amazon-cloudwatch-agent icon indicating copy to clipboard operation
amazon-cloudwatch-agent copied to clipboard

Published 20 hours ago verified publisher icon aws

Unable to send metrics accross the region

Open xiaochiw opened this issue 2 years ago • 3 comments

Describe the bug We set up cloudwatch agent as the document here: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html So we configured the config file like this: [profile AmazonCloudWatchAgent] region = us-east-1 output = json Here is the toml file: [credentials] shared_credential_profile = "AmazonCloudWatchAgent" shared_credential_file = "/root/.aws/credentials"

The running instance is EC2 with ARM. However, it seems that all metrics were sent to its own region instead of us-east-1. This only happens in EC2 with ARM. AMD works fine.

Steps to reproduce set up an EC2 instance in one region(like us-east-2) configure the credential file and point the region to other regions(like us-east-1) the metrics were sent to the EC2 current region (us-east-1) instead of (us-east-2)

What did you expect to see? The metrics is supposed to be sent to the configured region(like us-east-1)

What did you see instead? The metrics is sent to current region(us-east-2)

What version did you use? Version: latest

What config did you use? Config: Toml: [credentials] shared_credential_profile = "AmazonCloudWatchAgent" shared_credential_file = "/root/.aws/credentials"

Environment OS: Ubuntu 18:04 in docker Machine: AWS EC2 ON ARM

Additional context Add any other context about the problem here.

xiaochiw avatar May 16 '22 19:05 xiaochiw

This is running on an EC2 instance, right? What command are you using to start the CloudWatch agent? It seems to me like what you're doing is letting the agent determine that you're running on an EC2 instance. This would then in turn have the agent reach out to the EC2 instance metadata service in order to derive it's region and credentials (from the IAM role attached to the host). If you want it to use the credentials file on your host without ever reaching out to IMDS (EC2 instance metadata), you could use the onPrem flag:

sudo /opt/aws/amazon-cloudwatch-agent-ctl -a fetch-config -c file:/path/to/config.json -s -m onPrem

SaxyPandaBear avatar May 23 '22 02:05 SaxyPandaBear

I have tried this command and tried to start it in docker: /opt/aws/amazon-cloudwatch-agent/bin/start-amazon-cloudwatch-agent -m onPrem & However, it seems that it does not help. The couldwatch agent is still sending data to its EC2 region.

wxc267 avatar Jun 25 '22 01:06 wxc267

This issue was marked stale due to lack of activity.

github-actions[bot] avatar Sep 24 '22 00:09 github-actions[bot]

Closing this because it has stalled. Feel free to reopen if this issue is still relevant, or to ping the collaborator who labeled it stalled if you have any questions.

github-actions[bot] avatar Oct 24 '22 00:10 github-actions[bot]