Microsoft System Center 2016 Management Pack for Microsoft Azure
The Management Pack for Microsoft Azure enables you to monitor the availability and performance of Azure resources that are running on Microsoft Azure
Note: There are multiple files available for this download.Once you click on the "Download" button, you will be prompted to select the files you need.
-
- The Management Pack for Microsoft Azure enables you to monitor the availability and performance of Azure resources that are running on Microsoft Azure. The management pack runs on a specified server pool and then uses Microsoft Azure REST APIs to remotely discover and collect performance information about the specified Microsoft Azure resources. This management pack focuses on the collection of performance metrics made available by Azure Services that use Azure Resource Manager. Azure Active Directory is used for authentication to the Azure REST APIs. This management pack queries the Azure REST APIs to enumerate the resources running in an Azure subscription and the performance metrics that are available for each resource. Virtual machines, web roles, and worker roles are able to store events and performance counters into Azure table storage using Azure diagnostics. If these resources are configured to use Azure diagnostics, this Management Pack can collect these events and performance counters. As soon as new Azure services are released (and older services are moved to the new Azure Resource Manager), they will be discovered automatically. As soon as the services expose performance counters via the metrics API, they will become available for collection. The MP guide includes information about what's new in this version of the MP.
-
Supported Operating System
Windows Server 2012 Datacenter, Windows Server 2012 R2, Windows Server 2012 R2 Standard , Windows Server 2012 Standard
- This Management Pack requires System Center 2012 Service Pack 1 (SP1) – Operations Manager or System Center 2012 R2 Operations Manager or System Center 2016 Operations Manager. A dedicated Operations Manager management group is not required.
-
- See the MP Guide for detailed instructions.
- Like always. you should read the Management pack Guide before importing it into Operations Manager. I am only providing some highlights.
Changes in this Management Pack
· Implemented automatic creation of the Service Principal Name
· Updated and redesigned Add Subscription and Add Monitoring wizards; fixed duplication of metrics for SQL Databases, fixed editing the Exclude list.
· Multi-factor authentication support is implemented
· Delay of Azure Application Insights alerts’ delivery is reduced.
· Fixed issue: virtual machines did not have "OS Version" property populated
· Fixed issue: in SCOM, successfully completed tasks could have “Failed” status in the Task Output.
· Improved the Add Monitoring wizard performance
· Fixed “Virtual Machine Turn Off Monitor” operational state names
· Updated the list of REST endpoints essential for Chinese instances
· For SPN mode, RDFE types are removed from the service types list
· Removed the need for SCOM Administrators to enter the password while creating/editing the monitoring configuration. Implemented an UI improvement that makes multiplication of the subscription administration easier: it provides a possibility to enroll multiple subscription using the same account without having to enter the credentials for every subscription
· Fixed issue: alerts were not delivered if the discovered entity had an alert in the past (before SCOM discovered the entity)
· Fixed issue: Azure Application Insights alerts were missing the links back to Azure portal
· Added a feature: if new Azure virtual machines are discovered or existing ones are removed, a corresponding alert is displayed in SCOM console
· Reduced the latency of event generation, when a condition occurs in Azure virtual machine
· Reduced the latency for virtual machines provisioned in Azure to show up in SCOM
· Implemented a task to query for inventory of all the Azure virtual machines
· Updated the display strings to match the recent changes.
Added a new section to the guide: “Appendix: Display Strings Changes History”
Management Pack Scope
The Management Pack for Microsoft Azure enables you to monitor the availability and performance of Azure resources that are running on Microsoft Azure. The management pack runs on a specified server pool, and then uses Microsoft Azure REST APIs to remotely discover and collect performance information about the specified Microsoft Azure resources.
This management pack focuses on the collection of performance metrics made available by Azure Services that use Azure Resource Manager.
Azure Active Directory is used for authenticating Azure REST API calls.
This management pack queries Azure REST APIs to enumerate the resources running in an Azure subscription and the performance metrics available for each resource.
Virtual machines, web roles, and worker roles can store events and performance counters into Azure table storage by means of Azure diagnostics. If these resources are configured to use Azure diagnostics, this Management Pack can collect these events and performance counters.
Prerequisites
You must manually ensure that the prerequisites are met.
The following requirements must be met to run this Management Pack:
· You must have an Operations Manager 2012 SP1 or later environment.
This Management Pack will not import on Operations Manager 2007 R2 or Operations Manager 2012 RTM.
· Due to certain performance issues, a separate management server should be dedicated for this Management Pack.
· All management servers in the management server pool must have connection to the Internet in order to communicate with Microsoft Azure.
· All management servers in your management server pool must have .Net framework 4.5 or newer installed.
The Management Pack has a monitoring rule, which detects .Net framework version on Management Servers. You can find Management Servers with .Net 4.5 missing by looking to “Active Alerts” view in “Microsoft Azure” folder.
· The workstation with the Operations Manager console, which will be used to configure Microsoft Azure monitoring, must have connection to the Internet in order to communicate with Microsoft Azure during the initial configuration process.
· The workstation with the Operations Manager console, which will be used to configure Microsoft Azure monitoring must have .Net framework 4.5 or newer installed.
· For collecting event and performance data from Azure VMs, Web roles and Worker roles, Microsoft Azure Diagnostics must be enabled.
For more information about Microsoft Azure Diagnostics, see Collect Logging Data by Using Windows Azure Diagnostics article (https://go.microsoft.com/fwlink/?LinkId=186765).
· Microsoft Azure Diagnostics must be configured to forward diagnostic data to a Microsoft Azure storage. For more information about configuring Microsoft Azure Diagnostics, see Store and view diagnostic data in Azure Storage article (/en-us/azure/cloud-services/cloud-services-dotnet-diagnostics-storage).
Mandatory Configuration
The Management Pack does not discover or monitor Microsoft Azure on import. In order to monitor Azure resources, you must perform initial configuration steps. This section explains how to configure Management Pack for Microsoft Azure to discover and monitor your Azure resources.
This section covers the following steps essential to monitor Azure resources:
1. Create an Azure Active Directory user, or application to be used by the Management Pack.
2. Add Microsoft Azure Subscriptions.
Security Configuration
Note that Microsoft Azure Run As Profile AD Credentials profile is configured automatically; when you add a subscription, there is no need to perform an additional configuration. As for Microsoft Azure Run As Profile Proxy, it is to be configured manually in case when large subscriptions (1000+ objects) are monitored. For more details, see Managing Run As Accounts and Profiles article.
Run As Profile Name |
Associated Rules and Monitors |
Notes |
Microsoft Azure Run As Profile AD Credentials |
Holds the Azure Active Directory Credential to authenticate with Azure. |
|
Microsoft Azure Run As Profile Proxy |
Holds the credentials needed to authenticate with a proxy to reach Azure |
Low-Privilege Configuration
Azure Active Directory accounts can be configured to have read-only access to Azure Resource Manager resources.
To monitor older services (e.g. Mobile Services and RDFE resources), it is necessary to make the Azure Active Directory account used for monitoring a co-administrator on the subscription. You can find the corresponding instructions in How to add or change Azure administrator roles article (see "Azure classic portal" section).
Appendix: Known Issues
· Storage Account Performance view shows Virtual Machines and classic (Microsoft.ClassicStorage provider) storage accounts only.
· Some performance counters are not available until they have a non-zero value.
· The Distributed Application State view is empty by default. Create a distributed application to see the resources here.
· If SQL Azure database monitoring is enabled, Event Log at SCOM machine will be filled with EventID: 11422 entries and the following message: “Message: ParentResourceNotFound: Cannot perform requested operation on nested resource”, because the resource provider does not return metrics for master database. To avoid this problem, add ‘master’ database to the exclude list.
· No performance counters are available in Add Monitoring wizard for Mobile Services when the Operations Manager console has ran at a machine running Windows 8.1 or newer. Workaround: run the wizard from the machine running SCOM Server.
· For classic (Microsoft.ClassicStorage provider) storage accounts, metrics may not be collected. To resolve the issue, go to Azure Storage Services Versions page and select another storage service API version (the path is as follows: SCOM Console->Administration->Azure->Edit Subscription->Endpoint->Storage service API version). Performance counters are not available for non-classic (Microsoft.Storage provider) storage accounts, even if metrics collection is enabled.
· Tags are not properly discovered for SQL Azure databases (Microsoft.Sql/servers/databases), because the resource provider does not expose tags in the corresponding /read operations.
· Sometimes Azure Management Pack may not be removed due to SCOM issue. To remove the MP manually, run the following code on the Operations Manager database:
exec p_TypeDeletePermanent 'E2169E37-FF79-4877-5AFF-987AAF0F9DBF'
go
exec [dbo].[p_ManagementPackRemove] 'C7B2E0B6-A068-544D-CF8F-B26A3B6DDC52'
go
· Custom Events and Performance counters for web and worker roles collected by Azure diagnostics for Virtual Machines (non-classic) are not supported.
· Azure Management Pack does not support proxy for Storage Grooming Probe, which is used by the following rules:
o Windows Azure NT Event Log Grooming
o Windows Azure Performance Counter Grooming
o Windows Azure .NET Trace Grooming
Therefore, Microsoft.WindowsAzure.Storage.CloudStorageAccount is used in this probe, and it does not support proxy in practice.
· The state of insights alert rule incidents monitor may not reflect the immediate condition, as long as it changes the state depending on the information received from Azure event log.
In addition, the state of the alert rule switches to unhealthy only if the latest received event corresponds to opening of the alert. Therefore, upon initial activation of the monitor, the alert rule will remain in healthy state until the corresponding event is received. At that, the state of the monitor is displayed as healthy if the alert rule is disabled.
· Metrics for Mobile Services and Classic Virtual Machines are not supported in China subscriptions.
· The following services are not supported in China subscriptions:
o Non-Classic Virtual Machines
o Classic Virtual Machines (all collection rules are not supported)
o SQL Databases
o ARM Cloud Services
o BizTalk Services
o DocumentDB
o Notification Hubs
o Operational Insights
o CDN
· Adding new subscriptions may fail if monitoring templates from the previous management pack installations (if there were any) are not removed. Normally, they are removed automatically upon uninstallation of the management pack. Otherwise, remove those templates manually in order to avoid errors while adding the subscriptions.
· “Classic Virtual Machine Turn Off Monitor” does not work if the corresponding virtual machine is stopped via the old portal. Alternatively, it will not work if the virtual machine is stopped via the new portal and then started again via the old one.
· Properties of Microsoft Azure Generic Service class type objects are not populated. These objects are inherited from System.Service class; in this class, the properties exist but not populated by the management pack.
· “[Host]” metrics of virtual machines cannot be selected in the Add Monitoring wizard; these metrics are not returned by Azure Application Insights library. For classic virtual machines, these basic metrics are not [Host], and they are supported.
· “DocumentDB (NoSQL)” metrics are not available in the Add Monitoring wizard due to a problem with Microsoft.Azure.Insights dll library.
· The output of the “Obtain Service Types and Performance Counters Data” task may seem incomprehensible. It is an internal task and should not be run manually.
· “Change Number of Role Instances”, “Swap Staging And Production Slots”, “Start Deployment Slot”, “Suspend Deployment Slot” tasks may fail silently without providing you information about the failure. To resolve the issue, Azure Cloud services should be configured correctly. Create a cloud service instance and deploy at least one web/worker role. For “Swap Deployment Slots” task, you should configure two slots for Cloud service: staging and production.
· “ArmPerformanceCollectionProbe” module may throw "Period is less than timegrain" exception to the event log. It can happen if interval parameter value of the corresponding performance collection rule is overridden with a small value, or if timegrain parameter value of the metric is large. To avoid this error, make sure that the Interval value is greater than the timegrain value.
· Azure Application Insights performance metrics may not be collected by SCOM. To avoid this issue, remove "request.rate" from the metrics’ list in the management pack.
· Custom WAD metrics do not appear in the performance view, and there are no custom WAD events’ alerts. This issue is accompanied by "Atom format is not supported" warnings in the Event Log saying that requests to WAD Performance Counters and WAD Events tables failed. To avoid this issue, "Storage service API version" should be changed to an earlier date than it is set by default in order to make custom XMLs working (the path is as follows: SCOM Console->Administration->Azure->Edit Subscription->Endpoint->Storage service API version).
· “Redis Cache” metrics are not displayed in performance view, though they are present at the portal and selected in Add Monitoring wizard.
· “Restart” task does not start a virtual machine (whether it is classic or non-classic) if its status is “Stopped” or “Stopped (deallocated)”. Moreover, it is not recommended to use this task for virtual machines with the above statuses, as long as it may lead to monitoring issues.
· Upon upgrade of the management pack from version 1.3.22.0, monitoring may be broken and the following errors may occur in the Operations Manager event log: “Microsoft.SystemCenter.Azure.Modules.RoleInstanceStatusProbeModule.VirtualMachineStatusDS module type cannot be found.“ To resolve the issue, perform the following steps:
o Stop the Operations Manager Health Service.
o Remove the SCOM folder containing the cache (by default, the path is as follows: C:\Program Files\Microsoft System Center 2016\Operations Manager\Server\Health Service State).
o Start the Operations Manager Health Service.