annotation": [
{
"displayName": "Disk write time",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "averagewritetime",
"counterSpecifier": "/builtin/disk/averagewritetime",
"type": "builtin",
"unit": "Seconds"
},
{
"annotation": [
{
"displayName": "Disk total bytes",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "bytespersecond",
"counterSpecifier": "/builtin/disk/bytespersecond",
"type": "builtin",
"unit": "BytesPerSecond"
},
{
"annotation": [
{
"displayName": "Disk reads",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "readspersecond",
"counterSpecifier": "/builtin/disk/readspersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Disk queue length",
"locale": "en-us"
}
],
"class": "disk",
"condition": "IsAggregate=TRUE",
"counter": "averagediskqueuelength",
"counterSpecifier": "/builtin/disk/averagediskqueuelength",
"type": "builtin",
"unit": "Count"
},
{
"annotation": [
{
"displayName": "Network in guest OS",
"locale": "en-us"
}
],
"class": "network",
"counter": "bytesreceived",
"counterSpecifier": "/builtin/network/bytesreceived",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Network total bytes",
"locale": "en-us"
}
],
"class": "network",
"counter": "bytestotal",
"counterSpecifier": "/builtin/network/bytestotal",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Network out guest OS",
"locale": "en-us"
}
],
"class": "network",
"counter": "bytestransmitted",
"counterSpecifier": "/builtin/network/bytestransmitted",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Network collisions",
"locale": "en-us"
}
],
"class": "network",
"counter": "totalcollisions",
"counterSpecifier": "/builtin/network/totalcollisions",
"type": "builtin",
"unit": "Count"
},
{
"annotation": [
{
"displayName": "Packets received errors",
"locale": "en-us"
}
],
"class": "network",
"counter": "totalrxerrors",
"counterSpecifier": "/builtin/network/totalrxerrors",
"type": "builtin",
"unit": "Count"
},
{
"annotation": [
{
"displayName": "Packets sent",
"locale": "en-us"
}
],
"class": "network",
"counter": "packetstransmitted",
"counterSpecifier": "/builtin/network/packetstransmitted",
"type": "builtin",
"unit": "Count"
},
{
"annotation": [
{
"displayName": "Packets received",
"locale": "en-us"
}
],
"class": "network",
"counter": "packetsreceived",
"counterSpecifier": "/builtin/network/packetsreceived",
"type": "builtin",
"unit": "Count"
},
{
"annotation": [
{
"displayName": "Packets sent errors",
"locale": "en-us"
}
],
"class": "network",
"counter": "totaltxerrors",
"counterSpecifier": "/builtin/network/totaltxerrors",
"type": "builtin",
"unit": "Count"
},
{
"annotation": [
{
"displayName": "Filesystem transfers/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "transferspersecond",
"counterSpecifier": "/builtin/filesystem/transferspersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem % free space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentfreespace",
"counterSpecifier": "/builtin/filesystem/percentfreespace",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Filesystem % used space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentusedspace",
"counterSpecifier": "/builtin/filesystem/percentusedspace",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Filesystem used space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "usedspace",
"counterSpecifier": "/builtin/filesystem/usedspace",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Filesystem read bytes/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "bytesreadpersecond",
"counterSpecifier": "/builtin/filesystem/bytesreadpersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem free space",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "freespace",
"counterSpecifier": "/builtin/filesystem/freespace",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Filesystem % free inodes",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentfreeinodes",
"counterSpecifier": "/builtin/filesystem/percentfreeinodes",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Filesystem bytes/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "bytespersecond",
"counterSpecifier": "/builtin/filesystem/bytespersecond",
"type": "builtin",
"unit": "BytesPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem reads/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "readspersecond",
"counterSpecifier": "/builtin/filesystem/readspersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem write bytes/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "byteswrittenpersecond",
"counterSpecifier": "/builtin/filesystem/byteswrittenpersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem writes/sec",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "writespersecond",
"counterSpecifier": "/builtin/filesystem/writespersecond",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Filesystem % used inodes",
"locale": "en-us"
}
],
"class": "filesystem",
"condition": "IsAggregate=TRUE",
"counter": "percentusedinodes",
"counterSpecifier": "/builtin/filesystem/percentusedinodes",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU IO wait time",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentiowaittime",
"counterSpecifier": "/builtin/processor/percentiowaittime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU user time",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentusertime",
"counterSpecifier": "/builtin/processor/percentusertime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU nice time",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentnicetime",
"counterSpecifier": "/builtin/processor/percentnicetime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU percentage guest OS",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentprocessortime",
"counterSpecifier": "/builtin/processor/percentprocessortime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU interrupt time",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentinterrupttime",
"counterSpecifier": "/builtin/processor/percentinterrupttime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU idle time",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentidletime",
"counterSpecifier": "/builtin/processor/percentidletime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "CPU privileged time",
"locale": "en-us"
}
],
"class": "processor",
"condition": "IsAggregate=TRUE",
"counter": "percentprivilegedtime",
"counterSpecifier": "/builtin/processor/percentprivilegedtime",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Memory available",
"locale": "en-us"
}
],
"class": "memory",
"counter": "availablememory",
"counterSpecifier": "/builtin/memory/availablememory",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Swap percent used",
"locale": "en-us"
}
],
"class": "memory",
"counter": "percentusedswap",
"counterSpecifier": "/builtin/memory/percentusedswap",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Memory used",
"locale": "en-us"
}
],
"class": "memory",
"counter": "usedmemory",
"counterSpecifier": "/builtin/memory/usedmemory",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Page reads",
"locale": "en-us"
}
],
"class": "memory",
"counter": "pagesreadpersec",
"counterSpecifier": "/builtin/memory/pagesreadpersec",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Swap available",
"locale": "en-us"
}
],
"class": "memory",
"counter": "availableswap",
"counterSpecifier": "/builtin/memory/availableswap",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Swap percent available",
"locale": "en-us"
}
],
"class": "memory",
"counter": "percentavailableswap",
"counterSpecifier": "/builtin/memory/percentavailableswap",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Mem. percent available",
"locale": "en-us"
}
],
"class": "memory",
"counter": "percentavailablememory",
"counterSpecifier": "/builtin/memory/percentavailablememory",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Pages",
"locale": "en-us"
}
],
"class": "memory",
"counter": "pagespersec",
"counterSpecifier": "/builtin/memory/pagespersec",
"type": "builtin",
"unit": "CountPerSecond"
},
{
"annotation": [
{
"displayName": "Swap used",
"locale": "en-us"
}
],
"class": "memory",
"counter": "usedswap",
"counterSpecifier": "/builtin/memory/usedswap",
"type": "builtin",
"unit": "Bytes"
},
{
"annotation": [
{
"displayName": "Memory percentage",
"locale": "en-us"
}
],
"class": "memory",
"counter": "percentusedmemory",
"counterSpecifier": "/builtin/memory/percentusedmemory",
"type": "builtin",
"unit": "Percent"
},
{
"annotation": [
{
"displayName": "Page writes",
"locale": "en-us"
}
],
"class": "memory",
"counter": "pageswrittenpersec",
"counterSpecifier": "/builtin/memory/pageswrittenpersec",
"type": "builtin",
"unit": "CountPerSecond"
}
]
}
azure_extension_diagnostics_linux_syslogevents.json
{
"syslogEventConfiguration": {
"LOG_AUTH": "LOG_DEBUG",
"LOG_AUTHPRIV": "LOG_DEBUG",
"LOG_CRON": "LOG_DEBUG",
"LOG_DAEMON": "LOG_DEBUG",
"LOG_FTP": "LOG_DEBUG",
"LOG_KERN": "LOG_DEBUG",
"LOG_LOCAL0": "LOG_DEBUG",
"LOG_LOCAL1": "LOG_DEBUG",
"LOG_LOCAL2": "LOG_DEBUG",
"LOG_LOCAL3": "LOG_DEBUG",
"LOG_LOCAL4": "LOG_DEBUG",
"LOG_LOCAL5": "LOG_DEBUG",
"LOG_LOCAL6": "LOG_DEBUG",
"LOG_LOCAL7": "LOG_DEBUG",
"LOG_LPR": "LOG_DEBUG",
"LOG_MAIL": "LOG_DEBUG",
"LOG_NEWS": "LOG_DEBUG",
"LOG_SYSLOG": "LOG_DEBUG",
"LOG_USER": "LOG_DEBUG",
"LOG_UUCP": "LOG_DEBUG"
}
}
编辑 2
如果需要,可以使用模块: https ://github.com/elongstreet88/terraform-linuxdiagnostic-agent-module
解决方案
根据此文档,您需要为 Linux 诊断扩展指定storageAccountSasToken而不是 storageAccountKey。
您的受保护设置应如下所示:
protected_settings = <<PROTECTED_SETTINGS
{
"storageAccountName": "YOUR_ACCOUNT_NAME",
"storageAccountSasToken": "YOUR SAS TOKEN"
}
希望这可以帮助!
推荐阅读
- python - 为什么在 Spyder 上使用 Altair 时我的两个图表都没有显示?
- java - Spring Security 2 种登录方式
- ios - AVAssetWritter 第一帧为空白或黑色
- python - 指定回合数并保存/呈现统计数据,井字游戏
- php - Angular POST 未创建项目
- python - 我的功能不起作用,我不知道为什么。Python
- dataframe - 如何计算数据框中组之间给定二进制变量的百分比
- r - R:使用 lme4、mice 和miceadds 包进行多重插补
- reactjs - 错误边界组件捕获错误但立即消失
- javascript - Buefy分页更改事件问题