Introduction
In this guide I'll explain how to send data from a NON-AWS linux server to Cloudwatch to track disc space.
This guide though doesn't include creating alerts based on the metric.
This guide will also omit creating guide on basic IAM policy creation.
Configure CWAgent
Download the latest version:
wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
Install the agent
sudo dpkg -i -E ./amazon-cloudwatch-agent.deb
Create a file here. This will be your configuration file the agent will consume.
sudo vim /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
Here's a simple example config file.
{
"agent": {
"metrics_collection_interval": 60,
"run_as_user": "cwagent"
},
"metrics": {
"metrics_collected": {
"disk": {
"measurement": [
"used_percent"
],
"metrics_collection_interval": 60,
"resources": [
"/"
]
}
}
}
}
Permissions
If there's already an AWS user set up on your Linux machine, you can use that.
Your AWS credentials are in ~/.aws/credentials
, and your config is in ~/.aws/config
The AWS credentials file should look something like this:
[default]
aws_access_key_id = your_access_key_id
aws_secret_access_key = your_secret_key
[default] is the profile name. Feel free to - alternatively - duplicate the above and add another profile below with different access_key_id and secret_access_key, like so:
[default]
aws_access_key_id = your_access_key_id
aws_secret_access_key = your_secret_key
[CWagent]
aws_access_key_id = your_CWagent_access_key_id
aws_secret_access_key = your_CWagent_secret_key
Your config file mentioned earlier should look something like this:
[default]
region = eu-west-1
Similarly, you can duplicate the profile and add a different region.
If you don't have these files, you're missing AWS CLI. You can follow the installation steps to download and install it: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
The above mentioned profiles with their respective access_keys need to correspond to an IAM user with appropriate permisson.
The permission you want to give to that user in order to create logs is :
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/CloudWatchAgentServerPolicy.html
That's the only permission it requires.
Once you have the permissions and you've configured AWS CLI with the above, with an appropriate profile, you need to modify a file in the agent config:
sudo vim /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml
You'll see something like this. Uncomment the [credentials] and add your own path and profile:
That's all the configuration!
Once done, you can start CWagent:
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json -s
This will start CWagent with the appropriate config file you crafted above.
At some point CWagent "consumes" this file and creates a .toml file from it, so don't be surprised if it disappears.
You should also see some commands running in your terminal as it starts up.
You can then check the status after that with:
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m onPremise -a status
which should have an output like this:
You may see "stopped" or "unconfigured", which then indicates that's something wrong with your config file. In that case, re-create the json file above and start CWAgent once again.
You can also check the logs:
cat /opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log
Which usually tells you what's the issue.
Done!
Once this is done, you can go to Cloudwatch metrics => CWagent