Skip to main content

dotnet monitor–Run as a sidecar in a Kubernetes cluster–Part 2

Last week I blogged about how you can run dotnet monitor as a sidecar in your Kubernetes cluster. Although the yaml file I shared worked on my local cluster (inside Minikube), it didn’t work when I tried to deploy it to AKS. Nothing happened when I tried to connect to the specified URL’s.

To fix this I had to take multiple steps:

  • First I had to explicitly set the ‘—urls’ argument inside the manifest:
apiVersion: apps/v1
kind: Deployment
metadata:
name: dotnet-monitor-example
spec:
replicas: 1
selector:
matchLabels:
app: dotnet-monitor-example
template:
metadata:
labels:
app: dotnet-monitor-example
spec:
volumes:
- name: diagnostics
emptyDir: {}
containers:
- name: server
image: mcr.microsoft.com/dotnet/core/samples:aspnetapp
ports:
- containerPort: 80
volumeMounts:
- mountPath: /tmp
name: diagnostics
- name: sidecar
image: mcr.microsoft.com/dotnet/monitor:5.0.0-preview.5
ports:
- containerPort: 52323
args: ["--urls", "http://*:52323", "--metricUrls", "http://*:52325"]
volumeMounts:
- name: diagnostics
mountPath: /tmp
view raw dotnetmonitorupdated.yaml hosted with ❤ by GitHub
  • Now I was able to connect to the url but it still failed. When I took a look at the logs I noticed the following message:

{"Timestamp":"2021-07-27T18:48:29.6522095Z","EventId":7,"LogLevel":"Information","Category":"Microsoft.Diagnostics.Tools.Monitor.ApiKeyAuthenticationHandler","Message":"MonitorApiKey was not authenticated. Failure message: API key authentication not configured.","State":{"Message":"MonitorApiKey was not authenticated. Failure message: API key authentication not configured.","AuthenticationScheme":"MonitorApiKey","FailureMessage":"API key authentication not configured.","{OriginalFormat}":"{AuthenticationScheme} was not authenticated. Failure message: {FailureMessage}"},"Scopes":[{"Message":"ConnectionId:0HMAH5RL3D6BM","ConnectionId":"0HMAH5RL3D6BM"},{"Message":"RequestPath:/processes RequestId:0HMAH5RL3D6BM:00000001, SpanId:|fe3ec0c2-46980a5b9b2602e2., TraceId:fe3ec0c2-46980a5b9b2602e2, ParentId:","RequestId":"0HMAH5RL3D6BM:00000001","RequestPath":"/processes","SpanId":"|fe3ec0c2-46980a5b9b2602e2.","TraceId":"fe3ec0c2-46980a5b9b2602e2","ParentId":""}]}

  • We need to create an API key secret and mount it as a volume to our sidecar. Here is the code to generate a secret:
kubectl create secret generic apikey \
  --from-literal=ApiAuthentication__ApiKeyHash=$hash \
  --from-literal=ApiAuthentication__ApiKeyHashType=SHA256 \
  --dry-run=client -o yaml \
  | kubectl apply -f -
  • Now we need to mount the secret as a volume. Here is the updated manifest:
apiVersion: apps/v1
kind: Deployment
metadata:
name: dotnet-monitor-example
spec:
replicas: 1
selector:
matchLabels:
app: dotnet-monitor-example
template:
metadata:
labels:
app: dotnet-monitor-example
spec:
volumes:
- name: diagnostics
emptyDir: {}
- name: apikey
secret:
secretName: apikey
containers:
- name: server
image: mcr.microsoft.com/dotnet/core/samples:aspnetapp
ports:
- containerPort: 80
volumeMounts:
- mountPath: /tmp
name: diagnostics
- name: sidecar
image: mcr.microsoft.com/dotnet/monitor:5.0.0-preview.5
ports:
- containerPort: 52323
args: ["--urls", "http://*:52323", "--metricUrls", "http://*:52325"]
volumeMounts:
- name: diagnostics
mountPath: /tmp
- name: apikey
mountPath: /etc/dotnet-monitor
view raw dotnetmonitorsecret.yaml hosted with ❤ by GitHub

If you want to learn more, I could recommend the following video as a good introduction:

Labels

Labels:

Popular posts from this blog

Kubernetes–Limit your environmental impact

Reducing the carbon footprint and CO2 emission of our (cloud) workloads, is a responsibility of all of us. If you are running a Kubernetes cluster, have a look at Kube-Green . kube-green is a simple Kubernetes operator that automatically shuts down (some of) your pods when you don't need them. A single pod produces about 11 Kg CO2eq per year( here the calculation). Reason enough to give it a try! Installing kube-green in your cluster The easiest way to install the operator in your cluster is through kubectl. We first need to install a cert-manager: kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.5/cert-manager.yaml Remark: Wait a minute before you continue as it can take some time before the cert-manager is up & running inside your cluster. Now we can install the kube-green operator: kubectl apply -f https://github.com/kube-green/kube-green/releases/latest/download/kube-green.yaml Now in the namespace where we want t...
Read more

Azure DevOps/ GitHub emoji

I’m really bad at remembering emoji’s. So here is cheat sheet with all emoji’s that can be used in tools that support the github emoji markdown markup: All credits go to rcaviers who created this list.
Read more

.NET 9 - Goodbye sln!

Although the csproj file evolved and simplified a lot over time, the Visual Studio solution file (.sln) remained an ugly file format full of magic GUIDs. With the latest .NET 9 SDK(9.0.200), we finally got an alternative; a new XML-based solution file(.slnx) got introduced in preview. So say goodbye to this ugly sln file: And meet his better looking slnx brother instead: To use this feature we first have to enable it: Go to Tools -> Options -> Environment -> Preview Features Check the checkbox next to Use Solution File Persistence Model Now we can migrate an existing sln file to slnx using the following command: dotnet sln migrate AICalculator.sln .slnx file D:\Projects\Test\AICalculator\AICalculator.slnx generated. Or create a new Visual Studio solution using the slnx format: dotnet new sln --format slnx The template "Solution File" was created successfully. The new format is not yet recognized by VSCode but it does work in Jetbr...
Read more