Comments (5)
Hey @carlin-q-scott, thank you so much for letting me know your situation. Here's an idea: write your own startup library, and have all your projects reference to it. Today, it starts up Application Insights without credentials. And in the future, when you are ready to turn it on, release a new version of the library and ask the various projects to bump up the versions. Will that address your concern?
You are right that it isn't too good an idea for us to assume the token provider. But you shall be able to do it in your library because you will know the concretes.
from applicationinsights-kubernetes.
Hi @carlin-q-scott, this is an interesting question. The question actually roots to whether can we turn on DefaultAzureCredential
for application insights without code, right?
How do you use DefaultAzureCrednetial normally? Is there any code involved?
from applicationinsights-kubernetes.
Yes, I have to set the token credential on the telemetry configuration using this code:
appBuilder.Services
.Configure<TelemetryConfiguration>(config =>
{
config.SetAzureTokenCredential(new DefaultAzureCredential());
})
At least that's what the documentation says. You'd think that it would be used by default considering the name though. I'm unsure if I can call that method to set credentials for the auto instrumentation.
from applicationinsights-kubernetes.
Hey @carlin-q-scott, sorry for the late reply.
Let's check what the issue is. To setup token credential for application insights (for managed identity or any other token auth), we need to have access to 2 libraries at the same time: Microsoft.ApplicationInsights & Azure.Identity.
In hosting startup scenario (zero code light up), we will have to have both on the dependency tree to make it work, and then there has to be code to set the token credential like the code you shared above.
Then, there could be an environment variable to decide whether to turn it on or off.
Could be some code here.
Technically, I believe it is doable.
That said, I'd rather keep zero code startup as simple as possible - less dependency, less code. Looking for a sweet spot.
Question for you: what attracts you to the Zero Code Lightup? TBH, it is more like a magic, not easy to debug, and more unpredictable than the normal experience. Do you have a scenario that Zero Code Lightup is a must? Please help me understand it, thanks!
from applicationinsights-kubernetes.
Zero Code is nice to have for me. I like the idea of the Kubernetes App Insights operator that will inject the agent where applicable so that developers can focus on their code and not instrumentation for hosted environments. Currently I'm not enforcing auth for my App Insights workspace because the endpoint and key are not exposed publicly. But eventually they will be. So at that time I will have to modify the code for of all my team's applications to use credentials. It would be nice if that could be done through configuration instead.
I get what you're saying about the complexity of implementing this with zero code. It would require reflection to make Azure.Identity an optional package. And there's risk in this library making assumptions about authentication because the application code could have its own authentication scheme that might differ from whatever we assume here.
from applicationinsights-kubernetes.
Related Issues (20)
- [Investigation] Make calling into ExecuteAsync idempotent HOT 2
- Compliance: Unit test SDK depends on Newtonsoft.Json 9.0.1 HOT 2
- AKS no telemetry HOT 3
- Upgrade KubernetesClient to >= 10.0.16 to remove dependency on System.IO.Abstractions HOT 16
- backlog
- Add wiki for supporting Azure Function in K8s HOT 1
- Use AKS instead of local kubernetes - How HOT 4
- No insight output as indicated in Zero Code light up Example HOT 4
- Enhancement: Capture container image name HOT 6
- No container id found by container id providers after AKS upgrade 1.23->1.25 HOT 15
- Investigation: Using a label to locate the current container HOT 1
- Decouple Enhancement and container readiness HOT 2
- Cannot get pod info because of proxy configuration HOT 9
- As of now the package doesn HOT 1
- As of now the package doesn't seem to add the properties anymore? HOT 3
- Can't register Enrichers when using KeyedServices HOT 1
- Upgrade of `KubernetesClient` dependency HOT 17
- how to customize k8s properties name HOT 3
- Warning in pod logs re failed to get container id HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from applicationinsights-kubernetes.