๐Ÿ’ก
EC2 ๋ฐ On-premise ์„œ๋ฒ„์—์„œ Cloudwatch๋กœ ๋กœ๊ทธ๋ฅผ ์ „์†กํ•˜์—ฌ ์‚ฌ์šฉ๋ฅ ์„ ํ™•์ธํ•˜๋„๋ก ์„ค์ •ํ•˜๊ธฐ์œ„ํ•จ์ด๋‹ค. ๋‹จ์ผ ์ธ์Šคํ„ด์Šค๋กœ CloudWatch Agent๋ฅผ ์„ค์น˜์‹œ์™€ ๋‹ค์ค‘ ์ธ์Šคํ„ด์Šค๋“ค์„ CloudWatch Agent ์„ค์น˜์‹œ์˜ ๊ณผ์ •์„ ์ง„ํ–‰ํ•ด ๋ณด๊ฒ ๋‹ค.

CloudWatch Agent

  • IAM ์ƒ์„ฑ

    SSM/ Cloudwatch agent์„ค์น˜๋ฅผ ์œ„ํ•œ IAM role์„ ec2์— ์ ์šฉํ•œ๋‹ค.

    1. ํ•ด๋‹น ๊ถŒํ•œ ๊ด€๋ จ role ์ƒ์„ฑ

  • cloudwatch agent ๊ตฌ์„ฑ ํŒŒ์ผ ์ƒ์„ฑ ๋ฐ ์‹คํ–‰

    ์ฐธ์กฐ : https://docs.aws.amazon.com/ko_kr/AmazonCloudWatch/latest/monitoring/create-cloudwatch-agent-configuration-file-wizard.html#cloudwatch-agent-running-wizard

    • cloud watch agent ์ •์˜๋œ ์ง€ํ‘œ ๋ชฉ๋ก

    1. ๊ตฌ์„ฑ ํŒŒ์ผ์„ค์ •
      On which OS are you planning to use the agent?
1. linux
2. windows
default choice: [1]:

Trying to fetch the default region based on ec2 metadata...
Are you using EC2 or On-Premises hosts?
1. EC2
2. On-Premises
default choice: [1]:

Which user are you planning to run the agent?
1. root
2. cwagent
3. others
default choice: [1]:

Do you want to turn on StatsD daemon?
1. yes
2. no
default choice: [1]:
[StatsD ๋ฐ๋ชฌ turn on ์„ ํƒ ์‹œ ์ดํ›„ run Command ๊ณผ์ •์ด ์‹คํŒจํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.]

Do you want to monitor metrics from CollectD?
1. yes
2. no
default choice: [1]:
[CollectD ๋ฐ๋ชฌ turn on ์„ ํƒ ์‹œ ์ดํ›„ run Command ๊ณผ์ •์ด ์‹คํŒจํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.]

Do you want to monitor any host metrics? e.g. CPU, memory, etc.
1. yes
2. no
default choice: [1]:

Do you want to monitor cpu metrics per core? Additional CloudWatch charges may apply.
1. yes
2. no
default choice: [1]:
[์ฝ”์–ด๋‹น cpu ์ง€ํ‘œ๋ฅผ ์ˆ˜์ง‘ํ•˜๊ธฐ๋ฅผ ์›ํ•œ๋‹ค๋ฉด yes๋ฅผ ์„ ํƒํ•˜์‹ญ์‹œ์˜ค.]

Do you want to add ec2 dimensions (ImageId, InstanceId, InstanceType, AutoScalingGroupName) into all of your metrics if the info is available?
1. yes
2. no
default choice: [1]:

Would you like to collect your metrics at high resolution (sub-minute resolution)? This enables sub-minute resolution for all metrics, but you can customize for specific metrics in the output json file.
1. 1s
2. 10s
3. 30s
4. 60s
default choice: [4]:
[์›ํ•˜๋Š” ์ง€ํ‘œ ์ˆ˜์ง‘ ๊ฐ„๊ฒฉ์„ ์„ค์ •ํ•˜๋ฉด ๋ฉ๋‹ˆ๋‹ค.]

Which default metrics config do you want?
1. Basic
2. Standard
3. Advanced
4. None
default choice: [1]:

Are you satisfied with the above config? Note: it can be manually customized after the wizard completes to add additional items.
1. yes
2. no
default choice: [1]:

Do you have any existing CloudWatch Log Agent (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AgentReference.html) configuration file to import for migration?
1. yes
2. no
default choice: [2]:

Do you want to monitor any log files?
1. yes
2. no
default choice: [1]:

Log file path:  ////์œˆ๋„์šฐ์˜ ๊ฒฝ์šฐ ๋กœ๊ทธ ํŒŒ์ผ์ด ์กด์žฌํ•˜๋Š” ์œ„์น˜ ๋’ค์— * ๋„ ๋ถ™์—ฌ์ฃผ์‹œ๋Š” ๊ฒƒ์ด ์ข‹์Šต๋‹ˆ๋‹ค.
/var/log/messages
Log group name:
default choice: [messages]

Log stream name:
default choice: [{instance_id}]

Do you want to specify any additional log files to monitor?
1. yes
2. no
default choice: [1]:

Log file path:
/var/log/secure
Log group name:
default choice: [secure]

Log stream name:
default choice: [{instance_id}]

Do you want to specify any additional log files to monitor?
1. yes
2. no
default choice: [1]:
2

Do you want to store the config in the SSM parameter store?
1. yes
2. no
default choice: [1]:
[ SSM parameter store์— ์ €์žฅํ•ด์•ผ ์ดํ›„ run Command๋ฅผ ์ˆ˜ํ–‰ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.]

What parameter store name do you want to use to store your config? 
(Use 'AmazonCloudWatch-' prefix if you use our managed AWS policy)
default choice: [AmazonCloudWatch-linux]

Trying to fetch the default region based on ec2 metadata...
Which region do you want to store the config in the parameter store?
default choice: [ap-northeast-2]

Which AWS credential should be used to send json config to parameter store?
1. ASIAZYLTNL6RST6A4O44(From SDK)
2. Other
default choice: [1]:

Successfully put config to parameter store AmazonCloudWatch-linux.
Program exits now.
      • ํ™˜๊ฒฝ์— ๋งž๋Š” ๊ตฌ์„ฑํŒŒ์ผ ์ƒ์„ฑ
    1. ์‹คํ–‰ ๋ช…๋ น
      sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json -s
    1. cloudwatch ์ง€ํ‘œ ์ƒ์„ฑ

SSM Agent ์‚ฌ์šฉ

  • IAM role ์ƒ์„ฑ

    ๊ธฐ๋ณธ์ ์ธ amazon Linux๋Š” SSM agent๊ฐ€ ์„ค์น˜๋˜์–ด์žˆ์œผ๋‚˜, ๋‹ค๋ฅธ OS๋Š” ์ถ”๊ฐ€์„ค์น˜ํ•„์š”

    1. role ์ƒ์„ฑ
      • ํ•ด๋‹น role ์ค‘ cloudwatchadmin policy๋Š” watch agent ๊ตฌ์„ฑ ํŒŒ์ผ์„ ssm ํŒŒ๋ผ๋ฏธํ„ฐ ์Šคํ† ์–ด์˜ ์ €์žฅํ•˜๊ธฐ์œ„ํ•จ
    1. system manger์˜ ๊ด€๋ฆฌํ˜• ์ธ์Šคํ„ด์Šค
      • SSM Agent ์ตœ์‹  ๋ฒ„์ „
      • Outbound ์ธํ„ฐ๋„ท ํ†ต์‹ 
      • SSM๊ณผ ํ†ต์‹ ํ•˜๊ธฐ ์œ„ํ•œ ๊ถŒํ•œ(IAM Role)
      • ํ•ด๋‹น ์กฐ๊ฑด์„ ์ถฉ์กฑํ•ด์•ผ๋งŒ ssm์˜ ๋“ฑ๋ก๊ฐ€๋Šฅ

  • ssm ์„ํ†ตํ•œ Cloudwatch agent ๋‹ค์šด๋กœ๋“œ
    1. run command ์‹คํ–‰
    1. Agent ์„ค์น˜
      1. ์กฐ๊ฑด ์„ค์ •
      1. ๋Œ€์ƒ ์ง€์ •
      1. ๋ช…๋ น ์‹คํ–‰ ํ™•์ธ

  • Cloudwatch agent - configํŒŒ์ผ โ†’ parameter store ์ €์žฅ
    1. ๋Œ€์ƒ ์ค‘ ํ•˜๋‚˜์˜ ์ธ์Šคํ„ด์Šค์—์„œ๋งŒ ssh์ ‘์†
      • ํŽธ์˜๋ฅผ ์œ„ํ•ด ssm์œผ๋กœ ์ ‘์†
    1. ์•ž์„œ ๊ตฌ์„ฑํ•œ ๊ฒƒ์ฒ˜๋Ÿผ config ๊ตฌ์„ฑ
      sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
    1. ํŒŒ๋ผ๋ฏธํ„ฐ ์Šคํ† ์–ด์— ์ €์žฅ ํ™•์ธ

  • cloudwatch agent ์‹œ์ž‘ ๋ฐ ๊ตฌ์„ฑํŒŒ์ผ ์ ์šฉ
    • CloudWatch Agent์˜ ๋ฏธ๋ฆฌ ์ •์˜๋œ ์ง€ํ‘œ ๋ชฉ๋ก
    1. ๋ฏธ๋ฆฌ ๊ตฌ์„ฑ๋œ ํŒŒ๋ผ๋ฏธํ„ฐ๋ฅผ ์ด์šฉํ•˜์—ฌ runcommand ์ ์šฉ
    1. ๋Œ€์ƒ ์ง€์ •
      • ์•ž์„œ Cloudwatch agent๋Š” ์„ค์น˜ ํ•˜์˜€์œผ๋‚˜๊ตฌ์„ฑํŒŒ์ผ์ด ์ ์šฉ์ด ์•ˆ๋˜์—ˆ์œผ๋ฏ€๋กœ ๊ตฌ์„ฑํŒŒ์ผ์ ์šฉ
    1. ์„ฑ๊ณต ํ™•์ธ

  • ๊ฒฐ๊ณผ ํ™•์ธ

Uploaded by Notion2Tistory v1.1.0

'aws' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

RDS โ†’ s3 ๋ฐฑ์—…  (0) 2021.03.29
Elastisearch ๋ฅผ ์‚ฌ์šฉ VPC FLOWLOGS  (0) 2021.03.29
lb -acm ์ธ์ฆ์„œ๋ฅผ ์ด์šฉํ•œ ์ ‘์†  (0) 2021.02.09
route 53 ๋„๋ฉ”์ธ ์—ฐ๊ฒฐ  (0) 2021.02.09
RDS-multi AZ/RR ๊ตฌ์„ฑ ์‹ค์Šต  (0) 2021.02.03

+ Recent posts

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”