Skip to main content

dotnet monitor–Run as a sidecar in a Kubernetes cluster–Part 2

Last week I blogged about how you can run dotnet monitor as a sidecar in your Kubernetes cluster. Although the yaml file I shared worked on my local cluster (inside Minikube), it didn’t work when I tried to deploy it to AKS. Nothing happened when I tried to connect to the specified URL’s.

To fix this I had to take multiple steps:

  • First I had to explicitly set the ‘—urls’ argument inside the manifest:
apiVersion: apps/v1
kind: Deployment
metadata:
name: dotnet-monitor-example
spec:
replicas: 1
selector:
matchLabels:
app: dotnet-monitor-example
template:
metadata:
labels:
app: dotnet-monitor-example
spec:
volumes:
- name: diagnostics
emptyDir: {}
containers:
- name: server
image: mcr.microsoft.com/dotnet/core/samples:aspnetapp
ports:
- containerPort: 80
volumeMounts:
- mountPath: /tmp
name: diagnostics
- name: sidecar
image: mcr.microsoft.com/dotnet/monitor:5.0.0-preview.5
ports:
- containerPort: 52323
args: ["--urls", "http://*:52323", "--metricUrls", "http://*:52325"]
volumeMounts:
- name: diagnostics
mountPath: /tmp
view raw dotnetmonitorupdated.yaml hosted with ❤ by GitHub
  • Now I was able to connect to the url but it still failed. When I took a look at the logs I noticed the following message:

{"Timestamp":"2021-07-27T18:48:29.6522095Z","EventId":7,"LogLevel":"Information","Category":"Microsoft.Diagnostics.Tools.Monitor.ApiKeyAuthenticationHandler","Message":"MonitorApiKey was not authenticated. Failure message: API key authentication not configured.","State":{"Message":"MonitorApiKey was not authenticated. Failure message: API key authentication not configured.","AuthenticationScheme":"MonitorApiKey","FailureMessage":"API key authentication not configured.","{OriginalFormat}":"{AuthenticationScheme} was not authenticated. Failure message: {FailureMessage}"},"Scopes":[{"Message":"ConnectionId:0HMAH5RL3D6BM","ConnectionId":"0HMAH5RL3D6BM"},{"Message":"RequestPath:/processes RequestId:0HMAH5RL3D6BM:00000001, SpanId:|fe3ec0c2-46980a5b9b2602e2., TraceId:fe3ec0c2-46980a5b9b2602e2, ParentId:","RequestId":"0HMAH5RL3D6BM:00000001","RequestPath":"/processes","SpanId":"|fe3ec0c2-46980a5b9b2602e2.","TraceId":"fe3ec0c2-46980a5b9b2602e2","ParentId":""}]}

  • We need to create an API key secret and mount it as a volume to our sidecar. Here is the code to generate a secret:
kubectl create secret generic apikey \
  --from-literal=ApiAuthentication__ApiKeyHash=$hash \
  --from-literal=ApiAuthentication__ApiKeyHashType=SHA256 \
  --dry-run=client -o yaml \
  | kubectl apply -f -
  • Now we need to mount the secret as a volume. Here is the updated manifest:
apiVersion: apps/v1
kind: Deployment
metadata:
name: dotnet-monitor-example
spec:
replicas: 1
selector:
matchLabels:
app: dotnet-monitor-example
template:
metadata:
labels:
app: dotnet-monitor-example
spec:
volumes:
- name: diagnostics
emptyDir: {}
- name: apikey
secret:
secretName: apikey
containers:
- name: server
image: mcr.microsoft.com/dotnet/core/samples:aspnetapp
ports:
- containerPort: 80
volumeMounts:
- mountPath: /tmp
name: diagnostics
- name: sidecar
image: mcr.microsoft.com/dotnet/monitor:5.0.0-preview.5
ports:
- containerPort: 52323
args: ["--urls", "http://*:52323", "--metricUrls", "http://*:52325"]
volumeMounts:
- name: diagnostics
mountPath: /tmp
- name: apikey
mountPath: /etc/dotnet-monitor
view raw dotnetmonitorsecret.yaml hosted with ❤ by GitHub

If you want to learn more, I could recommend the following video as a good introduction:

Labels

Labels:

Popular posts from this blog

Kubernetes–Limit your environmental impact

Reducing the carbon footprint and CO2 emission of our (cloud) workloads, is a responsibility of all of us. If you are running a Kubernetes cluster, have a look at Kube-Green . kube-green is a simple Kubernetes operator that automatically shuts down (some of) your pods when you don't need them. A single pod produces about 11 Kg CO2eq per year( here the calculation). Reason enough to give it a try! Installing kube-green in your cluster The easiest way to install the operator in your cluster is through kubectl. We first need to install a cert-manager: kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.5/cert-manager.yaml Remark: Wait a minute before you continue as it can take some time before the cert-manager is up & running inside your cluster. Now we can install the kube-green operator: kubectl apply -f https://github.com/kube-green/kube-green/releases/latest/download/kube-green.yaml Now in the namespace where we want t...
Read more

Azure DevOps/ GitHub emoji

I’m really bad at remembering emoji’s. So here is cheat sheet with all emoji’s that can be used in tools that support the github emoji markdown markup: All credits go to rcaviers who created this list.
Read more

DevToys–A swiss army knife for developers

As a developer there are a lot of small tasks you need to do as part of your coding, debugging and testing activities.  DevToys is an offline windows app that tries to help you with these tasks. Instead of using different websites you get a fully offline experience offering help for a large list of tasks. Many tools are available. Here is the current list: Converters JSON <> YAML Timestamp Number Base Cron Parser Encoders / Decoders HTML URL Base64 Text & Image GZip JWT Decoder Formatters JSON SQL XML Generators Hash (MD5, SHA1, SHA256, SHA512) UUID 1 and 4 Lorem Ipsum Checksum Text Escape / Unescape Inspector & Case Converter Regex Tester Text Comparer XML Validator Markdown Preview Graphic Col...
Read more