Azure · zhoxing-ms · Jun 2, 2022 · Mar 31, 2022 · Apr 1, 2022 · Apr 3, 2022
@@ -167,3 +167,9 @@
 # refer https://docs.microsoft.com/en-us/rest/api/storageservices/
 # naming-and-referencing-containers--blobs--and-metadata#container-names
 CONST_CONTAINER_NAME_MAX_LENGTH = 63
+
+CONST_PERISCOPE_REPO_ORG = "azure"
+CONST_PERISCOPE_CONTAINER_REGISTRY = "mcr.microsoft.com"
+CONST_PERISCOPE_RELEASE_TAG = "v0.9"
+CONST_PERISCOPE_IMAGE_VERSION = "0.0.9"
+CONST_PERISCOPE_NAMESPACE = "aks-periscope"
@@ -852,7 +852,10 @@
             for example, kube-system/deployment/tunnelfront.
         - name: --node-logs
           type: string
-          short-summary: The list of node logs to collect. For example, /var/log/cloud-init.log
+          short-summary: The list of node logs to collect for Linux nodes. For example, /var/log/cloud-init.log
+        - name: --node-logs-windows
+          type: string
+          short-summary: The list of node logs to collect for Windows nodes. For example, C:\\AzureData\\CustomDataSetupScript.log
     examples:
       - name: using storage account name and a shared access signature token with write permission
         text: az aks kollect -g MyResourceGroup -n MyManagedCluster --storage-account MyStorageAccount --sas-token "MySasToken"

@@ -93,6 +93,11 @@
     CONST_MONITORING_LOG_ANALYTICS_WORKSPACE_RESOURCE_ID,
     CONST_MONITORING_USING_AAD_MSI_AUTH,
     CONST_OPEN_SERVICE_MESH_ADDON_NAME,
+    CONST_PERISCOPE_REPO_ORG,
+    CONST_PERISCOPE_CONTAINER_REGISTRY,
+    CONST_PERISCOPE_RELEASE_TAG,
+    CONST_PERISCOPE_IMAGE_VERSION,
+    CONST_PERISCOPE_NAMESPACE,
     CONST_ROTATION_POLL_INTERVAL,
     CONST_SCALE_DOWN_MODE_DELETE,
     CONST_SCALE_SET_PRIORITY_REGULAR,
@@ -1016,7 +1021,8 @@ def aks_kollect(cmd,    # pylint: disable=too-many-statements,too-many-locals
                 sas_token=None,
                 container_logs=None,
                 kube_objects=None,
-                node_logs=None):
+                node_logs=None,
+                node_logs_windows=None):
     colorama.init()
 
     mc = client.get(resource_group_name, name)
@@ -1115,37 +1121,21 @@ def aks_kollect(cmd,    # pylint: disable=too-many-statements,too-many-locals
     container_name = normalized_container_name[:len_of_container_name]
 
     sas_token = sas_token.strip('?')
-    deployment_yaml = _read_periscope_yaml()
-    deployment_yaml = deployment_yaml.replace(
-        "# <accountName, string>", storage_account_name)
-    deployment_yaml = deployment_yaml.replace("# <saskey, base64 encoded>",
-                                              (base64.b64encode(bytes("?" + sas_token, 'ascii'))).decode('ascii'))
-    deployment_yaml = deployment_yaml.replace(
-        "# <containerName, string>", container_name)
-
-    yaml_lines = deployment_yaml.splitlines()
-    for index, line in enumerate(yaml_lines):
-        if "DIAGNOSTIC_CONTAINERLOGS_LIST" in line and container_logs is not None:
-            yaml_lines[index] = line + ' ' + container_logs
-        if "DIAGNOSTIC_KUBEOBJECTS_LIST" in line and kube_objects is not None:
-            yaml_lines[index] = line + ' ' + kube_objects
-        if "DIAGNOSTIC_NODELOGS_LIST" in line and node_logs is not None:
-            yaml_lines[index] = line + ' ' + node_logs
-    deployment_yaml = '\n'.join(yaml_lines)
-
-    fd, temp_yaml_path = tempfile.mkstemp()
-    temp_yaml_file = os.fdopen(fd, 'w+t')
+
+    kustomize_yaml = get_kustomize_yaml(storage_account_name, sas_token, container_name, container_logs, kube_objects, node_logs, node_logs_windows)
+    kustomize_folder = tempfile.mkdtemp()
+    kustomize_file_path = os.path.join(kustomize_folder, "kustomization.yaml")
     try:
-        temp_yaml_file.write(deployment_yaml)
-        temp_yaml_file.flush()
-        temp_yaml_file.close()
+        with os.fdopen(os.open(kustomize_file_path, os.O_RDWR | os.O_CREAT), 'w+t') as kustomize_file:
+            kustomize_file.write(kustomize_yaml)
+
         try:
             print()
-            print("Cleaning up aks-periscope resources if existing")
+            print(f"Cleaning up aks-periscope resources if existing")
 
             subprocess.call(["kubectl", "--kubeconfig", temp_kubeconfig_path, "delete",
                              "serviceaccount,configmap,daemonset,secret",
-                             "--all", "-n", "aks-periscope", "--ignore-not-found"],
+                             "--all", "-n", CONST_PERISCOPE_NAMESPACE, "--ignore-not-found"],
                             stderr=subprocess.STDOUT)
 
             subprocess.call(["kubectl", "--kubeconfig", temp_kubeconfig_path, "delete",
@@ -1165,7 +1155,7 @@ def aks_kollect(cmd,    # pylint: disable=too-many-statements,too-many-locals
 
             subprocess.call(["kubectl", "--kubeconfig", temp_kubeconfig_path, "delete",
                              "--all",
-                             "apd", "-n", "aks-periscope", "--ignore-not-found"],
+                             "apd", "-n", CONST_PERISCOPE_NAMESPACE, "--ignore-not-found"],
                             stderr=subprocess.DEVNULL)
 
             subprocess.call(["kubectl", "--kubeconfig", temp_kubeconfig_path, "delete",
@@ -1174,13 +1164,15 @@ def aks_kollect(cmd,    # pylint: disable=too-many-statements,too-many-locals
                             stderr=subprocess.STDOUT)
 
             print()
-            print("Deploying aks-periscope")
-            subprocess.check_output(["kubectl", "--kubeconfig", temp_kubeconfig_path, "apply", "-f",
-                                     temp_yaml_path, "-n", "aks-periscope"], stderr=subprocess.STDOUT)
+            print(f"Deploying aks-periscope")
+
+            subprocess.check_output(["kubectl", "--kubeconfig", temp_kubeconfig_path, "apply", "-k",
+                                     kustomize_folder, "-n", CONST_PERISCOPE_NAMESPACE], stderr=subprocess.STDOUT)
         except subprocess.CalledProcessError as err:
             raise CLIError(err.output)
     finally:
-        os.remove(temp_yaml_path)
+        os.remove(kustomize_file_path)
+        os.rmdir(kustomize_folder)
 
     print()
 
@@ -1204,14 +1196,53 @@ def aks_kollect(cmd,    # pylint: disable=too-many-statements,too-many-locals
         display_diagnostics_report(temp_kubeconfig_path)
 
 
-def _read_periscope_yaml():
-    curr_dir = os.path.dirname(os.path.realpath(__file__))
-    periscope_yaml_file = os.path.join(
-        curr_dir, "deploymentyaml", "aks-periscope.yaml")
-    yaml_file = open(periscope_yaml_file, "r")
-    data_loaded = yaml_file.read()
+def get_kustomize_yaml(storage_account_name,
+                       sas_token,
+                       container_name,
+                       container_logs=None,
+                       kube_objects=None,
+                       node_logs_linux=None,
+                       node_logs_windows=None):
+    diag_config_vars = {
+        'DIAGNOSTIC_CONTAINERLOGS_LIST': container_logs,
+        'DIAGNOSTIC_KUBEOBJECTS_LIST': kube_objects,
+        'DIAGNOSTIC_NODELOGS_LIST_LINUX': node_logs_linux,
+        'DIAGNOSTIC_NODELOGS_LIST_WINDOWS': node_logs_windows
+    }
 
-    return data_loaded
+    # Create YAML list items for each config variable that has a value
+    diag_content = "\n".join(f'  - {k}="{v}"' for k, v in diag_config_vars.items() if v is not None)
+
+    # Build a Kustomize overlay referencing a base for a known release, and using the images from MCR
+    # for that release.
+    return f"""
+resources:
+- https://github.com/{CONST_PERISCOPE_REPO_ORG}/aks-periscope//deployment/base?ref={CONST_PERISCOPE_RELEASE_TAG}
+
+namespace: {CONST_PERISCOPE_NAMESPACE}
+
+images:
+- name: periscope-linux
+  newName: {CONST_PERISCOPE_CONTAINER_REGISTRY}/aks/periscope
+  newTag: {CONST_PERISCOPE_IMAGE_VERSION}
+- name: periscope-windows
+  newName: {CONST_PERISCOPE_CONTAINER_REGISTRY}/aks/periscope-win
+  newTag: {CONST_PERISCOPE_IMAGE_VERSION}
+
+configMapGenerator:
+- name: diagnostic-config
+  behavior: merge
+  literals:
+{diag_content}
+
+secretGenerator:
+- name: azureblob-secret
+  behavior: replace
+  literals:
+  - AZURE_BLOB_ACCOUNT_NAME={storage_account_name}
+  - AZURE_BLOB_SAS_KEY=?{sas_token}
+  - AZURE_BLOB_CONTAINER_NAME={container_name}
+"""
 
 
 def aks_kanalyze(cmd, client, resource_group_name, name):
@@ -2595,7 +2626,7 @@ def display_diagnostics_report(temp_kubeconfig_path):   # pylint: disable=too-ma
         if not apds_created:
             apd = subprocess.check_output(
                 ["kubectl", "--kubeconfig", temp_kubeconfig_path, "get",
-                    "apd", "-n", "aks-periscope", "--no-headers"],
+                    "apd", "-n", CONST_PERISCOPE_NAMESPACE, "--no-headers"],
                 universal_newlines=True
             )
             apd_lines = apd.splitlines()
@@ -2619,14 +2650,14 @@ def display_diagnostics_report(temp_kubeconfig_path):   # pylint: disable=too-ma
                     network_config = subprocess.check_output(
                         ["kubectl", "--kubeconfig", temp_kubeconfig_path,
                          "get", "apd", apdName, "-n",
-                         "aks-periscope", "-o=jsonpath={.spec.networkconfig}"],
+                         CONST_PERISCOPE_NAMESPACE, "-o=jsonpath={.spec.networkconfig}"],
                         universal_newlines=True)
                     logger.debug('Dns status for node %s is %s',
                                  node_name, network_config)
                     network_status = subprocess.check_output(
                         ["kubectl", "--kubeconfig", temp_kubeconfig_path,
                          "get", "apd", apdName, "-n",
-                         "aks-periscope", "-o=jsonpath={.spec.networkoutbound}"],
+                         CONST_PERISCOPE_NAMESPACE, "-o=jsonpath={.spec.networkoutbound}"],
                         universal_newlines=True)
                     logger.debug('Network status for node %s is %s',
                                  node_name, network_status)