Prerequisite:
You should have an working AWS Account
You should be able to run basic linux commands
Programming with python may ease understanding of some context although not necessary to know python
Step 1: Create a Key Pair
Sign into your AWS account and then click on the EC2 Service
Once in the EC2 UI, click on the Key Pairs link on the left navigation pane
On the Key Pairs UI, click on the Create key pair. This will open this form
Provide a name for this key, then for type either use RSA or ED25519. Please note, ED25519 is not supported on Windows.
Choose .pem file for use with openssh. On windows, you can use ssh command.
Click the Create Key Pair button and the browser will automatically download the key file. Keep this file safe. We will need this in our next steps.
Step 2: Create Security Group
Go to EC2 Console once again
On the left navigation pane, click Security Groups
Click on Create Security Group Button
Provide relevant information like the name and the default VPC of your region
Scroll down to add Inbound and Outbound Rules. These are the rules that will determine from where you are going to access your EC2 instance and for what purpose. Please be careful there.
For Inbound rules usually we want to access the web service ports from anywhere but we would like to restrict SSH access to the EC2 instance usually only to our local PC. AWS will automatically find our IP address.
For outbound rules, leave default
Scroll down and click Create Security Group button
Step 3: Create EC2 Instance
Go to EC2 Dashboard and click on instances link
Click Launch instances button. This will open another form. Provide the instance a name
Choose Amazon Linux as OS Image
Choose t2.micro as instance type and select the key pair created on step 1
In the Network Settings section, choose the Security Group created in step 2
Leave other settings to default and click on Launch Instance button
Step 5: Modify IAM Role
Once the instance is created, select Modify IAM Role from Actions -> Security -> Modify IAM Role
Click Create new IAM Role link.
In this page, give the role a name and choose Prometheus related policies
On the EC2 page, use this role and click on Update IAM Role
Step 4: Connect to the EC2 Instance
Now you have to connect to the EC2 instance that you created in step 3.
On the EC2 Dashboard, click Instances link.
On the instances screen find your instances and click on it to see the details
You can see all the details now. Copy the Public IPV4 DNS
Open a Powershell/Command prompt window and run the following command
ssh -i tech-demo.pem ec2-user@<EC2 INSTANCE IPV4 DNS>
Now you are connected to the amazon linux instance
Step 5: Install required software and application on the EC2 Instance
Run the following commands
sudo yum update -y
sudo yum install -y python pip
pip install prometheus_client
Now create a metrics.py file with the following content. This will host a metrics endpoint on the EC2 Instance
from prometheus_client import start_http_server, CollectorRegistry, Gauge, push_to_gateway import random import time import math registry = CollectorRegistry() g = Gauge('tech_demo_custom_metric', 'A custom metric data generated in python') @g.track_inprogress() def f(): pass with g.track_inprogress(): pass if __name__ == '__main__': start_http_server(8000) angle = 0 while(True): g.set(10 * math.cos(math.radians(angle + 90))) angle = angle + 1 time.sleep(5)
Run this file with the following
python metrics.py
Now run the following command to enable port forwarding of the metrics endpoint on your local machine
ssh -i tech-demo.pem -L 8000:localhost:8000 -N -f ec2-user@<EC2 IPV4 DNS>
Now open localhost:8000 on your browser to see the metrics 'tech_demo_custom_metric'
Step 6: Create an AWS Prometheus Workspace
Go to the Amazon Prometheus Dashboard
Click on Create button
Give it an alias and click on Create workspace button
Now you will see this workspace details. Keep a note of these
Step 7: Run Prometheus Server
Run the following commands on the EC2 Instance
wget https://github.com/prometheus/prometheus/releases/download/v2.26.0/prometheus-2.26.0.linux-amd64.tar.gz
tar -xvf prometheus-2.26.0.linux-amd64.tar.gz
sudo cp prometheus-2.26.0.linux-amd64/prometheus /usr/local/bin/
Create a new file named
prometheus.yaml
, and edit theremote_write
configuration with your workspace ID from the AMP workspace on the AWS console.
global:
scrape_interval: 15s
external_labels:
monitor: 'prometheus'
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:8000']
remote_write:
-
url: <Workspace write URL>
queue_config:
max_samples_per_send: 1000
max_shards: 200
capacity: 2500
sigv4:
region: eu-west-1
We are finally ready to run Prometheus and send our application metrics to AMP.
prometheus --config.file=prometheus.yaml
This will now send the metrics data from the metrics endpoint we created on step 5 to the Amazon Prometheus
Step 8: Install Grafana
Run the following command to install Grafana on EC2 Instance
sudo vi /etc/yum.repos.d/grafana.repo
Now add the following content into the file
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
Now run
sudo yum install grafana -y
Now enable Sigv4 Authentication by changing the configuration file
/usr/share/grafana/conf/defaults.ini
Set this configuration to true -
sigv4_auth_enabled
Reload the system daemon
sudo systemctl daemon-reload
Start the Grafana server