Microsoft Azure
- An Upwind account with an associated client credentials.
- Admin access to the cloud provider's deployment tools, such as Microsoft Azure Run Command, Amazon Web Services (AWS) Systems Manager, or Google Cloud (GCP) OS Patch Management.
There are two prerequisites for installing the Upwind Sensor on Microsoft Azure:
- The Microsoft Azure CLI must be installed on the machine you are using to install the Upwind Sensor.
- The Microsoft Azure CLI must be logged into an Azure account that has access to the VM(s) that you are installing the Upwind Sensor on.
Virtual Machines Scale Sets using Microsoft Azure Run Command
The following script gets the IDs of all the instances in the scale set and then runs the Upwind installation command on each instance:
az vmss list-instances \
--resource-group <resource_group_name> \
--name <virtual_machine_scalesets_id> \
--query "[].id" \
--output tsv | \
az vmss run-command invoke \
--command-id RunShellScript \
--ids @- \
--scripts 'curl -fSsl https://get.upwind.io/agent.sh | \
UPWIND_CLIENT_ID=<redacted> \
UPWIND_CLIENT_SECRET=<redacted> \
bash -s'
Virtual Machines using Microsoft Azure Run Command
- Run the Upwind installation command using Microsoft Azure Run Command:
az vm run-command invoke \
--resource-group <resource_group_name> \
--name <virtual_machine_name> \
--command-id RunShellScript \
--scripts 'curl -fSsl https://get.upwind.io/agent.sh | \
UPWIND_CLIENT_ID=<redacted> \
UPWIND_CLIENT_SECRET=<redacted> \
bash -s'
Installation with Ansible
For automated deployment, you can use Ansible to install the Upwind Sensor on your Azure VMs. Follow these steps:
-
Prepare Ansible Environment: Ensure you have Ansible installed and configured on your system.
-
Configure Ansible Playbook: Edit the
ansible/upwind.yamlfile to specify the target hosts and roles:
---
- hosts: azurevms
roles:
- { role: upwind, become: yes }
- Set Up Hosts File:
In the
ansible/hosts/hostsfile, define your Azure VMs and credentials:
[all:vars]
ansible_user = <USER_NAME>
ansible_ssh_private_key_file = <PATH_TO_PEM>
[operator]
localhost ansible_connection=local ansible_python_interpreter=<PATH_TO_PYTHON_INTERPRETER>
[azurevms]
<HOST_NAME> ansible_ssh_user=<USER_NAME> ansible_host=<IP>
- Run the Playbook:
ansible-playbook -i hosts/hosts upwind.yaml -vvv
The playbook includes a task to install the Upwind Sensor:
ansible/roles/upwind/tasks/main.yaml
- name: 'Install sensor'
shell: 'curl -s https://get.upwind.io/agent.sh | UPWIND_CLIENT_ID="${UPWIND_CLIENT_ID}" \
UPWIND_CLIENT_SECRET="${UPWIND_CLIENT_SECRET}" bash -s'
args:
warn: false
Ensure you replace <USER_NAME>, <PATH_TO_PEM>, <PATH_TO_PYTHON_INTERPRETER>, <HOST_NAME>, and <IP> with your specific Azure VM details.
Troubleshooting
Read the Troubleshooting guide for more information on how to troubleshoot the Upwind Sensor installation.