Cloudwatch agent を入れてみる。
コマンドラインベースでCloudwatchをインストールしてみます。
事前準備
# uname -a Linux ip-10-10-4-180 5.3.0-1017-aws #18~18.04.1-Ubuntu SMP Wed Apr 8 15:12:16 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@ip-10-10-4-180 ~ #
下記のリファレンスを参照し、Ubuntu用のダウンロードリンクを確認します。
docs.aws.amazon.com
root@ip-10-10-4-180 ~ # wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb --2020-05-20 07:52:26-- https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb Resolving s3.amazonaws.com (s3.amazonaws.com)... 52.216.1.83 Connecting to s3.amazonaws.com (s3.amazonaws.com)|52.216.1.83|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 60691134 (58M) [application/octet-stream] Saving to: ‘amazon-cloudwatch-agent.deb’ amazon-cloudwatch-agent.deb 100%[============================================================================================================================>] 57.88M 8.20MB/s in 7.5s 2020-05-20 07:52:34 (7.69 MB/s) - ‘amazon-cloudwatch-agent.deb’ saved [60691134/60691134] root@ip-10-10-4-180 ~ # root@ip-10-10-4-180 ~ # sudo dpkg -i -E ./amazon-cloudwatch-agent.deb Selecting previously unselected package amazon-cloudwatch-agent. (Reading database ... 90964 files and directories currently installed.) Preparing to unpack ./amazon-cloudwatch-agent.deb ... create group cwagent, result: 0 create user cwagent, result: 0 Unpacking amazon-cloudwatch-agent (1.237768.0-1) ... Setting up amazon-cloudwatch-agent (1.237768.0-1) ... Processing triggers for ureadahead (0.100.0-21) ... root@ip-10-10-4-180 ~ #
IAM ロールを作成
続いてEC2 インスタンスで CloudWatch エージェントを実行するのに必要な IAM ロールを作成します。
docs.aws.amazon.com
EC2を選択します。
CloudWatchAgentServerPolicyを選択します。
ロール名を決定します。
最後に作成したロールを上記EC2にアタッチします。
設定ファイルを準備
今回はウィザードを使用して設定ファイルを準備致します。
docs.aws.amazon.com
# sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
今回はSSMを利用せずに生成されたjsonファイルを利用して実行を試みます。
root@ip-10-10-4-180 /opt/aws/amazon-cloudwatch-agent/bin # ./amazon-cloudwatch-agent-config-wizard ============================================================= = Welcome to the AWS CloudWatch Agent Configuration Manager = ============================================================= On which OS are you planning to use the agent? 1. linux 2. windows default choice: [1]: 1
Trying to fetch the default region based on ec2 metadata... Are you using EC2 or On-Premises hosts? 1. EC2 2. On-Premises default choice: [1]: 1
Which user are you planning to run the agent? 1. root 2. cwagent 3. others default choice: [1]: 1
Do you want to turn on StatsD daemon? 1. yes 2. no default choice: [1]: 2
Do you want to monitor metrics from CollectD? 1. yes 2. no default choice: [1]: 2
Do you want to monitor any host metrics? e.g. CPU, memory, etc. 1. yes 2. no default choice: [1]: 1
Do you want to monitor cpu metrics per core? Additional CloudWatch charges may apply. 1. yes 2. no default choice: [1]: 1
Do you want to add ec2 dimensions (ImageId, InstanceId, InstanceType, AutoScalingGroupName) into all of your metrics if the info is available? 1. yes 2. no default choice: [1]: 1
Would you like to collect your metrics at high resolution (sub-minute resolution)? This enables sub-minute resolution for all metrics, but you can customize for specific metrics in the output json file. 1. 1s 2. 10s 3. 30s 4. 60s default choice: [4]: 3
Which default metrics config do you want? 1. Basic 2. Standard 3. Advanced 4. None default choice: [1]: 3
Current config as follows: { "agent": { "metrics_collection_interval": 30, "run_as_user": "root" }, "metrics": { "append_dimensions": { "AutoScalingGroupName": "${aws:AutoScalingGroupName}", "ImageId": "${aws:ImageId}", "InstanceId": "${aws:InstanceId}", "InstanceType": "${aws:InstanceType}" }, "metrics_collected": { "cpu": { "measurement": [ "cpu_usage_idle", "cpu_usage_iowait", "cpu_usage_user", "cpu_usage_system" ], "metrics_collection_interval": 30, "resources": [ "*" ], "totalcpu": false }, "disk": { "measurement": [ "used_percent", "inodes_free" ], "metrics_collection_interval": 30, "resources": [ "*" ] }, "diskio": { "measurement": [ "io_time", "write_bytes", "read_bytes", "writes", "reads" ], "metrics_collection_interval": 30, "resources": [ "*" ] }, "mem": { "measurement": [ "mem_used_percent" ], "metrics_collection_interval": 30 }, "netstat": { "measurement": [ "tcp_established", "tcp_time_wait" ], "metrics_collection_interval": 30 }, "swap": { "measurement": [ "swap_used_percent" ], "metrics_collection_interval": 30 } } } }
Are you satisfied with the above config? Note: it can be manually customized after the wizard completes to add additional items. 1. yes 2. no default choice: [1]: 1
Do you have any existing CloudWatch Log Agent (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AgentReference.html) configuration file to import for migration? 1. yes 2. no default choice: [2]: 2
Do you want to monitor any log files? 1. yes 2. no default choice: [1]: 1
Log file path: /var/log/nginx/access.log Log group name: default choice: [access.log] nginx_access.log Log stream name: default choice: [{instance_id}]
Do you want to specify any additional log files to monitor? 1. yes 2. no default choice: [1]: 1
Log file path: /var/log/nginx/error.log Log group name: default choice: [error.log] nginx_error.log Log stream name: default choice: [{instance_id}]
Do you want to specify any additional log files to monitor? 1. yes 2. no default choice: [1]: 2
Saved config file to /opt/aws/amazon-cloudwatch-agent/bin/config.json successfully. Current config as follows: { "agent": { "metrics_collection_interval": 30, "run_as_user": "root" }, "logs": { "logs_collected": { "files": { "collect_list": [ { "file_path": "/var/log/nginx/access.log", "log_group_name": "nginx_access.log", "log_stream_name": "{instance_id}" }, { "file_path": "/var/log/nginx/error.log", "log_group_name": "nginx_error.log", "log_stream_name": "{instance_id}" } ] } } }, "metrics": { "append_dimensions": { "AutoScalingGroupName": "${aws:AutoScalingGroupName}", "ImageId": "${aws:ImageId}", "InstanceId": "${aws:InstanceId}", "InstanceType": "${aws:InstanceType}" }, "metrics_collected": { "cpu": { "measurement": [ "cpu_usage_idle", "cpu_usage_iowait", "cpu_usage_user", "cpu_usage_system" ], "metrics_collection_interval": 30, "resources": [ "*" ], "totalcpu": false }, "disk": { "measurement": [ "used_percent", "inodes_free" ], "metrics_collection_interval": 30, "resources": [ "*" ] }, "diskio": { "measurement": [ "io_time", "write_bytes", "read_bytes", "writes", "reads" ], "metrics_collection_interval": 30, "resources": [ "*" ] }, "mem": { "measurement": [ "mem_used_percent" ], "metrics_collection_interval": 30 }, "netstat": { "measurement": [ "tcp_established", "tcp_time_wait" ], "metrics_collection_interval": 30 }, "swap": { "measurement": [ "swap_used_percent" ], "metrics_collection_interval": 30 } } } } Please check the above content of the config. The config file is also located at /opt/aws/amazon-cloudwatch-agent/bin/config.json. Edit it manually if needed.
Do you want to store the config in the SSM parameter store? 1. yes 2. no default choice: [1]: 2
Program exits now. root@ip-10-10-4-180 /opt/aws/amazon-cloudwatch-agent/bin #
起動
あとは以下に沿ってcloudwatchエージェントを起動します。
設定ファイルを下記フォルダにコピーして実行します。
/opt/aws/amazon-cloudwatch-agent/etc
実行コマンド
# ./bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:./etc/config.json -s root@ip-10-10-4-180 ~ # /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/etc/config.json -s /opt/aws/amazon-cloudwatch-agent/bin/config-downloader --output-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --download-source file:/opt/aws/amazon-cloudwatch-agent/etc/config.json --mode ec2 --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default Successfully fetched the config and saved in /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_config.json.tmp Start configuration validation... /opt/aws/amazon-cloudwatch-agent/bin/config-translator --input /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json --input-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --output /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml --mode ec2 --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default 2020/05/21 01:57:38 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_config.json.tmp ... Valid Json input schema. I! Detecting runasuser... No csm configuration found. Configuration validation first phase succeeded /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent -schematest -config /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml Configuration validation second phase succeeded Configuration validation succeeded root@ip-10-10-4-180 ~ #