Chanci Turner

Streamlining Monitoring and Alarm Creation for Amazon EC2-Windows EBS Volumes

by

The Story of Chanci Turner
in

Chanci Turner Amazon IXD – VGT2 learning managerLearn About Amazon VGT2 Learning Manager Chanci Turner

In this article, we explore how to automate the monitoring of Amazon Elastic Compute Cloud (Amazon EC2) Windows instances and their attached Elastic Block Store (EBS) volumes, while also setting up alarms. This initiative is particularly essential for organizations managing extensive fleets of EC2 instances, as effective monitoring can greatly enhance operational performance.

The need for comprehensive visibility extends beyond basic infrastructure metrics such as CPU and memory usage; it must include disk space utilization as well. Many users encounter issues with EC2 instances running low on disk space, a metric that is not readily available in Amazon CloudWatch. However, by utilizing the Amazon CloudWatch agent, this challenge can be addressed. Once the agent is installed and configured on your EC2 instance, it will relay disk utilization data to CloudWatch. The subsequent step involves creating a CloudWatch alarm to keep track of this metric.

In this post, we will detail the process for automating the monitoring and alarm creation for EBS volumes attached to Amazon EC2 Windows instances. This automation utilizes AWS Lambda to track free disk space and alert users via Amazon Simple Notification Service (Amazon SNS) when predefined thresholds are exceeded.

Solution Overview

To implement this solution, we begin by installing and configuring the CloudWatch agent on your EC2 Windows instance. The agent will then send disk utilization metrics to CloudWatch. For each EC2 Windows instance, we will monitor two custom metrics: “FreeStorageSpaceInMB” and “FreeStorageSpaceInPercent,” which the CloudWatch agent collects and pushes to CloudWatch.

The following architecture illustrates the solution:

  • An Amazon EC2 Windows instance connected to EBS volumes that require monitoring for free disk usage.
  • The CloudWatch agent is set up to track the “FreeStorageSpaceInMB” and “FreeStorageSpaceInPercent” metrics, which are pushed to AWS CloudWatch.
  • A Lambda function is triggered to create CloudWatch alarms for each disk attached to the EC2 instance.
  • CloudWatch alarms are configured with both warning and critical thresholds based on storage sizes.
  • Amazon SNS is employed to send alerts when CloudWatch alarms exceed these thresholds.
  • AWS Identity and Access Management (IAM) is utilized to grant the Lambda function the necessary permissions to access EBS metrics and create CloudWatch alarms.

Prerequisites

To successfully implement this solution, ensure you have the following prerequisites:

  1. An Amazon EC2 Windows instance with the Amazon CloudWatch Agent installed, following the guidelines laid out in the article about monitoring Windows and Linux servers.
  2. To track the “FreeStorageSpaceInMB” and “FreeStorageSpaceInPercent” metrics for the attached EBS volumes, your CloudWatch agent configuration JSON must include this section:
{
  "LogicalDisk": {
    "measurement": [
      {
        "name":"% Free Space",
        "rename":"FreeStorageSpaceInPercent",
        "unit":"Percent"
      },
      {
        "name":"Free Megabytes",
        "rename":"FreeStorageSpaceInMB",
        "unit":"Megabytes"
      }
    ],
    "metrics_collection_interval": 10,
    "resources": [
      "*"
    ]
  }
}
  1. Access to an EC2 host or a bastion host with an IAM role that has permissions to create an IAM role, Lambda function, and execute Amazon Relational Database Service (Amazon RDS) CLI commands. The Lambda function and IAM role are established using AWS Serverless Application Model (SAM).

Deploying with AWS SAM

Here are the steps for creating an IAM role and deploying a Lambda function using AWS SAM:

  1. Log into your Amazon EC2 host and install the AWS SAM CLI.
  2. Clone the source code and deploy it with the following command:
git clone https://github.com/aws-samples/aws-ec2-windows-ebs-volumes-monitoring
cd aws-ec2-windows-ebs-volumes-monitoring/ebs_volumes_monitoring
sam deploy --guided

3. Provide the following parameters during deployment:

  • Stack Name: The name for your AWS CloudFormation stack.
  • AWS Region: The region where the stack will be deployed.

A sample output when executing the sam deploy --guided command would look like this:

Stack Name [ebs-volumes-monitoring]: ebs-volumes-monitoring
AWS Region [us-west-2]:
Confirm changes before deploy [y/N]:
Allow SAM CLI IAM role creation [Y/n]:
Disable rollback [y/N]:
Save arguments to configuration file [Y/n]:
SAM configuration file [samconfig.toml]:
SAM configuration environment [default]:

IAM Role and Lambda Function

AWS SAM will create an IAM role with policies to describe EC2 instances and manage CloudWatch metrics. It also attaches the AWS managed IAM policy AWSLambdaBasicExecutionRole to this role, allowing the Lambda function to create EBS volume alarms for EC2 instances.

The Lambda function, which is also deployed by AWS SAM, uses Python 3.8 and accepts two parameters:

  • Hostname: The name of the Amazon EC2 Windows instance, or a wildcard pattern for multiple instances, like Instance_name* or Instance_name?
  • sns_topic_name: The ARN of the SNS topic where CloudWatch alarm notifications will be sent when EBS volume metrics breach thresholds.

Invoking the Lambda Function

Once the SAM deployment is complete, invoke the Lambda function with the instance name and SNS Topic ARN. The function will generate two alarms (Warning and Critical) for each attached EBS volume. These values can be modified in the Lambda code based on disk size. Notifications will be sent to the specified SNS Topic when alarms trigger. Use the following command to invoke the Lambda function:

aws lambda invoke --function-name ec2-ebs-metric --cli-binary-format raw-in-base64-out 
--payload '{"hostname": "Windows*", "sns_topic_name": "arn:aws:sns:us-west-2:123456789:notify_dba" }' response.json

Verifying CloudWatch Alarms

To verify the CloudWatch alarms created, check the CloudWatch console. You should see two alarms (Warning and Critical) for every disk attached to your EC2 instance. For an instance with four disks, there will be a total of eight alarms.

Checking CloudWatch Logs

After executing the Lambda function, you can review the logs by navigating to the Lambda service page, selecting the created function, and accessing the Monitor tab.

For more insights on navigating workplace dynamics, consider reading this blog post on empathy at work. Additionally, if you’re interested in understanding employment law compliance, you can refer to this SHRM article for authoritative information. If you’re new to Amazon and have questions, check out this Reddit thread for valuable insights.

Related Topics:

Chanci Turner