--- AWSTemplateFormatVersion: '2010-09-09' Description: 'Cloudwatch Amazon Linux Test platform' Parameters: # KeyName: # Description: Name of an existing EC2 KeyPair to enable SSH access to the instance # Type: AWS::EC2::KeyPair::KeyName # ConstraintDescription: must be the name of an existing EC2 KeyPair. InstanceType: Description: EC2 instance type Type: String Default: t3.large ConstraintDescription: must be a valid EC2 instance type. InstanceAMI: Type: 'AWS::SSM::Parameter::Value' #Default: '/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-gp2' #AL1 Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' #AL2 PrimaryNodeLabel: Type: String Default: "walabs-primary" MetricAggregationInterval: Description: How often we should collect agent data from the machine Type: Number Default: 10 MetricCollectionInterval: Description: How often we should collect agent data from the machine Type: Number Default: 5 CloudWatchNameSpace: Description: Namespace for CloudWatch metrics to be placed into Type: String Default: "PerfLab" #Imports: VPCImportName: Type: String Description: 'The CloudFormation name of the VPC stack to import' Default: 'PerfLab-VPC' MinLength: '3' MaxLength: '32' Resources: ServerRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy ServerRoleInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Path: / Roles: - !Ref 'ServerRole' EC2Instance: Type: AWS::EC2::Instance CreationPolicy: ResourceSignal: Count: 1 Timeout: "PT45M" Metadata: AWS::CloudFormation::Init: configSets: default: - 01_setupCfnHup - 02_config-amazon-cloudwatch-agent - 03_restart_amazon-cloudwatch-agent UpdateEnvironment: - 02_config-amazon-cloudwatch-agent - 03_restart_amazon-cloudwatch-agent # Definition of json configuration of AmazonCloudWatchAgent, you can change the configuration below. 02_config-amazon-cloudwatch-agent: files: '/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json': content: !Sub | { "agent": { "metrics_collection_interval": ${MetricCollectionInterval}, "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log" }, "metrics": { "namespace": "${CloudWatchNameSpace}", "metrics_collected": { "cpu": { "resources": [ "*" ], "measurement": [{ "name": "cpu_usage_idle", "unit": "Percent" }, { "name": "cpu_usage_nice", "unit": "Percent" }, { "name": "cpu_usage_user", "unit": "Percent" } ], "totalcpu": false, "metrics_collection_interval": ${MetricCollectionInterval} }, "disk": { "resources": [ "/", "/tmp" ], "measurement": [{ "name": "free", "rename": "DISK_FREE", "unit": "Gigabytes" }, "total", "used" ], "ignore_file_system_types": [ "sysfs", "devtmpfs" ], "metrics_collection_interval": ${MetricCollectionInterval} }, "mem": { "measurement": [ "mem_used", "mem_cached", "mem_total" ], "metrics_collection_interval": ${MetricCollectionInterval} }, "processes": { "measurement": [ "running", "sleeping", "dead" ] } }, "append_dimensions": { "ImageId": "${!aws:ImageId}", "InstanceId": "${!aws:InstanceId}", "InstanceType": "${!aws:InstanceType}", "AutoScalingGroupName": "${!aws:AutoScalingGroupName}" }, "aggregation_dimensions": [ ["ImageId"], ["InstanceId", "InstanceType"], ["d1"], [] ], "force_flush_interval": ${MetricAggregationInterval} }, "logs": { "logs_collected": { "files": { "collect_list": [{ "file_path": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/amazon-cloudwatch-agent.log", "timezone": "UTC" }, { "file_path": "/var/log/cfn-init.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/cfn-init.log", "timezone": "UTC" }, { "file_path": "/var/log/cfn-init-cmd.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/cfn-init-cmd.log", "timezone": "UTC" }, { "file_path": "/var/log/cloud-init.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/cloud-init.log", "timezone": "UTC" }, { "file_path": "/var/log/cloud-init-output.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/cloud-init-output.log", "timezone": "UTC" }, { "file_path": "/var/log/messages.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/messages.log", "timezone": "UTC" }, { "file_path": "/var/log/amazon/ssm/amazon-ssm-agent.log", "log_group_name": "${LogGroup}", "log_stream_name": "{instance_id}/amazon-ssm-agent.log", "timezone": "UTC" } ] } }, "force_flush_interval": ${MetricAggregationInterval} } } # Invoke amazon-cloudwatch-agent-ctl to restart the AmazonCloudWatchAgent. 03_restart_amazon-cloudwatch-agent: commands: 01_stop_service: command: /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a stop 02_start_service: command: /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json -s # Cfn-hup setting, it is to monitor the change of metadata. # When there is change in the contents of json file in the metadata section, cfn-hup will call cfn-init to restart the AmazonCloudWatchAgent. 01_setupCfnHup: files: '/etc/cfn/cfn-hup.conf': content: !Sub | [main] stack=${AWS::StackId} region=${AWS::Region} interval=1 mode: '000400' owner: root group: root '/etc/cfn/hooks.d/amazon-cloudwatch-agent-auto-reloader.conf': content: !Sub | [cfn-auto-reloader-hook] triggers=post.update path=Resources.EC2Instance.Metadata.AWS::CloudFormation::Init.02_config-amazon-cloudwatch-agent action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} --configsets UpdateEnvironment runas=root mode: '000400' owner: root group: root "/lib/systemd/system/cfn-hup.service": content: !Sub | [Unit] Description=cfn-hup daemon [Service] Type=simple ExecStart=/opt/aws/bin/cfn-hup Restart=always [Install] WantedBy=multi-user.target commands: 01enable_cfn_hup: command: !Sub | systemctl enable cfn-hup.service 02start_cfn_hup: command: !Sub | systemctl start cfn-hup.service Properties: Tags: - Key: Name Value: !Sub '${AWS::StackName}-PrimaryStressMachine-${AWS::Region}' - Key: LabNodeLabel Value: !Ref PrimaryNodeLabel InstanceType: !Ref InstanceType IamInstanceProfile: !Ref ServerRoleInstanceProfile # KeyName: # Ref: KeyName ImageId: !Ref InstanceAMI Monitoring: True SubnetId: Fn::ImportValue: !Sub '${VPCImportName}-App1Subnet1' UserData: # This script below is to install AmazonCloudWatchAgent, restart AmazonCloudWatchAgent and tell the result to cloudformation. Fn::Base64: !Sub | #!/bin/bash set -o xtrace # Add amazon-linux-extras to our repo list amazon-linux-extras install epel -y # Update to latest versions from the repos yum update -y # Install stress utility and the amazon cloudwatch agent yum install stress amazon-cloudwatch-agent -y # Trigger the cfn-init section above under metadata /opt/aws/bin/cfn-init -v --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} --configsets default /opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} LogGroup: Type: AWS::Logs::LogGroup Properties: RetentionInDays: 7