Skip to main content

Amazon EC2

Overview​

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment.

Plugin-Pack assets​

Monitored objects​

  • EC2 standalone instances
  • EC2 autoscaling groups
  • EC2 Spot fleet requests

Discovery rules​

Rule nameDescription
Cloud-Aws-Ec2-Api-HostDiscovery-Ec2Discover EC2 Instances from your Cloudwatch endpoint
Cloud-Aws-Ec2-Api-HostDiscovery-AsgDiscover EC2 Autoscalingroups from your Cloudwatch endpoint

Monitored metrics​

You can get more details on AWS/EC2 Cloudwatch metrics in the official AWS documentation: https://docs.aws.amazon.com/ec2/index.

In addition to modes and metrics described here, it is also possible to monitor the following indicators:

  • Instance-Types: Number of instances of each AWS Family and associated types.
  • Instance-Status: Global health check and count of EC2 instances.

This check is available with 'Cloud-Aws-Ec2-Asg' and 'Cloud-Aws-Ec2-Instance' Host Templates.

Metric nameDescription
CPUCreditBalanceThe number of earned CPU credits that an instance has accrued since it was launched or started. Unit: Credit vCPU-minutes)
CPUCreditUsageNumber of CPU credit consumed. Unit: Credits (vCPU-minutes)
CPUSurplusCreditBalanceThe number of surplus credits that have been spent by an unlimited instance when its CPUCreditBalance value is zero. Credits (vCPU-minutes)
CPUSurplusCreditsChargedThe number of spent surplus credits that are not paid down by earned CPU credits, and which thus incur an additional charge. Unit: Credits(vCPU-minutes)

Prerequisistes​

AWS Configuration​

Configure a service account (access/secret key combo) for which the following privileges have to be granted:

AWS PrivilegeDescription
ec2:DescribeInstancesDisplay EC2 instances & ASG details
ec2:DescribeSpotFleetRequestsDisplay EC2 Spot Fleet Requests details
cloudwatch:getMetricStatisticsGet metrics from the AWS/EC2 namespace on Cloudwatch

Plugin dependencies​

To interact with Amazon APIs, you can use either use the awscli binary provided by Amazon or paws, a Perl AWS SDK (recommended). You must install it on every poller expected to monitor AWS resources.

For now, it is not possible to use paws if you are using a proxy to reach AWS Cloudwatch APIs.

yum install perl-Paws

Setup​

  1. Install the Centreon Plugin package on every poller expected to monitor Amazon EC2 ressources:
yum install centreon-plugin-Cloud-Aws-Ec2-Api
  1. On the Centreon Web interface, install the Centreon Plugin-Pack on the "Configuration > Plugin Packs > Manager" page

Configuration​

  • Log into Centreon and add a new Host through "Configuration > Hosts".
  • Apply the relevant Host Template. They all begins with "Cloud-Aws-Ec2*".

All of the Host Templates share the following configuration macros:

MandatoryNomDescription
XAWSSECRETKEYAWS Secret key of your IAM role. Password checkbox must be checked
XAWSACESSKEYAWS Access key of your IAM role. Password checkbox must be checked
XAWSREGIONRegion where the instance is running
XAWSCUSTOMMODECustom mode to get metrics, 'awscli' is the default, you can also use 'paws' perl library
PROXYURLConfigure proxy URL
EXTRAOPTIONSAny extra option you may want to add to every command_line (eg. a --verbose flag)
DUMMYSTATUSHost state. Default is OK, do not modify it until you know what you are doing
DUMMYOUTPUTHost check output. Default is 'This is a dummy check'. Customize it with your own if needed

Set additionnal macros that comes with the Host Templates:

MandatoryNomDescription
XAWSINSTANCENAMEName of the instance you want to monitor
XAWSINSTANCETYPEType of instance to check ('instance' or 'cluster')

FAQ​

How can I test it through the CLI and what is the meaning of the command_line parameters ?​

Once the plugin installed, log into your Centreon Poller using the centreon-engine user account and test by running the following command (Some of the parameters such as name have to be adjusted):

/usr/lib/centreon/plugins//centreon_aws_ec2_api.pl
--plugin=cloud::aws::ec2::plugin
--mode=cpu
--custommode='awscli'
--aws-secret-key='***'
--aws-access-key='AKIA5EDPTASPNBK5EMTM'
--region='eu-west-1'
--type='asg'
--name='centreon-front'
--filter-metric='Utilization'
--statistic='average'
--timeframe='600'
--period='60'
--warning-cpu-utilization='80'
--critical-cpu-utilization='90'

Expected command output is shown below:

OK: Asg 'centreon-front' Statistic 'Average' Metrics CPU Utilization: 35.81 | 'centreon-front~average#ec2.cpu.utilization.percentage'=35.81;80;90;;

The command above monitors the CPU Utilization (--mode=cpu) of the centreon-front (--name='centreon-front') Autoscaling Group (--type='asg'). This ASG is deployed within the AWS eu-west-1 region (--region='eu-west-1'). The collected metrics will be parsed as average statistics (--statistic='average') over a timeframe of 600 secondes (--timeframe='600') with a sample of 1 point per minute (--period='60').

This command would trigger a WARNING alert if the CPU Utilization is higher than 80% and a CRITICAL alert if higher than 90%.

All the options that can be used with this Plugin can be displayed by adding the --help parameter to the command:

/usr/lib/centreon/plugins/centreon_aws_ec2_api.pl --plugin=cloud::aws::ec2::plugin --mode=cpu --help

Why do I get the following result UNKNOWN: No metrics. Check your options or use --zeroed option to set 0 on undefined values ?​

This command result means that Amazon Cloudwatch does not have any value for the requested period.

This result can be overriden by adding the --zeroed option in the command. This will force a value of 0 when no metric has been collected and will prevent the UNKNOWN error message.

Why do I get the following result UNKNOWN: Command error: - An error occurred (AuthFailure) [...] ?​

This command result means that the credentials provided don't have enough privileges to perform the underlying AWS Operation.

Why do I get the following result UNKNOWN: Command error: - An error occurred (InvalidParameterValue) [...]​

Most of the time, this command result highlights typo/mispelling in the Amazon Dimension name (--name).