It’s critical to monitor the disk and memory usage on AWS EC2 production servers, however, as of writing this article, these metrics are still not supported (out-of-the-box) by AWS CloudWatch.
The following post provides a simple guide on how to install and adjust the CloudWatch agent on an EC2 instance to capture these crucial metrics.
Install CloudWatch agent
The CloudWatch agent is available as a package in Amazon Linux 2. If you are using this operating system, you can install the package by entering the following command:
sudo yum install amazon-cloudwatch-agent
If you’re not using Amazon Linux 2, just grab the package for your Linux version from S3:
Attach IAM role
Make sure that the IAM role is attached to the instance with the CloudWatchAgentServerPolicy:
- Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
- In the navigation pane, choose Roles and then choose to Create role.
- Under Select type of trusted entity, choose AWS service.
- Immediately under Common use cases, choose EC2, and then choose Next: Permissions.
- In the list of policies, select the check box next to CloudWatchAgentServerPolicy. If necessary, use the search box to find the policy.
- To use Systems Manager to install or configure the CloudWatch agent, select the box next to AmazonSSMManagedInstanceCore. This AWS managed policy enables an instance to use Systems Manager service core functionality. If necessary, use the search box to find the policy. This policy isn’t necessary if you start and configure the agent only through the command line.
- Choose Next: Tags.
- (Optional) Add one or more tag-key value pairs to organize, track, or control access for this role, and then choose Next: Review.
- For Role name, enter a name for your new role, such as
CloudWatchAgentServerRoleor another name that you prefer.
- (Optional) For Role description, enter a description.
- Confirm that CloudWatchAgentServerPolicy and optionally AmazonSSMManagedInstanceCore appear next to Policies.
- Choose to Create role.The role is now created. If you need more details on this procedure, head over to Amazon documents: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-iam-roles-for-cloudwatch-agent.html
Once done, it should look like this:
CloudWatch Agent Configuration
Login to your Linux instance and navigate to: /opt/aws/amazon-cloudwatch-agent/etc/
Create a new file here, called: amazon-cloudwatch-agent.json
You can do this with vi, nano or any other command-line editor:
sudo vi /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
Insert the following content:
It should look like this:
The above code will enable the monitoring of free space and used memory, but feel free to add more metrics. The full list of all metrics currently supported by CloudWatch Agent is here:
Save the document and restart the CloudWatch Agent from your Webmin console (that’s what I use) or from the command line:
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a stop
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a start
check the status:
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a status
The Cloudwatch agent should be running now:
Note: On some Linux systems you can also just run:
sudo systemctl restart amazon-cloudwatch-agent
Note: Other ways of starting and stopping CloudWatch agents are described here: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
Configuring CloudWatch Metrics for the percentage of Free Diskspace and Used RAM
Now go to the Cloudwatch console, you should see two new metrics under All Metrics / CWD
Used these two new metrics to configure your Cloudwatch Dashboard, in my case the results for this website underlying infrastructure look like this:
And that’s it, I hope it was useful to you: