代码之家 › 专栏 › 技术社区 › phydeauxman

Azure Microsoft监控代理未能提供TerraForm

terraform-provider-azure terraform azure

phydeauxman · 技术社区 · 7 年前

尝试将mma代理作为使用terraform的VM部署的一部分进行安装。我确信失败是由于我使用的扩展的语法造成的,但是我没有运气决定它应该是什么。代理将安装但不会加入日志分析工作区。我将工作区ID和主键存储在密钥库中,并在执行时将它们传递到TerraForm中。从虚拟机上的扩展日志来看,它似乎获得了正确的工作区ID,但我无法判断它是否正确地接收了密钥。下面是我使用的TerraForm语法:

resource "azurerm_virtual_machine_extension" "lawks-test" {
  name = "MMA_${azurerm_virtual_machine.test.name}"
  location             = "${azurerm_resource_group.test.location}"
  resource_group_name  = "${azurerm_resource_group.test.name}"
  virtual_machine_name = "${azurerm_virtual_machine.test.name}"
  publisher            = "Microsoft.EnterpriseCloud.Monitoring"
  type                 = "MicrosoftMonitoringAgent"
  type_handler_version = "1.0"

  settings = <<SETTINGS
        {
          "workspaceId": "${data.terraform_remote_state.corerg.on_workspace_id}"
        }
        SETTINGS

  protected_settings = <<PROTECTED_SETTINGS
        {
          "workspaceKey": "${var.on_laws_key}"
        }
        PROTECTED_SETTINGS

下面是扩展日志文件之一中显示的内容:

11/19/2018 9:43:51 PM +00:00 Managed Service Identity extension (Microsoft.ManagedIdentity.ManagedIdentityExtensionForWindows) not found on this box, automaticManagement will be skipped on this box.
11/19/2018 9:43:51 PM +00:00 HandlerConfig found, default config will be override, CloudType changed to 1
11/19/2018 9:43:51 PM +00:00 GET http://169.254.169.254/metadata/instance?api-version=2017-08-01 with requestId 9a17250a-bfd0-4e4b-b9d3-aa4ceaf9007e
11/19/2018 9:43:52 PM +00:00 azureResourceId from metadata service.
11/19/2018 9:43:52 PM +00:00 automaticManagement not enabled.
11/19/2018 9:43:52 PM +00:00 systemWorkspace provision failed due to AutomaticManagementNotEnabled
11/19/2018 9:43:52 PM +00:00 only configSpecifiedWorkspace available.
11/19/2018 9:43:52 PM +00:00 SettingFile changed, re-apply configuration.
11/19/2018 9:43:52 PM +00:00 Adding workspace /subscriptions/<my_subscription_id>/resourcegroups/resource_group/providers/microsoft.operationalinsights/workspaces/my-workspace.
11/19/2018 9:43:53 PM +00:00 Unknown error during enable command : System.ArgumentException: Value does not fall within the expected range.
   at System.Dynamic.ComRuntimeHelpers.CheckThrowException(Int32 hresult, ExcepInfo& excepInfo, UInt32 argErr, String message)
   at CallSite.Target(Closure , CallSite , ComObject , String , String , Int32 )
   at System.Dynamic.UpdateDelegates.UpdateAndExecute4[T0,T1,T2,T3,TRet](CallSite site, T0 arg0, T1 arg1, T2 arg2, T3 arg3)
   at System.Dynamic.UpdateDelegates.UpdateAndExecuteVoid4[T0,T1,T2,T3](CallSite site, T0 arg0, T1 arg1, T2 arg2, T3 arg3)
   at Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.MMAConfigHelper.AddCloudWorkspace(String workspaceId, String workspaceKey, Nullable`1 cloudType)
   at Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.EnableProgram.Main(String[] args)

2 回复 | 直到 7 年前

4c74356b41 7 年前

刚刚测试过,下面是一个工作示例:

resource "azurerm_resource_group" "test" {
  name     = "acctestRG1"
  location = "UK West"
}

resource "azurerm_virtual_network" "test" {
  name                = "acctvn"
  address_space       = ["10.0.0.0/16"]
  location            = "${azurerm_resource_group.test.location}"
  resource_group_name = "${azurerm_resource_group.test.name}"
}

resource "azurerm_subnet" "test" {
  name                 = "acctsub"
  resource_group_name  = "${azurerm_resource_group.test.name}"
  virtual_network_name = "${azurerm_virtual_network.test.name}"
  address_prefix       = "10.0.2.0/24"
}

resource "azurerm_network_interface" "test" {
  name                = "acctni"
  location            = "${azurerm_resource_group.test.location}"
  resource_group_name = "${azurerm_resource_group.test.name}"

  ip_configuration {
    name                          = "testconfiguration1"
    subnet_id                     = "${azurerm_subnet.test.id}"
    private_ip_address_allocation = "dynamic"
  }
}

resource "azurerm_virtual_machine" "test" {
  name                  = "acctvm1z"
  location              = "${azurerm_resource_group.test.location}"
  resource_group_name   = "${azurerm_resource_group.test.name}"
  network_interface_ids = ["${azurerm_network_interface.test.id}"]
  vm_size               = "Standard_DS2_v2"

  storage_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2016-Datacenter-smalldisk"
    version   = "latest"
  }

  storage_os_disk {
    name              = "myosdisk1"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  }

  os_profile {
    computer_name  = "hostname1"
    admin_username = "testadmin"
    admin_password = "Password1234!qwe"
  }

  os_profile_windows_config {
    provision_vm_agent = "true"
  }
}

resource "azurerm_virtual_machine_extension" "test" {
  name                 = "omsagent"
  location             = "${azurerm_resource_group.test.location}"
  resource_group_name  = "${azurerm_resource_group.test.name}"
  virtual_machine_name = "${azurerm_virtual_machine.test.name}"
  publisher            = "Microsoft.EnterpriseCloud.Monitoring"
  type                 = "MicrosoftMonitoringAgent"
  type_handler_version = "1.0"

  settings = <<SETTINGS
        {
          "workspaceId": "workspaceId"
        }
SETTINGS

  protected_settings = <<PROTECTED_SETTINGS
        {
          "workspaceKey": "workspaceKey"
        }
PROTECTED_SETTINGS # NOTICE THIS STARTS EXACTLY AT THE START OF THE STRING
}

如果这没有帮助,问题在于如何传递工作区键(因此缺少键的一部分或类似的内容)

phydeauxman 7 年前

谢谢你的回复。我通过尝试手动安装发现了问题所在。azurerm_Log_Analytics_Workspace资源有两个与ID相关的属性:

id - The Log Analytics Workspace ID

和

workspace_id - The Workspace (or Customer) ID for the Log Analytics Workspace

我错误地试图使用“ID”,这是错误的。一旦我使用了“workspace-id”属性,安装就可以很好地工作了……不需要更改地形代码的格式。

我经常发现TerraForm缺少的一点是文档。