Access Log generation of deployed web application on Azure Kubernetes Service (AKS) - azure

I have deployed a web application on Azure Kubernetes Service (AKS). I want to generate access logs (which include HTTP method, path, request body, if possible HTTP headers, and timestamp) of deployed web application and not of Kubernetes Cluster, Nodes and Pods. I have used Application Gateway, but it is creating logs of Kubernetes Cluster, Nodes or Pods. I have also used Log Analytics on Azure, but it is also not giving me required logs.

You need your application to generate those logs in some form. kubernetes doesnt provide networking logs. Easiest way is outputting to stdout, or, perhaps using Application insights. Another option is using something like Zipkin or Jaeger to capture those.

Related

Correlation between Azure Application Gateway and Azure Application Insights

Is there a way to correlate the logs between Azure Application Gateway Logs and Azure Application Insights?. We need to maps the relations from top-level appliances to application
Azure Application Gateway is an application load balancer for web traffic, available in Azure environment, that manages HTTP and HTTPS traffic of the applications. And Application Insights is an application performance management service for web applications that enables you to do all the monitoring of your website performance in Azure so we can't correlated the logs between Azure Application Gateway and Azure Application Insights.
To monitor the Azure Application Gateway we should uses Azure Monitor. The Azure Monitor Network Insights provides a comprehensive view of health and metrics for all deployed network resources (including Application Gateway), without requiring any configuration. For more detailed explanation of the capabilities read this Azure Monitor Network Insights document.
The logs allow for performance, access, and other data to be saved or consumed from a resource for monitoring purposes. You can use different types of logs in Azure to manage and troubleshoot application gateways like Access logs, Performance logs, Firewall logs and so on. The Azure Application Gateway can send diagnostic logs to a workspace of Log Analytics. This feature is very useful for checking the performance, to detect any errors and is essential for troubleshooting steps, in particular in the presence of the WAF module.
I would suggest to read these Azure Application Gateway: monitoring with Log Analytics and Monitoring Azure Application Gateway documents for more information.

Kubernetes + Docker container pod on AKS blocking external endpoint

We have an AKS cluster on Azure and an endpoint on Azure App Service.
Calls are being initiated from a service (exposing a deployed app) on AKS to an App on Azure App Service (Public URL)
When deploying to Azure App Service, the application goes down in order to deploy, meanwhile calls are still being initiated from the AKS micro-service.
The AKS service starts throwing exceptions that the endpoint is not available which is normal. but when the Azure App service is up again the AKS service still throws the same error even when the app is online again and serving other services successfully. it is like the AKS is caching the error.
In order to fix it I have to kill all the living pods of the faulty micro-service and then scaling it back out again.
Can someone please guide me on why is this happening and how can I prevent this in future deployments?

How detailed is the Application Insights telemetry using Docker hosted in Azure Container Instances

When I deployed my app to Azure App Service I got quite awesome telemetry out of the box.
Some of the telemetry data is generated by the App Service itself, some of it by my ASP.NET Core app that is using Application Insights logging.
As a result I could find out slow http requests, all application and IIS logs related to the request and see a nice chart showing where the time was spent, e.g. waiting for a SQL query or some http call.
I wonder how much of this telemetry can I get if I decide to go with Azure Container Instances.
The telemetry collected from the application itself using Microsoft.ApplicationInsights.AspNetCore SDK- you'd pretty much everything of that irrespective of where app is runnning - vm or container or app service.
from https://learn.microsoft.com/en-us/azure/azure-monitor/app/docker
When you run the Application Insights image on your Docker host, you get these benefits:
Lifecycle telemetry about all the containers running on the host - start, stop, and so on.
Performance counters for all the containers. CPU, memory, network usage, and more.
If you installed Application Insights SDK for Java in the apps running in the containers, all the telemetry of those apps will have additional properties identifying the container and host machine. So for example, if you have instances of an app running in more than one host, you can easily filter your app telemetry by host.

How can I diagnose a connection failure to my Load-balanced Service Fabric Cluster in Azure?

I'm taking my first foray into Azure Service Fabric using a cluster hosted in Azure. I've successfully deployed my cluster via ARM template, which includes the cluster manager resource, VMs for hosting Service Fabric, a Load Balancer, an IP Address and several storage accounts. I've successfully configured the certificate for the management interface and I've successfully written and deployed an application to my cluster. However, when I try to connect to my API via Postman (or even via browser, e.g. Chrome) the connection invariably times out and does not get a response. I've double checked all of my settings for the Load Balancer and traffic should be getting through since I've configured my load balancing rules using the same port for the front and back ends to use the same port for my API in Service Fabric. Can anyone provide me with some tips for how to troubleshoot this situation and find out where exactly the connection problem lies ?
To clarify, I've examined the documentation here, here and here
Have you tried logging in to one of your service fabric nodes via remote desktop and calling your API directly from the VM? I have found that if I can confirm it's working directly on a node, the issue likely lies within the LB or potentially an NSG.

Kibana 4 as Azure website is not connecting to ElasticSearch service

I am working on a task to deploy ElasticSearch as an azure cloud service with 3 Master + Data Nodes and Kibana 4 as an Azure Website. The ES (2.3.1) service is active and I get the green health status on Chrome sense on retreiving health of ES cluster.
I have used the Kibana 4 binaries in https://github.com/iremmats/kibana4-azure-website for creating a json application that can be deployed as Azure website. The json application that I have created along with configuration for server.js, kibana.yml runs successfully on local VS using node.exe and I am able to discover my ES instance indices on it. However, the moment I deploy this nodejs application to Azure Website and attempt to browse Kibana 4 on Azure website I get Kibana: Bad Gateway exception. Looking into the network timeline of azure website hit, it throws HTTP 502 error on attempting to connect with ElasticSearch cloud service instance.
Below is network timeline screen shot.The IP address mentioned is the IP address of ES cloud service.
Kibana Bad Gateway error and network timeline
It seems that the issue was caused by Azure virtual network configuration for your ElasticSearch cloud service.
I think you may try to do two ways below for the configuration.
Adding a new endpoint for the cloud services to allow the inbound access for port 9200 at the endpoint setting on Azure portal.
Following the article How to manage NSGs using the Azure portal to configure the access rules for subnets in your virtual network between the website and cloud services.
However, I think it's not necessary for integrating the independency Kibana instance with the ElasticSearch instances. In fact, Azure has supplied the Elasticsearch and Kibana integration environment in the Azure Marketplace that you can directly create without any additional configuration. Please try to access the url https://ms.portal.azure.com/#blade/Microsoft_Azure_Marketplace/GalleryFeaturedMenuItemBlade/selectedMenuItemId/home/searchQuery/Elasticsearch%20and%20Kibana/resetMenuId/ to see it, or search the words "Elasticsearch and Kibana" in the search bar of Azure Marketplace to find it.
Any concern, please feel free to let me know.

Resources