启动后删除CloudWatch代理配置文件

问题描述 投票:0回答:2
问题 我只是尝试使用AWS UserData在启动时在Amazon Linux 2实例上安装CloudWatch代理。由于某种原因,云初始运行完成后,所有服务都将重新启动,并且我放入CloudWatch文件夹的配置文件不再存在。 我正在使用带有包装器预先构建的自定义AMI,我的配置文件将从Ansible模板中放入

/opt/aws/amazon-cloudwatch-agent/etc/custom/amazon-cloudwatch-agent.json

中。这是我要使用的配置文件,持有我要发送的所有指标和日志。然后,我将其复制到Agent Anternation之后的启动。

我的用户脚本是:

/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json

发生了什么

启动完成后,我可以看到脚本正确运行。如果我运行
#!/bin/bash
yum install amazon-cloudwatch-agent -y
cp /opt/aws/amazon-cloudwatch-agent/etc/custom/amazon-cloudwatch-agent.json /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json

我可以看到以下内容:


cat /opt/aws/amazon-cloudwatch-agent/log/amazon-cloudwatch-agent.log
如您所见,从UserData中的初始命令运行良好,并收集了自定义指标和日志(请参阅相关行之前的====>标记)。
但是几秒钟后,在云初始化结束后,cloudWatch代理会以某种方式重新启动SystemD,并且再次,以某种方式,文件
2021/07/16 13:33:46 I! I! Detected the instance is EC2
2021/07/16 13:33:46 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ...
/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json does not exist or cannot read. Skipping it.
2021/07/16 13:33:46 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_amazon-cloudwatch-agent.json ...
Valid Json input schema.
I! Detecting run_as_user...
No csm configuration found.
Configuration validation first phase succeeded

2021/07/16 13:33:46 I! Config has been translated into TOML /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml
2021/07/16 13:33:46 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ...
2021/07/16 13:33:46 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/file_amazon-cloudwatch-agent.json ...
2021/07/16 13:33:46 I! Detected runAsUser: root
2021/07/16 13:33:46 I! Changing ownership of [/opt/aws/amazon-cloudwatch-agent/logs /opt/aws/amazon-cloudwatch-agent/etc /opt/aws/amazon-cloudwatch-agent/var] to root:root
2021-07-16T13:33:46Z I! Starting AmazonCloudWatchAgent 1.247347.4
2021-07-16T13:33:46Z I! Loaded inputs: netstat diskio logfile mem net processes swap cpu disk
2021-07-16T13:33:46Z I! Loaded aggregators:
2021-07-16T13:33:46Z I! Loaded processors: delta ec2tagger
2021-07-16T13:33:46Z I! Loaded outputs: cloudwatch cloudwatchlogs
2021-07-16T13:33:46Z I! Tags enabled: host=ip-XX-XX-X-XXX.eu-west-1.compute.internal
2021-07-16T13:33:46Z I! [agent] Config: Interval:1m0s, Quiet:false, Hostname:"ip-XX-XX-X-XXX.eu-west-1.compute.internal", Flush Interval:1s
2021-07-16T13:33:46Z I! [logagent] starting
2021-07-16T13:33:46Z I! [logagent] found plugin cloudwatchlogs is a log backend
2021-07-16T13:33:46Z I! [logagent] found plugin logfile is a log collection
2021-07-16T13:33:46Z I! [processors.ec2tagger] ec2tagger: EC2 tagger has started initialization.
=======> 2021-07-16T13:33:46Z I! cloudwatch: get unique roll up list [[AutoScalingGroupName] [InstanceId InstanceType] []]
2021-07-16T13:33:46Z I! cloudwatch: publish with ForceFlushInterval: 30s, Publish Jitter: 11s
2021-07-16T13:33:46Z I! [processors.ec2tagger] ec2tagger: Initial retrieval of tags succeded
2021-07-16T13:33:46Z I! [processors.ec2tagger] ec2tagger: EC2 tagger has started, finished initial retrieval of tags and Volumes
=======> 2021-07-16T13:33:47Z I! [logagent] piping log from APP-DEV-php-errors-logs/XX.XX.X.XXX(/var/log/php-fpm/error.log) to cloudwatchlogs
2021-07-16T13:33:54Z I! Profiler is stopped during shutdown
2021-07-16T13:33:54Z I! [agent] Hang on, flushing any cached metrics before shutdown
2021/07/16 13:33:55 I! I! Detected the instance is EC2
2021/07/16 13:33:55 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ...
/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json does not exist or cannot read. Skipping it.
2021/07/16 13:33:55 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/default ...
Valid Json input schema.
I! Detecting run_as_user...
No csm configuration found.
No log configuration found.
Configuration validation first phase succeeded

2021/07/16 13:33:55 I! Config has been translated into TOML /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml
2021/07/16 13:33:55 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ...
2021/07/16 13:33:55 Reading json config file path: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d/default ...
2021/07/16 13:33:55 I! Detected runAsUser: cwagent
2021/07/16 13:33:55 I! Changing ownership of [/opt/aws/amazon-cloudwatch-agent/logs /opt/aws/amazon-cloudwatch-agent/etc /opt/aws/amazon-cloudwatch-agent/var] to 994:992
2021/07/16 13:33:55 I! Set HOME: /home/cwagent
2021-07-16T13:33:55Z I! Starting AmazonCloudWatchAgent 1.247348.0
2021-07-16T13:33:55Z I! Loaded inputs: disk mem
2021-07-16T13:33:55Z I! Loaded aggregators:
2021-07-16T13:33:55Z I! Loaded processors: ec2tagger
2021-07-16T13:33:55Z I! Loaded outputs: cloudwatch
2021-07-16T13:33:55Z I! Tags enabled: host=ip-XX-XX-X-XXX.eu-west-1.compute.internal
2021-07-16T13:33:55Z I! [agent] Config: Interval:1m0s, Quiet:false, Hostname:"ip-XX-XX-X-XXX.eu-west-1.compute.internal", Flush Interval:1s
2021-07-16T13:33:55Z I! [logagent] starting
2021-07-16T13:33:55Z I! [processors.ec2tagger] ec2tagger: EC2 tagger has started initialization.
=======> 2021-07-16T13:33:55Z I! cloudwatch: get unique roll up list []
2021-07-16T13:33:55Z I! cloudwatch: publish with ForceFlushInterval: 1m0s, Publish Jitter: 26s
2021-07-16T13:33:55Z I! [processors.ec2tagger] ec2tagger: Initial retrieval of tags succeded
2021-07-16T13:33:55Z I! [processors.ec2tagger] ec2tagger: EC2 tagger has started, finished initial retrieval of tags and Volumes
2021-07-16T13:39:07Z I! [processors.ec2tagger] ec2tagger: Refresh is no longer needed, stop refreshTicker.

不在文件系统中,因此代理使用默认参数运行。

无论我在启动后手动重新运行命令,一切正常
,但是我当然需要自动启动时自动化它。

我尝试了什么

启动Amazon CloudWatch代理直接使用SystemD,试图将配置文件chown以读取,仅获取配置并让系统启动代理本身,但问题仍然持续下去。

感谢您的帮助
    

	


工作室


预装的SSM代理与CloudWtach代理发生冲突。包装器构建过程中卸载SSM代理:

amazon-cloudwatch-agent.json

解释

i最终发现,新安装的CloudWatch代理与Amazon Linux 2图像中默认安装的SSM代理发生冲突。
确实,我首先尝试了一个丑陋的解决方法,它将使用用户数据中的SED替换Amazon-CloudWatch-Agent服务的Startexec线:


sudo yum erase amazon-ssm-agent --assumeyes



在实例启动之后重新启动服务时,它将使用我的自定义配置。
但是,我发现在云初始结束后,服务文件也被替换。

评论我注意到的系统消息,SSM-Agent在云初始结束后正在执行一些配置重新加载,因此我认为它可能是罪魁祸首。
我最终在构建我的AMI的Packer Build中卸载了它,因此它不会在实例启动时出现,最后我的配置不再被覆盖了。



amazon-web-services

amazon-cloudwatch


2个回答




    
    
    

        

            

                

                    
9
投票

                    

                

            

        

        
如果有人可以通过自动化方法提出更清洁的解决方案,那么这将不胜感激。
    



您可以尝试使用AWS Systems Manager参数存储 -  SSM代理不应/不能在此处删除配置。



确保服务器具有由AWS管理的策略
sed -i '/ExecStart/c\ExecStart=/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/etc/custom/amazon-cloudwatch-agent.json' /etc/systemd/system/amazon-cloudwatch-agent.service

附加,这允许任何参数存储参数naty nath redead the redect

确定Amazon-CloudWatch-Agent.json中的内容。

CloudWatchAgentServerPolicy
中发现
AmazonCloudWatch-*
(替换参数存储中的参数名称)




请参阅


UPDATE2022-10-02-可以使用
cat /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl
添加多个配置,请参见wawsdocs
或将配置文件放入

    

    
    
    

    

        

            

                

                    
0
投票

                    
                

            

        

        
并重新启动代理
AmazonCloudWatch-Config.json
。这在尝试在Amazon Linux 2上部署时会有所帮助,Amazon Linux 2使用该文件夹中的CloudWatch日志配置以及自定义配置来运送服务器中的其他日志。否则否则将覆盖AL2应用程序的日志配置。
    
    

  1. 

    实际上并未完全删除。相反,它被复制和更名为:
    

    append-config
    

    2. NOTICE
  2. FILE_前缀。发生这种情况时,我不知道,但是您可以在正在读取新文件的状态消息中看到。
当然,您可以将文件放在其他位置,或将其重命名为您想要的任何内容,例如cwagent.json
    3. ,然后运行此操作以启动代理:
  3. 

    /etc/amazon/amazon-cloudwatch-agent/amazon-cloudwatch-agent.d/
    
    
    	

    

    


  

  

    
最新问题


  





  

    © www.soinside.com 2019 - 2025. All rights reserved.