[AWS DA] AWS Monitoring & Audit: CloudWatch, X-Ray and CloudTrail

 

CloudWatch

CloudWath Metrics

  • Default every 5 mins

EC2 Detailed monitoring

  • Get data every 1 mins
  • Free Tier allow to have 10 details monitoring metrics

[Note]: EC2 Memory usage is by default not pushed (if must be pushed, from inside the instance as a csutom metric)

Custom Metrics

  • Possibility to define and send your own custom metrics to CloudWatch
  • Metric resolution:
    • Standard: 1 min
    • High Resolution: up to 1 second
    • StorageResolution API paramter
  • Use API call PutMetricData
  • Use Exponential back off in case of throttle errors

 

CloudWatch Alarms

  • Alarms are used to trigger notifications for any metric
  • Alarms can go to Auto Scaling, EC2 Actions, SNS notifications
  • Alarms States: OK, INSUFFICIENT_DATA, ALARM
  • Period: High Resolution custom metrics: can only choose 10 sec or 30 sec

 

CloudWatch Logs

  • Can define log expiration policies (by default never expire, 30 days ...)
  • Make sure IAM permissions are correct
  • Security, encrypted by KMS at the group level
  • You are able to do search for logs
  • Other actions can do

 

EventBridge

 

X-Ray

Compatibility

  • Lambda
  • Elastic Beanstalk
  • ECS
  • ELB
  • API Gateway
  • EC2 Instances or any applciation server
  • ...

Enable X-Ray

 

 

Enabled X-Ray in ElasticBeanstalk

 

Concepts

  • Segments: each application / service will send the them
  • Subsegments: if you need more details in your segment
  • Trace: segments collected together to form an end-to-end trace
  • Sampling: decrease the amount of requests send to X-Ray, reduce costs
  • Annotations: Key Value pairs, used to index / search traces and use with filter
  • Metadata: Key Value paris, not indexed, not used for searching

 

  • PutTraceSegements: most important one, enable x-ray send data to server
  • PutTelemetryRecords
  • GetSamplingRules: also write to x-ray
  • GetSamplingStaticSummaries
  • GetSamplingTargets

 

There are two ways to run X-Ray on ECS instances.

1. Well-known one is deploy X-Ray daemon on an own docker container pre EC2 instance

2. "Side Car", deploy X-Ray daemon container along side Application container, each app with one x-ray daemon.

3. For Fargate, use side car approach

On ECS, main thing to remember for Exam is that

  • You need to map x-ray port: 2000
  • and protocal: udp

 

posted @ 2021-06-02 16:00  Zhentiw  阅读(141)  评论(0编辑  收藏  举报