如何使用 PowerShell 安装和配置 Microsoft Monitoring Agent 以与 OMS 网关(代理)一起使用
How to install and configure Microsoft Monitoring Agent for use with OMS Gateway (Proxy) using PowerShell
如何使用 Powershell 安装和配置 Microsoft Monitoring Agent (MMA) 以与 OMS 网关一起使用? None 的自动化示例告诉您如何完成此操作以与 OMS 网关一起使用。
我发现这是一个手动的演练:
http://azurepost.com/oms-gateway-ga-installation-configuration-walkthrough/
还有这个:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/gateway
自动化:
此为 ARM 模板,但不支持 OMS 网关:
Enabling the Microsoft Monitoring Agent in Windows JSON Templates
这个用于 Powershell,但不支持 OMS 网关 oms-windows.md
None 的自动化示例告诉您如何完成此操作以与 OMS 网关一起使用。
事实上,从 Property values 的文档来看,这似乎是不可能的。只有记录的属性是 workspaceId 和 workspaceKey。没有列出 OMS 网关配置所需的其他属性(即代理、用户 ID、密码)。
解决方案:部署和配置 MMA 以通过 ARM 或 PS 与 OMS 网关一起使用。 这些属性适用于 ARM 以及 PS。 PS 通常在后台构建 ARM 模板。 完整的属性集是:
记录的扩展属性
- workspaceId
- 工作区密钥
未记录的扩展属性
控制面板;Microsoft Monitoring Agent 应用以确定这些值中的大多数值的含义。
enableAutomaticManagement:相当于"Tab: 'Operations Manager', Automatic update management group assignments for AD DS"
proxyUri:相当于"Tab: 'Proxy Settings', Proxy Server"
- proxyUser:相当于"Tab: 'Proxy Settings', Username"
- 代理密码: #相当于"Tab: 'Proxy Settings', Password"
azureRegionId:不确定,但我认为这可能与 Log Analytics 在不同的区域有关。使用 Get-AzureRMLocation, Location 来确定有效值
stopOnMultipleConnections : ???
- azureResourceId: ???
通过 Powershell 部署:
Import-Module Az.Compute
Connect-AzAccount
Set-AzContext -Subscription $subscriptionId
$settings = @{ `
"workspaceId" = $workspaceId; `
"proxyUri" = $proxyUri; `
"azureRegionId" = $azureRegionId `
}
$protectedSettings = @{"workspaceKey" = $workspaceKey}
$extensions = Get-AzVMExtension `
-ResourceGroupName $resourceGroupName `
-VMName $vmName
#If extension was already installed and the ExtensionName is not 'MicrosoftMonitoringAgent',
#re-install will fail. Therefore, we need to remove extension before proceeding.
foreach($extension in $extensions)
{
if ($extension.ExtensionType -eq "MicrosoftMonitoringAgent")
{
Remove-AzVMExtension `
-ResourceGroupName $resourceGroupName `
-VMName $vmName `
-Name $extension.Name `
-Confirm:$false `
-Force:$true
}
}
#install MMA Extension
$guid = New-Guid
Set-AzVMExtension `
-ResourceGroupName $resourceGroupName `
-VMName $vmName `
-ExtensionType "MicrosoftMonitoringAgent" `
-ExtensionName "MicrosoftMonitoringAgent" `
-Publisher "Microsoft.EnterpriseCloud.Monitoring" `
-TypeHandlerVersion 1.0 `
-ForceRerun $guid `
-Settings $settings `
-ProtectedSettings $protectedSettings `
-Location $azureRegionId
通过 ARM 模板部署
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"serverName": {
"type": "string"
},
"workspaceId": {
"type": "string",
//from the blob's etag property; changes each time update occurs
"defaultValue": "guid-guid-guid-guid",
"metadata": {
"description": "To be provided from keyvault; equivalent to Tab: 'Azure Log Analytics (OMS)', Add or Edit Popup"
}
},
"proxyUri": {
"type": "string",
"defaultValue": "101.102.103.104:8080",
"metadata": {
"description": "To be provided from keyvault; equivalent to Tab: 'Proxy Settings', Proxy Server"
}
},
"workspaceKey": {
"type": "securestring",
"defaultValue": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==",
"metadata": {
"description": "To be provided from keyvault; equivalent to Tab: 'Azure Log Analytics (OMS)', Add or Edit Popup"
}
},
"forceUpdateTag": {
"defaultValue": "[newGuid()]",
"type": "string",
"metadata": {
"description": "Forces extension to deploy every time."
}
}
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2018-10-01",
"name": "[concat(parameters('serverName'),'/MicrosoftMonitoringAgent')]",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.EnterpriseCloud.Monitoring",
"type": "MicrosoftMonitoringAgent",
"typeHandlerVersion": "1.0",
"autoUpgradeMinorVersion": "true",
"forceUpdateTag": "[parameters('forceUpdateTag')]",
"settings": {
"workspaceId": "[parameters('workspaceId')]",
"proxyUri": "[parameters('proxyUri')]",
"azureRegionId": "[parameters('location')]"
},
"protectedSettings": {
"workspaceKey": "[parameters('workspaceKey')]"
}
}
}
]
}
(有人告诉我我是在浪费时间,某处有一个 "Interogate Extension" powershell 命令...)
我是怎么想出来的?我使用门户来部署 MMA 扩展。我去了虚拟机并在以下位置找到了已安装的扩展:
C:\Packages\Plugins\Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent
我反编译了:
Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.ExtensionShared.dll 并查找确切的字符串:workspaceId 和 workspaceKey.我找到了 类:MMAExtensionPublicSettings、MMAExtensionProtectedSettings。这些 类 包含有效的扩展属性。
using Newtonsoft.Json;
using System;
using System.Runtime.CompilerServices;
namespace Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.MMADataModels
{
public class MMAExtensionPublicSettings
{
[JsonProperty(PropertyName = "azureRegionId")]
public string AzureRegionId{ get; set; }
[JsonProperty(PropertyName = "azureResourceId")]
public string AzureResourceId { get; set; }
[JsonProperty(PropertyName = "enableAutomaticManagement")]
public bool EnableAutomaticManagement { get; set; }
[JsonProperty(PropertyName = "proxyUri")]
public string ProxyUri { get; set; }
[JsonProperty(PropertyName = "proxyUser")]
public string ProxyUser { get; set; }
[JsonProperty(PropertyName = "stopOnMultipleConnections")]
public bool StopOnMultipleConnections { get; set; }
[JsonProperty(PropertyName = "workspaceId")]
public string WorkspaceId { get; set; }
public MMAExtensionPublicSettings()
{
}
}
}
** - MMAExtensionProtectedSettings
using Newtonsoft.Json;
using System;
using System.Runtime.CompilerServices;
namespace Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.MMADataModels
{
public class MMAExtensionProtectedSettings
{
[JsonProperty(PropertyName="proxyPassword")]
public string ProxyPassword
{
get;
set;
}
[JsonProperty(PropertyName="workspaceKey")]
public string WorkspaceKey
{
get;
set;
}
public MMAExtensionProtectedSettings()
{
}
}
}
如何使用 Powershell 安装和配置 Microsoft Monitoring Agent (MMA) 以与 OMS 网关一起使用? None 的自动化示例告诉您如何完成此操作以与 OMS 网关一起使用。
我发现这是一个手动的演练: http://azurepost.com/oms-gateway-ga-installation-configuration-walkthrough/
还有这个: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/gateway
自动化:
此为 ARM 模板,但不支持 OMS 网关: Enabling the Microsoft Monitoring Agent in Windows JSON Templates
这个用于 Powershell,但不支持 OMS 网关 oms-windows.md
None 的自动化示例告诉您如何完成此操作以与 OMS 网关一起使用。 事实上,从 Property values 的文档来看,这似乎是不可能的。只有记录的属性是 workspaceId 和 workspaceKey。没有列出 OMS 网关配置所需的其他属性(即代理、用户 ID、密码)。
解决方案:部署和配置 MMA 以通过 ARM 或 PS 与 OMS 网关一起使用。 这些属性适用于 ARM 以及 PS。 PS 通常在后台构建 ARM 模板。 完整的属性集是:
记录的扩展属性
- workspaceId
- 工作区密钥
未记录的扩展属性
控制面板;Microsoft Monitoring Agent 应用以确定这些值中的大多数值的含义。
enableAutomaticManagement:相当于"Tab: 'Operations Manager', Automatic update management group assignments for AD DS"
proxyUri:相当于"Tab: 'Proxy Settings', Proxy Server"
- proxyUser:相当于"Tab: 'Proxy Settings', Username"
- 代理密码: #相当于"Tab: 'Proxy Settings', Password"
azureRegionId:不确定,但我认为这可能与 Log Analytics 在不同的区域有关。使用 Get-AzureRMLocation, Location 来确定有效值
stopOnMultipleConnections : ???
- azureResourceId: ???
通过 Powershell 部署:
Import-Module Az.Compute
Connect-AzAccount
Set-AzContext -Subscription $subscriptionId
$settings = @{ `
"workspaceId" = $workspaceId; `
"proxyUri" = $proxyUri; `
"azureRegionId" = $azureRegionId `
}
$protectedSettings = @{"workspaceKey" = $workspaceKey}
$extensions = Get-AzVMExtension `
-ResourceGroupName $resourceGroupName `
-VMName $vmName
#If extension was already installed and the ExtensionName is not 'MicrosoftMonitoringAgent',
#re-install will fail. Therefore, we need to remove extension before proceeding.
foreach($extension in $extensions)
{
if ($extension.ExtensionType -eq "MicrosoftMonitoringAgent")
{
Remove-AzVMExtension `
-ResourceGroupName $resourceGroupName `
-VMName $vmName `
-Name $extension.Name `
-Confirm:$false `
-Force:$true
}
}
#install MMA Extension
$guid = New-Guid
Set-AzVMExtension `
-ResourceGroupName $resourceGroupName `
-VMName $vmName `
-ExtensionType "MicrosoftMonitoringAgent" `
-ExtensionName "MicrosoftMonitoringAgent" `
-Publisher "Microsoft.EnterpriseCloud.Monitoring" `
-TypeHandlerVersion 1.0 `
-ForceRerun $guid `
-Settings $settings `
-ProtectedSettings $protectedSettings `
-Location $azureRegionId
通过 ARM 模板部署
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"serverName": {
"type": "string"
},
"workspaceId": {
"type": "string",
//from the blob's etag property; changes each time update occurs
"defaultValue": "guid-guid-guid-guid",
"metadata": {
"description": "To be provided from keyvault; equivalent to Tab: 'Azure Log Analytics (OMS)', Add or Edit Popup"
}
},
"proxyUri": {
"type": "string",
"defaultValue": "101.102.103.104:8080",
"metadata": {
"description": "To be provided from keyvault; equivalent to Tab: 'Proxy Settings', Proxy Server"
}
},
"workspaceKey": {
"type": "securestring",
"defaultValue": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==",
"metadata": {
"description": "To be provided from keyvault; equivalent to Tab: 'Azure Log Analytics (OMS)', Add or Edit Popup"
}
},
"forceUpdateTag": {
"defaultValue": "[newGuid()]",
"type": "string",
"metadata": {
"description": "Forces extension to deploy every time."
}
}
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2018-10-01",
"name": "[concat(parameters('serverName'),'/MicrosoftMonitoringAgent')]",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.EnterpriseCloud.Monitoring",
"type": "MicrosoftMonitoringAgent",
"typeHandlerVersion": "1.0",
"autoUpgradeMinorVersion": "true",
"forceUpdateTag": "[parameters('forceUpdateTag')]",
"settings": {
"workspaceId": "[parameters('workspaceId')]",
"proxyUri": "[parameters('proxyUri')]",
"azureRegionId": "[parameters('location')]"
},
"protectedSettings": {
"workspaceKey": "[parameters('workspaceKey')]"
}
}
}
]
}
(有人告诉我我是在浪费时间,某处有一个 "Interogate Extension" powershell 命令...) 我是怎么想出来的?我使用门户来部署 MMA 扩展。我去了虚拟机并在以下位置找到了已安装的扩展: C:\Packages\Plugins\Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent
我反编译了: Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.ExtensionShared.dll 并查找确切的字符串:workspaceId 和 workspaceKey.我找到了 类:MMAExtensionPublicSettings、MMAExtensionProtectedSettings。这些 类 包含有效的扩展属性。
using Newtonsoft.Json;
using System;
using System.Runtime.CompilerServices;
namespace Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.MMADataModels
{
public class MMAExtensionPublicSettings
{
[JsonProperty(PropertyName = "azureRegionId")]
public string AzureRegionId{ get; set; }
[JsonProperty(PropertyName = "azureResourceId")]
public string AzureResourceId { get; set; }
[JsonProperty(PropertyName = "enableAutomaticManagement")]
public bool EnableAutomaticManagement { get; set; }
[JsonProperty(PropertyName = "proxyUri")]
public string ProxyUri { get; set; }
[JsonProperty(PropertyName = "proxyUser")]
public string ProxyUser { get; set; }
[JsonProperty(PropertyName = "stopOnMultipleConnections")]
public bool StopOnMultipleConnections { get; set; }
[JsonProperty(PropertyName = "workspaceId")]
public string WorkspaceId { get; set; }
public MMAExtensionPublicSettings()
{
}
}
}
** - MMAExtensionProtectedSettings
using Newtonsoft.Json;
using System;
using System.Runtime.CompilerServices;
namespace Microsoft.EnterpriseCloud.Monitoring.MicrosoftMonitoringAgent.Extension.MMADataModels
{
public class MMAExtensionProtectedSettings
{
[JsonProperty(PropertyName="proxyPassword")]
public string ProxyPassword
{
get;
set;
}
[JsonProperty(PropertyName="workspaceKey")]
public string WorkspaceKey
{
get;
set;
}
public MMAExtensionProtectedSettings()
{
}
}
}