Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,090 --> 00:00:01,200
Okay, so in this lecture
2
00:00:01,200 --> 00:00:04,590
we're going to install the CloudWatch unified agent
3
00:00:04,590 --> 00:00:09,150
to collect metrics and log for Amazon EC2 instances.
4
00:00:09,150 --> 00:00:10,440
So to do so, very simple
5
00:00:10,440 --> 00:00:13,980
we're first going to have to create an IAM role.
6
00:00:13,980 --> 00:00:17,160
And this role will allow us to send metrics
7
00:00:17,160 --> 00:00:18,750
and logs to CloudWatch.
8
00:00:18,750 --> 00:00:22,350
So to do so let's go into roles, let's create a role
9
00:00:22,350 --> 00:00:25,620
and this is going to be a role for AWS service
10
00:00:25,620 --> 00:00:26,750
which is an EC2 instance.
11
00:00:26,750 --> 00:00:29,160
So we need to create an EC2 instance role
12
00:00:29,160 --> 00:00:30,330
and then we click on next.
13
00:00:30,330 --> 00:00:31,983
So EC2, just select EC2 here.
14
00:00:32,910 --> 00:00:34,950
Next, we need to find permission policies
15
00:00:34,950 --> 00:00:36,330
to apply to this role.
16
00:00:36,330 --> 00:00:38,580
So for this I'm going to type CloudWatchAgent
17
00:00:40,230 --> 00:00:41,310
and we have two
18
00:00:41,310 --> 00:00:44,610
we have the Server Policy and the Admin Policy.
19
00:00:44,610 --> 00:00:45,810
The one we're going to use right now
20
00:00:45,810 --> 00:00:47,393
is the CloudWatchAgentServerPolicy.
21
00:00:48,750 --> 00:00:50,430
And the reason we do so is that
22
00:00:50,430 --> 00:00:53,760
we want to be able to put metric data into CloudWatch
23
00:00:53,760 --> 00:00:55,710
also to send logs
24
00:00:55,710 --> 00:00:58,290
and finally to get parameters from SSM
25
00:00:58,290 --> 00:01:01,440
because it is possible for us to retrieve a CloudWatch
26
00:01:01,440 --> 00:01:04,020
unified agent configuration directly from SSM
27
00:01:04,020 --> 00:01:06,060
as we will see in this lecture.
28
00:01:06,060 --> 00:01:08,130
So this is enough. Let's click on next.
29
00:01:08,130 --> 00:01:10,710
And then the role name should be, for example
30
00:01:10,710 --> 00:01:14,970
Amazon EC2 role for CloudWatch.
31
00:01:14,970 --> 00:01:18,123
Okay. Let's create this role.
32
00:01:21,480 --> 00:01:22,770
And we're done.
33
00:01:22,770 --> 00:01:24,010
So next what I have to do is
34
00:01:24,010 --> 00:01:25,740
to create an EC2 instance
35
00:01:25,740 --> 00:01:28,020
that will be leveraging this role.
36
00:01:28,020 --> 00:01:30,810
So to do so let's go into the management console
37
00:01:30,810 --> 00:01:32,700
into the EC2 console.
38
00:01:32,700 --> 00:01:36,630
And then I'm going to create an EC2 instance.
39
00:01:36,630 --> 00:01:40,050
So I'll go into launch instance and we'll configure it.
40
00:01:40,050 --> 00:01:44,380
So we're going to use Amazon Linux 2 AMI
41
00:01:45,960 --> 00:01:47,673
and then I will use t2.micro.
42
00:01:48,510 --> 00:01:51,150
We don't need to select a key pair
43
00:01:51,150 --> 00:01:52,500
if we don't want to, which is fine.
44
00:01:52,500 --> 00:01:53,940
We'll use EC2 instance connect
45
00:01:53,940 --> 00:01:56,190
to connect to our EC2 instance.
46
00:01:56,190 --> 00:01:58,440
Then we need to create a new security group
47
00:01:58,440 --> 00:02:01,630
and we'll allow SSH and HTTP traffic
48
00:02:02,550 --> 00:02:04,380
the third one, from the internet
49
00:02:04,380 --> 00:02:06,330
because we'll be launching a web server
50
00:02:06,330 --> 00:02:07,800
and we'll get the log from that server.
51
00:02:07,800 --> 00:02:10,620
So we allow SSH to SSH to our instance
52
00:02:10,620 --> 00:02:15,090
and HTTP to allow port 80 traffic on to our EC2 instance.
53
00:02:15,090 --> 00:02:16,320
This is good.
54
00:02:16,320 --> 00:02:17,670
And then we're good to go.
55
00:02:17,670 --> 00:02:19,743
Let's launch this instance.
56
00:02:22,020 --> 00:02:23,320
Okay. So let's click on it
57
00:02:24,690 --> 00:02:26,520
and we're gonna find the instance right now.
58
00:02:26,520 --> 00:02:29,010
So let me wait for it to be ready.
59
00:02:29,010 --> 00:02:32,130
Okay. So our EC2 instance is now created.
60
00:02:32,130 --> 00:02:33,060
Let's connect to it
61
00:02:33,060 --> 00:02:38,060
using the EC2 instance user connect interface.
62
00:02:38,280 --> 00:02:41,030
So we establish a connection directly into the instance
63
00:02:42,720 --> 00:02:45,810
and now I'm able to issue a few commands.
64
00:02:45,810 --> 00:02:47,250
So the first one I'm going to do
65
00:02:47,250 --> 00:02:48,690
is to elevate my privileges.
66
00:02:48,690 --> 00:02:51,930
So I will do sudo su and now I am a super user
67
00:02:51,930 --> 00:02:53,280
on my instance.
68
00:02:53,280 --> 00:02:56,430
And I will do yum install HTTPD.
69
00:02:56,430 --> 00:02:59,070
This will install a web server and that web server
70
00:02:59,070 --> 00:03:00,060
I say yes.
71
00:03:00,060 --> 00:03:03,300
That web server is going to have traffic
72
00:03:03,300 --> 00:03:04,140
coming from the internet.
73
00:03:04,140 --> 00:03:06,630
And we'll take the log out of HTTP
74
00:03:06,630 --> 00:03:08,070
to connect to our instance
75
00:03:08,070 --> 00:03:09,810
to send that to CloudWatch logs
76
00:03:09,810 --> 00:03:13,500
So the HTTPD service is installed.
77
00:03:13,500 --> 00:03:16,770
And now we're just going to echo "hello world"
78
00:03:16,770 --> 00:03:21,770
into var/www/html/index.html.
79
00:03:23,370 --> 00:03:26,640
So now we have an index HTML file created.
80
00:03:26,640 --> 00:03:29,100
And we need to just start our HTTPD server.
81
00:03:29,100 --> 00:03:33,930
So for this, we'll do sudo systemctl start httpd
82
00:03:34,980 --> 00:03:37,860
This will effectively start our HTTPD service.
83
00:03:37,860 --> 00:03:41,820
And if wanted to allow also it to survive through restarts
84
00:03:41,820 --> 00:03:43,470
we will enable it.
85
00:03:43,470 --> 00:03:47,130
So now back into here, this is the public IP
86
00:03:47,130 --> 00:03:49,470
of my EC2 instance, which is great.
87
00:03:49,470 --> 00:03:51,000
And so if I visit it
88
00:03:51,000 --> 00:03:52,650
now I get the prompt hello world.
89
00:03:52,650 --> 00:03:55,200
So that means that we are indeed able
90
00:03:55,200 --> 00:03:57,390
to access our EC2 instance using
91
00:03:57,390 --> 00:03:59,670
this Apache web server.
92
00:03:59,670 --> 00:04:01,950
And now what I want to show you is that
93
00:04:01,950 --> 00:04:05,100
out of this, this created some log entries.
94
00:04:05,100 --> 00:04:07,410
So if we go into the file
95
00:04:07,410 --> 00:04:11,280
so I'll do cat /var/log/httpd
96
00:04:11,280 --> 00:04:13,920
and then we have access underscore log.
97
00:04:13,920 --> 00:04:17,010
This contains the request log of all
98
00:04:17,010 --> 00:04:19,230
the request made into our server.
99
00:04:19,230 --> 00:04:20,850
As you can see, we can find the fact that
100
00:04:20,850 --> 00:04:23,700
yes we did do a get right now.
101
00:04:23,700 --> 00:04:26,070
So also, should there be any errors
102
00:04:26,070 --> 00:04:28,710
we can do /error_log
103
00:04:28,710 --> 00:04:31,260
and we'll get a list of all the errors
104
00:04:31,260 --> 00:04:34,620
that are happening for our HTTPD server.
105
00:04:34,620 --> 00:04:36,750
So these two logs, the error log
106
00:04:36,750 --> 00:04:38,970
as well as the access log
107
00:04:38,970 --> 00:04:42,180
are the logs that I want to send into CloudWatch logs
108
00:04:42,180 --> 00:04:45,270
using the CloudWatch unify agents.
109
00:04:45,270 --> 00:04:47,610
So to do so, we can follow documentation
110
00:04:47,610 --> 00:04:49,350
but this is quite complicated.
111
00:04:49,350 --> 00:04:50,850
So it's to collect metrics and logs
112
00:04:50,850 --> 00:04:52,620
for Amazon EC2 instances
113
00:04:52,620 --> 00:04:56,103
and I've summarized all the instructions in the code.
114
00:04:57,540 --> 00:05:00,030
So the first thing we have to do is to install the agents
115
00:05:00,030 --> 00:05:01,410
on Amazon Linux 2
116
00:05:01,410 --> 00:05:03,330
and for this we can just run this command
117
00:05:03,330 --> 00:05:06,930
a sudo yum install of the Amazon CloudWatch agent.
118
00:05:06,930 --> 00:05:10,173
So, I say, yes and it's going to be installed.
119
00:05:11,070 --> 00:05:13,530
The next thing we have to do is to run a wizard.
120
00:05:13,530 --> 00:05:16,410
And this is to configure the CloudWatch agent.
121
00:05:16,410 --> 00:05:17,400
This is something we have to do once
122
00:05:17,400 --> 00:05:19,110
and then we'll store the configuration
123
00:05:19,110 --> 00:05:21,360
in the SSM parameter restore.
124
00:05:21,360 --> 00:05:24,270
And it will be retrieved at run time if we need to.
125
00:05:24,270 --> 00:05:26,190
So let's go ahead and clear this
126
00:05:26,190 --> 00:05:28,110
and we're going to run the wizard.
127
00:05:28,110 --> 00:05:28,943
So now it says
128
00:05:28,943 --> 00:05:31,050
on which OS are you planning to use the agent wave?
129
00:05:31,050 --> 00:05:32,370
So Linux.
130
00:05:32,370 --> 00:05:34,800
Then is this EC2 or On-Premises?
131
00:05:34,800 --> 00:05:36,300
This is EC2.
132
00:05:36,300 --> 00:05:39,930
We're going to run this as the route user.
133
00:05:39,930 --> 00:05:41,970
And do you want to turn on StatsD daemon?
134
00:05:41,970 --> 00:05:43,320
Why not? Yes.
135
00:05:43,320 --> 00:05:45,390
So I press one every time.
136
00:05:45,390 --> 00:05:47,850
What port do you want this daemon to listen to?
137
00:05:47,850 --> 00:05:50,430
So we'll just keep the default choice.
138
00:05:50,430 --> 00:05:52,740
Then what is the correct interval?
139
00:05:52,740 --> 00:05:55,590
We'll just keep it as default as well.
140
00:05:55,590 --> 00:05:57,330
So that means that the CloudWatch unified agent
141
00:05:57,330 --> 00:06:02,010
can also collect stuff from StatsD.
142
00:06:02,010 --> 00:06:04,800
Then we have, do we want to have aggregations?
143
00:06:04,800 --> 00:06:06,780
Yes. We'll aggregate them at 60 seconds interval
144
00:06:06,780 --> 00:06:08,190
which is the default.
145
00:06:08,190 --> 00:06:13,190
Do you want to collect metrics from CollectD?
146
00:06:13,350 --> 00:06:16,170
And it must be installed or the agent will fail to start.
147
00:06:16,170 --> 00:06:18,180
So it turns out that I don't have CollectD
148
00:06:18,180 --> 00:06:20,130
on this instance, but it is possible for us
149
00:06:20,130 --> 00:06:22,170
to enable this if we wanted to
150
00:06:22,170 --> 00:06:24,480
but because if we don't have it installed
151
00:06:24,480 --> 00:06:26,070
the agent will fail to start.
152
00:06:26,070 --> 00:06:28,230
We're just going to reply no to this answer.
153
00:06:28,230 --> 00:06:29,943
So I will enter two.
154
00:06:30,780 --> 00:06:32,670
Do you want to monitor any host metrics
155
00:06:32,670 --> 00:06:34,200
such as CPU, memory etcetera?
156
00:06:34,200 --> 00:06:35,033
Yes.
157
00:06:35,033 --> 00:06:37,920
And as you can see, using the CloudWatch unified agent
158
00:06:37,920 --> 00:06:40,530
I am able to have access to memories.
159
00:06:40,530 --> 00:06:42,480
So Ram is a metric you can access
160
00:06:42,480 --> 00:06:44,790
from within the EC2 instance.
161
00:06:44,790 --> 00:06:47,640
We can also collect CPU metrics at the core level.
162
00:06:47,640 --> 00:06:49,050
Again, something this is only possible
163
00:06:49,050 --> 00:06:54,050
by doing metric collection from within the EC2 instance.
164
00:06:54,600 --> 00:06:56,760
Do you want to add EC2 dimensions?
165
00:06:56,760 --> 00:06:58,560
Absolutely. Yes.
166
00:06:58,560 --> 00:06:59,700
And do you want to aggregate them?
167
00:06:59,700 --> 00:07:00,930
Why not?
168
00:07:00,930 --> 00:07:03,930
Then we have the high resolution metrics.
169
00:07:03,930 --> 00:07:05,160
So in case we have that
170
00:07:05,160 --> 00:07:07,320
we have the ability to customize
171
00:07:07,320 --> 00:07:08,220
which resolution will go on them.
172
00:07:08,220 --> 00:07:12,120
So one second, ten seconds, 30 seconds or 60 seconds.
173
00:07:12,120 --> 00:07:13,920
Now to keep cost under control
174
00:07:13,920 --> 00:07:16,110
I will keep it as 60 seconds.
175
00:07:16,110 --> 00:07:18,090
As you can see we can have a resolution
176
00:07:18,090 --> 00:07:19,443
down to one second.
177
00:07:20,370 --> 00:07:22,710
Now, which default metrics config do you want?
178
00:07:22,710 --> 00:07:25,380
Do you want basic, standard, advanced or none?
179
00:07:25,380 --> 00:07:27,723
So we'll keep the default as basic.
180
00:07:28,800 --> 00:07:31,659
And here now I have an entire JSON document
181
00:07:31,659 --> 00:07:34,140
of the configuration we just did.
182
00:07:34,140 --> 00:07:37,770
Which summarizes all the answers we have selected
183
00:07:37,770 --> 00:07:41,700
for the configuration of this CloudWatch unified agent.
184
00:07:41,700 --> 00:07:43,770
So this is good enough. You can have a look.
185
00:07:43,770 --> 00:07:45,030
Are we satisfied with the config?
186
00:07:45,030 --> 00:07:47,010
The answer is yes.
187
00:07:47,010 --> 00:07:49,950
Now, do we have any existing CloudWatch log agents
188
00:07:49,950 --> 00:07:52,170
from configuration file for migration?
189
00:07:52,170 --> 00:07:53,003
The answer is no.
190
00:07:53,003 --> 00:07:55,328
So there used to be before the unified agent
191
00:07:55,328 --> 00:07:57,420
there used to be an old thing called
192
00:07:57,420 --> 00:07:59,940
the Amazon CloudWatch log agents.
193
00:07:59,940 --> 00:08:01,440
And if you had that we could import it
194
00:08:01,440 --> 00:08:03,060
but we don't have this right now.
195
00:08:03,060 --> 00:08:04,080
So we'll say no.
196
00:08:04,080 --> 00:08:04,913
And as you can see
197
00:08:04,913 --> 00:08:07,200
now the unified agents does both metrics
198
00:08:07,200 --> 00:08:09,420
and log at the same time.
199
00:08:09,420 --> 00:08:11,320
Now, do you want to monitor any log files?
200
00:08:11,320 --> 00:08:13,080
We'll say yes.
201
00:08:13,080 --> 00:08:16,230
And now we need to enter the log file path.
202
00:08:16,230 --> 00:08:19,660
So for this is going to be var/log/httpd/access_log
203
00:08:22,620 --> 00:08:24,670
which is the first log file I showed you.
204
00:08:25,650 --> 00:08:28,770
And the group name is going to be access_log for it.
205
00:08:28,770 --> 00:08:31,800
And the log screen name is going to be perfect as well.
206
00:08:31,800 --> 00:08:34,118
And the log retention in days
207
00:08:34,118 --> 00:08:36,570
we could do minus one, for infinity
208
00:08:36,570 --> 00:08:39,903
or we could say, for example, five for seven day retention.
209
00:08:40,740 --> 00:08:43,950
And do you want to additionally specify other log files?
210
00:08:43,950 --> 00:08:45,840
The answer is yes. I want to.
211
00:08:45,840 --> 00:08:47,130
So we enter the path again.
212
00:08:47,130 --> 00:08:51,373
So var/log/httpd/error_log.
213
00:08:52,590 --> 00:08:53,880
Default group name we will keep.
214
00:08:53,880 --> 00:08:55,290
Default stream we keep.
215
00:08:55,290 --> 00:08:58,740
And then again, we'll have a seven day retention
216
00:08:58,740 --> 00:09:00,290
so I'll just enter number five.
217
00:09:01,560 --> 00:09:05,160
Okay. Do you want to specify any more logs we've done?
218
00:09:05,160 --> 00:09:06,900
So just no.
219
00:09:06,900 --> 00:09:09,330
And now we have another config right here.
220
00:09:09,330 --> 00:09:11,550
So now this contains some configuration
221
00:09:11,550 --> 00:09:14,850
for the logs, for our instance.
222
00:09:14,850 --> 00:09:18,000
So this is good enough and I'm good to go.
223
00:09:18,000 --> 00:09:20,083
So do you want to store this config now
224
00:09:20,083 --> 00:09:22,140
in the SSM parameter store?
225
00:09:22,140 --> 00:09:23,910
We will answer yes.
226
00:09:23,910 --> 00:09:24,930
But it will not work
227
00:09:24,930 --> 00:09:27,510
until we have the correct permissions.
228
00:09:27,510 --> 00:09:32,160
So currently this config file has been located and stored
229
00:09:32,160 --> 00:09:35,970
at this address right here, which is great for us
230
00:09:35,970 --> 00:09:39,120
but we want to send this into the SSM parameter store
231
00:09:39,120 --> 00:09:40,350
so that it can be retrieved
232
00:09:40,350 --> 00:09:43,110
by other EC2 instances at run time.
233
00:09:43,110 --> 00:09:46,410
So to do so, we need to store the config.
234
00:09:46,410 --> 00:09:48,368
We need to store the config, this one
235
00:09:48,368 --> 00:09:50,220
in the SSM parameter store
236
00:09:50,220 --> 00:09:52,290
And to do so we need the right permissions.
237
00:09:52,290 --> 00:09:55,620
But if we go into the role we created
238
00:09:55,620 --> 00:09:57,780
the Amazon EC2 role for CloudWatch
239
00:09:57,780 --> 00:10:01,410
which by the way we did not attach to the instance.
240
00:10:01,410 --> 00:10:02,340
Now that I just remembered it.
241
00:10:02,340 --> 00:10:04,020
So let's go back here.
242
00:10:04,020 --> 00:10:07,590
And of course, we'll do security
243
00:10:07,590 --> 00:10:09,150
and then modify IAM role
244
00:10:09,150 --> 00:10:10,650
and we'll need to attach
245
00:10:10,650 --> 00:10:13,320
this Amazon EC2 role for CloudWatch that I just created.
246
00:10:13,320 --> 00:10:15,750
So you see, comes full circle.
247
00:10:15,750 --> 00:10:17,520
So this is perfect.
248
00:10:17,520 --> 00:10:18,353
Even this role,
249
00:10:18,353 --> 00:10:21,360
if we look at the permission itself
250
00:10:21,360 --> 00:10:22,800
and we look at SSM
251
00:10:22,800 --> 00:10:24,360
it's allowed to get a parameter
252
00:10:24,360 --> 00:10:27,480
but not to send a parameter.
253
00:10:27,480 --> 00:10:31,030
So on one instance, we need to add the permissions
254
00:10:31,890 --> 00:10:33,390
to attach a policy
255
00:10:33,390 --> 00:10:36,740
and I will just type CloudWatch agent again
256
00:10:39,450 --> 00:10:41,970
and this time we'll attach the admin policy
257
00:10:41,970 --> 00:10:45,210
which has sufficient permission to put the parameter
258
00:10:45,210 --> 00:10:46,350
into SSM.
259
00:10:46,350 --> 00:10:48,960
And this is only needed when you do the setup
260
00:10:48,960 --> 00:10:50,763
of the CloudWatch unified agents.
261
00:10:51,600 --> 00:10:54,300
So we'll attach this policy. Now we have two policies.
262
00:10:54,300 --> 00:10:55,650
And now my EC2 instance
263
00:10:55,650 --> 00:10:58,080
should be able to perform this next action.
264
00:10:58,080 --> 00:10:59,400
So I will say, yes.
265
00:10:59,400 --> 00:11:01,740
Do you want to store it into the SSM parameter store?
266
00:11:01,740 --> 00:11:03,060
So, yes.
267
00:11:03,060 --> 00:11:05,040
And then what parameter name do you want to use?
268
00:11:05,040 --> 00:11:06,600
So we can just use the default choice.
269
00:11:06,600 --> 00:11:10,950
Amazon Linux, Amazon CloudWatch, minus Linux, press enter.
270
00:11:10,950 --> 00:11:13,320
And then which region do you want to store it in?
271
00:11:13,320 --> 00:11:16,257
So EUS one, which was retrieved directly from
272
00:11:16,257 --> 00:11:19,830
the EC2 metadata by this wizard.
273
00:11:19,830 --> 00:11:20,820
Perfect.
274
00:11:20,820 --> 00:11:22,230
Now which credential should be used?
275
00:11:22,230 --> 00:11:25,110
So the one from the SDK. I press enter.
276
00:11:25,110 --> 00:11:27,960
And then it says successfully put config to parameter store
277
00:11:27,960 --> 00:11:32,960
as Amazon CloudWatch Linux and the program exits now.
278
00:11:33,240 --> 00:11:36,130
So that means that if we go into Amazon Web Services
279
00:11:37,080 --> 00:11:41,160
and then we go into the SSM parameter store.
280
00:11:41,160 --> 00:11:43,083
So let's go into systems manager.
281
00:11:45,240 --> 00:11:47,343
And then find the parameter store.
282
00:11:48,690 --> 00:11:51,090
As we can see now I have one standard parameter
283
00:11:51,090 --> 00:11:53,340
called the Amazon CloudWatch Linux.
284
00:11:53,340 --> 00:11:54,690
And if I click on it
285
00:11:54,690 --> 00:11:56,010
and I look at the value, as you can see
286
00:11:56,010 --> 00:11:59,520
the value is this entire JSON file
287
00:11:59,520 --> 00:12:02,850
that was generated by this wizard.
288
00:12:02,850 --> 00:12:03,683
So it's amazing.
289
00:12:03,683 --> 00:12:07,770
So now the wizard is running and then this has been inserted
290
00:12:07,770 --> 00:12:10,020
into the SSM parameter store.
291
00:12:10,020 --> 00:12:14,490
And now we want to boot up from this parameter.
292
00:12:14,490 --> 00:12:17,370
So back onto our instance, let's clear this screen.
293
00:12:17,370 --> 00:12:20,280
So let's assume this is a whole new instance, okay?
294
00:12:20,280 --> 00:12:22,290
And what we want to do is to just boot up
295
00:12:22,290 --> 00:12:25,890
from this configuration from the SSM parameter store
296
00:12:25,890 --> 00:12:28,620
and start sending metrics and logs into CloudWatch.
297
00:12:28,620 --> 00:12:30,778
So to do so let's go back into our code.
298
00:12:30,778 --> 00:12:33,120
And for this, we have a few options.
299
00:12:33,120 --> 00:12:35,550
So this one can be deleted
300
00:12:35,550 --> 00:12:38,640
because we don't use the CollectD.
301
00:12:38,640 --> 00:12:40,260
So we have options here.
302
00:12:40,260 --> 00:12:43,890
So we can either start directly
303
00:12:43,890 --> 00:12:45,510
from the SSM parameter store.
304
00:12:45,510 --> 00:12:46,980
And this is this command right here.
305
00:12:46,980 --> 00:12:51,300
So the Amazon CloudWatch agent CTL to fetch a config
306
00:12:51,300 --> 00:12:54,810
from SSM at this address right here.
307
00:12:54,810 --> 00:12:56,790
And it's going to fetch the config
308
00:12:56,790 --> 00:12:58,380
we have inserted right here.
309
00:12:58,380 --> 00:12:59,550
So this should work.
310
00:12:59,550 --> 00:13:03,420
The other option is to instead provide a flat file.
311
00:13:03,420 --> 00:13:06,030
So config the JSON file that has been generated
312
00:13:06,030 --> 00:13:07,650
using the wizard, for example
313
00:13:07,650 --> 00:13:09,660
and then the agent can start the quiz
314
00:13:09,660 --> 00:13:11,670
from this static configuration file.
315
00:13:11,670 --> 00:13:13,860
But if you plan to use multiple instances
316
00:13:13,860 --> 00:13:15,360
start from the same file then
317
00:13:15,360 --> 00:13:18,060
it may be a good idea to store it into SSM.
318
00:13:18,060 --> 00:13:21,390
So I will use the command that boots up from SSM.
319
00:13:21,390 --> 00:13:23,880
I will paste it, press enter.
320
00:13:23,880 --> 00:13:26,820
And as you can see, it says
321
00:13:26,820 --> 00:13:30,840
that the configuration version is succeeded
322
00:13:30,840 --> 00:13:33,060
and then it should be good to go.
323
00:13:33,060 --> 00:13:36,600
So let's have a look and see if anything works.
324
00:13:36,600 --> 00:13:41,373
So let's go into the CloudWatch agents.
325
00:13:43,650 --> 00:13:45,090
So let's go into the CloudWatch service.
326
00:13:45,090 --> 00:13:46,460
So CloudWatch.
327
00:13:51,690 --> 00:13:52,523
Perfect.
328
00:13:54,810 --> 00:13:56,490
Let's make sure to use the same region
329
00:13:56,490 --> 00:13:58,940
my EC2 instance is in, which is EU-west-1.
330
00:14:02,130 --> 00:14:04,000
And then I will go into log groups
331
00:14:04,860 --> 00:14:07,890
and underneath we find access log and error log
332
00:14:07,890 --> 00:14:10,770
which are the two logs created by my unified agents.
333
00:14:10,770 --> 00:14:12,930
So under access log, I can find one log stream
334
00:14:12,930 --> 00:14:15,120
which represents my EC2 instance.
335
00:14:15,120 --> 00:14:16,290
And as you can see
336
00:14:16,290 --> 00:14:19,410
we have the two events we saw from before.
337
00:14:19,410 --> 00:14:22,260
Now the cool thing is that if I refresh this page right here
338
00:14:22,260 --> 00:14:23,970
one or two or three times
339
00:14:23,970 --> 00:14:24,803
at some point
340
00:14:24,803 --> 00:14:27,900
the events are going to end up in this log.
341
00:14:27,900 --> 00:14:28,800
So as you can see now
342
00:14:28,800 --> 00:14:32,550
the events have been written by the CloudWatch log agents
343
00:14:32,550 --> 00:14:33,510
unified agents
344
00:14:33,510 --> 00:14:36,270
into this log right here, which is amazing.
345
00:14:36,270 --> 00:14:38,910
And again, if you went into the error log
346
00:14:38,910 --> 00:14:41,100
you will find the log stream right here
347
00:14:41,100 --> 00:14:43,560
that contains the error log stream, if we need to.
348
00:14:43,560 --> 00:14:45,000
So this is perfect.
349
00:14:45,000 --> 00:14:45,930
Now what about metrics?
350
00:14:45,930 --> 00:14:49,560
So if we go into all metrics, we can find a name space
351
00:14:49,560 --> 00:14:52,590
custom name space called CloudWatch agents, CW agents.
352
00:14:52,590 --> 00:14:55,830
And then we can go, for example, by instance ID
353
00:14:55,830 --> 00:14:59,160
and here find the memory used percent
354
00:14:59,160 --> 00:15:01,290
which represents how much ram is being used
355
00:15:01,290 --> 00:15:03,120
by my EC2 instance.
356
00:15:03,120 --> 00:15:05,340
Or the disc used percent and so on.
357
00:15:05,340 --> 00:15:06,859
And you can explore the different metrics.
358
00:15:06,859 --> 00:15:10,481
Here we have the mem used percent again,
359
00:15:10,481 --> 00:15:14,010
but by image ID and with other dimensions and so on.
360
00:15:14,010 --> 00:15:16,620
And here we have six metrics available to us
361
00:15:16,620 --> 00:15:17,790
that are right here.
362
00:15:17,790 --> 00:15:20,760
And it's possible for you to explore the documentation.
363
00:15:20,760 --> 00:15:23,910
And here you can find at some point
364
00:15:23,910 --> 00:15:25,500
you can find all the metrics
365
00:15:25,500 --> 00:15:28,500
that are collected by the CloudWatch agents
366
00:15:28,500 --> 00:15:29,333
they're right here
367
00:15:29,333 --> 00:15:31,920
and the explanations are self explicit.
368
00:15:31,920 --> 00:15:33,570
But you can, just to summarize
369
00:15:33,570 --> 00:15:36,840
collect some CPU metrics, which are very handy.
370
00:15:36,840 --> 00:15:39,510
You can collect as well, some disc space
371
00:15:39,510 --> 00:15:42,240
and IO and so on for your disc.
372
00:15:42,240 --> 00:15:45,720
You can also get information around your mem
373
00:15:45,720 --> 00:15:49,980
so active, available, cached, free and so on.
374
00:15:49,980 --> 00:15:50,813
This is very helpful.
375
00:15:50,813 --> 00:15:53,070
Some network information.
376
00:15:53,070 --> 00:15:55,800
So a number of packets in and out and so on.
377
00:15:55,800 --> 00:15:57,960
And then information about your processes
378
00:15:57,960 --> 00:15:59,520
running on your EC2 instances.
379
00:15:59,520 --> 00:16:01,783
So how many are idle, how many you're running
380
00:16:01,783 --> 00:16:05,160
et cetera, et cetera, which is very, very helpful.
381
00:16:05,160 --> 00:16:07,170
And finally, the swap that you have
382
00:16:07,170 --> 00:16:09,630
on your machine free, used and so on.
383
00:16:09,630 --> 00:16:13,094
So that's it, we've successfully configured
384
00:16:13,094 --> 00:16:15,300
the CloudWatch AI unified agent.
385
00:16:15,300 --> 00:16:19,260
We stored the configuration in SSM and retrieved it
386
00:16:19,260 --> 00:16:20,910
and we're good to go.
387
00:16:20,910 --> 00:16:25,020
Okay. So just to be done, if you are in the DevOps course
388
00:16:25,020 --> 00:16:27,480
you need to keep this instance running.
389
00:16:27,480 --> 00:16:29,490
But if you are in the CSOPs course
390
00:16:29,490 --> 00:16:31,260
then you can terminate this instance
391
00:16:31,260 --> 00:16:32,670
and you'll be good to go.
392
00:16:32,670 --> 00:16:33,503
All right, that's it.
393
00:16:33,503 --> 00:16:34,336
I hope you liked it.
394
00:16:34,336 --> 00:16:36,210
And I will see you in the next lecture.
31043
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.