Product Documentation

AWS CloudWatch

Type of Data

Instance Metrics

Description

CloudWatch is the AWS implementation for monitoring virtual machine health. AWS deploys monitoring agents on the VMs to obtain server metrics like CPU usage, Disk read/write I/O, Memory Usage and Network Bytes transferred in/out. The metrics are recorded and then made available to Fusion via the AWS SDK API.

Data Feed Format

The CloudWatch Fusion data feed produces a JSON object that contains AWS CloudWatch Virtual Machine monitoring metrics. The Fusion CloudWatch data structure that will be sent to Openmix looks like this:

  {
    "disk_writes_kbps": 0.279,
    "network_in_mb": 3286.48,
    "memory_available_mb": 1479,
    "disk_reads_kbps": 0,
    "memory_available_pct": 88,
    "network_out_mb": 2343.892,
    "cpu_time_pct": 20.5
  }

When the Fusion CloudWatch data feed runs, it will query the CloudWatch VM monitoring metrics for the last 5 minutes. The JSON result is based on the most current CloudWatch VM monitoring metrics available. The CloudWatch integration requires a Fusion data feed for each CloudWatch VM that should be monitored and made actionable via Openmix.

Server Configuration

CloudWatch Policies and Minimum Requirements

In order for Fusion to gain access to the CloudWatch monitoring metrics for any given VM, the user credentials used to create the Fusion CloudWatch data feed must these minimum requirements:

  • AmazonEC2ReadOnlyAccess
  • CloudWatchReadOnlyAccess

These are the credentials the AWS user requires in order to query the CloudWatch server monitoring metrics. The AWS user roles can be found under:
->AWS Management Console
-> Security and Identity
-> Identity & Access Management
-> Users
-> Select the user that will be used for AWS access. See the user policies or groups assigned for the user. If there is no policy listed for the user, it should be listed in the group.

Implementation Notes

There are only few things that can go wrong with the Fusion CloudWatch installation. For e.g.,

  • Invalid AWS access key and secret will result in an invalid credentials message.
  • The AWS user account does not have the proper CloudWatch policies as mentioned above (under Server Configuration, minimum requirements).
  • The AWS instance does not have monitoring enabled and therefore results in “null” for the monitoring metrics collected by Fusion in the log history.

Setup in Fusion

You can access Fusion Data Feeds from the left navigation pane, under Openmix. For initial steps please refer to the Fusion Integration Documentation.

When you get to the service-specific configuration dialog box, enter the following:

  • Name: The name given to the data feed. This will default to “Service - Platform Name” if not specified.
  • Run Every: The frequency with which the data feed is updated from the service.
  • Platform: The Platform that is associated with the data feed.
  • Access Key: the AWS access key for the user account that will be used in the Fusion AWS SDK authorization and subsequent CloudWatch API queries.
  • Secret Key: The user account secret key.
  • Region: The location where the VM exists.
  • Instance ID: This shows the available instances in the selected region.

Once the Fusion CloudWatch installation is complete, it will be listed on the Fusion data feeds home page with a green status and monitoring metrics in the log history.

To edit a Fusion data feed click on the data feed in the list and then click the Edit button. Once you have changed the configuration, click Save. This will bring you back to the data feed list with your changes saved and applied to the data feed.