Opal

An Azure Functions Monitoring Tool

About Opal

Opal is a tool for monitoring Microsoft Azure Functions. Azure Functions are a leading “serverless” computing solution that allows developers to deploy code on-the-fly without the need to provision or maintain their own servers. Opal’s code leverages a combination of Microsoft Azure JavaScript SDKs and REST APIs to query metrics associated with the user’s Azure Functions, and visualizes those metrics through graphs rendered with the JS Recharts library.

Opal provides pre-configured, clean visualizations, permitting developers to efficiently analyze the current state of their Azure Function deployments without the learning curve or setup associated with the Azure Portal. Opal also permits users to programatically browse all Azure Function Apps and Functions with a single click.

Currently supported metrics in Opal include, among other things, function invocations, success and error rates, response times, and estimated billing from selected Azure Functions.

Prerequisites

• NodeJS

• NPM

• An active Azure subscription with deployed Azure Functions.

Getting Started

1. Clone this repo.

If using Git, run:

git clone https://github.com/oslabs-beta/Opal
cd Opal

2. Install dependencies.

npm install

3. Build the app.

npm run build-prod

4. Authenticate.

Be authenticated to an Azure account. (See ‘Connecting to Azure’ for more information.)

5. Run the app.

npm run start-prod

Connecting to Azure

1. Base Functionality

If the user is already logged in to Azure through an existing authentication flow (e.g., Azure CLI, Azure PowerShell, Managed Identity, Environment Variables), Opal’s base functionality is accessible out-of-the-box with no configuration. If not currently logged in, use the method you typically use to authenticate to Azure. For example, an Azure CLI user can type az login.

For more information about your options for authenticating to Azure, review the DefaultAzureCredential docs.

2. Additional Functionality

Using Opal to access metrics on individual functions in a Function App requires sending a bearer token to Azure REST APIs. Opal will use HTTPS and OAUTH 2.0 to securely handle the token-generation process for you, as long as you place a .env file in Opal’s root directory identifying a service principal that is authorized to access your Azure subscription.

AZURE_CLIENT_ID=<appId>
AZURE_CLIENT_SECRET=<password>
AZURE_TENANT_ID=<tenant>

If you do not already have a service principal, create one with the following command:

az ad sp create-for-rbac --role contributor

and use the output to create the above .env file.

Azure Account Access

Opal accesses function metrics using Azure SDK’s DefaultAzureCredential and Azure REST APIs. The DefaultAzureCredential supports multiple authentication methods.

Opal does not interfere with the user’s Azure deployment, does not write data to the user’s Azure account, and does not store the data it reads from the user’s Azure account.

Queries made through Opal utilize Azure SDKs and REST APIs, and may be subject to size or billing limitations imposed by the user’s account. For more information, please refer to Azure’s Cost Management and Billing documentation for the rules that may govern your subscription.

How To Use The App

• Login

Create a login. After logging in, select the Azure icon (additional cloud providers will be added in a future patch).

• Overview

When the app renders, Opal displays graphs of the function execution count for every Function App in your tenant. This is the “Overview.” From the Overview, you can see recent function execution count for every Function App in your tenant.

• List View

You can see a list of all of your Function Apps or functions by clicking “Function Apps” or “Functions” in the sidebar. You can click a specific Function App or function to navigate to the view for that Function App or function. A search bar is provided for ease of navigation.

• Function App View

You can access more detailed metrics in a specific Function App either by selecting that Function App on the “Overview” page, or selecting that Function App in the “List View.”

To change the timespan and granularity, please use the corresponding sliders and click “Update Preferences”.

• Function View

You can access specific metrics for a function (i.e., the child of a FunctionApp) either by scrolling down in the corresponding “Function App View” and selecting that function, or by selecting that function from the “List View”.

Timespan and granularity can be chosen in the Function View in the same was as above.

Due to Azure SDK limitations, the “List View” for functions and the “Function View” are only available if the user also adds service principal information to their .env.

FAQ

1. Why can’t I see the functions from some of my subscriptions?

By default, service principals are associated with a single subscription. If you did not specify a subscription when creating your service principal (or specified only one), you may not be able to see functions from other subscriptions.

To fix this, create a new service principal, and then replace the data in your .env with data for a new service principal that has access to all of your subscriptions. First list all of your subscriptions with this Azure CLI command:

az account list --query "[].{id:id}" --output tsv

Then use the output of the above command to define scope when creating a service principal. For example, with three subscriptions, use the below command:

az ad sp create-for-rbac --role contributor --scope subscriptions/<subscription1> subscriptions/<subscription2> subscriptions/<subscription3>

Use the output of the above command to update your .env file according to the instructions in step 2 of Connecting to Azure.

2. What information do I need to provide to log in to Opal?

On initial login, users are prompted to select a name, username, email address, and password.

3. What information will Opal store about me?

Only the information in Question #2. The user’s password itself is not stored. Opal stores only a password hash.

4. Does Opal maintain any information about my Azure account?

No. Opal stores no information about your Azure account. Opal simply acts as a client for a variety of Azure SDKs and endpoints to allow you to retrieve data from your Azure subscriptions in a single location.

5. Do I need to enter to use my real email?

No. There are no consequences to creating a dummy email if you prefer not to be identified. But please avoid e-mail addresses that may legitimately be used by others.

Built With

Opal was built with the following frameworks / libraries:

• Azure JavaScript SDKs

• Azure REST API

• Kusto Query Language (KQL)

• React

• React Router

• RechartJS

• Tailwind

• Framer Motion

• Redux

• TypeScript

• Express

• PostgreSQL

Contributing

We welcome contributions to the project, and encourage submissions for any problems you encounter. To contribute, please fork the repo and submit a pull request to the dev branch.

Ideas for future developments and contributions include:

• Adding support for AWS Lambda or Google Cloud Functions, to make Opal a more platform-neutral serverless monitoring tool.
• Updating the Opal server as Microsoft continues to release updates to its Azure SDKs.
• Allowing for the display of additional metrics for Function Apps or functions.
• Adding custom dashboards for logged-in users.

Authors

Alma Eyre Github | LinkedIn
Marcel Palmer Github
Hussein Hamade Github | LinkedIn
Bill O’Connell Github | LinkedIn

License

Distributed under the MIT License.