https://sysdig.com/blog/monitor-aws-fargate-prometheus/
setup
iam.tf
resource "aws_iam_instance_profile" "yace_profile" {
name = "yace_profile"
role = aws_iam_role.ec2-yace.name
}
resource "aws_iam_role" "ec2-yace" {
name = "ec2-yace-ec2"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow"
}
]
}
EOF
inline_policy {
name = "yace-policy"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "CloudWatchExporterPolicy",
"Effect": "Allow",
"Action": [
"tag:GetResources",
"cloudwatch:ListTagsForResource",
"cloudwatch:GetMetricData",
"cloudwatch:ListMetrics"
],
"Resource": "*"
}
]
}
EOF
}
}
resource "aws_iam_role_policy_attachment" "ec2-ssm" {
role = aws_iam_role.ec2-yace.id
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
}
main.tf
data "aws_ami" "amazn2" {
most_recent = true
filter {
name = "name"
values = ["amzn2-ami-kernel-*"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
owners = ["137112412989"] # Amazon
}
variable subnet_idc {
default = "subnet-0c805a45"
}
resource "aws_instance" "ec2-yace" {
ami = data.aws_ami.amazn2.id
instance_type = "t2.micro"
key_name = "automation" # Insira o nome da chave criada antes.
subnet_id = var.subnet_idc
iam_instance_profile = aws_iam_instance_profile.yace_profile.id
#vpc_security_group_ids = [aws_security_group.permitir_ssh_http.id]
#associate_public_ip_address = true
root_block_device {
volume_size = 30
volume_type = "gp2"
delete_on_termination = true
}
ebs_block_device {
device_name = "/dev/xvdba"
volume_size = "2"
volume_type = "gp3"
tags = {
FileSystem = "/mnt/data"
}
}
ebs_block_device {
device_name = "/dev/xvdbb"
volume_size = "2"
volume_type = "gp3"
tags = {
FileSystem = "/mnt/data2"
}
}
tags = {
Name = "blogserver01"
# Insira o nome da instância de sua preferência.
}
}
curl -O -L https://github.com/nerdswords/yet-another-cloudwatch-exporter/releases/download/v0.39.0-alpha/yet-another-cloudwatch-exporter_0.39.0-alpha_Linux_x86_64.tar.gz
wget https://github.com/nerdswords/yet-another-cloudwatch-exporter/releases/download/v0.39.0-alpha/yet-another-cloudwatch-exporter_0.39.0-alpha_Linux_x86_64.tar.gz
starting yace
config.yml
discovery:
jobs:
- regions:
- us-east-1
type: ecs-containerinsights
enableMetricData: true
metrics:
- name: ContainerInstanceCount
statistics:
- Average
period: 300
length: 3600
- name: ServiceCount
statistics:
- Average
period: 300
length: 3600
- regions:
- us-east-1
type: ecs-containerinsights
enableMetricData: true
awsDimensions:
- ServiceName
metrics:
- name: CpuReserved
statistics:
- Average
period: 300
length: 3600
- name: CpuUtilized
statistics:
- Average
period: 300
length: 3600
- name: MemoryReserved
statistics:
- Average
period: 300
length: 3600
- name: MemoryUtilized
statistics:
- Average
period: 300
length: 3600
- name: StorageReadBytes
statistics:
- Average
period: 300
length: 3600
- name: StorageWriteBytes
statistics:
- Average
period: 300
length: 3600
- name: NetworkRxBytes
statistics:
- Average
period: 300
length: 3600
- name: NetworkTxBytes
statistics:
- Average
period: 300
length: 3600
- name: DesiredTaskCount
statistics:
- Average
period: 300
length: 3600
- name: TaskCount
statistics:
- Average
period: 300
length: 3600
- name: PendingTaskCount
statistics:
- Average
period: 300
length: 3600
- name: RunningTaskCount
statistics:
- Average
period: 300
length: 3600
- name: DeploymentCount
statistics:
- Average
period: 300
length: 3600
- name: TaskSetCount
statistics:
- Average
period: 300
length: 3600
yace :5000 endpoint
