Azure
StackState Self-hosted v5.0.x
Last updated
StackState Self-hosted v5.0.x
Last updated
This page describes StackState version 5.0.
Microsoft Azure is a cloud computing service created by Microsoft for building, testing, deploying, and managing applications and services. This StackPack enables in-depth monitoring of the following Azure resource types:
Azure Kubernetes Service (AKS)
Function Apps
SQL Servers
Application Gateways
Key Vault storage
Storage Accounts
Application Insights
Load Balancers
Virtual Machines
App Service Plans
Network Interfaces
Virtual Networks
Availability Sets
Network Security Groups
Web Apps
Compute Disks
Operations Management
Event Hubs
Public IP Addresses
Azure is a StackState curated integration.
The StackState Azure Agent is a collection of Azure functions that connect to the Azure APIs at a configured interval to collect information about available resources.
TimedStart
triggers data collection every 2 hours.
EventHubChangesFunction
collects the deltas.
SendToStackState
pushes retrieved data to StackState.
StackState translates incoming data into topology components and relations.
The StackState Azure plugin pulls available telemetry data per resource on demand from Azure, for example when a component is viewed in the StackState UI or when a health check is run on the telemetry stream.
StackState maps retrieved telemetry (metrics) onto the associated Azure components and relations.
To set up the StackState Azure integration, you need to have:
PowerShell version >= 5.0 or Bash.
The Azure CLI.
A Resource Group where the StackState resources can be deployed. We recommend that you create a separate resource group for all the resources related to StackState.
An Azure Service Principal (SPN) for the StackState Azure Agent with the following permissions:
Contributor
role for the StackPack Resource Group to deploy and delete resources.
Reader
role for each of the subscriptions the StackPack instance will monitor.
If StackState is installed on premise and behind a firewall, the IP addresses used by Azure monitor (docs.microsoft.com) need to be reachable.
StackState should not be configured to use a custom trust store.
Install the Azure StackPack from the StackState UI StackPacks > Integrations screen. You will need to provide the following parameters:
Azure instance name - the user-defined name of the Azure instance shown in configurations such as views.
Client Id - the client id of the Azure Service Principal.
Client Secret - the client secret used to authenticate the client.
Tenant Id - the Id of the Azure Tenant / Active Directory.
To enable the Azure integration and begin collecting data from Azure, you will need to deploy the StackState Azure Agent to your Azure instance. The StackState Azure agent is a collection of Azure functions that connect to Azure REST API endpoints. You can deploy one or more StackState Azure Agents, each will collect data from resources related to the configured Reader
roles in the Azure Service Principle.
Download the manual installation zip file. This is included in the Azure StackPack and can be accessed at the link provided in StackState after you install the Azure StackPack.
Make sure you have created a resource group in one of your subscriptions where the StackState Azure Agent can be deployed.
Run one of the install scripts below, specifying the Client Id
and Client Secret
- these are the appId
and password
from the Service Principal you created before installing the Azure StackPack.
You can also specify two additional (positional) arguments after the <AZURE_resourceGroupName>
:
The StackPack Instance URL (topology identifier), default {tenantId}_{first 25 chars of client ID}
.
The Azure function App name, default {tenantId}_{first 25 chars of client ID}
.
Note that the install script is optimized to run with Azure CLI versions 2.24.0 and earlier. When running with Azure CLI versions 2.24.1 and above, you may see deprecation warnings.
You can check the status of the Azure integration in Azure resource group. Open the FunctionApp and check the available metrics or the full list of Functions from the left menu. The status of all functions should be Enabled.
When a new version of the Azure StackPack is available in your instance of StackState, you will be prompted to upgrade in the StackState UI on the page StackPacks > Integrations > Azure. For a quick overview of recent StackPack updates, check the StackPack versions shipped with each StackState release.
For considerations and instructions on upgrading a minor or patch release of a StackPack, see how to upgrade a StackPack.
To upgrade to a new major release of the Azure StackPack:
Completely remove the StackState Azure resources, either in Azure directly or using the provided deprovisioning script, and uninstall the current StackPack. For details see uninstall the Azure StackPack.
Install the new version from the page StackPacks > Integrations > Azure.
Install the new StackState Azure resources using the install script, see deploy the StackState Azure agent.
The Azure integration does not retrieve any Events data.
Metrics data is pulled on demand directly from Azure by the StackState Azure plugin, for example when a component is viewed in the StackState UI or when a health check is run on the telemetry stream. Retrieved metrics are mapped onto the associated topology component.
Each Azure integration retrieves topology data for resources associated with the associated Azure Service Principal.
Components
Components retrieved from Azure are tagged with the associated Azure instance_name
, resource_group
and subscription_name
.
Relations
The Azure integration does not retrieve any Traces data.
The Azure integration uses the following Azure REST API endpoints, scroll right for the SDK details:
Metric definitions
{resourceUri}/providers/Microsoft.Insights/metricDefinitions?api-version=2018-01-01
github.com/Azure/azure-sdk-for-java (1.16.0)
Metric values
{resourceUri}/providers/Microsoft.Insights/metrics?api-version=2018-01-01
github.com/Azure/azure-sdk-for-java (1.16.0)
AKS Managed Cluster
resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters?api-version=2018-03-31
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Availability Sets
resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/availabilitySets?api-version=2018-06-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
ApplicationGateways
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/applicationGateways?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
ApplicationInsights
providers/Microsoft.Insights/components?api-version=2015-05-01
Microsoft.Azure.Management.ApplicationInsights (0.2.0-preview)
Classic Storage Account
resourceGroups/{resourceGroupName}/providers/Microsoft.ClassicStorage/storageAccounts?api-version=2016-11-01
None
Classic Storage Account Keys
resourceGroups/{resourceGroupName}/providers/Microsoft.ClassicStorage/storageAccounts/{accountName}/listKeys?api-version=2016-11-01
None
Classic Cloud Services
resourceGroups/{resourceGroupName}/providers/Microsoft.ClassicCompute/domainNames?api-version=2018-06-01
None
Classic Cloud Services Deployment Slots
resourceGroups/{resourceGroupName}/providers/Microsoft.ClassicCompute/domainNames/{cloudServiceName}/deploymentSlots/{stage}?$expand=roles/instances?api-version=2018-06-01
None
Compute Disks
resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/disks?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Eventhub Namespaces
resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces?api-version=2017-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
KeyVault
resources?$filter=resourceType eq 'Microsoft.KeyVault/vaults'&api-version=2015-11-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
LoadBalancers
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/loadBalancers?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
NetworkInterfaces
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkInterfaces?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
NetworkSecurityGroups
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkSecurityGroups?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
PublicIPAddresses
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPAddresses?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
RouteTables
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/routeTables?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
ServerFarms
resourceGroups/{resourceGroupName}/providers/Microsoft.Web/serverfarms?api-version=2018-02-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
SQL Servers
resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers?api-version=2015-05-01-preview
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
SQL Server ElasticPools
resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/elasticPools?api-version=2014-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
SQL Server Databases
resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases?api-version=2014-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Storage Accounts
resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts?api-version=2017-10-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Storage Account Keys
resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/listKeys?api-version=2017-10-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Traffic Manager Profiles
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/trafficmanagerprofiles?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Virtual Machine
resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/virtualMachines?api-version=2018-06-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Virtual Networks
resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks?api-version=2018-04-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
Web Apps
resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites?api-version=2017-10-01
Microsoft.Azure.Management.ResourceManager.Fluent (1.18.0)
There are a number of methods in the TopologyDurableFunction
class:
TimedStart
Timed trigger to start the MainOrchestrator.
HttpStart
HTTP trigger to start the MainOrchestrator manually for testing or after a first deployment from the StackPack.
MainOrchestrator
The orchestrator containing the main workflow: GetSubscriptions -> HandleSubscription (for each subscription) -> SendToStackState.
GetSubscriptions
Fetches all subscriptions that the service principle has access to.
HandleSubscription
Sub-orchestrator, contains the workflow: GetResourcesToInclude -> ConvertResourcesToStackStateData (for each set of resources, grouped by type)
GetResourcesToInclude
Fetches all resources in a subscription and filters out those that are ignored.
ConvertResourcesToStackStateData
Receives a group of resources and calls the ResourceTypeConverter class in the Core project.
EventHubChangesFunction
Listens to events for all currently supported resource types on insights-operational-Logs
and provides incremental updates to StackState about your Azure environment.
SendToStackState
Receives a Synchronization object and sends it to StackState.
PurgeHistory
Durable functions store their state and history in Azure Blob Storage. This Azure Function does a daily cleanup of the data from the currentdate -2 months to the currentdate -1 month.
When the Azure integration is enabled, a view will be created in StackState for each instance of the StackPack. Each view shows components filtered by the Azure instance_name
tag and is named Azure_[instance_name].
Troubleshooting steps can be found in the StackState support Knowledge base guide to troubleshoot the StackState Azure StackPack.
The Azure StackPack can be uninstalled by clicking the Uninstall button from the StackState UI StackPacks > Integrations > Azure screen. This will remove all Azure specific configuration in StackState. You can also stop and delete the created resources (within the resource group specified when running the manual installation). They have been labeled with the tag StackState
.
To do so, you can use the scripts in the manual installation zip file you downloaded when installing the StackState Azure agent. You can download this file again at anytime from the StackState UI StackPacks > Integrations > Azure screen.
Azure StackPack v4.2.0 (2021-12-15)
Feature: Added two options to installation script:
to specify Azure function name for the integration
to specify stackpack instance URL (topology identifier)
Azure StackPack v4.1.1 (2021-04-02)
Improvement: Enable auto grouping on generated views.
Improvement: Common bumped from 2.2.3 to 2.5.1
Improvement: Update documentation.
Improvement: StackState min version bumped to 4.3.0