Migrate to Azure Monitor Agent on Azure Arc using Red Hat Ansible Automation Platform
Article
In this article
This article covers how to use Red Hat Ansible Automation Platform to migrate non-Azure machines from the Azure Log Analytics agent to Azure Monitor agent. This includes onboarding the machines to Azure Arc-enabled servers. Once you have completed the configuration steps in this article, you'll be able to run a workflow against an automation controller inventory that performs the following tasks:
Ensure that the Azure Connected Machine agent is installed on each machine.
Install and enable the Azure Monitor agent.
Disable and uninstall the Log Analytics agent.
Content from the
Ansible Content Lab for Cloud Automation
has already been developed to automate this scenario. This article will walk through how you can import that content as a project in an automation controller to build a workflow to perform the tasks above.
Ansible Automation Platform can automate the deployment of Azure services across your IT landscape to make onboarding to Azure Arc fast and reliable.
The Ansible content examples in this article target Linux hosts, but the playbooks can be altered to accommodate Windows hosts as well.
Prerequisites
Azure Log Analytics workspace
This article assumes you are using the Azure Log Analytics agent and that the servers are pre-configured to report data to a Log Analytics workspace. You will need the name and resource group of the workspace from which you are migrating.
Automation controller 2.x
This article is applicable to both self-managed Ansible Automation Platform and Red Hat Ansible Automation Platform on Microsoft Azure.
Automation execution environment
To use the examples in this article, you'll need an automation execution environment with both the Azure Collection and the Azure CLI installed, since both are required to run the automation.
If you don't have an automation execution environment that meets these requirements, you can
use this example
.
See the
Red Hat Ansible documentation
for more information about building and configuring automation execution environments.
Host inventory
You will need an inventory of Linux hosts configured in automation controller that contains a list of VMs that will use Azure Arc and the Azure Monitor Agent.
Azure Resource Manager credential
A working account credential configured in Ansible Automation Platform for the Azure Resource Manager is required. This credential is used by Ansible Automation Platform to authenticate operations using the Azure Collection and the Azure CLI.
Server machine credential
A “Machine Credential” configured in Automation Controller for SSH access to the servers in your host inventory is required.
This article also uses the
Azure Infrastructure Configuration Demo
collection. This collection contains a number of roles and playbooks that manage Azure use cases including those with Azure Arc-enabled servers. To use this collection in Automation Controller, follow the steps below to set up a project with the repository:
Log in to automation controller.
In the left menu, select
Projects
.
Select
Add
, and then complete the fields of the form as follows:
Once saved, the project should be synchronized with the automation controller.
Migrating Azure agents
In this example, we will assume that our Linux servers are already running the Azure Log Analytics agent, but do not yet have the Azure Connected Machine agent installed. If your organization relies on other Azure services that use the Log Analytics agent, you may need to plan for extra data collection rules prior to migrating to the Azure Monitor agent.
We will create a workflow that leverages the following playbooks to install the Azure Connected Machine agent, deploy the Azure Monitor Agent, disable the Log Analytics agent, and then uninstall the Log Analytics agent:
install_arc_agent.yml
replace_log_analytics_with_arc_linux.yml
uninstall_log_analytics_agent.yml
This workflow performs the following tasks:
Installs the Azure Connected Machine agent on all of the VMs identified in inventory.
Enables the Azure Monitor agent extension via Azure Arc.
Disables the Azure Log Analytics agent extension via Azure Arc.
Uninstalls the Azure Log Analytics agent if flagged.
Create template to install Azure Connected Machine agent
This template is responsible for installing the Azure Arc
Connected Machine agent
on hosts within the provided inventory. A successful run will have installed the agent on all machines.
Follow the steps below to create the template:
On the right menu, select
Templates
.
Select
Add
.
Select
Add job template
, then complete the fields of the form as follows:
The operations in this playbook happen through the Azure CLI. Most of these variables are set to pass along the proper variable from the Azure Resource Manager credential to the CL.
Options:
Privilege Escalation: true
Select
Save
.
Create template to replace log analytics
This template is responsible for migrating from the Log Analytics agent to the Azure Monitor agent by enabling the Azure Monitor Agent extension and disabling the Azure Log Analytics extension (if used via the Azure Connected Machine agent).
Follow the steps below to create the template:
On the right menu, select
Templates
.
Select
Add
.
Select
Add job template
, then complete the fields of the form as follows:
Region: <Azure Region>
resource_group_name: <Resource Group Name>
linux_hosts: "{{ hostvars.values() | selectattr('group_names','contains', 'linux') | map(attribute='inventory_hostname') | list }}"
The
linux_hosts
variable is used to create a list of hostnames to send to the Azure Collection and is not directly related to a host inventory. You may set this list in any way that Ansible supports. In this case, the variable attempts to pull host names from groups with “linux” in the group name.
Select
Save
.
Create template to uninstall Log Analytics
This template will attempt to run the Log Analytics agent uninstall script if the Log Analytics agent was installed outside of the Azure Connected Machine agent.
Follow the steps below to create the template:
On the right menu, select
Templates
.
Select
Add
.
Select
Add job template
, then complete the fields of the form as follows:
An automation controller workflow allows you to construct complex automation by connecting automation templates and other actions together. This workflow example is a simple linear flow that enables the end-to-end scenario in this example, but other nodes could be added for context such as error handling, human approvals, etc.
On the right menu, select
Templates
.
Select
Add
.
Select
Add workflow template
, then complete the following fields as follows:
Name:
Content Lab - Migrate Log Agent to Azure Monitor
Set
Node Type
to "Job Template" and select
Content Lab - Replace Log Analytics with Arc Connected Machine Agent
.
Select
Next
.
Select
Save
.
Hover over the
Content Lab - Replace Log Analytics with Arc Connected Machine Agent
node and select the
+
button.
Select
On Success
.
Select
Next
.
Set
Node Type
to "Job Template" and select
Content Lab - Uninstall Log Analytics Agent
.
Select
Save
.
Select
Save
at the top right corner of the workflow designer.
You will now have a workflow that looks like the following:
Add a survey to the workflow
We want to add survey questions to the workflow so that we can collect input when the workflow is run.
Select
Survey
from the workflow details screen.
Select
Add
, then complete the form using the following values:
Question:
Which Azure region will your Arc servers reside?
Answer variable name:
region
Required:
true
Answer type:
Text
Select
Save
.
Select
Add
, then complete the form using the following values:
Question:
What is the name of the resource group?
Answer variable name:
resource_group_name
Required:
true
Answer type:
Text
Select
Save
.
Select
Add
, then complete the form using the following values:
Question:
What is the name of your Log Analytics workspace?
Answer variable name:
analytics_workspace_name
Required:
true
Answer type:
Text
Select
Save
.
From the Survey list screen, ensure that the survey is enabled.
Your workflow has now been created.
Running the workflow
Now that you have the workflow created, you can run the workflow at any time. When you click the “launch” 🚀 icon, the survey that you configured will be presented so that you can update the variables across automation runs. This will allow you to move Log Analytics connected servers that are assigned to different regions or resource groups as needed.
Conclusion
After following the steps in this article, you have created an automation workflow that migrates your Linux machines from the Azure Log Analytics agent to the Azure Monitor agent. This workflow will onboard the Linux machine to Azure Arc-enabled servers. This example uses the Ansible Content Lab for Cloud Automation to make implementation fast and easy.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:
https://aka.ms/ContentUserFeedback
.
