22
33set -euf
44
5+ step=1
6+ maxsteps=13
7+
8+ function check_az_providers {
9+ echo -n " [$step /$maxsteps ] "
10+ step=$(( step + 1 ))
11+ echo " Checking Azure Application Insights, Operational Insights and Operations Management providers are registered"
12+ exists1=$( az provider show -n Microsoft.OperationsManagement -o tsv --query registrationState)
13+ exists2=$( az provider show -n Microsoft.OperationalInsights -o tsv --query registrationState)
14+ exists3=$( az provider show -n microsoft.insights -o tsv --query registrationState)
15+ if [ " $exists1 " != " Registered" || [ " $exists2 " != " Registered" || [ " $exists3 " != " Registered" ; then
16+ echo
17+ echo " Azure Application Insights, Operational Insights or Operations Management providers not registered for this account"
18+ echo
19+ echo " *************"
20+ echo " ** WARNING ** Registering Azure providers the first time can take up to two hours"
21+ echo " *************"
22+ echo
23+ echo " More info at: "
24+ echo " https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types"
25+ echo " https://github.com/MicrosoftDocs/azure-docs/blob/master/includes/log-analytics-troubleshoot-azure-diagnostics.md"
26+ if [ " $prompt_yes " != " 0" ; then
27+ echo
28+ echo " You can manually register Azure providers on Azure portal as explained on those links"
29+ echo " or executing:"
30+ echo " az provider register -n Microsoft.OperationalInsights"
31+ echo " az provider register -n Microsoft.OperationsManagement"
32+ echo " az provider register -n microsoft.insights"
33+
34+ echo " Press CTRL+C to cancel AKS audit log installation and manually register providers"
35+
36+ fi
37+ echo " Invoking registration of Azure Operational Insights and Operations Management providers"
38+ az provider register -n Microsoft.OperationalInsights
39+ az provider register -n Microsoft.OperationsManagement
40+ az provider register -n microsoft.insights
41+ echo " You can stop the installation process here and retry later, registration happens in the backgroud."
42+ echo " Waiting until state appears as 'Registered', this can take up to an hour..."
43+ while [ " $exists1 " != " Registered" || [ " $exists2 " != " Registered" || [ " $exists3 " != " Registered"
44+ do
45+ sleep 12
46+ exists1=$( az provider show -n Microsoft.OperationsManagement -o tsv --query registrationState)
47+ exists2=$( az provider show -n Microsoft.OperationalInsights -o tsv --query registrationState)
48+ exists3=$( az provider show -n microsoft.insights -o tsv --query registrationState)
49+ done
50+ fi
51+ echo " Azure Application Insights, Operational Insights and Operations Management are registered"
52+ }
553function check_commands_installed {
6- echo " [1/12] Checking requirements"
54+ echo -n " [$step /$maxsteps ] "
55+ step=$(( step + 1 ))
56+ echo " Checking requirements"
757 local exists
8- exists=$( which az || :)
58+ exists=$( command -v az || :)
959 if [ " $exists " == " " ; then
1060 echo " Required command line tool 'az' not available."
1161 echo " For instructions on how to install it, visit:"
12- ecbo " https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest"
62+ echo " https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest"
1363 exit 1
1464 fi
15- exists=$( which kubectl || :)
65+ exists=$( command -v kubectl || :)
1666 if [ " $exists " == " " ; then
1767 echo " Required command line tool 'kubectl' not available."
1868 echo " Yoy may install it using:"
1969 echo " az aks install-cli"
2070 exit 1
2171 fi
22- exists=$( which envsubst || :)
72+ exists=$( command -v envsubst || :)
2373 if [ " $exists " == " " ; then
2474 echo " Required command line tool 'envsubts' not available."
2575 echo " You may find it in the gettext or gettext-base packages."
2676 exit 1
2777 fi
28- exists=$( which curl || :)
78+ exists=$( command -v curl || :)
2979 if [ " $exists " == " " ; then
3080 echo " Required command line tool 'curl' not available."
3181 exit 1
3282 fi
33- exists=$( which tr || :)
83+ exists=$( command -v tr || :)
3484 if [ " $exists " == " " ; then
3585 echo " Required command line tool 'tr' not available."
3686 exit 1
3787 fi
38- exists=$( which grep || :)
88+ exists=$( command -v grep || :)
3989 if [ " $exists " == " " ; then
4090 echo " Required command line tool 'grep' not available."
4191 exit 1
4292 fi
43- exists=$( which md5sum || :)
93+ exists=$( command -v md5sum || :)
4494 if [ " $exists " == " " ; then
4595 echo " Required command line tool 'md5sum' not available."
4696 exit 1
@@ -147,36 +197,44 @@ function get_region {
147197
148198function create_event_hubs {
149199 # # Create Event Hubs namespace
150-
151- echo " [2/12] Creating Event Hubs namespace: $ehubs_name "
200+ echo -n " [$step /$maxsteps ] "
201+ step=$(( step + 1 ))
202+ echo " Creating Event Hubs namespace: $ehubs_name "
152203 az eventhubs namespace create \
153204 --name " $ehubs_name "
154205 --resource-group " $resource_group "
155206 --location " $region "
156207
157208 # Message retention 1 day
158- echo " [3/12] Creating Event Hub: $hub_name "
209+ echo -n " [$step /$maxsteps ] "
210+ step=$(( step + 1 ))
211+ echo " Creating Event Hub: $hub_name "
159212 az eventhubs eventhub create --name " $hub_name "
160213 --namespace-name " $ehubs_name "
161214 --resource-group " $resource_group "
162215 --message-retention 1 \
163216 --partition-count 4 \
164217 --output none
165218
166- echo " [4/12] Getting hub connection string"
219+ echo -n " [$step /$maxsteps ] "
220+ step=$(( step + 1 ))
221+ echo " Getting hub connection string"
167222 sleep 5
168223 hub_connection_string=$( az eventhubs namespace authorization-rule keys list \
169224 --resource-group " $resource_group "
170225 --namespace-name " $ehubs_name "
171226 --name RootManageSharedAccessKey \
172227 --output tsv --query primaryConnectionString)
173-
174- echo " [5/12] Getting hub id"
228+ echo -n " [$step /$maxsteps ] "
229+ step=$(( step + 1 ))
230+ echo " Getting hub id"
175231 hub_id=$( az eventhubs namespace show --resource-group " $resource_group " " $ehubs_name " )
176232}
177233
178234function create_diagnostic {
179- echo " [6/12] Creating diagnostic setting: $diagnostic_name "
235+ echo -n " [$step /$maxsteps ] "
236+ step=$(( step + 1 ))
237+ echo " Creating diagnostic setting: $diagnostic_name "
180238 # # Setting up aks diagnostics to send kube-audit to event hub
181239 az monitor diagnostic-settings create \
182240 --resource " $cluster_name "
@@ -191,8 +249,9 @@ function create_diagnostic {
191249
192250function create_storage_account {
193251 # # Create storage account
194-
195- echo " [7/12] Creating storage account: $storage_account "
252+ echo -n " [$step /$maxsteps ] "
253+ step=$(( step + 1 ))
254+ echo " Creating storage account: $storage_account "
196255
197256 az storage account create \
198257 --name " $storage_account "
@@ -201,13 +260,17 @@ function create_storage_account {
201260 --sku Standard_RAGRS \
202261 --kind StorageV2 --output none
203262
204- echo " [8/12] Getting storage connection string"
263+ echo -n " [$step /$maxsteps ] "
264+ step=$(( step + 1 ))
265+ echo " Getting storage connection string"
205266 blob_connection_string=$( az storage account show-connection-string --key primary \
206267 --name " $storage_account "
207268 --resource-group " $resource_group "
208269 --output tsv --query connectionString)
209270
210- echo " [9/12] Creating blob container: $blob_container "
271+ echo -n " [$step /$maxsteps ] "
272+ step=$(( step + 1 ))
273+ echo " Creating blob container: $blob_container "
211274 az storage container create \
212275 --name " $blob_container "
213276 --connection-string " $blob_connection_string "
@@ -216,7 +279,9 @@ function create_storage_account {
216279
217280
218281function create_deployment {
219- echo " [10/12] Creating deployment manifest"
282+ echo -n " [$step /$maxsteps ] "
283+ step=$(( step + 1 ))
284+ echo " Creating deployment manifest"
220285
221286 export EhubNamespaceConnectionString=" $hub_connection_string "
222287 export BlobStorageConnectionString=" $blob_connection_string "
@@ -227,15 +292,17 @@ function create_deployment {
227292 curl https://raw.githubusercontent.com/sysdiglabs/aks-kubernetes-audit-log/master/deployment.yaml.in |
228293 envsubst > " $WORKDIR /deployment.yaml"
229294
230-
231-
232- echo " [11/12] Applying Kubernetes service"
295+ echo -n " [ $step / $maxsteps ] "
296+ step= $(( step + 1 ))
297+ echo " Applying Kubernetes service"
233298
234299 KUBECONFIG=" $WORKDIR /tempkubeconfig"
235300 -f https://raw.githubusercontent.com/sysdiglabs/aks-kubernetes-audit-log/master/service.yaml \
236301 -n " $sysdig_namespace "
237302
238- echo " [12/12] Applying Kubernetes deployment"
303+ echo -n " [$step /$maxsteps ] "
304+ step=$(( step + 1 ))
305+ echo " Applying Kubernetes deployment"
239306
240307 export KUBECONFIG=" $WORKDIR /tempkubeconfig"
241308 KUBECONFIG=" $WORKDIR /tempkubeconfig" " $WORKDIR /deployment.yaml" " $sysdig_namespace "
@@ -256,7 +323,7 @@ function is_valid_value {
256323
257324function help {
258325
259- echo " Usage: $( basename " ${0} " ) "
326+ echo " Usage: $( basename " ${0} " ) \\ "
260327 echo " [-y|--yes] [-h | --help]"
261328 echo " "
262329 echo " -g : Azure resource group where the AKS cluster is located (required)"
@@ -366,6 +433,10 @@ echo "Destination:"
366433echo " * Resource group: $resource_group "
367434echo " * AKS cluster: $cluster_name "
368435echo " * Sysdig agent namespace: $sysdig_namespace "
436+ echo " Azure services to register:"
437+ echo " * Azure Application Insights"
438+ echo " * Azure Operational Insights"
439+ echo " * Azure Operations Management"
369440echo " Resources to install:"
370441echo " * Activate diagnostic setting $diagnostic_name in the cluster"
371442echo " * Storage account: $storage_account "
385456
386457
387458check_commands_installed
459+ check_az_providers
388460check_cluster
389461check_az_resources
390462
0 commit comments