If your migrating old workloads to Azure occasionally you may not be able to use the latest Operating Systems. In these circumstances it may be useful to still be able to use the OMS agent to monitor your VM.
For CentOS – you really need to get to version 5.8 or above which has native support for Hyper-V, the Hypervisor that runs under the covers on Azure
Fix the CentOS repos to get the last released patches:
# cd /etc/yum.repos.d
edit CentOS-Base.repo and comment mirror list – change baseurl to start:
baseurl=http://vault.centos.org/5.11/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://vault.centos.org/5.11/updates/$basearch/
set the date correctly & hostname ip in /etc/hosts
Get the repo for syslog (needed later)
# cd /etc/yum.repos.d
# wget http://rpms.adiscon.com/v8-stable/rsyslog.repo
Update the OS and install required software
# yum update
# yum groupinstall “Development Tools”
# yum groupinstall “Development Libraries”
# yum install python-ctypes
# yum install rsyslog
Update openssl (for TLS 1.2 support)
# wget https://www.openssl.org/source/openssl-1.0.2o.tar.gz —no-check-certificate
# tar -zxvf openssl-*.tar.gz
# cd openssl-*
# ./config -fpic shared && make && make install
# echo “/usr/local/ssl/lib” >> /etc/ld.so.conf$ ldconfig
Install updated version of wget
# wget http://ftp.gnu.org/gnu/wget/wget-1.19.5.tar.gz –no-check-certificate
# tar -xzvf wget-1.19.5.tar.gz
# cd wget-1.19.5
# make clean
# ./configure –with-ssl=openssl –with-libssl-prefix=/usr/local/ssl
# make && make install
# yum -y remove wget
# mv /usr/bin/wget /usr/bin/wget.orig
# ln -s /usr/local/bin/wget /usr/bin/wget
Install Updated version of Python
need late 2.7 (2.7.15) to support tls1.2
# wget https://www.python.org/ftp/python/2.7.15/Python-2.7.15.tgz –no-check-certificate
# export CCFLAGS=”-I/usr/local/ssl/include/openssl”
# export LD_LIBRARY_PATH=”/usr/local/ssl/lib/”
# export LDFLAGS=”-L/usr/local/ssl/lib”
# make clean
# ./configure –with-ensurepip=install –prefix=/usr/local
The final result of ./configure –prefix=$DEPLOY may looks like follows:
Python build finished, but the necessary bits to build these modules were not found:
_tkinter bsddb185 dl
gdbm imageop sunaudiodev
To find the necessary bits, look in setup.py in detect_modules() for the module’s name.
It will show you the modules that can not be build, note that some of them are unnecessary or deprecated:
_tkinter: For tkinter graphy library, unnecessary if you don’t develop tkinter programs.
bsddb185: Older version of Oracle Berkeley DB. Undocumented. Install version 4.8 instead.
dl: For 32-bit machines. Deprecated. Use ctypes instead.
imageop: For 32-bit machines. Deprecated. Use PIL instead.
sunaudiodev: For Sun hardware. Deprecated
# make
# make altinstall
Check we have TLS 1.2 support
# python2.7
>>> import ssl
>>> print ssl.OPENSSL_VERSION
1.0.2
# pip2.7 uninstall cryptography
# pip2.7 install cryptography
Setup the python virtual environment
#/usr/local/bin/easy_install-2.7 virtualenv
# mkdir -p va/oms
# virtualenv va/oms
# cd va/oms/bin
# source activate
edit /etc/sysconfig/selinux
disabled
# wget https://github.com/Microsoft/OMS-Agent-for-Linux/releases/download/OMSAgent_v1.6.0-42/omsagent-1.6.0-42.universal.x64.sh –no-check-certificate
# ./omsagent-1.6.0-42.universal.x64.sh –install
(oms) [root@localhost bin]# ./omsadmin.sh -w 2 -s
………….
Starting Operations Management Suite agent (
info Configured omsconfig
Start OMS and check the logs for any problems
# /opt/microsoft/omsagent/bin/service_control restart
# tail -100 /var/opt/microsoft/omsagent/log/omsagent.log
clearing selinux messages:
# audit2allow -a
# audit2allow -a -M myallow
# semodule -i myallow.pp
Install updated curl Package
# mkdir ~/src/$ cd ~/src/
This installs curl in /usr/local/bin/curl
# cd /root/src$ wget http://curl.haxx.se/download/curl-7.42.1.tar.gz
# tar -xzvf curl-*.tar.gz
# cd curl-*
# ./configure –with-ssl=/usr/local/ssl –disable-ldap && make && make install
Install updated openssh
# wget https://mirror.bytemark.co.uk/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz –no-check-certificate
# ./configure –with-ssl-dir=/usr/local/ssl
# make
# make install
Install Azure waagent
# wget https://github.com/Azure/WALinuxAgent/archive/master.zip
(oms) python setup.py install –register-service
# more /usr/lib/systemd/system/waagent.service
# python -u /usr/sbin/waagent -daemon