절차
1. EC2 생성
2. IAM Role 생성
3. EC2에 IAM Role 연결
4. Cloudwatch-agent 설치
5. Cloudwatch-agent config.json 생성/설정
6. Cloudwatch-agent 시작
7. 로그그룹 생성
8. 로그스트림 생성
9. 로그 확인
10. SSM을 통한 Run command 수행

 

1. EC2 생성 후 IAM Role 연결

EC2 생성 후 IAM Role 연결/바꾸기 선택
새 IAM 역할 생성 클릭

 

IAM Role 생성시 정책 두가지 연결 (CloudWatchAgentServerPolicy, AmazonSSMFullAccess)

 

EC2에 적용한 IAM Role 확인

 

4. Cloudwatch-agent 설치
$ wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm

$ sudo rpm -U ./amazon-cloudwatch-agent.rpm

 

5. Cloudwatch-agent config.json 생성/설정

amazon-cloudwatch-agent-config-wizard를 실행하여 기본설정을 시작한다.

$ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard

$ sudo vi /opt/aws/amazon-cloudwatch-agent/bin/config.json

file_path, log_group_name, log_stream_name을 셋팅해준다.

{
        "agent": {
                "metrics_collection_interval": 10,
                "run_as_user": "root",
                "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log"
        },
        "logs": {
                "logs_collected": {
                        "files": {
                                "collect_list": [
                                        {
                                                "file_path": "/home/ubuntu/logs/spring-boot-logging.log",
                                                "log_group_name": "spring-boot-logging",
                                                "log_stream_name": "{instance_id}"
                                        }
                                ]
                        }
                }
        },
        "metrics": {
                "append_dimensions": {
                        "AutoScalingGroupName": "${aws:AutoScalingGroupName}",
                        "ImageId": "${aws:ImageId}",
                        "InstanceId": "${aws:InstanceId}",
                        "InstanceType": "${aws:InstanceType}"
                },
                "metrics_collected": {
                        "collectd": {
                                "metrics_aggregation_interval": 60
                        },
                        "disk": {
                                "measurement": [
                                        "used_percent"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "mem": {
                                "measurement": [
                                        "mem_used_percent"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "statsd": {
                                "metrics_aggregation_interval": 60,
                                "metrics_collection_interval": 10,
                                "service_address": ":8125"
                        }
                }
        }
}

 

6. Cloudwatch-agent 시작

 

Cloudwatch-agent 중지

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a stop

 

위에서 수정한 config.json을 사용해 설정 파일 업데이트 후 시작 

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json -s

 

에러발생 시 /usr/share/collectd/types.db 파일이 없다는 에러발생시 types.db 파일생성

$ mkdir /usr/share/collectd
$ cd /usr/share/collectd
$ touch types.db

 

/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log 로그 확인하여 정상기동되었음을 확인

2020/03/18 13:30:23 I! I! Detected the instance is EC2
2020/03/18 13:30:23 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ...
/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json does not exist or cannot read. Skipping it.
2020/03/18 13:30:23 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_config.json ...
Valid Json input schema.
I! Detecting runasuser...
No csm configuration found.
Configuration validation first phase succeeded
 
2020/03/18 13:30:23 I! Config has been translated into TOML /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml 
2020/03/18 13:30:23 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ...
2020/03/18 13:30:23 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_config.json ...
2020/03/18 13:30:23 I! Detected runAsUser: root
2020/03/18 13:30:23 I! Change ownership to root:root
2020-03-18T13:30:23Z I! cloudwatch: get unique roll up list []
2020-03-18T13:30:23Z I! Starting AmazonCloudWatchAgent (version 1.237768.0)
2020-03-18T13:30:23Z I! Loaded outputs: cloudwatch cloudwatchlogs
2020-03-18T13:30:23Z I! Loaded inputs: disk mem socket_listener statsd tail
2020-03-18T13:30:23Z I! Tags enabled: host=ip-172-31-41-190
2020-03-18T13:30:23Z I! Agent Config: Interval:10s, Quiet:false, Hostname:"ip-172-31-41-190", Flush Interval:1s 
2020-03-18T13:30:23Z I! Started the statsd service on :8125
2020-03-18T13:30:23Z I! cloudwatch: publish with ForceFlushInterval: 1m0s, Publish Jitter: 37s
2020-03-18T13:30:23Z I! Statsd listener listening on:  [::]:8125
2020-03-18T13:30:24Z I! Reading from offset 9083 in /home/ubuntu/logs/spring-boot-logging.log

 

7. 로그그룹 생성

config.json 설정한 로그 그룹 생성

 

8. 로그스트림 생성

config.json 설정한 로그 스트림 생성

 

9. 로그 확인

Cloudwatch-logs에서 출력되는 로그를 확인

 

ssm-user로 로그인하여 cloudwatch logs 관련 설정정보확인.txt
0.01MB

10. SSM을 통한 Run command 수행

 

Optional Configuraion Location 지정을 위해 파라미터 확인

 

명령 문서 : AmazonCloudWatch-ManageAgent, Optional Configuraion Location 지정 : parameter store에 저장되어 있는 값

 

Run Command 성공 확인

+ Recent posts