Have any of you been tasked with monitoring "Azure" but are unfamiliar with it? As the SCOM guru, [I hope!] you are familiar with SCOM but may have had little exposure to Azure (and it's hard to monitor something you've never seen or used!) This is a primer for those trying to monitor what they've never seen....
First off, you don't monitor Azure -- it's an abstract entity.
You do monitor infrastructure, applications, etc. Azure is a collection of servers, services, networking equipment, and storage that can be virtually configured to meet your needs. Need a beefy SQL box? Need thin, load-balanced web servers? Need a huge data drive? All are possible in the Azure cloud.....
Azure is managed from a console; below is a screenshot from the classic Azure Console.
A few key things:
- Subscriptions - A administrative and billing "bucket". Everything you create is associated with a subscription, but as subscriptions have size limits many organizations will have multiple subscriptions active a time.
- Virtual Machine Tab- These are the servers you are responsible for the OS on (IaaS)
- You can't see these details from the client side, details are exposed via the Azure console or Azure Powershell
So how to I monitor all this stuff?
To monitor servers you maintain in Azure (IaaS or Infrastructure as a Service), treat them like any DMZ (if in a different domain) or offsite server -- put an agent on the server.
- Good blog on how to determine if you should use a gateway for cloud servers - http://www.systemcentercentral.com/designing-operations-manager-2012-r2-architectures-when-you-have-iaas-virtuals-running-in-azure/
- Agents compress data, gateway not needed for compression with SCOM2012. http://blogs.msdn.com/b/microsoft_press/archive/2015/04/21/free-ebook-microsoft-system-center-operations-manager-field-experience.aspx
If you want to monitor PaaS (Platform as a Service) and lower-level Azure components hosted there, you need to use Azure MPs such as the following:
- Azure MP (http://social.technet.microsoft.com/wiki/contents/articles/29244.system-center-management-pack-for-windows-azure-fabric-october-2014-release.aspx) or newer
- Azure SQL MP (http://www.microsoft.com/en-us/download/details.aspx?id=38829) or newer
To do this, you need to setup a connection for each subscription you have servers associated with (see my example below). You’ll need a certificate to be uploaded to each subscription (each subscription can have multiple certs uploaded) – this won’t create any issues for the subscription or impact how it currently works.
- Create a certificate using makecert -sky exchange -r -n "CN=<CertificateName>" -pe -a sha1 -len 2048 -ss My "<CertificateName>.cer" -- this will end up in your computer's certificate store.
- Export it as a .cer (for upload to your Azure subscriptions) and again as a .pfx with a password (for use in the SCOM wizard)
- Upload the .cer to your subscription(s) you want to monitor
- Copy the .pfx to the computer you'll be running the SCOM wizard from (won't work with network drives in my experience)
To monitor SaaS (Software as a Service), look for MPs. With SaaS, Microsoft supports the infrastructure and application. There is really very little left for you to monitor.....