The following post is your step-by-step guide for how to monitor an Azure Linux server using SCOM R2. Make sure the SCOM requirements are met before preceding.
- You have SCOM environment and you are already monitoring Azure Windows servers which are present in different subscriptions using SCOM with Certificate based authentication.
Steps to Monitor Linux Servers:
- Since our SCOM and Linux servers are in different network where there is no VPN/tunnel connectivity between them
- We need to install the SCOM agent manually in the Linux servers
- Change the name of the certificate in the Linux server
- Discovery and management of the Linux server
To Install the Agent on DPKG-based Universal Linux Servers (Debian and Ubuntu):
- Transfer the agent (scx-<version>-universald-<arch>.deb) to the Linux server. This should be done via SCP or FTP in binary mode.
- To install the package, type:
dpkg -i scx-<version>-universald-<arch>.deb
- To verify that the package is installed, type:
dpkg -l scx
- To verify that the Microsoft SCX CIM Server is running, type:
To Install the Agent on Red Hat Enterprise Linux and SUSE Linux Enterprise Server:
- Transfer the agent (scx-<version>-<os>-<arch>.rpm, this source file will be available in the scom server) to the Linux server, type: scx-<version>-<os>-<arch>.rpm
- To install the package, type: rpm -i scx-<version>-<os>-<arch>.rpm
- To verify that the package is installed, type: rpm -q scx
- To verify that the Microsoft SCX CIM Server is running, type: service omiserver status
Actions Needed to Perform in SCOM Servers:
- Cross Platform Extensions uses an SSL Certificate for WS-Management Communication between the Operations Manager management server and the remote UNIX or Linux computer.
- For this certificate to be valid, the common name (CN) that is used in the certificate must match the fully qualified domain name (FQDN) that is resolved by Operations Manager.
- In order to monitor Linux servers, certificate name should match with the following requirement hostname.cloudapp.net
- In Linux, by default certificate will be created with hostname only and not with the domain name.
To Change the Name on the Certificate:
- If the certificate was created with an incorrect name, you can change the host name and re-create the certificate and private key. To do this, run the following command on the UNIX or Linux computer:
/opt/microsoft/scx/bin/tools/scxsslconfig -f -h <hostname> -d <domain.name>
In our case domain name is “cloudapp.net”
- Restart the agent by running the following command: /opt/Microsoft/scx/bin/tools/scxadmin –restart
Discovery of Linux Server and Deploy Agents:
- In the Operations Manager console navigate to Administration then expand Administration and then expand Device Management. Select UNIX/Linux Computers and right click and select Discovery Wizard.
- When the discovery wizard opens select UNIX/Linux Computers and select Next.
- Under Discovery Criteria add the discover scope. The scope can be the FQDN of a system, a single IP, or a range of IPs. Please specify the Public IP address as well full FQDN of that Virtual Machine (hostname.cloudapp.net).
- Next select the Discovery type and finally the credentials that will be used to contact and install the agent on the system. Select Save when finished.
- In the next wizard, select a target resource pool and select Discover.
- Once the UNIX/Linux systems are discovered check the systems you want to install the agent on and select Manage.
- Since we have already installed the agent manually, it will sync with the server and gather all the necessary information. Once all the actions are completed we will be able to see the status as successful in the Discover wizard.
Post Agent Deployment:
- Once the agents are installed, wait a few minutes for data to populate.
- In the Operations Manager console select Monitoring from the bottom left and select the UNIX/Linux Computers view to see the current status of the Linux server.