CentOS
AWS
centos7
stackdriver
AmazonLinux2

Amazon Linux 2 に Stackdriver エージェントをインストールできなかった。

参考文献

エージェントのインストールでコケる。

結論は, Amazon Linux 2 AMI に対応していないからっぽい。。。

Stackdriver Monitoring エージェント

[ec2-user@ip-172-31-0-198 ~]$ sudo bash install-monitoring-agent.sh
==============================================================================
Starting installation of stackdriver-agent
==============================================================================

Installing agent for Amazon Linux.
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/repos/google-cloud-monitoring-amzn-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-monitoring
Trying other mirror.


 One of the configured repositories failed (Google Cloud Monitoring Agent Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=google-cloud-monitoring ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable google-cloud-monitoring
        or
            subscription-manager repos --disable=google-cloud-monitoring

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=google-cloud-monitoring.skip_if_unavailable=true

failure: repodata/repomd.xml from google-cloud-monitoring: [Errno 256] No more mirrors to try.
https://packages.cloud.google.com/yum/repos/google-cloud-monitoring-amzn-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-monitoring
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg

Importing GPG key 0xBA07F4FB:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: 54a6 47f9 048d 5688 d7da 2abe 6a03 0b21 ba07 f4fb
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg

https://packages.cloud.google.com/yum/repos/google-cloud-monitoring-amzn-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-monitoring
Trying other mirror.


 One of the configured repositories failed (Google Cloud Monitoring Agent Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=google-cloud-monitoring ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable google-cloud-monitoring
        or
            subscription-manager repos --disable=google-cloud-monitoring

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=google-cloud-monitoring.skip_if_unavailable=true

failure: repodata/repomd.xml from google-cloud-monitoring: [Errno 256] No more mirrors to try.
https://packages.cloud.google.com/yum/repos/google-cloud-monitoring-amzn-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-monitoring
Redirecting to /bin/systemctl restart stackdriver-agent.service
Failed to restart stackdriver-agent.service: Unit not found.

==============================================================================
Errors occurred while installing stackdriver-agent-Is this ok [y/N]: Is this ok [y/N]: Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg. See the log snippet
above or run:
  sudo service stackdriver-agent status

Please consult the documentation for troubleshooting advice:
  https://cloud.google.com/monitoring/agent

You can monitor the monitoring agent's logfile at:
  /var/log/messages
==============================================================================
[ec2-user@ip-172-31-0-198 ~]$

Stackdriver Logging エージェント

[ec2-user@ip-172-31-0-198 ~]$ sudo bash install-logging-agent.sh
==============================================================================
Starting installation of google-fluentd
==============================================================================

Installing agents for Amazon Linux.
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/repos/google-cloud-logging-el6-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-logging
Trying other mirror.


 One of the configured repositories failed (Google Cloud Logging Agent Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=google-cloud-logging ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable google-cloud-logging
        or
            subscription-manager repos --disable=google-cloud-logging

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=google-cloud-logging.skip_if_unavailable=true

failure: repodata/repomd.xml from google-cloud-logging: [Errno 256] No more mirrors to try.
https://packages.cloud.google.com/yum/repos/google-cloud-logging-el6-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-logging
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg

Importing GPG key 0xBA07F4FB:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: 54a6 47f9 048d 5688 d7da 2abe 6a03 0b21 ba07 f4fb
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg

https://packages.cloud.google.com/yum/repos/google-cloud-logging-el6-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-logging
Trying other mirror.


 One of the configured repositories failed (Google Cloud Logging Agent Repository),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=google-cloud-logging ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable google-cloud-logging
        or
            subscription-manager repos --disable=google-cloud-logging

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=google-cloud-logging.skip_if_unavailable=true

failure: repodata/repomd.xml from google-cloud-logging: [Errno 256] No more mirrors to try.
https://packages.cloud.google.com/yum/repos/google-cloud-logging-el6-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-logging
Redirecting to /bin/systemctl start google-fluentd.service
Failed to start google-fluentd.service: Unit not found.
Redirecting to /bin/systemctl restart google-fluentd.service
Failed to restart google-fluentd.service: Unit not found.

==============================================================================
Errors occurred while installing google-fluentd-Is this ok [y/N]: Is this ok [y/N]: Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg. See the log snippet
above or run:
  sudo service google-fluentd status
==============================================================================
[ec2-user@ip-172-31-0-198 ~]$

理由を探る。

とにもかくにも, install-monitoring-agent.sh を読む。

先ずは, /etc/os-release を . (source) している。

/etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"

変数 ID の文字列で分岐。今回は amzn になる。

install-monitoring-agent.sh
install() {
  case "${ID:-}" in
    amzn)
      echo 'Installing agent for Amazon Linux.'
      install_for_amazon_linux
      ;;

baseurl が https://packages.cloud.google.com/yum/repos/google-cloud-monitoring-amzn-x86_64 となるように YUM リポジトリーのファイルを生成, エージェントをインストールする。

install-monitoring-agent.sh
install_rpm() {
  local REPO_NAME="google-cloud-monitoring-${1}-\$basearch${REPO_SUFFIX+-${REPO_SUFFIX}}"
  cat > /etc/yum.repos.d/google-cloud-monitoring.repo <<EOM
[google-cloud-monitoring]
name=Google Cloud Monitoring Agent Repository
baseurl=https://${REPO_HOST}/yum/repos/${REPO_NAME}
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://${REPO_HOST}/yum/doc/yum-key.gpg
       https://${REPO_HOST}/yum/doc/rpm-package-key.gpg
EOM
  yum -y -q install "${AGENT_NAME}"
  VERSION="$(yum list "${AGENT_NAME}" | tail -n 1 |\
    sed -E 's/.*([0-9]+\.[0-9]+\.[0-9]+-[0-9]+).*/\1/')"
  COLLECTD_LOG="/var/log/messages"
}

https://packages.cloud.google.com/yum/repos/google-cloud-monitoring-amzn-x86_64/repodata/primary.xml の中に RPM ファイル名がある。

primary.xml
<location href="../../pool/a46307596aac57e49de9c6f2560d22affc89e94f38483382aa06e0bd2aa8671a-stackdriver-agent-5.5.2-382.amzn1.x86_64.rpm"/>

Amazon Linux 2 には対応していないようだ。。。

CentOS ならインストールできた

Stackdriver Monitoring エージェント

[centos@ip-172-31-35-119 ~]$ curl -sSO https://dl.google.com/cloudagents/install-monitoring-agent.sh
[centos@ip-172-31-35-119 ~]$ sudo bash install-monitoring-agent.sh
==============================================================================
Starting installation of stackdriver-agent
==============================================================================

Installing agent for RHEL or CentOS.
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
warning: /var/cache/yum/x86_64/7/google-cloud-monitoring/packages/840b962e45ce87b569b4c5c4efba1553cf0d078812344556d5ccec6a8d8150fe-stackdriver-agent-5.5.2-382.el7.centos.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 3e1ba8d5: NOKEY
Public key for 840b962e45ce87b569b4c5c4efba1553cf0d078812344556d5ccec6a8d8150fe-stackdriver-agent-5.5.2-382.el7.centos.x86_64.rpm is not installed
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0x3E1BA8D5:
 Userid     : "Google Cloud Packages RPM Signing Key <gc-team@google.com>"
 Fingerprint: 3749 e1ba 95a8 6ce0 5454 6ed2 f09c 394c 3e1b a8d5
 From       : https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
Restarting stackdriver-agent (via systemctl):              [  OK  ]

==============================================================================
Installation of stackdriver-agent-5.5.2-382 completed successfully.

Please consult the documentation for troubleshooting advice:
  https://cloud.google.com/monitoring/agent

You can monitor the monitoring agent's logfile at:
  /var/log/messages
==============================================================================
[centos@ip-172-31-35-119 ~]$

Stackdriver Logging エージェント

[centos@ip-172-31-35-119 ~]$ curl -sSO https://dl.google.com/cloudagents/install-logging-agent.sh
[centos@ip-172-31-35-119 ~]$ sudo bash install-logging-agent.sh
==============================================================================
Starting installation of google-fluentd
==============================================================================

Installing agents for RHEL or CentOS.
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
adding 'google-fluentd' group...
adding 'google-fluentd' user...
Installing default conffile...
prelink detected. Installing /etc/prelink.conf.d/google-fluentd-ruby.conf ...
Configure google-fluentd to start, when booting up the OS...
Starting google-fluentd (via systemctl):                   [  OK  ]
Restarting google-fluentd (via systemctl):                 [  OK  ]

==============================================================================
Installation of google-fluentd complete.

Logs from this machine should be visible in the log viewer at:
  https://console.cloud.google.com/logs/viewer?project=aws-sol1-test-aws-1534465677&resource=aws_ec2_instance/instance_id/i-07ad6ac199eea41b3

A test message has been sent to syslog to help verify proper operation.

Please consult the documentation for troubleshooting advice:
  https://cloud.google.com/logging/docs/agent

You can monitor the logging agent's logfile at:
  /var/log/google-fluentd/google-fluentd.log
==============================================================================
[centos@ip-172-31-35-119 ~]$

どっとはらい。