AWS CloudWatch is a comprehensive monitoring and observability service provided by AWS. It helps in monitoring, alerting, reporting and logging. It can be integrated with various AWS services. CloudWatch is used to set alarms, visualize logs, take automated actions and troubleshoot issues.
Key features and functionalities of AWS CloudWatch
๐ Metrics
CloudWatch collects and stores various metrics, which are data points representing the behavior and performance of resources over time. These metrics cover a wide range of AWS services.
๐ Dashboard
Custom dashboards can be created to aggregate and visualize relevant metrics. Dashboards provide a consolidated view of the health and performance of AWS resources, facilitating quick insights into system behavior.
๐ Alarms
CloudWatch allows users to set alarms based on specified thresholds for metrics. Alarms can trigger notifications or automated actions when thresholds are breached, enabling proactive response to potential issues.
๐ Logs
CloudWatch Logs enables the collection, storage, and analysis of log data generated by applications, AWS services, and custom sources. This facilitates troubleshooting, debugging, and compliance efforts.
๐ Events
CloudWatch Events allows users to respond to changes in AWS resources in real-time. It supports the creation of rules that trigger automated actions, facilitating event-driven architectures and system automation. This service is now accessible from Amazon EventBridge.
๐ Container Insights
For containerized applications, CloudWatch Container Insights provides monitoring and troubleshooting capabilities for Amazon ECS and EKS clusters, offering insights into the performance of containers and orchestration services.
๐ Insights
CloudWatch Insights provides interactive and ad-hoc querying of log data. It simplifies the process of analyzing and extracting meaningful information from large volumes of log data.
It's time to get our hands dirty. Let's create a CloudWatch alarm for monitoring disk usage of EC2 instances and integrate it seamlessly with SNS service.
By default, CloudWatch doesn't offer a metric for monitoring disk usage. However, this capability can be achieved by installing and configuring the CloudWatch Agent on the EC2 instance. Once the agent is configured, it will send metric data, including disk utilization, to CloudWatch.
Steps to create IAM role
Step 1: Create an IAM role to allow your EC2 instance to communicate with CloudWatch service.
Go to IAM -> Select Roles from the left panel -> Click on Create Role -> Choose 'EC2' as Service or use case -> Click on Next
Step 2: Add 'CloudWatchAgentServerPolicy' policy -> Click on Next
Step 3: Give a Role name and description to complete the IAM role creation.
Step 4: Attach the created IAM role to the EC2 instance, which you want to monitor.
Actions -> Security -> Modify IAM role
Step 5: Select the created role in the next step and click on "Update IAM role." Upon doing this, the role will be successfully attached to the EC2 instance.
Steps to Install and configure the CloudWatch Agent on a Ubuntu machine
Step 1: Download the CloudWatch package for Ubuntu machine using the below download link
https://amazoncloudwatch-agent.s3.amazonaws.com/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
Step 2: Once it is downloaded, install the agent using the below command.
sudo dpkg -i -E ./amazon-cloudwatch-agent.deb
Step 3: Once the CloudWatch agent is installed, create the configuration file before starting the agent on any servers.
sudo vim /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
Below is a simple agent configuration file for creating disk usage metrics.
Step 4: Any time you change the agent configuration file, you must then restart the agent to have the changes take effect.
sudo systemctl restart amazon-cloudwatch-agent
sudo systemctl status amazon-cloudwatch-agent
Steps to Create CloudWatch alarm for monitoring disk usage utilization of EC2 instances
Step 1: Go to CloudWatch -> Select 'Alarms' from the left panel -> Click on 'Create alarm' -> Select metric
Step 2: Now you can see a new metric under Custom namespaces. This metric is from the CloudWatch agent installed on the EC2 instance.
The CloudWatch agent gives metrics such as:
InstanceIddevicefstypepath
Step 3: Select the metric, 'InstanceId, device, fstype, path'
Step 4: Select the Instances.
Step 5: Since it is a demo instance, the threshold is configured as 50%
In real-time, you can configure the threshold and period based on your requirements. For example, you can configure the threshold as 85%
Step 6: In the next step, create a new SNS topic to be notified whenever the EC2 instance runs out of disk space. Once the topic is created, you will receive a subscription confirmation email at the email address you provided during the setup of the SNS notification.
On successful confirmation, you can see the subscription status as 'Confirmed' from SNS service dashboard.
Step 7: In the next step, add 'Alarm name' and 'Alarm description' -> Click on Next.
Step 8: Preview the settings and click on 'Create alarm'.
Now, the created CloudWatch agent will continuously send the metrics to CloudWatch, and the created alarm in CloudWatch will send an SNS notification to the user once the configured threshold is met.
Generated SNS notification
References