in AWS

AWS EC2: Monitoring Memory in CloudWatch

Posted on by Øyvind Kallstad

Monitoring AWS infrastructure using CloudWatch is mostly  a case of just enabling it for the resources you want monitored. You get automatically selected metrics available in CloudWatch, ready for your dashboard. For some reason though, for EC2 instances you do not get any memory (or disk) metrics. I guess this is a shortcoming Amazon have been asked about a lot, because they have made scripts available that you can run on the instance that will send memory and disk data to CloudWatch.

These examples assume you use the Amazon Linux AMI. If you head on over to the AWS docs page for these scripts you should find some information regarding other AMIs.

First you need a way for the scripts to authenticate and to have access to CloudWatch. The easiest (and safest) way of doing this is by using an IAM Role for you instance. The following permissions are needed for the scripts to work correctly:

  • cloudwatch:PutMetricData
  • cloudwatch:GetMetricStatistics
  • cloudwatch:ListMetrics
  • ec2:DescribeTags

If you don’t want to create your own policy, you can use the AmazonEC2FullAccess policy which have all the needed permissions. Please note though, that it’s not generally recommended to give more permissions that is needed, and this policy will grant the instance full access to most AWS services.

Next you need to download the prerequisites and the scripts. I would highly recommend setting this up as custom User Data when deploying the instance. The following script will set everything up:

#!/bin/bash -ex
yum update -y
yum -y install  perl-Switch perl-DateTime perl-Sys-Syslog perl-LWP-Protocol-https
curl http://aws-cloudwatch.s3.amazonaws.com/downloads/CloudWatchMonitoringScripts-1.2.1.zip > /home/ec2-user/CloudWatchMonitoringScripts-1.2.1.zip
unzip /home/ec2-user/CloudWatchMonitoringScripts-1.2.1.zip -d /home/ec2-user/
rm /home/ec2-user/CloudWatchMonitoringScripts-1.2.1.zip
chown ec2-user:ec2-user /home/ec2-user/aws-scripts-mon
echo "*/5 * * * * /home/ec2-user/aws-scripts-mon/mon-put-instance-data.pl --mem-util --mem-used --mem-avail --auto-scaling=only" >> /var/spool/cron/ec2-user

The script parameters I have used here is one of the examples from the docs page. Customize this to your needs of course.

The script will update the OS, as well as install the prerequisites and download the scripts to the home folder for the ec2-user user (~/aws-scripts-mon). It will also create a con job that runs every 5 minutes and reads the memory metrics and sends them to CloudWatch.

The data will be available in CloudWatch as a custom namespace called Linux System.

Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s