CloudWatch Agent
IAM ์์ฑ
SSM/ Cloudwatch agent์ค์น๋ฅผ ์ํ IAM role์ ec2์ ์ ์ฉํ๋ค.
- ํด๋น ๊ถํ ๊ด๋ จ role ์์ฑ
cloudwatch agent ์ค์น ๋ฐ ์ธํฐ๋ท ์์ธ์ค ํ์ธ
์ฐธ์กฐ ๋งํฌ : https://docs.aws.amazon.com/ko_kr/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
cloudwatch agent ๊ตฌ์ฑ ํ์ผ ์์ฑ ๋ฐ ์คํ
- cloud watch agent ์ ์๋ ์งํ ๋ชฉ๋ก
- ๊ตฌ์ฑ ํ์ผ์ค์
On which OS are you planning to use the agent? 1. linux 2. windows default choice: [1]: Trying to fetch the default region based on ec2 metadata... Are you using EC2 or On-Premises hosts? 1. EC2 2. On-Premises default choice: [1]: Which user are you planning to run the agent? 1. root 2. cwagent 3. others default choice: [1]: Do you want to turn on StatsD daemon? 1. yes 2. no default choice: [1]: [StatsD ๋ฐ๋ชฌ turn on ์ ํ ์ ์ดํ run Command ๊ณผ์ ์ด ์คํจํ ์ ์์ต๋๋ค.] Do you want to monitor metrics from CollectD? 1. yes 2. no default choice: [1]: [CollectD ๋ฐ๋ชฌ turn on ์ ํ ์ ์ดํ run Command ๊ณผ์ ์ด ์คํจํ ์ ์์ต๋๋ค.] Do you want to monitor any host metrics? e.g. CPU, memory, etc. 1. yes 2. no default choice: [1]: Do you want to monitor cpu metrics per core? Additional CloudWatch charges may apply. 1. yes 2. no default choice: [1]: [์ฝ์ด๋น cpu ์งํ๋ฅผ ์์งํ๊ธฐ๋ฅผ ์ํ๋ค๋ฉด yes๋ฅผ ์ ํํ์ญ์์ค.] Do you want to add ec2 dimensions (ImageId, InstanceId, InstanceType, AutoScalingGroupName) into all of your metrics if the info is available? 1. yes 2. no default choice: [1]: Would you like to collect your metrics at high resolution (sub-minute resolution)? This enables sub-minute resolution for all metrics, but you can customize for specific metrics in the output json file. 1. 1s 2. 10s 3. 30s 4. 60s default choice: [4]: [์ํ๋ ์งํ ์์ง ๊ฐ๊ฒฉ์ ์ค์ ํ๋ฉด ๋ฉ๋๋ค.] Which default metrics config do you want? 1. Basic 2. Standard 3. Advanced 4. None default choice: [1]: Are you satisfied with the above config? Note: it can be manually customized after the wizard completes to add additional items. 1. yes 2. no default choice: [1]: Do you have any existing CloudWatch Log Agent (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AgentReference.html) configuration file to import for migration? 1. yes 2. no default choice: [2]: Do you want to monitor any log files? 1. yes 2. no default choice: [1]: Log file path: ////์๋์ฐ์ ๊ฒฝ์ฐ ๋ก๊ทธ ํ์ผ์ด ์กด์ฌํ๋ ์์น ๋ค์ * ๋ ๋ถ์ฌ์ฃผ์๋ ๊ฒ์ด ์ข์ต๋๋ค. /var/log/messages Log group name: default choice: [messages] Log stream name: default choice: [{instance_id}] Do you want to specify any additional log files to monitor? 1. yes 2. no default choice: [1]: Log file path: /var/log/secure Log group name: default choice: [secure] Log stream name: default choice: [{instance_id}] Do you want to specify any additional log files to monitor? 1. yes 2. no default choice: [1]: 2 Do you want to store the config in the SSM parameter store? 1. yes 2. no default choice: [1]: [ SSM parameter store์ ์ ์ฅํด์ผ ์ดํ run Command๋ฅผ ์ํํ ์ ์์ต๋๋ค.] What parameter store name do you want to use to store your config? (Use 'AmazonCloudWatch-' prefix if you use our managed AWS policy) default choice: [AmazonCloudWatch-linux] Trying to fetch the default region based on ec2 metadata... Which region do you want to store the config in the parameter store? default choice: [ap-northeast-2] Which AWS credential should be used to send json config to parameter store? 1. ASIAZYLTNL6RST6A4O44(From SDK) 2. Other default choice: [1]: Successfully put config to parameter store AmazonCloudWatch-linux. Program exits now.
ํ๊ฒฝ์ ๋ง๋ ๊ตฌ์ฑํ์ผ ์์ฑ
- ์คํ ๋ช
๋ น
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json -s
- cloudwatch ์งํ ์์ฑ
- cloud watch agent ์ ์๋ ์งํ ๋ชฉ๋ก
SSM Agent ์ฌ์ฉ
IAM role ์์ฑ
๊ธฐ๋ณธ์ ์ธ amazon Linux๋ SSM agent๊ฐ ์ค์น๋์ด์์ผ๋, ๋ค๋ฅธ OS๋ ์ถ๊ฐ์ค์นํ์
- role ์์ฑ
ํด๋น role ์ค cloudwatchadmin policy๋ watch agent ๊ตฌ์ฑ ํ์ผ์ ssm ํ๋ผ๋ฏธํฐ ์คํ ์ด์ ์ ์ฅํ๊ธฐ์ํจ
- system manger์ ๊ด๋ฆฌํ ์ธ์คํด์ค
- SSM Agent ์ต์ ๋ฒ์
- Outbound ์ธํฐ๋ท ํต์
- SSM๊ณผ ํต์ ํ๊ธฐ ์ํ ๊ถํ(IAM Role)
ํด๋น ์กฐ๊ฑด์ ์ถฉ์กฑํด์ผ๋ง ssm์ ๋ฑ๋ก๊ฐ๋ฅ
- role ์์ฑ
ssm ์ํตํ Cloudwatch agent ๋ค์ด๋ก๋
- run command ์คํ
- Agent ์ค์น
- ์กฐ๊ฑด ์ค์
- ๋์ ์ง์
- ๋ช
๋ น ์คํ ํ์ธ
Cloudwatch agent - configํ์ผ โ parameter store ์ ์ฅ
- ๋์ ์ค ํ๋์ ์ธ์คํด์ค์์๋ง ssh์ ์
ํธ์๋ฅผ ์ํด ssm์ผ๋ก ์ ์
- ์์ ๊ตฌ์ฑํ ๊ฒ์ฒ๋ผ config ๊ตฌ์ฑ
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
- ํ๋ผ๋ฏธํฐ ์คํ ์ด์ ์ ์ฅ ํ์ธ
- ๋์ ์ค ํ๋์ ์ธ์คํด์ค์์๋ง ssh์ ์
cloudwatch agent ์์ ๋ฐ ๊ตฌ์ฑํ์ผ ์ ์ฉ
- CloudWatch Agent์ ๋ฏธ๋ฆฌ ์ ์๋ ์งํ ๋ชฉ๋ก
- ๋ฏธ๋ฆฌ ๊ตฌ์ฑ๋ ํ๋ผ๋ฏธํฐ๋ฅผ ์ด์ฉํ์ฌ runcommand ์ ์ฉ
- ๋์ ์ง์
์์ Cloudwatch agent๋ ์ค์น ํ์์ผ๋๊ตฌ์ฑํ์ผ์ด ์ ์ฉ์ด ์๋์์ผ๋ฏ๋ก ๊ตฌ์ฑํ์ผ์ ์ฉ
- ์ฑ๊ณต ํ์ธ
๊ฒฐ๊ณผ ํ์ธ
'aws' ์นดํ ๊ณ ๋ฆฌ์ ๋ค๋ฅธ ๊ธ
RDS โ s3 ๋ฐฑ์ (0) | 2021.03.29 |
---|---|
Elastisearch ๋ฅผ ์ฌ์ฉ VPC FLOWLOGS (0) | 2021.03.29 |
lb -acm ์ธ์ฆ์๋ฅผ ์ด์ฉํ ์ ์ (0) | 2021.02.09 |
route 53 ๋๋ฉ์ธ ์ฐ๊ฒฐ (0) | 2021.02.09 |
RDS-multi AZ/RR ๊ตฌ์ฑ ์ค์ต (0) | 2021.02.03 |
Uploaded by Notion2Tistory v1.1.0