Track free disk space with Cloudwatch

·

3 min read

Track free disk space with Cloudwatch

Introduction

In this guide I'll explain how to send data from a NON-AWS linux server to Cloudwatch to track disc space.

This guide though doesn't include creating alerts based on the metric.
This guide will also omit creating guide on basic IAM policy creation.

Configure CWAgent

Download the latest version:

wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb

Install the agent

sudo dpkg -i -E ./amazon-cloudwatch-agent.deb

Create a file here. This will be your configuration file the agent will consume.

sudo vim /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json

Here's a simple example config file.

{
  "agent": {
    "metrics_collection_interval": 60,
    "run_as_user": "cwagent"
  },
  "metrics": {
    "metrics_collected": {
      "disk": {
        "measurement": [
          "used_percent"
        ],
        "metrics_collection_interval": 60,
        "resources": [
          "/"
        ]
      }
    }
  }
}

Permissions

If there's already an AWS user set up on your Linux machine, you can use that.

Your AWS credentials are in ~/.aws/credentials , and your config is in ~/.aws/config

The AWS credentials file should look something like this:

[default]
aws_access_key_id = your_access_key_id
aws_secret_access_key = your_secret_key

[default] is the profile name. Feel free to - alternatively - duplicate the above and add another profile below with different access_key_id and secret_access_key, like so:

[default]
aws_access_key_id = your_access_key_id
aws_secret_access_key = your_secret_key
[CWagent]
aws_access_key_id = your_CWagent_access_key_id
aws_secret_access_key = your_CWagent_secret_key

Your config file mentioned earlier should look something like this:

[default]
region = eu-west-1

Similarly, you can duplicate the profile and add a different region.

If you don't have these files, you're missing AWS CLI. You can follow the installation steps to download and install it: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html

The above mentioned profiles with their respective access_keys need to correspond to an IAM user with appropriate permisson.

The permission you want to give to that user in order to create logs is :
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/CloudWatchAgentServerPolicy.html

That's the only permission it requires.

Once you have the permissions and you've configured AWS CLI with the above, with an appropriate profile, you need to modify a file in the agent config:

sudo vim /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml

You'll see something like this. Uncomment the [credentials] and add your own path and profile:

That's all the configuration!

Once done, you can start CWagent:

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json -s

This will start CWagent with the appropriate config file you crafted above.
At some point CWagent "consumes" this file and creates a .toml file from it, so don't be surprised if it disappears.
You should also see some commands running in your terminal as it starts up.

You can then check the status after that with:

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m onPremise -a status

which should have an output like this:

You may see "stopped" or "unconfigured", which then indicates that's something wrong with your config file. In that case, re-create the json file above and start CWAgent once again.

You can also check the logs:

cat /opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log

Which usually tells you what's the issue.

Done!

Once this is done, you can go to Cloudwatch metrics => CWagent