[AWS] EC2 CloudWatch Agent launch template

1. CloudWatch Agent

CloudWatch Agent는 서버에 설치하여 지표를 수집하는 등의 여러가지 역할을 한다. 오토스케일링 그룹과 Launch Template를 이용하여, CloudWatch Agent를 설치하고, 운영할 것이다.

 

2. Launch Template & config

#!/bin/bash

# ssh config
echo 1234 | passwd ec2-user --stdin
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
systemctl restart sshd.service

# workdir create & application download
mkdir /opt/app
aws s3 cp s3://wsi-112-smch-artifactory/app.py /opt/app/app.py

# application setup & launch server
mkdir /var/log/app && touch /var/log/app/app.log
pip3 install flask
nohup python3 /opt/app/app.py &

# cloudwatch log agent install & setup
yum install -y amazon-cloudwatch-agent
aws s3 cp s3://wsi-112-smch-artifactory/config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json

 

3. cofig.json

{
   "agent":{
      "metrics_collection_interval":30,
      "region":"ap-northeast-2",
      "run_as_user":"root"
   },
   "logs":{
      "logs_collected":{
         "files":{
            "collect_list":[
               {
                  "file_path":"/var/log/app/app.log",
                  "log_group_name":"/aws/ec2/wsi",
                  "log_stream_name":"api_{instance_id}"
               }
            ]
         }
      }
   }
}

https://docs.aws.amazon.com/ko_kr/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html

 

4. IAM Role

CloudWatchAgentServerPolicy을 통해 CloudWatchAgentServerRole 을 만들어 EC2 인스턴스 적용