Setting Up Amazon CloudWatch Agent for Efficient Application Monitoring on AWS

Setting Up Amazon CloudWatch Agent for Efficient Application Monitoring on AWS

In this blog post, i will guide you through the process of creating and configuring the Amazon Cloud-Watch agent to monitor your applications seamlessly. Follow these steps for a smooth setup:

  1. Launch an EC2 Instance:
  • create your ec2 instance using Amazon linux 2

  • instance type will be t2-micro

  • create your key-pair to use when you ssh into the instance

  • the security group: allow traffic on ports 80 and 22 from anywhere

    then launch the instance.

  1. Install necessary packages:

sudo yum install git wget -y

Download and install the CloudWatch agent:

  •   sudo wget https://amazoncloudwatch-agent.s3.amazonaws.com/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm
      sudo rpm -U ./amazon-cloudwatch-agent.rpm
    
  • Note: Amazon Linux 2 AMI comes with the AWS SSM agent installed by default.

  1. Install Collectd:

    • Use Collectd to send metrics to the CloudWatch agent:

        sudo yum install collectd -y
      
  2. Configure CloudWatch Agent:

    • Run the configuration wizard:

        # /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
      

      the Cloud-Watch agent configuration file is a JSON file with four sections, agent, metrics, logs, and traces to push custom memory metrics to cloud-watch.

    • Accept most defaults, especially in the "cw-agent" section.

    Which user are you planning to run the agent?
    1. cwagent
    2. root
    others default choice: [1]:
  1. Specify Metrics and Logs:

    • Configure custom memory metrics for CloudWatch.

    • Provide log file paths, and choose whether to monitor additional log files.

        Do you want to specify any additional log files to monitor?
        1. yes
        2. no 
        default choice: [1]:
        log file path: /opt/aws/amazon-cloudwatch-agent/bin/ 
        log group name: 
        default choice: [bin]
      

      Choose "no" for the next additional log file:

        Do you want to specify any additional log files to monitor?
        1. yes
        2. no 
        default choice: [1]: 2
      
  2. Add Access Key and Secret Key:

    • Enter AWS access key and secret key when prompted during configuration.

        default choice: [AmazonCloudWatch-linux]
      
        Trying to fetch the default region based on ec2 metadata...
        I! imds retry client will retry 1 timesWhich region do you want to store the config in the parameter store?
        default choice: [us-east-1]
      
        Please provide credentials to upload the json config file to parameter store.
        AWS Access Key:
        #############################
        AWS Secret Key:
        xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      
  3. Start CloudWatch Agent:

    • Start the agent with the configured JSON file:

        /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json
      
  4. Create IAM Role:

    • Create an IAM role and attach it to the EC2 instance for proper permissions.

      attach this three AWS managed policies to it

      i. AmazonSSMFullAccess

      ii. CloudWatchAgentServerPolicy

      iii. s3 bucket full access

  5. Restart CloudWatch Agent:

    • Ensure changes take effect:

        sudo systemctl restart amazon-cloudwatch-agent
      
  6. Verify Status:

    • Confirm the agent is running:

        sudo systemctl status amazon-cloudwatch-agent
      
  7. Create an AMI:

    • Create an Amazon Machine Image (AMI) from the instance, naming it "cloud-watch-ami" for future use.

By following these steps, you'll have a robust CloudWatch agent set up, allowing you to efficiently monitor your applications on AWS.