Azure IaaS VMs: Managing diagnostics and boot diagnostics

When managing Azure IaaS (infrastructure-as-a-service), it’s a precedence to know what’s going on together with your digital machines. Microsoft Azure affords two easy-to-enable options, they usually have a major influence in your troubleshooting course of. The options are boot diagnostics and diagnostics settings (guest-level). On this article, we’re going over the method to allow them utilizing Azure Portal after which PowerShell to automate the method and hold consistency amongst your VMs.

Managing boot diagnostics

Typically it’s ignored, however with a few of the new options launched in Azure round IaaS virtual machines, the usage of boot diagnostics turned an ordinary and virtually a requirement in organizations of all sizes. For instance, the usage of the Serial Console function requires boot diagnostics, which makes it virtually a must have.

We are able to allow it utilizing Azure Portal, and right here’s how. Within the desired VM properties, click on on boot diagnostics. If it’s not enabled, a message saying “boot diagnostics is not configured for this virtual machine” will welcome you. Click on on Settings.

Within the new blade, click on on On, choose or create a Storage Account, and click on on Save. The results of this operation can be a brand new container into the required Storage Account. The identify of the brand new container will use this naming conference: bootdiagnostics-<vmName>-<vmID>, and inside the container we may have a bitmap file of the final screenshot of the VM.

Observe: If you wish to script and use the container identify, each VM identify and VM ID are properties obtainable on the VM stage.

Some issues to think about when planning your boot diagnostics design and storage to help the function:

  • At present, premium storage isn’t supported by boot diagnostics. There isn’t a cause to pay additional to retailer bitmap recordsdata.
  • It’s all about your design, however if you wish to hold it easy, use a single Storage Account to handle your boot diagnostics per subscription
  • Storage Account firewall and digital community isn’t supported. You will need to enable All networks
  • You’ll be able to implement the usage of boot diagnostics as a part of your pipeline (if utilizing Azure DevOps or related instruments), Azure insurance policies, or runbooks to be sure that all of your infrastructure is compliant.

We are able to use PowerShell to allow the function with the next cmdlet. We’re utilizing Azure CloudShell, so we will see the adjustments in close to real-time, as depicted within the picture beneath.

Get-AzVM -Identify <VMName> | Set-AzVMBootDiagnostic -Allow -StorageAccountName <StorageAccountName> -ResourceGroupName <ResourceGroupName> | Replace-AzVM

Expertise says that the function is enabled in a number of seconds. Nevertheless, Microsoft documentation states that it might take as much as 10 minutes for the bitmap to indicate up within the Storage Account.

boot diagnostics

In case you are utilizing PowerShell, you may even see some alternatives for validation and reporting. Listed here are a number of items of code that can assist with fundamental reporting, and you’ll develop extra refined scripts from the examples beneath.

If you wish to test if a single VM has the boot diagnostics function allow. The next cmdlet can be utilized.

(Get-AzVM -Identify <VMName>).DiagnosticsProfile.BootDiagnostics.Enabled

If you need a whole report of all of your VMs and their present standing of boot diagnostics, the next code will present that data.

$VMs = Get-AzVM
ForEach ($vm in $VMs)

If you wish to listing solely the VMs that wouldn’t have the boot diagnostics function allow, then run this cmdlet:

Get-AzVM | The place-Object  $_.DiagnosticsProfile.BootDiagnostics.Enabled -eq $False 

Managing Azure VM diagnostics settings

By default, all VMs metrics come from the host (virtualization host), they usually have restricted visibility inside a VM. Nevertheless, they’ll present fundamental metrics, resembling CPU, disk and community utilization.

To have higher visibility of what’s going on inside the VM, an agent set up is required. A VM extension will deploy the Azure diagnostics agent as a part of the method. To allow utilizing the portal, click on on Allow Visitor-level monitoring, and wait a couple of minutes for the method to finish.

The results of that operation is a brand new extension known as Microsoft.Insights.VMDiagnosticsSettings added to the digital machine, a brand new Storage Account created to retailer the extra data on its Tables (the identify for the brand new Storage Account is the mix of the Useful resource Group identify the place the VM is hosted, added by diag string and a random quantity).

The fundamental monitoring settings are already in place. Nevertheless, cloud directors have full management to fine-tune all areas of the monitoring to go well with their necessities.

Firing up PowerShell

Utilizing PowerShell isn’t that simple, however on the identical time permits consistency and configuration of a number of sources from a single code.

Step one is to create a Storage Account that can retailer all of the diagnostic settings of your VMs. You may use the identical one that you’re making use of for boot diagnostics or use a separate one. Be certain that to be aware of the identify of the Storage Account as a result of we are going to want that afterward.

The second step is to configure a template. Let’s use the VM that we’ve simply enabled manually and alter all of the settings that we would like (efficiency counters, logs, you identify it).

The subsequent step is to create a template for these settings. Add the VM identify and its useful resource group to the cmdlet beneath, and the consequence can be a template.json file with all settings that we outlined to this point utilizing the Azure Portal.

(Get-AzVmDiagnosticsExtension -VMName <VMName> -ResourceGroupName <ResourcegroupName>).PublicSettings | Out-File template.json

There are two adjustments that we have to work on the template. First, we have to delete line 2, which defines the Storage Account. Sure, take away that line in its entirety. Second, we have to substitute the resourceID (it ought to now be at line 6) for the string <VMName>. Save the file, and that’s going to be utilized to all new VMs coming aboard.

We’re going to use a small piece of code (three traces). On the primary two traces, we are going to outline the VM identify and the Storage Account. The third line will learn our template.json file, and it’ll create a brand new one only for the specified VM that we wish to allow Visitor-Degree Diagnostics. The brand new file identify will use the naming conference template-<VMName>.json.

$VM = Get-AzVM -Identify "apvm006"
$StorageAccount = "ap6vmdiag"
(Get-Content material ((Get-Location).Path + "template.json")) -replace ’<VMName>’, $VM.Id | Out-File ("template-" + $VM.Identify + ".json") -Drive

The final piece of the puzzle is to allow diagnostic settings on the VM stage, and we will use the next line of code (be certain that to run the traces from the earlier part as a result of we’d like these variables within the present cmdlet).

Set-AzVMDiagnosticsExtension -VMName $VM.Identify -ResourceGroupName $VM.ResourceGroupName -DiagnosticsConfigurationPath ("template-" + $VM.Identify + ".json") -StorageAccountName $StorageAccount

The method would be the identical (agent set up) and after some time, it’s going to return the results of the operation. We are able to see within the portal that the diagnostic settings is enabled, and the Storage Account is utilizing the one which we outlined within the cmdlet.

boot diagnostics

Featured picture: Pixabay


Publish Views:
3






Learn Subsequent


About the Author

Leave a Reply

Your email address will not be published. Required fields are marked *