F5 NGINXaaS for Azure: Monitoring and Metrics
Welcome back to the series on F5 NGINXaaS for Azure. In previous articles, we covered how to deploy NGINX to your Azure environment and integrate with services like Azure Key Vault and Azure Function. Today we’ll look at Azure Monitor and show how NGINX publishes metrics into the Azure Monitor data platform.
Topics Covered:
What is NGINXaaS for Azure?
NGINXaaS, powered by NGINX Plus, is a fully managed service on Azure that removes the burden of having to deploy your own NGINX Plus cluster, install libraries, upgrade, and manage it. This is the first time that both Microsoft and F5 co-developed first-party like experience as a service that is tightly integrated with the Azure ecosystem to provide you with more options in your architecture in the cloud when selecting a load balancer or reverse proxy with pay-as-you-use pricing.
NGINXaaS for Azure Monitoring Explained
There are a few requirements to get started publishing NGINX application telemetry to Azure Monitor.
Like other resources in Azure, the NGINX deployment will need access to services like Azure Monitor. The use of managed identities accomplishes this for us in a secure manner. You must add a managed identity to the NGINX deployment with “Monitoring Metrics Publisher” role, and then you need to enable metrics. This allows the NGINX deployment to publish metrics to Azure Monitor.
Getting Started
We will be using knowledge from previous articles to continue our NGINX adventures. First, we need an NGINXaaS for Azure deployment. There are a few options for you to explore.
Option #1 - Click Ops (easy)
If clicking through the Azure portal is your preference, see the first article. This path will result in a simple NGINX deployment and simple return page. There are no backend pool members, so you will need to bring you own application.
Option #2 - Terraform Code on GitHub (advanced)
Warning! Advanced use case!
If you prefer an automated method with Terraform code examples, see F5 NGINXaaS for Azure: Multi-Region Architecture. This path utilizes infrastructure as code to deploy NGINX with Terraform and Azure ARM deployments, and it includes backend application servers (upstreams) placed into VM Scale Sets (VMSS). This is considered a full stack demo, and it also incorporates CI/CD to help orchestrate the configurations by using VMSS notify events and Azure Functions to rebuild nginx.conf.
Monitoring
If you chose option #1 (click-ops), you will need to add a managed identity and enable monitoring. The Terraform option #2 does it automatically. In the end, it should look something like this...
Generate some traffic to help the graphs look nice! After a while, NGINX metrics will appear in the Azure Monitor. The statistics are categorized into namespaces like connections, request, upstream, SSL, and cache. You can view them in the NGINX deployment > Monitoring > Metrics, create dashboards, and create alerts.
In order to see NGINX Plus advanced statistics in Azure Monitor, shared memory zones need to be enabled in the nginx.conf for items of interest. For example, collecting data for upstreams looks like this.
upstream app1 {
zone app1 64k;
server 10.100.0.5:80;
server 10.101.0.5:80 backup;
}
upstream app1-west {
zone app1-west 64k;
server 10.100.0.5:80;
}
upstream app1-east {
zone app1-east 64k;
server 10.101.0.5:80;
}
Now you can filter on upstream `Name` and create advanced charts.
Summary
This article was an overview of the NGINXaaS for Azure monitoring and metrics capabilities. I shared details how to publish NGINX metrics to Azure monitoring and make customized charts with filters. There are many more metrics available for NGINXaaS for Azure, so make sure to check out the resource links at the bottom of this article.
Contact us with any questions or requirements. We would love to hear from you!