feat: container monitoring addon supports other Azure clouds

cmd/deploy.go

@@ -358,7 +358,20 @@ func autofillApimodel(dc *deployCmd) error {
 
 	if k8sConfig != nil && k8sConfig.Addons != nil && k8sConfig.IsContainerMonitoringAddonEnabled() {
 		log.Infoln("container monitoring addon enabled")
-		err := dc.configureContainerMonitoringAddon(ctx, k8sConfig)
+		var workspaceDomain string
+		cloudspecConfig := dc.containerService.GetCloudSpecConfig()
+		switch cloudspecConfig.CloudName {
+		case "AzurePublicCloud":
+			workspaceDomain = "opinsights.azure.com"
+		case "AzureChinaCloud":
+			workspaceDomain = "opinsights.azure.cn"
+		case "AzureUSGovernmentCloud":
+			workspaceDomain = "opinsights.azure.us"
+		default:
+			return errors.Wrapf(err, "apimodel: container monitoring addon not supported in this cloud: %s", cloudspecConfig.CloudName)
+		}
+
+		err := dc.configureContainerMonitoringAddon(ctx, k8sConfig, workspaceDomain)
 		if err != nil {
 			return errors.Wrap(err, "Failed to configure container monitoring addon")
 		}
@@ -449,11 +462,12 @@ func (dc *deployCmd) run() error {
 }
 
 // configure api model addon config with container monitoring addon
-func (dc *deployCmd) configureContainerMonitoringAddon(ctx context.Context, k8sConfig *api.KubernetesConfig) error {
+func (dc *deployCmd) configureContainerMonitoringAddon(ctx context.Context, k8sConfig *api.KubernetesConfig, workspaceDomain string) error {
 	log.Infoln("configuring container monitoring addon info")
 	if k8sConfig == nil {
 		return errors.New("KubernetesConfig either null or invalid")
 	}
+
 	var workspaceResourceID string
 	var err error
 	addon := k8sConfig.GetAddonByName("container-monitoring")
@@ -501,15 +515,18 @@ func (dc *deployCmd) configureContainerMonitoringAddon(ctx context.Context, k8sC
 				addon.Config["workspaceGuid"] = base64.StdEncoding.EncodeToString([]byte(wsID))
 				addon.Config["workspaceKey"] = base64.StdEncoding.EncodeToString([]byte(wsKey))
 				addon.Config["logAnalyticsWorkspaceResourceId"] = workspaceResourceID
+				addon.Config["workspaceDomain"] = base64.StdEncoding.EncodeToString([]byte(workspaceDomain))
 			}
 		}
 
 	} else {
-		log.Infoln("using provided workspaceGuid and workspaceKey in the container addon config")
+		log.Infoln("using provided workspaceGuid, workspaceKey in the container addon config")
 		workspaceGUID := addon.Config["workspaceGuid"]
 		workspaceKey := addon.Config["workspaceKey"]
+		addon.Config["workspaceDomain"] = base64.StdEncoding.EncodeToString([]byte(workspaceDomain))
 		log.Infoln("workspaceGuid:", workspaceGUID)
 		log.Infoln("workspaceKey:", workspaceKey)
+		log.Infoln("workspaceDomain:", workspaceDomain)
 	}
 	return nil
 }

parts/k8s/containeraddons/1.16/kubernetesmasteraddons-omsagent-daemonset.yaml

@@ -10,6 +10,7 @@ type: Opaque
 data:
   WSID: "{{ContainerConfig "workspaceGuid"}}"
   KEY: "{{ContainerConfig "workspaceKey"}}"
+  DOMAIN: "{{ContainerConfig "workspaceDomain"}}"
 ---
 apiVersion: v1
 kind: ServiceAccount
@@ -321,7 +322,7 @@ spec:
                 fieldRef:
                   fieldPath: status.hostIP
             - name: ACS_RESOURCE_NAME
-              value: {{ContainerConfig "clusterName"}}            
+              value: {{ContainerConfig "clusterName"}}
             - name: CONTROLLER_TYPE
               value: "DaemonSet"
             - name: ISTEST
@@ -356,7 +357,7 @@ spec:
               name: omsagent-secret
               readOnly: true
             - mountPath: /etc/config/settings
-              name: settings-vol-config  
+              name: settings-vol-config
       nodeSelector:
         beta.kubernetes.io/os: linux
       tolerations:
@@ -389,7 +390,7 @@ spec:
         - name: settings-vol-config
           configMap:
             name: container-azm-ms-agentconfig
-            optional: true    
+            optional: true
   updateStrategy:
     type: RollingUpdate
 ---
@@ -437,7 +438,7 @@ spec:
                 fieldRef:
                   fieldPath: status.hostIP
             - name: ACS_RESOURCE_NAME
-              value: {{ContainerConfig "clusterName"}}            
+              value: {{ContainerConfig "clusterName"}}
             - name: CONTROLLER_TYPE
               value: "ReplicaSet"
             - name: ISTEST
@@ -464,7 +465,7 @@ spec:
             - mountPath : /etc/config
               name: omsagent-rs-config
             - mountPath: /etc/config/settings
-              name: settings-vol-config              
+              name: settings-vol-config
           livenessProbe:
             exec:
               command:
@@ -501,4 +502,4 @@ spec:
         - name: settings-vol-config
           configMap:
             name: container-azm-ms-agentconfig
-            optional: true    
+            optional: true

parts/k8s/containeraddons/kubernetesmasteraddons-omsagent-daemonset.yaml

@@ -10,6 +10,7 @@ type: Opaque
 data:
   WSID: "{{ContainerConfig "workspaceGuid"}}"
   KEY: "{{ContainerConfig "workspaceKey"}}"
+  DOMAIN: "{{ContainerConfig "workspaceDomain"}}"
 ---
 apiVersion: v1
 kind: ServiceAccount
@@ -321,7 +322,7 @@ spec:
                 fieldRef:
                   fieldPath: status.hostIP
             - name: ACS_RESOURCE_NAME
-              value: {{ContainerConfig "clusterName"}}            
+              value: {{ContainerConfig "clusterName"}}
             - name: CONTROLLER_TYPE
               value: "DaemonSet"
             - name: ISTEST
@@ -356,7 +357,7 @@ spec:
               name: omsagent-secret
               readOnly: true
             - mountPath: /etc/config/settings
-              name: settings-vol-config  
+              name: settings-vol-config
       nodeSelector:
         beta.kubernetes.io/os: linux
       tolerations:
@@ -389,7 +390,7 @@ spec:
         - name: settings-vol-config
           configMap:
             name: container-azm-ms-agentconfig
-            optional: true    
+            optional: true
   updateStrategy:
     type: RollingUpdate
 ---
@@ -437,7 +438,7 @@ spec:
                 fieldRef:
                   fieldPath: status.hostIP
             - name: ACS_RESOURCE_NAME
-              value: {{ContainerConfig "clusterName"}}            
+              value: {{ContainerConfig "clusterName"}}
             - name: CONTROLLER_TYPE
               value: "ReplicaSet"
             - name: ISTEST
@@ -464,7 +465,7 @@ spec:
             - mountPath : /etc/config
               name: omsagent-rs-config
             - mountPath: /etc/config/settings
-              name: settings-vol-config              
+              name: settings-vol-config
           livenessProbe:
             exec:
               command:
@@ -501,4 +502,4 @@ spec:
         - name: settings-vol-config
           configMap:
             name: container-azm-ms-agentconfig
-            optional: true    
+            optional: true

pkg/api/addons.go

@@ -5,6 +5,7 @@ package api
 
 import (
 	"strconv"
+	"strings"
 
 	"github.com/Azure/go-autorest/autorest/to"
 
@@ -20,6 +21,10 @@ func (cs *ContainerService) setAddonsConfig(isUpdate bool) {
 	cloudSpecConfig := cs.GetCloudSpecConfig()
 	k8sComponents := K8sComponentsByVersionMap[o.OrchestratorVersion]
 	specConfig := cloudSpecConfig.KubernetesSpecConfig
+	omsagentImage := "mcr.microsoft.com/azuremonitor/containerinsights/ciprod:ciprod07092019"
+	if strings.EqualFold(cloudSpecConfig.CloudName, "AzureChinaCloud") {
+		omsagentImage = "dockerhub.azk8s.cn/microsoft/oms:ciprod07092019"
+	}
 	defaultsHeapsterAddonsConfig := KubernetesAddon{
 		Name:    HeapsterAddonName,
 		Enabled: to.BoolPtr(DefaultHeapsterAddonEnabled && !common.IsKubernetesVersionGe(o.OrchestratorVersion, "1.13.0")),
@@ -220,7 +225,7 @@ func (cs *ContainerService) setAddonsConfig(isUpdate bool) {
 				MemoryRequests: "225Mi",
 				CPULimits:      "150m",
 				MemoryLimits:   "600Mi",
-				Image:          "mcr.microsoft.com/azuremonitor/containerinsights/ciprod:ciprod07092019",
+				Image:          omsagentImage,
 			},
 		},
 	}

pkg/armhelpers/azurestack/loganalytics.go

@@ -161,7 +161,7 @@ func (az *AzureClient) GetLogAnalyticsWorkspaceInfo(ctx context.Context, workspa
 
 // AddContainerInsightsSolution adds container insights solution for the specified log analytics workspace
 func (az *AzureClient) AddContainerInsightsSolution(ctx context.Context, workspaceSubscriptionID, workspaceResourceGroup, workspaceName, workspaceLocation string) (result bool, err error) {
-	solutionClient := om.NewSolutionsClient(workspaceSubscriptionID, "Microsoft.OperationalInsights", "workspaces", workspaceName)
+	solutionClient := om.NewSolutionsClientWithBaseURI(az.environment.ResourceManagerEndpoint, workspaceSubscriptionID, "Microsoft.OperationalInsights", "workspaces", workspaceName)
 	solutionClient.Authorizer = az.workspacesClient.Authorizer
 
 	solutionName := "ContainerInsights(" + workspaceName + ")"

pkg/armhelpers/loganalytics.go

@@ -89,6 +89,14 @@ func (az *AzureClient) EnsureDefaultLogAnalyticsWorkspace(ctx context.Context, r
 		"chinanorth2": "chinaeast2",
 	}
 
+	AzureFairfaxLocationToOmsRegionCodeMap := map[string]string{
+		"usgovvirginia": "USGV",
+	}
+
+	AzureFairfaxRegionToOmsRegionMap := map[string]string{
+		"usgovvirginia": "usgovvirginia",
+	}
+
 	defaultWorkspaceRegion := "eastus"
 	defaultWorkspaceRegionCode := "EUS"
 
@@ -115,6 +123,19 @@ func (az *AzureClient) EnsureDefaultLogAnalyticsWorkspace(ctx context.Context, r
 			defaultWorkspaceRegionCode = "EAST2"
 		}
 
+	case "AzureUSGovernmentCloud":
+		if region, found := AzureFairfaxLocationToOmsRegionCodeMap[location]; found {
+			defaultWorkspaceRegion = region
+		} else {
+			defaultWorkspaceRegion = "usgovvirginia"
+		}
+
+		if regionCode, found := AzureFairfaxRegionToOmsRegionMap[defaultWorkspaceRegion]; found {
+			defaultWorkspaceRegionCode = regionCode
+		} else {
+			defaultWorkspaceRegionCode = "USGV"
+		}
+
 	default:
 		return "", fmt.Errorf("container monitoring addon not supported in this cloud: %s", az.environment.Name)
 	}
@@ -203,7 +224,7 @@ func (az *AzureClient) GetLogAnalyticsWorkspaceInfo(ctx context.Context, workspa
 
 // AddContainerInsightsSolution adds container insights solution for the specified log analytics workspace
 func (az *AzureClient) AddContainerInsightsSolution(ctx context.Context, workspaceSubscriptionID, workspaceResourceGroup, workspaceName, workspaceLocation string) (result bool, err error) {
-	solutionClient := om.NewSolutionsClient(workspaceSubscriptionID, "Microsoft.OperationalInsights", "workspaces", workspaceName)
+	solutionClient := om.NewSolutionsClientWithBaseURI(az.environment.ResourceManagerEndpoint, workspaceSubscriptionID, "Microsoft.OperationalInsights", "workspaces", workspaceName)
 	solutionClient.Authorizer = az.workspacesClient.Authorizer
 
 	solutionName := "ContainerInsights(" + workspaceName + ")"