はじめに
本手順はCloudWatch Agentを手動インストールする手順を紹介する。
以前はログ収集用にCloudWatch Logs Agentが存在していたが、今では古い方法となっている。
CloudWatch Agentのインストールおよび設定ファイルの配布にはAWS Systems Manager(SSM)を用いたほうがよいが、
SSMは手動インストールを代行しているので
CloudWatch Agentをインストールするときに
どのようなことが行われているかを理解するために紹介する。
EC2インスタンスを用意
CloudWatchAgentServerPolicyポリシーを持つEC2インスタンスを作成する。
本手順では、OSにCentOS Linux release 7.6.1810 を使用している。
CloudWatch Agentインストール
下記ページを参考にCloudWatch AgentのインストーラのダウンロードURLを確認
コマンド
curl -L https://s3.amazonaws.com/amazoncloudwatch-agent/centos/amd64/latest/amazon-cloudwatch-agent.rpm -o amazon-cloudwatch-agent.rpm
sudo rpm -U ./amazon-cloudwatch-agent.rpm
実行結果
[centos@ip-172-31-18-148 ~]$ curl -L https://s3.amazonaws.com/amazoncloudwatch-a
gent/centos/amd64/latest/amazon-cloudwatch-agent.rpm -o amazon-cloudwatch-agent.
rpm
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 35.8M 100 35.8M 0 0 4660k 0 0:00:07 0:00:07 --:--:-- 5715k
[centos@ip-172-31-18-148 ~]$ sudo rpm -U ./amazon-cloudwatch-agent.rpm
create group cwagent, result: 0
create user cwagent, result: 0
[centos@ip-172-31-18-148 ~]$
CloudWatch Agent設定
設定ウィザードで設定ファイルの作成が可能。
設定ウィザード実行コマンド
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
今回の手順では、システムメトリクスの収集(現在使用中のメモリの割合・現在使用中のスワップスペースの割合)、
/var/log/messagesのログ収集を行っている。
[centos@ip-172-31-18-148 ~]$ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
=============================================================
= Welcome to the AWS CloudWatch Agent Configuration Manager =
=============================================================
On which OS are you planning to use the agent?
1. linux
2. windows
default choice: [1]:
1
Trying to fetch the default region based on ec2 metadata...
Are you using EC2 or On-Premises hosts?
1. EC2
2. On-Premises
default choice: [1]:
1
Which user are you planning to run the agent?
1. root
2. cwagent
3. others
default choice: [1]:
1
Do you want to turn on StatsD daemon?
1. yes
2. no
default choice: [1]:
2
Do you want to monitor metrics from CollectD?
1. yes
2. no
default choice: [1]:
2
Do you want to monitor any host metrics? e.g. CPU, memory, etc.
1. yes
2. no
default choice: [1]:
1
Do you want to monitor cpu metrics per core? Additional CloudWatch charges may apply.
1. yes
2. no
default choice: [1]:
2
Do you want to add ec2 dimensions (ImageId, InstanceId, InstanceType, AutoScalingGroupName) into all of your metrics if the info is available?
1. yes
2. no
default choice: [1]:
1
Would you like to collect your metrics at high resolution (sub-minute resolution)? This enables sub-minute resolution for all metrics, but you can customize for specific metrics in the output json file.
1. 1s
2. 10s
3. 30s
4. 60s
default choice: [4]:
4
Which default metrics config do you want?
1. Basic
2. Standard
3. Advanced
4. None
default choice: [1]:
1
Current config as follows:
{
"agent": {
"metrics_collection_interval": 60,
"run_as_user": "root"
},
"metrics": {
"append_dimensions": {
"AutoScalingGroupName": "${aws:AutoScalingGroupName}",
"ImageId": "${aws:ImageId}",
"InstanceId": "${aws:InstanceId}",
"InstanceType": "${aws:InstanceType}"
},
"metrics_collected": {
"mem": {
"measurement": [
"mem_used_percent"
],
"metrics_collection_interval": 60
},
"swap": {
"measurement": [
"swap_used_percent"
],
"metrics_collection_interval": 60
}
}
}
}
Are you satisfied with the above config? Note: it can be manually customized after the wizard completes to add additional items.
1. yes
2. no
default choice: [1]:
1
Do you have any existing CloudWatch Log Agent (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AgentReference.html) configuration file to import for migration?
1. yes
2. no
default choice: [2]:
2
Do you want to monitor any log files?
1. yes
2. no
default choice: [1]:
1
Log file path:
/var/log/messages
Log group name:
default choice: [messages]
/var/log/messages
Log stream name:
default choice: [{instance_id}]
Do you want to specify any additional log files to monitor?
1. yes
2. no
default choice: [1]:
2
Saved config file to /opt/aws/amazon-cloudwatch-agent/bin/config.json successfully.
Current config as follows:
{
"agent": {
"metrics_collection_interval": 60,
"run_as_user": "root"
},
"logs": {
"logs_collected": {
"files": {
"collect_list": [
{
"file_path": "/var/log/messages",
"log_group_name": "/var/log/messages",
"log_stream_name": "{instance_id}"
}
]
}
}
},
"metrics": {
"append_dimensions": {
"AutoScalingGroupName": "${aws:AutoScalingGroupName}",
"ImageId": "${aws:ImageId}",
"InstanceId": "${aws:InstanceId}",
"InstanceType": "${aws:InstanceType}"
},
"metrics_collected": {
"mem": {
"measurement": [
"mem_used_percent"
],
"metrics_collection_interval": 60
},
"swap": {
"measurement": [
"swap_used_percent"
],
"metrics_collection_interval": 60
}
}
}
}
Please check the above content of the config.
The config file is also located at /opt/aws/amazon-cloudwatch-agent/bin/config.json.
Edit it manually if needed.
Do you want to store the config in the SSM parameter store?
1. yes
2. no
default choice: [1]:
2
Program exits now.
[centos@ip-172-31-18-148 ~]$
エージェントによって作成されたファイルは、
/opt/aws/amazon-cloudwatch-agent/bin/config.json
に作成される。
[centos@ip-172-31-18-148 ~]$ ls -l /opt/aws/amazon-cloudwatch-agent/bin/config.json
-rwxr-xr-x. 1 root root 270 Jun 16 09:45 /opt/aws/amazon-cloudwatch-agent/bin/config.json
[centos@ip-172-31-18-148 ~]$
下記URLを参考にエージェントの設定ファイルを手動で作成・編集も可能。
https://docs.aws.amazon.com/ja_jp/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html
https://docs.aws.amazon.com/ja_jp/AmazonCloudWatch/latest/monitoring/metrics-collected-by-CloudWatch-agent.html
CloudWatch Agentサービス起動
設定ファイルを読み込んでサービスを作成・起動するコマンド
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:<設定ファイルのパス> -s
[centos@ip-172-31-18-148 ~]$ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m
ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json -s
/opt/aws/amazon-cloudwatch-agent/bin/config-downloader --output-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --download-source file:/opt/aws/amazon-cloudwatch-agent/bin/config.json --mode ec2 --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default
Successfully fetched the config and saved in /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_config.json.tmp
Start configuration validation...
/opt/aws/amazon-cloudwatch-agent/bin/config-translator --input /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json --input-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --output /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml --mode ec2 --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default
Valid Json input schema.
I! Detecting runasuser...
No csm configuration found.
No metric configuration found.
Configuration validation first phase succeeded
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent -schematest -config /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml
Configuration validation second phase succeeded
Configuration validation succeeded
Created symlink from /etc/systemd/system/multi-user.target.wants/amazon-cloudwatch-agent.service to /etc/systemd/system/amazon-cloudwatch-agent.service.
Redirecting to /bin/systemctl restart amazon-cloudwatch-agent.service
[centos@ip-172-31-18-148 ~]$
サービスが起動しているか確認する。
[centos@ip-172-31-18-148 ~]$ sudo systemctl status amazon-cloudwatch-agent.service
● amazon-cloudwatch-agent.service - Amazon CloudWatch Agent
Loaded: loaded (/etc/systemd/system/amazon-cloudwatch-agent.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2019-06-16 10:00:57 UTC; 23s ago
Main PID: 3180 (amazon-cloudwat)
CGroup: /system.slice/amazon-cloudwatch-agent.service
mq3180 /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent -config /opt/aws/amazon-cloudwatch-...
Jun 16 10:00:57 ip-172-31-18-148.ap-northeast-1.compute.internal systemd[1]: Started Amazon CloudWatch Agent.
Jun 16 10:00:57 ip-172-31-18-148.ap-northeast-1.compute.internal start-amazon-cloudwatch-agent[3180]: /opt/aws/ama...
Jun 16 10:00:57 ip-172-31-18-148.ap-northeast-1.compute.internal start-amazon-cloudwatch-agent[3180]: Valid Json i...
Jun 16 10:00:57 ip-172-31-18-148.ap-northeast-1.compute.internal start-amazon-cloudwatch-agent[3180]: I! Detecting...
Jun 16 10:00:57 ip-172-31-18-148.ap-northeast-1.compute.internal start-amazon-cloudwatch-agent[3180]: 2019/06/16 1...
Hint: Some lines were ellipsized, use -l to show in full.
[centos@ip-172-31-18-148 ~]$
サービスのログファイルは
/var/log/amazon/amazon-cloudwatch-agent/amazon-cloudwatch-agent.log
に保存される。
[centos@ip-172-31-18-148 ~]$ ls -l /var/log/amazon/amazon-cloudwatch-agent/amazon-cloudwatch-agent.log
-rw-r--r--. 1 root root 15347 Jun 16 10:13 /var/log/amazon/amazon-cloudwatch-agent/amazon-cloudwatch-agent.log
[centos@ip-172-31-18-148 ~]$
収集結果の確認
システムメトリクス
ログ
