Cài đặt AWS Cloudwatch để theo dõi Server

Cài đặt AWS Cloudwatch để theo dõi Server

Mục đích: Thiết lập giám sát bộ nhớ AWS Cloudwatch trên phiên bản EC2 chạy Red Hat Enterprise Linux và CentOS.

Môi trường test: CentOS 6.7 HVM EC2 Instance

Download Script: https://aws.amazon.com/code/amazon-cloudwatch-monitoring-scripts-for-linux/

Cài đặt cái gói cần thiết:

[php]

sudo yum install perl-Switch perl-DateTime perl-Sys-Syslog perl-LWP-Protocol-https perl-Digest-SHA –enablerepo="rhui-REGION-rhel-server-optional" -y
sudo yum install wget zip unzip

[/php]

Download và cài đặt Script

Download

[php]

wget http://aws-cloudwatch.s3.amazonaws.com/downloads/CloudWatchMonitoringScripts-1.2.2.zip
unzip CloudWatchMonitoringScripts-1.2.2.zip
rm -f CloudWatchMonitoringScripts-1.2.2.zip
cd aws-scripts-mon
[/php]

Cài đặt: có 2 tuỳ chọn

API Access Key (Option 1): Chỉ định thông tin đăng nhập trong tập tin awscreds.conf

Copy file mẫu (awscreds.template) ra file thiết lập

[php]

cp awscreds.template awscreds.conf

[/php]

Chỉnh sửa file awscreds.conf thêm thông tin access key id và secret access key

[php]

vi awscreds.conf

[/php]

AWSAccessKeyId = my-access-key-id
AWSSecretKey = my-secret-access-key

Phân quyền lại file awscreds.conf

[php]

chmod 0400 awscreds.conf

[/php]

IAM Role (Option 2): Nếu bạn đã liên kết IAM với EC2 thì bạn cần add thêm các quyền sau

• cloudwatch:PutMetricData
• cloudwatch:GetMetricStatistics
• cloudwatch:ListMetrics
• ec2:DescribeTags

Nếu không add những cái trên thì add CloudwatchFullAccess là ok nhất.

Nếu chưa liên kết IAM với EC2 thì tiến hành tạo rồi liên kết vào:

1. Login to AWS web console
2. Select Identity & Access Management
3. Select Roles | Create New Role
4. Enter Role Name =>  ec2-cloudwatch
5. Select Next Step
6. Select Amazon EC2
7. Search for cloudwatch
8. Select CloudwatchFullAccess
9. Select Next Step | Create Role
10. Attach/Replace IAM Role to EC2

Test: đoạn sau nó sẽ không gửi dữ liệu đến Cloudwatch

[php]

./mon-put-instance-data.pl –mem-util –verify –verbose

[/php]

Kết quả sẽ tương tự như sau:

MemoryUtilization: 31.7258903184253 (Percent)
Using AWS credentials file <./awscreds.conf>
Endpoint: https://monitoring.us-west-2.amazonaws.com
Payload: {"MetricData":[{"Timestamp":1443537153,"Dimensions":[{"Value":"i-12e1fac4","Name":"InstanceId"}],"Value":31.7258903184253,"Unit":"Percent","MetricName":"MemoryUtilization"}],"Namespace":"System/Linux","__type":"com.amazonaws.cloudwatch.v2010_08_01#PutMetricDataInput"}

Verification completed successfully. No actual metrics sent to CloudWatch.

Gửi dữ liệu cho Cloudwatch:

[php]

./mon-put-instance-data.pl –mem-util –mem-used –mem-avail

[/php]

Sau khi chạy command trên một số dữ liệu về memory đã được gửi tới Cloudwatch | Linux System

Tạo Cron để có thể gửi dữ liệu liên tục về cho Cloudwatch.

Thực hiện 5 phút 1 lần gửi dữ liệu:

[php]

crontab -e

*/5 * * * * ~/aws-scripts-mon/mon-put-instance-data.pl –mem-used-incl-cache-buff –mem-util –disk-space-util –disk-path=/ –from-cron

[/php]

Đến đây là các bạn đã cấu hình xong các dữ liệu cần thiết để Cloudwatch nhận dữ liệu từ EC2, việc tiếp theo chỉ cần Create Alarm bên dịch vụ CloudWatch.

mon-put-instance-data.pl

Các option của nó như sau:

Name	Description
--mem-util	Collects and sends the MemoryUtilization metrics in percentages. This metric counts memory allocated by applications and the operating system as used, and also includes cache and buffer memory as used if you specify the --mem-used-incl-cache-buff option.
--mem-used	Collects and sends the MemoryUsed metrics, reported in megabytes. This metric counts memory allocated by applications and the operating system as used, and also includes cache and buffer memory as used if you specify the --mem-used-incl-cache-buff option.
--mem-used-incl-cache-buff	If you include this option, memory currently used for cache and buffers is counted as “used” when the metrics are reported for --mem-util, --mem-used, and --mem-avail.
--mem-avail	Collects and sends the MemoryAvailable metrics, reported in megabytes. This metric counts memory allocated by applications and the operating system as used, and also includes cache and buffer memory as used if you specify the --mem-used-incl-cache-buff option.
--swap-util	Collects and sends SwapUtilization metrics, reported in percentages.
--swap-used	Collects and sends SwapUsed metrics, reported in megabytes.
--disk-path=PATH	Selects the disk on which to report. PATH can specify a mount point or any file located on a mount point for the filesystem that needs to be reported. For selecting multiple disks, specify a --disk-path=PATH for each one of them. To select a disk for the filesystems mounted on / and /home, use the following parameters: --disk-path=/ --disk-path=/home
--disk-space-util	Collects and sends the DiskSpaceUtilization metric for the selected disks. The metric is reported in percentages. Note that the disk utilization metrics calculated by this script differ from the values calculated by the df -k -l command. If you find the values from df -k -l more useful, you can change the calculations in the script.
--disk-space-used	Collects and sends the DiskSpaceUsed metric for the selected disks. The metric is reported by default in gigabytes. Due to reserved disk space in Linux operating systems, disk space used and disk space available might not accurately add up to the amount of total disk space.
--disk-space-avail	Collects and sends the DiskSpaceAvailable metric for the selected disks. The metric is reported in gigabytes. Due to reserved disk space in the Linux operating systems, disk space used and disk space available might not accurately add up to the amount of total disk space.
--memory-units=UNITS	Specifies units in which to report memory usage. If not specified, memory is reported in megabytes. UNITS may be one of the following: bytes, kilobytes, megabytes, gigabytes.
--disk-space-units=UNITS	Specifies units in which to report disk space usage. If not specified, disk space is reported in gigabytes. UNITS may be one of the following: bytes, kilobytes, megabytes, gigabytes.
--aws-credential- file=PATH	Provides the location of the file containing AWS credentials. This parameter cannot be used with the --aws-access-key-id and –-aws-secret-keyparameters.
--aws-access-key-id=VALUE	Specifies the AWS access key ID to use to identify the caller. Must be used together with the --aws-secret-key option. Do not use this option with the --aws-credential-file parameter.
--aws-secret-key=VALUE	Specifies the AWS secret access key to use to sign the request to CloudWatch. Must be used together with the --aws-access-key-id option. Do not use this option with --aws-credential-file parameter.
--aws-iam-role=VALUE	Specifies the IAM role used to provide AWS credentials. The value =VALUE is required. If no credentials are specified, the default IAM role associated with the EC2 instance is applied. Only one IAM role can be used. If no IAM roles are found, or if more than one IAM role is found, the script will return an error. Do not use this option with the --aws-credential-file, --aws-access-key-id, or --aws-secret-key parameters.
--aggregated[=only]	Adds aggregated metrics for instance type, AMI ID, and overall for the region. The value =onlyis optional; if specified, the script reports only aggregated metrics.
--auto-scaling[=only]	Adds aggregated metrics for the Auto Scaling group. The value =only is optional; if specified, the script reports only Auto Scaling metrics. The IAM policy associated with the IAM account or role using the scripts need to have permissions to call the EC2 action DescribeTags.
--verify	Performs a test run of the script that collects the metrics, prepares a complete HTTP request, but does not actually call CloudWatch to report the data. This option also checks that credentials are provided. When run in verbose mode, this option outputs the metrics that will be sent to CloudWatch.
--from-cron	Use this option when calling the script from cron. When this option is used, all diagnostic output is suppressed, but error messages are sent to the local system log of the user account.
--verbose	Displays detailed information about what the script is doing.
--help	Displays usage information.
--version	Displays the version number of the script.

Thông tin tham khảo:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/mon-scripts.html#mon-scripts-perl_prereq

Bài này đến đây là hoàn thành.

[thongbao]

1. Nếu có thắc mắc gì các bạn để lại comment bên dưới mình sẽ trả lời sớm nhất có thể.
2. Cảm ơn các bạn đã đọc.

[/thongbao]