Skip to main content

Azure Load Balancer

Overview​

Azure Load Balancer operates at layer four of the Open Systems Interconnection (OSI) model. It's the single point of contact for clients. Load Balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. These flows are according to configured load balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a virtual machine scale set.

The Centreon Plugin-Pack Azure Load Balancer can rely on Azure API or Azure CLI to collect the metrics related to the Load Balancer service.

Plugin Pack Assets​

Monitored Objects​

  • Azure Load Balancer instances

Discovery rules​

The Centreon Plugin-Pack Azure Load Balancer includes a Host Discovery provider to automatically discover the Azure instancesof a given subscription and add them to the Centreon configuration. This provider is named Microsoft Azure Load Balancer:

image

This discovery feature is only compatible with the 'api' custom mode. 'azcli' is not supported yet.

More information about the Host Discovery module is available in the Centreon documentation: Host Discovery

Collected Metrics​

Metric nameDescriptionUnit
loadbalancer.datapath.availability.percentageDatapath availability%

Prerequisites​

To get data from Azure Services, following methods are available:

  • Azure API ('api')
  • Azure CLI ('azcli')

Centreon recommends to use the API instead of the CLI for the following reasons:

  • API is much more efficient by avoiding CLI binary execution
  • API supports application authentication while CLI does not (yet)

To use the 'api' custom mode, make sure to obtain the required information using the how-to below. Keep it safe until including it in a Host or Host Template definition.

  • Create an application in Azure Active Directory:

    • Log in to your Azure account.
    • Select Azure Active directory in the left sidebar.
    • Click on App registrations.
    • Click on + Add.
    • Enter Centreon as the application name (or any name of your choice), select application type(api) and sign-on-url.
    • Click on the Create button.
  • Get Subscription ID

    • Log in to your Azure account.
    • Select Subscriptions in the left sidebar.
    • Select whichever subscription is needed.
    • Click on Overview.
    • Copy the Subscription ID.
  • Get Tenant ID

    • Log in to your Azure account.
    • Select Azure Active directory in the left sidebar.
    • Click on Properties.
    • Copy the directory ID.
  • Get Client ID

    • Log in to your Azure account.
    • Select Azure Active directory in the left sidebar.
    • Click on Enterprise applications.
    • Click on All applications.
    • Select the application previously created.
    • Click on Properties.
    • Copy the Application ID.
  • Get Client secret

    • Log in to your Azure account.
    • Select Azure Active directory in the left sidebar.
    • Click on App registrations.
    • Select the application previously created.
    • Click on All settings.
    • Click on Keys.
    • Enter the key description and select the duration.
    • Click on Save.
    • Copy and store the key value. You won't be able to retrieve it after you leave this page.

Setup​

  1. Install the Centreon Plugin package on every Centreon poller expected to monitor Azure Load Balancer resources:
yum install centreon-plugin-Cloud-Azure-Network-LoadBalancer-Api
  1. On the Centreon Web interface, install the Azure Load Balancer Centreon Plugin-Pack on the "Configuration > Plugin Packs > Manager" page

Configuration​

Host​

  • Log into Centreon and add a new Host through "Configuration > Hosts".

  • In the IP Address/FQDN field, set the following IP address: '127.0.0.1'.

  • Select the Cloud-Azure-Network-LoadBalancer-custom template to apply to the Host.

  • Once the template applied, some Macros marked as 'Mandatory' hereafter have to be configured. These mandatory Macros differ regarding the custom mode used:

MandatoryNomDescription
XAZURECUSTOMMODECustom mode 'api'
XAZURESUBSCRIPTIONSubscription ID
XAZURETENANTTenant ID
XAZURECLIENTIDClient ID
XAZURECLIENTSECRETClient secret
XAZURERESOURCEId of the Load Balancer instance

FAQ​

How to check in the CLI that the configuration is OK and what are the main options for ?​

Once the Plugin installed, log into your Centreon Poller CLI using the centreon-engine user account and test the Plugin by running the following command:

/usr/lib/centreon/plugins/centreon_azure_network_loadbalancer_api.pl \
--plugin=cloud::azure::network::loadbalancer::plugin \
--mode=datapath \
--custommode=api \
--subscription='xxxxxxxxx' \
--tenant='xxxxxxxxx' \
--client-id='xxxxxxxxx' \
--client-secret='xxxxxxxxx' \
--resource='LBA001ABCD' \
--timeframe='900' \
--interval='PT5M' \
--aggregation='average' \
--warning-datapath-availability-percentage='95:' \
--critical-datapath-availability-percentage='50:' \
--verbose

Expected command output is shown below:

OK: Instance 'LBA001ABCD' Statistic 'average' Metrics Data Path (VIP) Availability: 100.00% |
'LBA001ABCD~average#loadbalancer.datapath.availability.percentage'=100.00%;;;0;100

The command collects the datapath availability rate of a Azure Load Balancer instance using the 'api' custom-mode (--plugin=cloud::azure::network::loadbalancer::plugin --mode=datapath --custommode=api). This Load Balancer is identified by its id (--resource='LBA001ABCD') and the authentication parameters to be used with the custom mode are specified in the options (--subscription='xxxxxxxxx' --tenant='xxxxxxx' --client-id='xxxxxxxx' --client-secret='xxxxxxxxxx').

The calculated metrics are an average (--aggregation='average') of values on a 900 secondes / 15 min period (--timeframe='900') with one sample per 5 minutes (--interval='PT5M').

This command would trigger a WARNING alarm if the reported availability rate during the period is below 95% (--warning-datapath-availability-percentage='95:') and a CRITICAL alarm below 50% (--critical-datapath-availability-percentage='50:').

All the available options for a given mode can be displayed by adding the --help parameter to the command:

/usr/lib/centreon/plugins/centreon_azure_network_loadbalancer_api.pl \
--plugin=cloud::azure::network::loadbalancer::plugin \
--mode=datapath \
--help

Troubleshooting​

UNKNOWN: Login endpoint API returns error code 'ERROR_NAME' (add --debug option for detailed message)​

When I run my command I obtain the following error message: UNKNOWN: Login endpoint API returns error code 'ERROR_NAME' (add --debug option for detailed message).

It means that some parameters used to authenticate the API request are wrong. The 'ERROR_NAME' string gives some hints about where the problem stands.

As an example, if my Client ID or Client Secret are wrong, 'ERROR_DESC' value will be 'invalid_client'.

The Azure credentials have changed and the Plugin does not work anymore​

The Plugin is using a cache file to keep connection information and avoid an authentication at each call. If some of the authentication parameters change, you must delete the cache file.

The cache file can be found within /var/lib/centreon/centplugins/ folder with a name similar to azureapi<md5>_<md5>_<md5>_<md5>.

UNKNOWN: 500 Can't connect to login.microsoftonline.com:443​

This error message means that the Centreon Plugin couldn't successfully connect to the Azure Login API. Check that no third party device (such as a firewall) is blocking the request. A proxy connection may also be necessary to connect to the API. This can be done by using this option in the command: --proxyurl='http://proxy.mycompany:8080'.