Support for Custom Azure Monitor Workspace Id for AKS

EppO commented 1 year ago

Is there an existing issue for this?

[X] I have searched the existing issues

Community Note

Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Currently, there is no way to bind an existing Azure Monitor Workspace Id to an AKS cluster. The exisiting implementation (#19530 ) relies on a default Azure Monitor Workspace. This feature request is the first step to support custom Azure Monitor Workspace. Once #18809 is implemented, we could pass Azure Monitor Workspace resource or datasource to that new attribute.

New or Affected Resource(s)/Data Source(s)

azurerm_kubernetes_cluster

Potential Terraform Configuration

resource "azurerm_kubernetes_cluster" "example" {
  name                = "example-aks1"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  dns_prefix          = "exampleaks1"

  default_node_pool {
    name       = "default"
    node_count = 1
    vm_size    = "Standard_D2_v2"
  }

  monitor_metrics {
    azure_monitor_workspace_id = "/subscriptions/<subscriptionId>/resourcegroups/<resourceGroupName>/providers/microsoft.monitor/accounts/<azureMonitorWorkspaceName>"
  }

  identity {
    type = "SystemAssigned"
  }

  tags = {
    Environment = "Production"
  }
}

References

https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/prometheus-metrics-enable?tabs=cli#install-metrics-addon

az aks update --enable-azuremonitormetrics -n <cluster-name> -g <cluster-resource-group> --azure-monitor-workspace-resource-id <workspace-name-resource-id>

cpressland commented 1 year ago

@catriona-m I think this issue got closed accidentally, this functionality is still missing and the linked pull request doesn’t touch any Kubernetes components that I can see.

EppO commented 1 year ago

@cpressland: you're right, #21598 implemented #18809, not this one

aristosvo commented 1 year ago

@EppO @cpressland Although this feature is marketed as being an AKS add-on, enabling Prometheus metric collection is a combination of a separate group of resources (azurerm_monitor_data_collection_endpoint,azurerm_monitor_data_collection_rule and azurerm_monitor_data_collection_rule_association). Best example of that is found here, a MS example.

As such adding this 'add-on' to the azurerm_kubernetes_cluster will probably never happen, unless the implementation at MS side is abstracted into the AKS APIs.

The current implementation of Prometheus and AKS linking can be enabled with azurerm via azurerm_monitor_data_collection_endpoint,azurerm_monitor_data_collection_rule and azurerm_monitor_data_collection_rule_association, as such I'll close this issue for now.

The prometheusRuleGroups resource to configure the Prometheus rules on the azurerm_monitor_workspace is already being implemented in this PR: #21751.

Please let me know if you have any questions, I'd be happy to help!

github-actions[bot] commented 3 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashicorp / terraform-provider-azurerm