AWS CloudWatch EC2

Question

"Monitor and optimize your AWS EC2 instances effortlessly with AWS CloudWatch. Gain insights with real-time metrics, custom alarms, and automated actions to ensure high availability and performance. Start enhancing your cloud infrastructure today!

Answer 1

Introduction to AWS CloudWatch for EC2

Amazon CloudWatch is a monitoring and management service built for developers, system operators, site reliability engineers (SRE), and IT managers. It provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. When used with Amazon EC2 (Elastic Compute Cloud), CloudWatch can monitor various metrics and set alarms to maintain the health and efficiency of EC2 instances.

Key Concepts

CloudWatch Metrics

Metrics are data points related to the performance of your systems. For EC2, CloudWatch provides several default metrics such as CPU utilization, disk reads/writes, and network traffic.

CloudWatch Alarms

Alarms perform one or more actions based on metric conditions. For example, an alarm can be set to send a notification or trigger an auto-scaling action when CPU utilization exceeds a certain threshold.

CloudWatch Logs

CloudWatch can collect log data from various sources, including EC2 instances. This is useful for monitoring application logs, system logs, and custom log files.

Setting Up CloudWatch for EC2

Step 1: Enable Detailed Monitoring

By default, CloudWatch provides basic monitoring for EC2 instances with metrics at 5-minute intervals. Detailed monitoring offers more granularity with 1-minute intervals.

Enable Detailed Monitoring via AWS Management Console:

1. Open the EC2 Dashboard.
2. Select the EC2 instance.
3. Click on the "Actions" dropdown menu.
4. Select "Monitor and troubleshoot," then "Enable detailed monitoring."

Enable Detailed Monitoring via AWS CLI:

aws ec2 monitor-instances --instance-ids i-1234567890abcdef0 

Step 2: Viewing Metrics

Using AWS Management Console:

1. Open the CloudWatch Dashboard.
2. Click on "Metrics" in the left-hand menu.
3. Select "EC2" under the list of available metrics.
4. Choose the desired metric (e.g., CPUUtilization) and instance.

Using AWS CLI:

aws cloudwatch get-metric-statistics --metric-name CPUUtilization --start-time 2023-06-17T00:00:00Z --end-time 2023-06-18T00:00:00Z --period 300 --namespace AWS/EC2 --statistics Average --dimensions Name=InstanceId,Value=i-1234567890abcdef0 

Step 3: Creating Alarms

Using AWS Management Console:

1. Open the CloudWatch Dashboard.
2. Click on "Alarms" in the left-hand menu.
3. Click the "Create alarm" button.
4. Select the metric and configure the threshold and actions.

Using AWS CLI:

aws cloudwatch put-metric-alarm --alarm-name "HighCPUUtilization" --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 70 --comparison-operator GreaterThanThreshold --dimensions Name=InstanceId,Value=i-1234567890abcdef0 --evaluation-periods 2 --alarm-actions arn:aws:sns:us-east-1:123456789012:MyTopic 

Monitoring EC2 Logs with CloudWatch Logs

Step 1: Install CloudWatch Logs Agent

Amazon Linux and Ubuntu:

1. Connect to your EC2 instance via SSH.

2. Install the CloudWatch Logs agent:

   sudo yum update -y
   sudo yum install -y awslogs 

3. Configure the agent:

   sudo vi /etc/awslogs/awslogs.conf 

   Edit the configuration file to specify the log files you want to monitor.

4. Start the CloudWatch Logs agent:

   sudo service awslogs start
   sudo chkconfig awslogs on 

Step 2: Configure Log Group and Stream

Using AWS Management Console:

1. Open the CloudWatch Dashboard.
2. Click on "Logs" in the left-hand menu.
3. Create a new log group and define a log stream for your EC2 instance.

Using AWS CLI:

aws logs create-log-group --log-group-name MyLogGroup
aws logs create-log-stream --log-group-name MyLogGroup --log-stream-name MyLogStream 

Example Code: Automating CloudWatch Monitoring with AWS SDK (Python Boto3)

Prerequisites

• Install Boto3:

  pip install boto3 

Example Python Script

import boto3

# Create CloudWatch client
cloudwatch = boto3.client('cloudwatch')

# Create EC2 client
ec2 = boto3.client('ec2')

# Enable detailed monitoring
instance_id = 'i-1234567890abcdef0'
ec2.monitor_instances(InstanceIds=[instance_id])

# Create a CloudWatch alarm
cloudwatch.put_metric_alarm(
    AlarmName='HighCPUUtilization',
    ComparisonOperator='GreaterThanThreshold',
    EvaluationPeriods=2,
    MetricName='CPUUtilization',
    Namespace='AWS/EC2',
    Period=300,
    Statistic='Average',
    Threshold=70.0,
    ActionsEnabled=True,
    AlarmActions=['arn:aws:sns:us-east-1:123456789012:MyTopic'],
    AlarmDescription='Alarm when server CPU exceeds 70%',
    Dimensions=[
        {
            'Name': 'InstanceId',
            'Value': instance_id
        },
    ],
    Unit='Percent'
)

print("Alarm created and detailed monitoring enabled.") 

AWS CloudWatch provides powerful monitoring capabilities for EC2 instances. By using CloudWatch, you can gain insights into your EC2 instance's performance, set up alarms for critical metrics, and collect log data for troubleshooting. Whether through the AWS Management Console, AWS CLI, or SDKs like Boto3, CloudWatch integrates seamlessly into your AWS environment to ensure your applications run smoothly and efficiently.

Answer 2

FAQs on AWS CloudWatch EC2

Q: What is Amazon CloudWatch?

A: Amazon CloudWatch is a monitoring and management service built for developers, system operators, site reliability engineers (SRE), and IT managers. CloudWatch provides data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

Q: How do I set up CloudWatch monitoring for my EC2 instances?

A: To set up CloudWatch monitoring for EC2 instances:

1. Enable Detailed Monitoring on your EC2 instances.
2. Create CloudWatch Alarms to monitor metrics.
3. Install the CloudWatch Agent on your EC2 instances for custom metrics.

Q: How can I enable detailed monitoring on my EC2 instances?

A: Detailed monitoring can be enabled via the AWS Management Console, AWS CLI, or AWS SDK.

Using AWS Management Console:

1. Open the EC2 console.
2. Select your instance.
3. In the 'Actions' menu, choose 'Monitor and troubleshoot', then 'Manage detailed monitoring'.

Using AWS CLI:

aws ec2 monitor-instances --instance-ids i-1234567890abcdef0 

Using AWS SDK (Python example):

import boto3

ec2 = boto3.client('ec2')
response = ec2.monitor_instances(InstanceIds=['i-1234567890abcdef0'])
print(response) 

Q: What metrics are available for EC2 instances in CloudWatch?

A: CloudWatch provides various metrics for EC2 instances, including but not limited to:

• CPUUtilization
• DiskReadOps
• DiskWriteOps
• NetworkIn
• NetworkOut
• StatusCheckFailed

Q: How do I create a CloudWatch alarm for an EC2 instance?

A: Using AWS Management Console:

1. Open the CloudWatch console.
2. Choose 'Alarms' from the navigation pane.
3. Choose 'Create Alarm'.
4. Select the metric and follow the prompts to set up the alarm.

Using AWS CLI:

aws cloudwatch put-metric-alarm --alarm-name "HighCPUAlarm" --metric-name "CPUUtilization" --namespace "AWS/EC2" --statistic "Average" --period 300 --threshold 80 --comparison-operator "GreaterThanOrEqualToThreshold" --dimensions Name=InstanceId,Value=i-1234567890abcdef0 --evaluation-periods 1 --alarm-actions arn:aws:sns:us-east-1:123456789012:MyTopic 

Using AWS SDK (Python example):

import boto3

cloudwatch = boto3.client('cloudwatch')

response = cloudwatch.put_metric_alarm(
    AlarmName='HighCPUAlarm',
    MetricName='CPUUtilization',
    Namespace='AWS/EC2',
    Statistic='Average',
    Period=300,
    Threshold=80,
    ComparisonOperator='GreaterThanOrEqualToThreshold',
    Dimensions=[
        {
            'Name': 'InstanceId',
            'Value': 'i-1234567890abcdef0'
        },
    ],
    EvaluationPeriods=1,
    AlarmActions=[
        'arn:aws:sns:us-east-1:123456789012:MyTopic',
    ]
)
print(response) 

Q: How can I install and configure the CloudWatch Agent on my EC2 instance?

A: Steps to install CloudWatch Agent:

1. Download the CloudWatch Agent package:

   wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm 

2. Install the package:

   sudo rpm -U ./amazon-cloudwatch-agent.rpm 

3. Configure the agent using the wizard:

   sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard 

4. Start the CloudWatch Agent:

   sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a start 

Using AWS CLI for configuration:

You can use the AWS CLI to start the CloudWatch agent with a JSON configuration file.

aws ssm get-parameter --name AmazonCloudWatch-Config --query 'Parameter.Value' --output text > config.json

sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:config.json -s 

Q: How do I retrieve and analyze logs from my EC2 instances using CloudWatch Logs?

A: Steps to retrieve and analyze logs:

1. Install the CloudWatch Logs agent:

   sudo yum install -y awslogs 

2. Configure the agent:

   sudo vim /etc/awslogs/awslogs.conf 

   Example configuration:

   [general]
   state_file = /var/lib/awslogs/agent-state
   
   [/var/log/messages]
   file = /var/log/messages
   log_group_name = /var/log/messages
   log_stream_name = {instance_id} 

3. Start the agent:

   sudo service awslogs start 

Using AWS SDK (Python example) to retrieve logs:

import boto3

logs = boto3.client('logs')

response = logs.filter_log_events(
    logGroupName='/var/log/messages',
    logStreamNames=['i-1234567890abcdef0'],
    startTime=1234567890,  # Timestamp in milliseconds
    endTime=1234567890,    # Timestamp in milliseconds
    filterPattern='ERROR'
)

for event in response['events']:
    print(event['message']) 

Answer 3

Important Interview Questions and Answers on AWS CloudWatch EC2

Q: What is AWS CloudWatch? 

AWS CloudWatch is a monitoring and observability service that provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

Q: How does CloudWatch monitor AWS resources? 

CloudWatch collects monitoring and operational data in the form of logs, metrics, and events. You can create CloudWatch alarms to trigger actions like scaling EC2 instances or sending notifications based on specified thresholds.

Q: What are CloudWatch metrics? 

Metrics are data points collected at regular intervals to provide information about the performance of your AWS resources. Each AWS service sends metrics to CloudWatch. For example, EC2 sends metrics such as CPU utilization, disk I/O, and network traffic.

Q: How do you create a CloudWatch alarm for an EC2 instance's CPU utilization? 

Here is the code.

import boto3

cloudwatch = boto3.client('cloudwatch')

response = cloudwatch.put_metric_alarm(
    AlarmName='EC2_CPU_Utilization_Alarm',
    AlarmDescription='Alarm when server CPU exceeds 70%',
    ActionsEnabled=True,
    AlarmActions=[
        'arn:aws:sns:us-west-2:123456789012:my-sns-topic'
    ],
    MetricName='CPUUtilization',
    Namespace='AWS/EC2',
    Statistic='Average',
    Dimensions=[
        {
            'Name': 'InstanceId',
            'Value': 'i-0123456789abcdef0'
        },
    ],
    Period=300,
    EvaluationPeriods=1,
    Threshold=70.0,
    ComparisonOperator='GreaterThanThreshold'
)

print(response) 

Q: How can you retrieve log data from CloudWatch Logs?

Here is the code.

import boto3

logs = boto3.client('logs')

response = logs.get_log_events(
    logGroupName='/aws/lambda/my-function',
    logStreamName='2020/10/19/[$LATEST]abcdef1234567890abcdef1234567890'
)

for event in response['events']:
    print(event['message']) 

Q: What is Amazon EC2?

Amazon Elastic Compute Cloud (EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Q: How do you launch an EC2 instance using the AWS Management Console?

1. Open the EC2 Dashboard.
2. Click "Launch Instance."
3. Choose an Amazon Machine Image (AMI).
4. Choose an instance type.
5. Configure instance details.
6. Add storage.
7. Add tags.
8. Configure security group.
9. Review and launch.

Q: How can you programmatically start and stop an EC2 instance using Boto3?

Here is the code.

import boto3

ec2 = boto3.client('ec2')

# Start instance
start_response = ec2.start_instances(
    InstanceIds=['i-0123456789abcdef0'],
)

print("Starting instance: ", start_response)

# Stop instance
stop_response = ec2.stop_instances(
    InstanceIds=['i-0123456789abcdef0'],
)

print("Stopping instance: ", stop_response) 

Q: How do you create an AMI from an existing EC2 instance?

Here is the code.

import boto3

ec2 = boto3.client('ec2')

response = ec2.create_image(
    InstanceId='i-0123456789abcdef0',
    Name='My server backup',
    NoReboot=True
)

print("AMI created: ", response['ImageId']) 

Q: What are security groups and how do they work in EC2?

Security groups act as virtual firewalls for your instance to control inbound and outbound traffic. When you launch an instance, you can specify one or more security groups. Each instance in your VPC is associated with a security group, which allows you to specify rules to allow or deny traffic to/from the instance.

Q: Describe how you would set up monitoring for an EC2 instance and react to high CPU utilization.

1. Set Up Monitoring: Use CloudWatch to collect CPU utilization metrics from the EC2 instance.
2. Create an Alarm: Create a CloudWatch alarm that triggers when CPU utilization exceeds a threshold (e.g., 70%).
3. Trigger Actions: Configure the alarm to send notifications via SNS or auto-scale by adding or terminating instances based on the alarm state.

Code Example:

1. Set Up Monitoring and Alarm:

import boto3

cloudwatch = boto3.client('cloudwatch')

# Create CloudWatch alarm
alarm_response = cloudwatch.put_metric_alarm(
    AlarmName='High_CPU_Utilization',
    MetricName='CPUUtilization',
    Namespace='AWS/EC2',
    Statistic='Average',
    Dimensions=[{'Name': 'InstanceId', 'Value': 'i-0123456789abcdef0'}],
    Period=300,
    EvaluationPeriods=1,
    Threshold=70.0,
    ComparisonOperator='GreaterThanThreshold',
    AlarmActions=['arn:aws:sns:us-west-2:123456789012:my-sns-topic']
)
print("Alarm created: ", alarm_response) 

2. Auto-scaling Example (Assuming Auto Scaling Group is Set Up):

import boto3

autoscaling = boto3.client('autoscaling')

# Update Auto Scaling group to use the CloudWatch alarm
response = autoscaling.put_scaling_policy(
    AutoScalingGroupName='my-auto-scaling-group',
    PolicyName='ScaleUp',
    AdjustmentType='ChangeInCapacity',
    ScalingAdjustment=1,
    Cooldown=300
)
print("Auto-scaling policy created: ", response)