在 AWS CloudWatch 中监控 Windows 个实例的内存使用情况
Monitoring memory usage in AWS CloudWatch for Windows instance
默认情况下,CloudWatch 不监控内存使用情况。所以我尝试使用 these instructions.
将它添加到我在 AWS 中的 Windows 实例
这是我做的:
我创建了一个名为 custom-metrics-user 的用户。然后我存储了访问密钥和密钥。
我创建了一个内联策略并将其附加到用户。它看起来像这样:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["cloudwatch:PutMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeTags"],
"Resource": "*"
}
]
}
我启动了一个 Windows 实例 [2012 R2 Base AMI]。通过RDP访问实例后,发现AWS.EC2.Windows.CloudWatch.json文件已经存在。
我相应地更改了 .json 文件。更改后,它看起来像这样:
{
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id": "ApplicationEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Application",
"Levels": "1"
}
},
{
"Id": "SystemEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "System",
"Levels": "7"
}
},
{
"Id": "SecurityEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Security",
"Levels": "7"
}
},
{
"Id": "ETW",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Microsoft-Windows-WinINet/Analytic",
"Levels": "7"
}
},
{
"Id": "IISLog",
"FullName": "AWS.EC2.Windows.CloudWatch.IisLog.IisLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\inetpub\logs\LogFiles\W3SVC1"
}
},
{
"Id": "CustomLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\CustomLogs\",
"TimestampFormat": "MM/dd/yyyy HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "Local"
}
},
{
"Id": "PerformanceCounter",
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}"
}
},
{
"Id": "CloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "",
"SecretKey": "",
"Region": "us-east-1",
"LogGroup": "Default-Log-Group",
"LogStream": "{instance_id}"
}
},
{
"Id": "CloudWatch",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters":
{
"AccessKey": "AKIAIK2U6EU675354BQ",
"SecretKey": "nPyk9ntdwW0y5oaw8353fsdfTi0e5/imx5Q09vz",
"Region": "us-east-1",
"NameSpace": "System/Windows"
}
}
],
"Flows": {
"Flows":
[
"PerformanceCounter,CloudWatch"
]
}
}
}
我在 EC2ConfigSettings 下启用了 CloudWatch Logs 集成。
我重新启动了 EC2Config 服务。
我没有收到任何错误,但内存指标未显示在 Cloud Watch 控制台中。博客上说要等10-15分钟才能出现指标,但我已经做了一个小时了。怎么了?
首先,您需要为您的实例添加一个 IAM 角色:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowAccessToSSM",
"Effect": "Allow",
"Action": [
"cloudwatch:PutMetricData",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:PutLogEvents"
],
"Resource": [
"*"
]
}
]
}
请注意,您不能向现有实例添加角色。所以在启动之前这样做。
然后您需要配置 EC2Config 文件(通常)可通过以下路径访问:
C:\Program Files\Amazon\Ec2ConfigService\Settings.AWS.EC2.Windows.CloudWatch.json
您应该将以下块添加到 JSON 文件中:
...
{
"Id": "PerformanceCounter",
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}"
}
}
...
{
"Id": "CloudWatch",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters":
{
"AccessKey": "",
"SecretKey": "",
"Region": "eu-west-1",
"NameSpace": "PerformanceMonitor"
}
}
不要忘记在更改配置文件后重新启动服务器上的 EC2Config 服务。几分钟后,您应该能够在 CloudWatch 控制台中获取内存指标。
您实例上的 CloudWatch 监控级别也应设置为详细:
更新:
根据 documentation,您现在可以将 IAM 角色附加或修改到现有实例。
我是 运行 Windows 2012 Base R2 Server,它是 运行 EC2Config 版本大于 4.0。如果有人遇到相同的问题,请在重启 EC2Config 服务后重启 Amazon SSM 代理服务。
我在下面阅读 link [STEP-6] :
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/send_logs_to_cwl.html
内容如下:
If you are running EC2Config version 4.0 or later, then you must restart the SSM Agent on the instance from the Microsoft Services snap-in.
我这样做解决了我的问题。
默认情况下,CloudWatch 不监控内存使用情况。所以我尝试使用 these instructions.
将它添加到我在 AWS 中的 Windows 实例这是我做的:
我创建了一个名为
custom-metrics-user的用户。然后我存储了访问密钥和密钥。我创建了一个内联策略并将其附加到用户。它看起来像这样:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": ["cloudwatch:PutMetricData", "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics", "ec2:DescribeTags"], "Resource": "*" } ] }我启动了一个 Windows 实例 [2012 R2 Base AMI]。通过RDP访问实例后,发现
AWS.EC2.Windows.CloudWatch.json文件已经存在。我相应地更改了
.json文件。更改后,它看起来像这样:{ "EngineConfiguration": { "PollInterval": "00:00:15", "Components": [ { "Id": "ApplicationEventLog", "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "LogName": "Application", "Levels": "1" } }, { "Id": "SystemEventLog", "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "LogName": "System", "Levels": "7" } }, { "Id": "SecurityEventLog", "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "LogName": "Security", "Levels": "7" } }, { "Id": "ETW", "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "LogName": "Microsoft-Windows-WinINet/Analytic", "Levels": "7" } }, { "Id": "IISLog", "FullName": "AWS.EC2.Windows.CloudWatch.IisLog.IisLogInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "LogDirectoryPath": "C:\inetpub\logs\LogFiles\W3SVC1" } }, { "Id": "CustomLogs", "FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "LogDirectoryPath": "C:\CustomLogs\", "TimestampFormat": "MM/dd/yyyy HH:mm:ss", "Encoding": "UTF-8", "Filter": "", "CultureName": "en-US", "TimeZoneKind": "Local" } }, { "Id": "PerformanceCounter", "FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "CategoryName": "Memory", "CounterName": "Available MBytes", "InstanceName": "", "MetricName": "Memory", "Unit": "Megabytes", "DimensionName": "InstanceId", "DimensionValue": "{instance_id}" } }, { "Id": "CloudWatchLogs", "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch", "Parameters": { "AccessKey": "", "SecretKey": "", "Region": "us-east-1", "LogGroup": "Default-Log-Group", "LogStream": "{instance_id}" } }, { "Id": "CloudWatch", "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch", "Parameters": { "AccessKey": "AKIAIK2U6EU675354BQ", "SecretKey": "nPyk9ntdwW0y5oaw8353fsdfTi0e5/imx5Q09vz", "Region": "us-east-1", "NameSpace": "System/Windows" } } ], "Flows": { "Flows": [ "PerformanceCounter,CloudWatch" ] } } }我在 EC2ConfigSettings 下启用了 CloudWatch Logs 集成。
我重新启动了 EC2Config 服务。
我没有收到任何错误,但内存指标未显示在 Cloud Watch 控制台中。博客上说要等10-15分钟才能出现指标,但我已经做了一个小时了。怎么了?
首先,您需要为您的实例添加一个 IAM 角色:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowAccessToSSM",
"Effect": "Allow",
"Action": [
"cloudwatch:PutMetricData",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:PutLogEvents"
],
"Resource": [
"*"
]
}
]
}
请注意,您不能向现有实例添加角色。所以在启动之前这样做。
然后您需要配置 EC2Config 文件(通常)可通过以下路径访问:
C:\Program Files\Amazon\Ec2ConfigService\Settings.AWS.EC2.Windows.CloudWatch.json
您应该将以下块添加到 JSON 文件中:
...
{
"Id": "PerformanceCounter",
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}"
}
}
...
{
"Id": "CloudWatch",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters":
{
"AccessKey": "",
"SecretKey": "",
"Region": "eu-west-1",
"NameSpace": "PerformanceMonitor"
}
}
不要忘记在更改配置文件后重新启动服务器上的 EC2Config 服务。几分钟后,您应该能够在 CloudWatch 控制台中获取内存指标。
您实例上的 CloudWatch 监控级别也应设置为详细:
更新:
根据 documentation,您现在可以将 IAM 角色附加或修改到现有实例。
我是 运行 Windows 2012 Base R2 Server,它是 运行 EC2Config 版本大于 4.0。如果有人遇到相同的问题,请在重启 EC2Config 服务后重启 Amazon SSM 代理服务。
我在下面阅读 link [STEP-6] :
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/send_logs_to_cwl.html
内容如下:
If you are running EC2Config version 4.0 or later, then you must restart the SSM Agent on the instance from the Microsoft Services snap-in.
我这样做解决了我的问题。