Microsoft Azure - Azure API Extractor
Use the Microsoft Azure - Azure API Extractor to collect configuration and performance data of the virtual machines that are provisioned in the Azure cloud. The collected data is used for analyzing and optimizing the capacity of your Azure infrastructure. To collect data, the Azure API ETL makes API calls to the Azure services.
Depending on your requirement, you can configure the ETL to collect data from the Azure Resource Manager model or the Classic model. For the Azure Resource Manager model, the ETL supports the following subscription types:
- PAY-AS-YOU-GO
- Azure Government (Supported in TrueSight Capacity Optimization version 11.3.01.001 or later)
If you apply tags to organize your Azure resources by related business services, you can configure the ETL to use these tags to display the Azure metrics by business services.The following video (3:59) provides information about the GovCloud (US) support introduced in the Amazon Web Services and Microsoft Azure API ETL.
Collecting data by using the Azure API ETL
To collect data by using the Azure API ETL, do the following tasks:
I. Complete the preconfiguration tasks.
II. Configure the ETL.
III. Run the ETL.
Depending on your Azure deployment model, select a tab and complete the steps:
Step | Details |
---|---|
Get your Azure subscription ID. The subscription ID is a GUID that uniquely identifies your subscription to use Azure services. |
|
If you want to retrieve data for multiple subscriptions by using a single ETL, create a Subscription list file that contains the Subscription ID of every subscription. The file can be in .txt or .csv format. You need a separate subscription file per tenant. |
|
Ensure that you have the required permissions to create an application in Azure Active Directory (AAD). |
|
Create an AAD application to gain access to Azure resources. |
|
Obtain the Application ID and generate an authentication key for the application. |
|
Obtain the Tenant ID, which is the ID of the AAD directory where you created the application. |
|
Grant API access to the application. |
|
Grant the Reader role to the application. Ensure that the account in your Azure subscription has the Owner or User Access Administration role to manage access to Azure resources. If your account is assigned the Contributor role, you cannot grant roles. |
|
The ETL needs to access the specific API endpoints. If your setup is behind a firewall, enable the access to these endpoints.
|
The ETL connects to these endpoints using HTTPS (port 443). |
- Obtain a subscription ID: The subscription ID is a GUID that uniquely identifies your subscription to use Azure services.
Upload a management certificate to the Microsoft Azure Classic portal: A management certificate is an SSL certificate, which is a small data file that digitally binds a cryptographic key to an organization's details. This certificate is associated with your subscription and is required to authenticate your API calls. Create the management certificate and upload it to the Azure portal.
The ETL needs to access the following API endpoints. If your setup is behind a firewall, enable the access to these endpoints.
- management.core.windows.net
- management.azure.com
The ETL connects to these endpoints using HTTPS (port 443).
You must configure the ETL to connect to Azure for data collection. ETL configuration includes specifying the basic and optional advanced properties. While configuring the basic properties is sufficient, you can optionally configure the advanced properties for additional customization.
A. Configuring the basic properties
Some of the basic properties display default values. You can modify these values if required.
To configure the basic properties:
- In the TrueSight Capacity Optimization console, navigate to Administration > ETL & System Tasks, and select ETL tasks.
On the ETL tasks page, click Add > Add ETL. The Add ETL page displays the configuration properties. You must configure properties in the following tabs: Run configuration, Entity catalog, and Microsoft Azure Connection.
On the Run configuration tab, select Microsoft Azure - Azure API Extractor from the ETL module list. The name of the ETL is displayed in the ETL Task name field. You can edit this field to customize the name.
- Click the Entity catalog tab, and select one of the following options:
Shared Entity Catalog: Select if other ETLs access the same entities that are used by the Azure API ETL.
- From the Sharing with Entity Catalog list, select the entity catalog name that is shared between ETLs.
- Private Entity Catalog: Select if this is the only ETL that extracts data from the Azure resources.
Click the Microsoft Azure Connection tab, and configure the following properties:
Property Description Subscription access mode Depending on your Azure subscription mode, select Single or Multiple. You must use the values that you obtained during the preconfiguration procedure. Subscription ID (For single subscription) Specify the ID of the subscription for which you want to retrieve data. Multiple subscription file path (For multiple subscriptions) Specify the path of the file (.txt or .csv) that contains the subscription ID of all the subscriptions for which you want to retrieve data. Deployment model Select the Azure deployment model that you are using, either Resource manager or Classic, or both. Resource manager For the Resource manager deployment model, configure the following properties:
- The Tenant ID from your Azure Active Directory properties
- The Application ID from the App registrations in the Azure Active Directory
- The Authentication key that you generated after creating the web application in Azure Active Directory
- If you are using the Azure Government cloud, select Yes to extract data from it.
- If you want to create and view Azure data by business services, retain the default selection of Create Business Service hierarchy based on specified tag key. Specify the appropriate tag key name. For example, Service.
Otherwise, select Do not create Business Service hierarchy.
Example scenario:
You have VMs that are tagged as follows:- AS1: {user=John, Purpose=Dev, Service=Data Solutions}
- vl-pub-bco-qa35: {user=Adam, Purpose=Production, Service=Data Solutions}
- vl-pun-bco-qa20: {user=Jane, Purpose=QA, Service=Data Solutions}
When you run the ETL, data is displayed in a hierarchy as follows:
If you do not use business services, data is displayed as follows:
Is target Azure Government Cloud If you are using the Azure Government Cloud account, specify Yes to collect data from the Government cloud entities. Classic For the Classic deployment model, configure the following properties: The path to the keystore file that is stored on the computer where TrueSight Capacity Optimization is installed. For example, /opt/bmc/BCO/secure/cotruststore.ts
The keystore file contains the certificate entry for Azure authentication.The password that is required to access the keystore file.
Use proxy Specify whether you want to configure a proxy server, and provide the following details. The default selection is No.
- The fully qualified domain name and the port number of the proxy server host.
- The protocol for communicating with the proxy server. The default protocol is HTTPS.
- If the proxy server requires authentication, select Yes, and specify the proxy server user name and password.
The following image shows sample configuration values for the basic properties:- The Tenant ID from your Azure Active Directory properties
(Optional) Override the default values of properties in the following tabs:
- Click Save.
The ETL tasks page shows the details of the newly configured Azure API ETL.
(Optional) B. Configuring the advanced properties
You can configure the advanced properties to change the way the ETL works or to collect additional metrics.
To configure the advanced properties:
- On the Add ETL page, click Advanced.
Configure the following properties:
Click Save.
The ETL tasks page shows the details of the newly configured Azure API ETL.
After you configure the ETL, you can run it to collect data. You can run the ETL in the following modes:
A. Simulation mode: Only validates connection to the data source, does not collect data. Use this mode when you want to run the ETL for the first time or after you make any changes to the ETL configuration.
B. Production mode: Collects data from the data source.
A. Running the ETL in the simulation mode
To run the ETL in the simulation mode:
- In the TrueSight Capacity Optimization console, navigate to Administration > ETL & System Tasks, and select ETL tasks.
- On the ETL tasks page, click the ETL. The ETL details are displayed.
- In the Run configurations table, click Edit to modify the ETL configuration settings.
- On the Run configuration tab, ensure that the Execute in simulation mode option is set to Yes, and click Save.
- Click Run active configuration. A confirmation message about the ETL run job submission is displayed.
- On the ETL tasks page, check the ETL run status in the Last exit column.
OK Indicates that the ETL ran without any error. You are ready to run the ETL in the production mode. - If the ETL run status is Warning, Error, or Failed:
- On the ETL tasks page, click in the last column of the ETL name row.
- Check the log and reconfigure the ETL if required.
- Run the ETL again.
- Repeat these steps until the ETL run status changes to OK.
B. Running the ETL in the production mode
You can run the ETL manually when required or schedule it to run at a specified time.
Running the ETL manually
- On the ETL tasks page, click the ETL. The ETL details are displayed.
- In the Run configurations table, click Edit to modify the ETL configuration settings. The Edit run configuration page is displayed.
- On the Run configuration tab, select No for the Execute in simulation mode option, and click Save.
- To run the ETL immediately, click Run active configuration. A confirmation message about the ETL run job submission is displayed.
When the ETL is run, it collects data from the source and transfers it to the TrueSight Capacity Optimization database.
Scheduling the ETL run
By default, the ETL is scheduled to run daily. You can customize this schedule by changing the frequency and period of running the ETL.
To configure the ETL run schedule:
- On the ETL tasks page, click the ETL, and click Edit. The ETL details are displayed.
On the Edit task page, do the following, and click Save:
- Specify a unique name and description for the ETL task.
- In the Maximum execution time before warning field, specify the duration for which the ETL must run before generating warnings or alerts, if any.
- Select a predefined or custom frequency for starting the ETL run. The default selection is Predefined.
- Select the task group and the scheduler to which you want to assign the ETL task.
Click Schedule. A message confirming the scheduling job submission is displayed.
When the ETL runs as scheduled, it collects data from the source and transfers it to the TrueSight Capacity Optimization database.
Verify that the ETL ran successfully and the Azure data is refreshed in the Workspace.
To verify whether the ETL ran successfully:
- In the TrueSight Capacity Optimization console, click Administration > ETL and System Tasks > ETL tasks.
- In the Last exec time column corresponding to the ETL name, verify that the current date and time are displayed.
If you see a Failed status in the Last exit column, see Microsoft Azure API ETL fails with certificate validation error to resolve the issue.
To verify that the Azure data is refreshed:
- In the TrueSight Capacity Optimization console, click Workspace.
- Expand (Domain_name_for Azure) > Systems.
In the left pane, verify that the hierarchy displays the new and updated Azure instances that you have provisioned in the Azure cloud.
Resource Manager deployment mode Classic deployment mode
- Click an Azure virtual machine instance, and click the Metrics tab in the right pane.
- Check if the Last Activity column in the Configuration metrics and Performance metrics tables displays the current date.
For information about the configuration and performance metrics data that this ETL collects, see the following topics:
Where to go from hereAfter data is collected, you can analyze and manage the capacity of Azure entities from the Azure views.
Comments
Log in or register to comment.