Auto-discovery of AKS Clusters

jss2 · ‎12-25-2023

Hi all, I am currently having problems with the AKS technology when we are trying to discover all the objects running in the AKS. Diving in the ITOM articles I found an article very well explained about an example of EKS https://www.servicenow.com/community/itom-articles/auto-discovery-of-eks-clusters/ta-p/2320753

In my case, I would like to have an article or clear instructions to set up this up containing MID Server & AKS Configuration.

Please, don’t answer me with the official documentation because we have read this documentation a lot of times In my opinion it is a documentation with little detail and I think it is necessary to rewrite this point because despite the different versions the content is the same.

Besides, we opened a support ticket to clarify this point and we had no answer about it. So, this is the last chance to know how to handle with this problem.

Any help it would be fantastic, 🙂

Take into consideration: we are in the version 1.6.0 D&SM pluging and the discovery schedules are being created automatically, so we meet the prerequisites.

Venky VA · ‎12-26-2023

Kubernetes auto schedules are created means cloud discovery is working fine and system properties needed for Kubernetes are enabled.

To make Kubernetes cluster discovery work via auto schedule you need to configure mid server as below.

Login[SSH] into your mid server linux host.
Install the azure-cli on your mid server.
From mid server command line execute command az login.
1. Login using credentials which has access to subscription and Kubernetes clusters.
Run Kubernetes discovery from cluster auto schedule.

For the azure side settings for AKS please refer following document.

https://learn.microsoft.com/en-us/azure/aks/enable-authentication-microsoft-entra-id

jss2 · ‎12-28-2023

Hi Venky VA, thank you for your answer. I tell you our steps:

1) We have executed the command PS C:\> az --version and the outcome is azure-cli 2.54.0 * (good)

2) We have executed the command PS C:\> az login --service-principal --username yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy --password xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx --tenant xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and the outcome is fine. I can not put the outcome for security topic.

3) We have executed a kubernetes discovery and we get the folllowing error in the display log:

In the identification section > get namespaces step

2023-12-21 15:11:27: Running local command: az aks get-credentials --name XXXX --overwrite-existing --resource-group XXXX --file -

2023-12-21 15:11:29: Command stderr: ERROR: Please run 'az login' to setup account.

Please, What are we doing bad? Regards

Venky VA · ‎01-01-2024

can you please check your Kubernetes discovery schedule is using az-cli configured mid server?

can you run this command on your mid server with proper values for XXXX .

az aks get-credentials --name XXXX --overwrite-existing --resource-group XXXX

Community Alums · ‎12-24-2024

Hi @jss2 @Venky VA ,

We recently encountered a similar issue after installing the Azure CLI. While I was able to execute the az login commands from the command prompt using my account, we faced challenges running the same commands through the MID Server.

To resolve this, we configured the environment variables on our Windows MID Server to include the Azure CLI path. This configuration successfully resolved the issue.

Additionally, I was able to run the az login command from the debug mode in the pattern designer without any problems.

Regards,

Srinija

Regards,

Srinija