Merge pull request #262148 from johnmarco/jm-aro-prometheus-edit

denrea · web-flow · commit 17ab0957d0ee · 2024-01-02T13:36:03.000-08:00
Copy edit Prometheus article
diff --git a/articles/openshift/howto-remotewrite-prometheus.md b/articles/openshift/howto-remotewrite-prometheus.md
@@ -1,53 +1,56 @@
 ---
 title: Remote write to Azure Monitor Managed Service
-description: Describes how to configure remote write to send data from the default Prometheus server running in your ARO cluster
-author: srpadala 
+description: Describes how to configure remote write to send data from the default Prometheus server running in your ARO cluster.
+author: johnmarco
+ms.author: johnmarc
+ms.service: azure-redhat-openshift
 ms.topic: conceptual
-ms.date: 09/21/2023
+ms.date: 01/02/2023
 ---
-# Configure remote write to send data to Azure Monitor Workspace from the default Prometheus server in your Azure Red Hat OpenShift (ARO) cluster
+# Send data to Azure Monitor workspace from the Prometheus server in your Azure Red Hat OpenShift (ARO) cluster
 
-Azure Red Hat OpenShift comes preinstalled with a default Prometheus server that shouldn't be removed as per the [support policy](support-policies-v4.md). There are scenarios where there's a need to centralize data from self-managed Prometheus clusters for long-term data retention and to create a centralized view across your clusters. Azure Monitor managed service for Prometheus allows you to collect and analyze metrics at scale using a Prometheus-compatible monitoring solution, based on the [Prometheus](https://aka.ms/azureprometheus-promio) project from the Cloud Native Computing Foundation.  you can use [remote_write](https://prometheus.io/docs/operating/integrations/#remote-endpoints-and-storage) to send data from the in-cluster Prometheus servers into the Azure managed service.
+Azure Red Hat OpenShift comes preinstalled with a default Prometheus server. As per the [support policy](support-policies-v4.md), this default Prometheus server shouldn't be removed. Some scenarios need to centralize data from self-managed Prometheus clusters for long-term data retention to create a centralized view across your clusters. Azure Monitor managed service for Prometheus allows you to collect and analyze metrics at scale using a Prometheus-compatible monitoring solution based on the [Prometheus](https://aka.ms/azureprometheus-promio) project from the Cloud Native Computing Foundation. You can use [remote_write](https://prometheus.io/docs/operating/integrations/#remote-endpoints-and-storage) to send data from the in-cluster Prometheus servers to the Azure managed service.
 
 ## Prerequisites
 - Data for Azure Monitor managed service for Prometheus is stored in an [Azure Monitor workspace](../azure-monitor/essentials/azure-monitor-workspace-overview.md). You must [create a new workspace](../azure-monitor/essentials/azure-monitor-workspace-manage.md#create-an-azure-monitor-workspace) if you don't already have one.
 
 ## Create Microsoft Entra ID application
 Follow the procedure at [Register an application with Microsoft Entra ID and create a service principal](../active-directory/develop/howto-create-service-principal-portal.md#register-an-application-with-azure-ad-and-create-a-service-principal) to register an application for Prometheus remote-write and create a service principal.
 
-Copy the tenant ID and client ID of the created service principal
-1. Browse to **Identity > Applications > App registrations**, then select your application.
-2. On the app's overview page, copy the Directory (tenant) ID value and store it in your application code.
-3. Copy the Application (client) ID value and store it in your application code.
+1. Copy the tenant ID and client ID of the created service principal.
+    1. Browse to **Identity > Applications > App registrations**, then select your application.
+    1. On the overview page for the app, copy the Directory (tenant) ID value and store it in your application code.
+    1. Copy the Application (client) ID value and store it in your application code.
+    
+1. Create a new client secret as directed in [Create new client secret](../active-directory/develop/howto-create-service-principal-portal.md#option-3-create-a-new-client-secret).Copy the value of the created secret.
 
-Create a new client secret as described in [Create new client secret](../active-directory/develop/howto-create-service-principal-portal.md#option-3-create-a-new-client-secret) and copy the value of the created secret.
+1. Set the values of the collected tenant ID, client ID and client secret:
 
-set the values of the collected tenant ID, client ID and client secret
-```
-export TENANT_ID=<tenant-id>
-export CLIENT_ID=<client-id>
-export CLIENT_SECRET=<client-secret>
-```
+    ```
+    export TENANT_ID=<tenant-id>
+    export CLIENT_ID=<client-id>
+    export CLIENT_SECRET=<client-secret>
+    ```
+    
+## Assign Monitoring Metrics Publisher role to the application
 
-## Assign Monitoring Metrics Publisher role on the data collection rule to the application
 The application requires the *Monitoring Metrics Publisher* role on the data collection rule associated with your Azure Monitor workspace.
 
 1. From the menu of your Azure Monitor Workspace account, select the **Data collection rule** to open the **Overview** page for the data collection rule.
 
-2. Select **Access control (IAM)** in the **Overview** page for the data collection rule.
+2. On the **Overview** page, select **Access control (IAM)**.
 
-3. Select **Add** and then **Add role assignment**.
+3. Select **Add**, and then select **Add role assignment**.
 
-4. Select **Monitoring Metrics Publisher** role and select **Next**.
+4. Select **Monitoring Metrics Publisher** role, and then select **Next**.
 
-5. Select **User, group, or service principal** and then select **Select members**. Select the application that you created and select **Select**.
+5. Select **User, group, or service principal**, and then select **Select members**. Select the application that you created and select **Select**.
 
 6. Select **Review + assign** to complete the role assignment.
 
 ## Create secret in the ARO cluster
 
-We're using the OAuth 2.0 authentication method from the [supported remote write authentication settings](https://docs.openshift.com/container-platform/4.11/monitoring/configuring-the-monitoring-stack.html#supported_remote_write_authentication_settings_configuring-the-monitoring-stack)
-To facilitate this approach, create a secret with the client ID and client secret
+To authenticate with a remote write endpoint, the OAuth 2.0 authentication method from the [supported remote write authentication settings](https://docs.openshift.com/container-platform/4.11/monitoring/configuring-the-monitoring-stack.html#supported_remote_write_authentication_settings_configuring-the-monitoring-stack) is used. To facilitate this approach, create a secret with the client ID and client secret:
 
 ```
 cat << EOF | oc apply -f -
@@ -64,48 +67,58 @@ EOF
   
 ## Configure remote write
 
-To [configure](https://docs.openshift.com/container-platform/4.11/monitoring/configuring-the-monitoring-stack.html#configuring_remote_write_storage_configuring-the-monitoring-stack) remote write for default platform monitoring, we need to update the cluster-monitoring-config config map in the openshift-monitoring namespace
-1. Replace the INGESTION-URL in the configuration with the **Metrics ingestion endpoint** from the **Overview** page for the Azure Monitor workspace
-2. Replace the TENANT_ID in the configuration with the tenant ID of the service principal
+To [configure](https://docs.openshift.com/container-platform/4.11/monitoring/configuring-the-monitoring-stack.html#configuring_remote_write_storage_configuring-the-monitoring-stack) remote write for default platform monitoring, update the *cluster-monitoring-config* config map in the openshift-monitoring namespace.
+
+1. Open the config map for editing:
+
+    ```
+    oc edit -n openshift-monitoring cm cluster-monitoring-config
+    ```
+    
+    ```
+    data:
+      config.yaml: |
+        prometheusK8s:
+          remoteWrite:
+            - url: "<INGESTION-URL>"
+              oauth2:
+                clientId:
+                  secret:
+                    name: oauth2-credentials
+                    key: id
+                clientSecret:
+                  name: oauth2-credentials
+                  key: secret
+                tokenUrl: "https://login.microsoftonline.com/<TENANT_ID>/oauth2/v2.0/token"
+                scopes:
+                  - "https://monitor.azure.com/.default"
+    ```
+    
+1. Update the configuration.
+
+    1. Replace `INGESTION-URL` in the configuration with the **Metrics ingestion endpoint** from the **Overview** page for the Azure Monitor workspace.
+    
+    1. Replace `TENANT_ID` in the configuration with the tenant ID of the service principal.
 
-Edit the configmap
 
-```
-oc edit -n openshift-monitoring cm cluster-monitoring-config
-```
+## Visualize metrics using Azure Managed Grafana Workspace
 
-and update the configuration
+The captured metrics can be visualized using community Grafana dashboards, or you can create contextual dashboards as required.
 
-```
-data:
-  config.yaml: |
-    prometheusK8s:
-      remoteWrite:
-        - url: "<INGESTION-URL>"
-          oauth2:
-            clientId:
-              secret:
-                name: oauth2-credentials
-                key: id
-            clientSecret:
-              name: oauth2-credentials
-              key: secret
-            tokenUrl: "https://login.microsoftonline.com/<TENANT_ID>/oauth2/v2.0/token"
-            scopes:
-              - "https://monitor.azure.com/.default"
-```
+1. Create an [Azure Managed Grafana workspace](../managed-grafana/quickstart-managed-grafana-portal.md).
 
-## Visualize metrics using Azure Managed Grafana Workspace
-The captured metrics can be visualized using community Grafana dashboards or create contextual dashboards as required.
+1. [Link](../azure-monitor/essentials/azure-monitor-workspace-manage.md?tabs=azure-portal#link-a-grafana-workspace) the created Grafana workspace to the Azure Monitor workspace.
+
+1. [Import](../managed-grafana/how-to-create-dashboard.md?tabs=azure-portal#import-a-grafana-dashboard) the community Grafana Dashboard with ID 3870 [OpenShift/K8 Cluster Overview](https://grafana.com/grafana/dashboards/3870-openshift-k8-cluster-overview/) into the Grafana workspace.
 
-1. Create an [Azure Managed Grafana workspace](../managed-grafana/quickstart-managed-grafana-portal.md)
-2. [Link](../azure-monitor/essentials/azure-monitor-workspace-manage.md?tabs=azure-portal#link-a-grafana-workspace) the created Grafana workspace to the Azure Monitor workspace
-3. [Import](../managed-grafana/how-to-create-dashboard.md?tabs=azure-portal#import-a-grafana-dashboard) the community Grafana Dashboard with ID 3870 [OpenShift/K8 Cluster Overview](https://grafana.com/grafana/dashboards/3870-openshift-k8-cluster-overview/) into the Grafana workspace
-4. Specify the Azure Monitor Workspace as the datasource
-5. Save the dashboard
-6. Access the dashboard from **Home -> Dashboards**   
+1. Specify the Azure Monitor workspace as the data source.
+
+1. Save the dashboard.
+
+1. Access the dashboard from **Home -> Dashboards**. 
 
 ## Troubleshooting
+
 See [Azure Monitor managed service for Prometheus remote write](../azure-monitor/containers/prometheus-remote-write.md#hitting-your-ingestion-quota-limit).
 
 ## Next steps
diff --git a/articles/openshift/toc.yml b/articles/openshift/toc.yml
@@ -101,7 +101,7 @@
               href : ../azure-monitor/insights/container-insights-enable-arc-enabled-clusters.md
             - name: Disable Azure Monitor container insights in Azure Red Hat OpenShift 4 
               href: ../azure-monitor/insights/container-insights-enable-arc-enabled-clusters.md#delete-extension-instance
-            - name: Configure Azure Monitor managed service for prometheus remote write   
+            - name: Configure Azure Monitor managed service for Prometheus remote write   
               href: howto-remotewrite-prometheus.md
     - name: Develop and run applications
       items:
