"Unable to determine aws-region" 当 运行 本地 Cloudwatch 代理时
"Unable to determine aws-region" when running on-premises Cloudwatch agent
我正在尝试在 AWS 之外的 vanilla Ubuntu 18.04 上将 AWS Cloudwatch 代理配置为 运行。每次我 运行 它,我都会得到这个错误:
# /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c "file:/path/to/cloudwatch/cloudwatch.json" -s
/opt/aws/amazon-cloudwatch-agent/bin/config-downloader --output-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --download-source file:/path/to/cloudwatch/cloudwatch.json --mode onPrem --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default
Got Home directory: /root
I! Set home dir Linux: /root
Unable to determine aws-region.
Please make sure the credentials and region set correctly on your hosts.
Refer to http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
Fail to fetch the config!
运行 strace -f
下的程序显示它正在尝试读取 /root/.aws/credentials
然后退出。根据指南,这里是 /root/.aws/credentials
:
的内容
[AmazonCloudWatchAgent]
aws_access_key_id = key
aws_secret_access_key = secret
region = us-west-2
如果我运行 aws configure get region
,它能够正确检索区域。但是,Cloudwatch 代理无法读取它。这是 common-config.toml
的内容(每个 strace 也会读取)。
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
[credentials]
shared_credential_profile = "AmazonCloudWatchAgent"
shared_credential_file = "/root/.aws/credentials"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"
以下是我尝试过的其他方法:
根据 https://forums.aws.amazon.com/thread.jspa?threadID=291589, 用双引号将配置中的 region
(和所有值)括起来。这并没有什么不同。
添加 /home/myuser/.aws/config、/home/myuser/.aws/credentials 和 /root/.aws/config 并填充它们具有适当的值。根据 strace,这些文件未被读取。
正在搜索 CloudWatch 代理的源代码(它不是开源的)
在程序环境中显式设置AWS_REGION=us-west-2(同样报错)
将 [AmazonCloudWatchAgent]
更改为 [profile AmazonCloudWatchAgent]
以及以上的所有排列(没有区别)
在所有配置文件中添加一个 [default]
部分(没有区别)
直接调用config-downloader
程序,设置AWS_REGION等(同样错误)
成为非 root 用户然后使用 sudo
调用程序,而不是在没有 sudo
.
[= 的情况下作为 root 用户调用程序64=]
无论我尝试什么,我都会得到同样的错误。我按照这些说明于 2020 年 3 月 23 日通过下载 "latest" deb 安装了 CloudWatch 代理。 https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/download-cloudwatch-agent-commandline.html
我使用了不正确的 "secret" 和无效字符,导致 INI 文件解析器中断。当解析错误或 "invalid secret" 错误更准确时,CloudWatch 代理错误地将其报告为 "missing region,"。
aws config 默认为 C:\Users\Administrator 而不是您安装 CloudWatch 代理的用户。因此,您可能需要将 /.aws/ 文件夹移动到 CLoudWatch 用户。或者...更直接:
aws configure --profile AmazonCloudWatchAgent
您还可以使用 common-config.toml
指定区域,如下所述:https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html#CloudWatch-Agent-profile-instance-first
On a server running Windows Server, this file is in the C:\ProgramData\Amazon\AmazonCloudWatchAgent directory. The default common-config.toml is as follows:
# This common-config is used to configure items used for both ssm and cloudwatch access
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
# [credentials]
# shared_credential_profile = "{profile_name}"
# shared_credential_file= "{file_name}"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"
如果需要,您还可以使用新位置更新 common-config.toml。
您应该在与 credentials 相同的文件夹中创建一个名为 config
的新文件
然后添加区域
[default]
region = your-region
您还必须在 /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml
配置文件中取消注释 # [credentials]
我正在尝试在 AWS 之外的 vanilla Ubuntu 18.04 上将 AWS Cloudwatch 代理配置为 运行。每次我 运行 它,我都会得到这个错误:
# /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c "file:/path/to/cloudwatch/cloudwatch.json" -s
/opt/aws/amazon-cloudwatch-agent/bin/config-downloader --output-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --download-source file:/path/to/cloudwatch/cloudwatch.json --mode onPrem --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default
Got Home directory: /root
I! Set home dir Linux: /root
Unable to determine aws-region.
Please make sure the credentials and region set correctly on your hosts.
Refer to http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
Fail to fetch the config!
运行 strace -f
下的程序显示它正在尝试读取 /root/.aws/credentials
然后退出。根据指南,这里是 /root/.aws/credentials
:
[AmazonCloudWatchAgent]
aws_access_key_id = key
aws_secret_access_key = secret
region = us-west-2
如果我运行 aws configure get region
,它能够正确检索区域。但是,Cloudwatch 代理无法读取它。这是 common-config.toml
的内容(每个 strace 也会读取)。
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
[credentials]
shared_credential_profile = "AmazonCloudWatchAgent"
shared_credential_file = "/root/.aws/credentials"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"
以下是我尝试过的其他方法:
-
根据 https://forums.aws.amazon.com/thread.jspa?threadID=291589,
用双引号将配置中的
region
(和所有值)括起来。这并没有什么不同。添加 /home/myuser/.aws/config、/home/myuser/.aws/credentials 和 /root/.aws/config 并填充它们具有适当的值。根据 strace,这些文件未被读取。
正在搜索 CloudWatch 代理的源代码(它不是开源的)
在程序环境中显式设置AWS_REGION=us-west-2(同样报错)
将
[AmazonCloudWatchAgent]
更改为[profile AmazonCloudWatchAgent]
以及以上的所有排列(没有区别)在所有配置文件中添加一个
[default]
部分(没有区别)直接调用
config-downloader
程序,设置AWS_REGION等(同样错误)成为非 root 用户然后使用
[= 的情况下作为 root 用户调用程序64=]sudo
调用程序,而不是在没有sudo
.
无论我尝试什么,我都会得到同样的错误。我按照这些说明于 2020 年 3 月 23 日通过下载 "latest" deb 安装了 CloudWatch 代理。 https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/download-cloudwatch-agent-commandline.html
我使用了不正确的 "secret" 和无效字符,导致 INI 文件解析器中断。当解析错误或 "invalid secret" 错误更准确时,CloudWatch 代理错误地将其报告为 "missing region,"。
aws config 默认为 C:\Users\Administrator 而不是您安装 CloudWatch 代理的用户。因此,您可能需要将 /.aws/ 文件夹移动到 CLoudWatch 用户。或者...更直接:
aws configure --profile AmazonCloudWatchAgent
您还可以使用 common-config.toml
指定区域,如下所述:https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html#CloudWatch-Agent-profile-instance-first
On a server running Windows Server, this file is in the C:\ProgramData\Amazon\AmazonCloudWatchAgent directory. The default common-config.toml is as follows:
# This common-config is used to configure items used for both ssm and cloudwatch access
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
# [credentials]
# shared_credential_profile = "{profile_name}"
# shared_credential_file= "{file_name}"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"
如果需要,您还可以使用新位置更新 common-config.toml。
您应该在与 credentials 相同的文件夹中创建一个名为 config
的新文件然后添加区域
[default]
region = your-region
您还必须在 /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml
配置文件中取消注释 # [credentials]