Microsoft Azure

note

An Upwind account with an associated client credentials.
Admin access to the cloud provider's deployment tools, such as Microsoft Azure Run Command, Amazon Web Services (AWS) Systems Manager, or Google Cloud OS Patch Management.

info

There are two prerequisites for installing the Upwind Sensor on Microsoft Azure:

The Microsoft Azure CLI must be installed on the machine you are using to install the Upwind Sensor.
The Microsoft Azure CLI must be logged into an Azure account that has access to the VM(s) that you are installing the Upwind Sensor on.

Virtual Machines Scale Sets using Microsoft Azure Run Command

The following script gets the IDs of all the instances in the scale set and then runs the Upwind installation command on each instance:

az vmss list-instances \
  --resource-group <resource_group_name> \
  --name <virtual_machine_scalesets_id> \
  --query "[].id" \
  --output tsv | \

az vmss run-command invoke \
  --command-id RunShellScript \
  --ids @- \
  --scripts 'curl -fSsl https://get.upwind.io/agent.sh | \
      UPWIND_CLIENT_ID=<redacted> \
      UPWIND_CLIENT_SECRET=<redacted> \
      bash -s'

Virtual Machines using Microsoft Azure Run Command

Run the Upwind installation command using Microsoft Azure Run Command:

az vm run-command invoke \
  --resource-group <resource_group_name> \
  --name <virtual_machine_name> \
  --command-id RunShellScript \
  --scripts 'curl -fSsl https://get.upwind.io/agent.sh | \
      UPWIND_CLIENT_ID=<redacted> \
      UPWIND_CLIENT_SECRET=<redacted> \
      bash -s'

Installation with Ansible

For automated deployment, you can use Ansible to install the Upwind Sensor on your Azure VMs. Follow these steps:

Prepare Ansible Environment: Ensure you have Ansible installed and configured on your system.
Configure Ansible Playbook: Edit the ansible/upwind.yaml file to specify the target hosts and roles:

---
- hosts: azurevms
  roles:
    - { role: upwind, become: yes }

Set Up Hosts File: In the ansible/hosts/hosts file, define your Azure VMs and credentials:

[all:vars]
ansible_user = <USER_NAME>
ansible_ssh_private_key_file = <PATH_TO_PEM>

[operator]
localhost ansible_connection=local  ansible_python_interpreter=<PATH_TO_PYTHON_INTERPRETER>

[azurevms]
<HOST_NAME> ansible_ssh_user=<USER_NAME> ansible_host=<IP>

Run the Playbook:

ansible-playbook -i hosts/hosts upwind.yaml -vvv

The playbook includes a task to install the Upwind Sensor:

ansible/roles/upwind/tasks/main.yaml
- name: 'Install sensor'
  shell: 'curl -s https://get.upwind.io/agent.sh | UPWIND_CLIENT_ID="${UPWIND_CLIENT_ID}" \
  UPWIND_CLIENT_SECRET="${UPWIND_CLIENT_SECRET}" bash -s'
  args:
    warn: false

Ensure you replace <USER_NAME>, <PATH_TO_PEM>, <PATH_TO_PYTHON_INTERPRETER>, <HOST_NAME>, and <IP> with your specific Azure VM details.

Troubleshooting

Read the Troubleshooting guide for more information on how to troubleshoot the Upwind Sensor installation.

Virtual Machines Scale Sets using Microsoft Azure Run Command​

Virtual Machines using Microsoft Azure Run Command​

Installation with Ansible​

Troubleshooting​

Virtual Machines Scale Sets using Microsoft Azure Run Command

Virtual Machines using Microsoft Azure Run Command

Installation with Ansible

Troubleshooting