Setting up the performance monitoring for your first EC2 deployment (Linux).

In AWS you can configure the monitoring and alert with a few clicks using a built-in service called AWS CloudWatch. It is not only the deployment but understanding the current status of your infrastructure is essential for ensuring hassle-free operation of your services.

AWS CloudWatch

CloudWatch is a monitoring service for your infrastructure and the application you run on top of it. You can use CloudWatch to create and track metrics, configure alarms, and monitor various AWS services. Additionally, custom metrics can be configured for applications, services and event log files created by your applications. To know more about the service please visit the introduction blog here.

AWS CloudWatch Interface

Configuration of Alarms

In this blog we will be talking about the basic alarms that need to be configured while doing an EC2 deployment. We will be configuring both default and custom metrics for the deployed EC2 instance, also we will be configuring health checks and Http 5xx errors for the configured application load balancer.

1. CPU Utilisation

It is a CloudWatch metric that is available by default for the user to check the utilization of CPU. To configure this metric please follow the steps below,

a. Go to the AWS console and select CloudWatch under Management Tools, On the left side click on Alarms and create alarms.

Create Alarm in CloudWatch

b. On the following screen, on the right-hand side under EC2 metrics select per-instance metrics. You can also search for the name of the metric in the search bar.

Selecting a suitable Metric

c. Select the CPU Utilization Metric for the instance you want to monitor based on the instance id from the left and click next to proceed to alarm settings.

Selection of specific Metrics

d. Now you can configure the name, data points, and actions that has to be taken when the utilization goes beyond a certain threshold. In actions, you can create a notification so that it will alert admins using SNS or you can set up auto-scaling actions etc. Here you can also choose between monitoring period, by default it is 5 min monitoring which is free of cost. For more details on CloudWatch pricing please visit the link here.

Defining Alarm Configuration

e. As you have defined the settings based on your needs click on create alarm to complete the process. To view, your alarms go to CloudWatch, click on Alarms and select the alarm that you have created. Click on the small graph shown at the bottom right.

View your created Alarms

f. Once expanded you will get the detailed view of your Alarm.

CPU Utilisation Expanded

2. StatusCheckFailed_System

It is a CloudWatch Metric that is available by default which lets you know if your instance has failed. You can configure this alarm to recover the instance in case of a failure. To configure this metric please follow the steps below:

a. The configuration is the same as that of CPUUtilization, except that you have to configure an action to recover the failed instance. In step d, configure an EC2 action. Apart from actions, you can also set up SNS for notifications.

Configuring EC2 Action

3. Memory and Disk Utilisation

For Memory and Disk Utilisation we have to create custom metrics that depend upon the type of operating system. During the process, we have been using CentOS so the commands may vary depending on the flavor of your operating system. For more information on commands of other Linux, flavors visit here.

For enabling custom metric,

a. You have to create a policy and include the following parameters,

• cloud watch: PutMetricData
• cloud watch:GetMetricStatistics
• cloud watch: ListMetrics
• ec2:DescribeTags

Login to your AWS console and go to IAM and select policies from the sidebar.

IAM Policies creation

b. Now click on the create policy and proceed with the pop-up. Create a policy with the above-mentioned parameters. You can add additional parameters using “add additional permissions” in the bottom right.

Parameters for EC2

Parameters for CloudWatch

c. Once the policy is successfully created you have to attach the same to a Role. For this, you have to create a new role. So go to Roles and click on Create Role.

IAM Roles Creation

d. In the following screen select EC2 instance as the trusted identity and proceed to the next screen.

Trusted Identity

e. Attach the custom policy that you have created, under policy type — customer-managed and proceed to the next screen.

Choosing the policy type

f. Add a name to the created role and finish to create your new role.

Review the role settings

g. Once the Role is successfully created attach it to the EC2 instance you want to pull the metrics from. To do this go to the EC2 Services dashboard, select the Instance, choose Actions, Instance Settings and Attach/Replace IAM Role.

h. Now we have to execute the required commands at the operating system level. For this SSH to your instance and execute the following command.

# yum install perl-Switch perl-DateTime perl-Sys-Syslog perl-LWP-Protocol-https perl-Digest-SHA -y
# sudo yum install zip unzip -y
# curl https://aws-cloudwatch.s3.amazonaws.com/downloads/CloudWatchMonitoringScripts-1.2.2.zip -O
# unzip CloudWatchMonitoringScripts-1.2.2.zip

Use the following command crontab -e to schedule the job,

*/5 * * * * <yourpath>/aws-scripts-mon/mon-put-instance-data.pl -- mem-used-incl-cache-buff -- mem-util -- disk-space-util -- disk-path=/ -- from-cron

i. Now go to CloudWatch and create a new alarm and select Linux system metrics, your alarms will get populated once you have successfully executed the above script. Click next to proceed.

Linux System Metrics

j. Select the listed alarms and proceed with next.

Choosing the listed Metrics

k. Define the alarm configuration and set up the desired actions to perform. Now you have completed the setup, the dashboard will start populating the metrics.

Finalizing and setting up Actions

4. HTTPCode_ELB_5xx_Count

5xx status codes indicate that the server is aware that it is having an error or is incapable of performing a request. HTTPCode_ELB_5xx_Count tracks the number of error codes originating from the load balancer.

a. Follow the same steps until the creation of an alarm. In the create alarm popup select ApplicationELB Metrics.

Selecting the ELB Metrics

b. Attach the Http 5xx Metrics to the configured ALB and Proceed with next.

Attaching the Metrics with ALB

c. Define the alarm with the required actions and click finish to complete the setup.

Define Alarm configurations

By setting up alarms you will be able to efficiently monitor the current performance of your infrastructure. Monitoring can detect problems early thereby avoiding disasters and reducing downtimes. A properly monitored infrastructure will improve the productivity and performance of your business. There are a lot more Metrics that are available in CloudWatch by default which can be leveraged when doing a deployment. For more details on the available metrics please visit the documentation here. I would like to sum-up this blog with a gentle reminder “It is always a best practice to set up monitoring right-away when you do a deployment”.

This Blog has moved from Medium to blogs.tensult.com. All the latest content will be available there. Subscribe to our newsletter to stay updated.