By using AWS re:Post, you agree to the AWS re:Post Terms of Use

How do I configure CloudWatch Container Insights to monitor my Amazon ECS tasks and container deployment?

4 minute read
0

I want to configure Amazon CloudWatch Container Insights to monitor my Amazon Elastic Container Service (Amazon ECS) tasks and container deployment.

Resolution

Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you use the most recent AWS CLI version.

To configure CloudWatch Container Insights to monitor your Amazon ECS tasks and container deployment, complete the following steps.

Modify account settings

To turn on Container Insights for all the new clusters that you created, configure the Container Insights account settings.

Use the CloudWatch console to modify account settings

Complete the following steps:

  1. Open the Amazon ECS console.
  2. In the navigation bar, use the Region selector to choose a Region.
  3. Choose Account Settings.
  4. In the CloudWatch Container Insights section, set or clear the check box for each setting for the authenticated AWS Identity and Access Management (IAM) user and role.
  5. After you configure these settings, choose Save.
  6. On the confirmation screen, choose Confirm.

When you log in as the AWS root user account, you can change the account's default setting. Or you can change the setting of any specific IAM user or IAM role in the account.

Use the AWS CLI to modify the default account settings for all IAM users or roles

To modify the default account setting for all IAM users or roles on your account, run the following AWS CLI command:

aws ecs put-account-setting-default --name containerInsights --value enabled --region <REGION_NAME>

Note: The changes from the preceding command apply to the entire AWS account unless an IAM user or role explicitly overrides these settings. For more information, see Modifying Amazon ECS account settings.

Create a cluster with Container Insights turned on

To turn on Container Insights when you create a cluster, use either the Amazon ECS console or the AWS CLI.

Create a cluster with Container Insights turned on

Complete the following steps:

  1. Open the Amazon ECS console.
  2. In the navigation bar, use the Region selector to choose a Region.
  3. In the navigation pane, choose Clusters.
  4. Choose Create cluster.
  5. On the Create cluster page, choose the required settings to create your cluster.
  6. Expand Monitoring, and then select Use Container Insights.
  7. Choose Create.

Use the AWS CLI to create a cluster with Container Insights turned on

To create a new cluster with Container Insights turned on, run the following command:

aws ecs create-cluster --cluster-name <CLUSTER_NAME> --settings "name=containerInsights,value=enabled" --region <REGION_NAME>

Turn on Container Insights on an existing Amazon ECS cluster

To turn on Container Insights on an existing cluster, run the following command:

aws ecs update-cluster-settings --cluster <CLUSTER_NAME> --settings name=containerInsights,value=enabled --region <REGION_NAME>

Container Insights options

When you use CloudWatch Container Insights, review the following options:

  • When you use an Amazon Elastic Compute Cloud (Amazon EC2) launch type, your task isn't required to have container CPU resource configurations. To show the CPU utilization metrics at the Amazon ECS task level, define the CPU parameter at the task level or the container level in the task definition.
  • Network metrics are available for all tasks that run on AWS Fargate and for tasks that run on Amazon EC2 instances that use the bridge. Metrics are also available for tasks that use Amazon Virtual Private Cloud (Amazon VPC) network modes.
  • To collect the instance-level metrics from the ECS clusters that are hosted on an EC2 instance, deploy the CloudWatch agent.

Use CloudWatch Logs Insights to view Container Insights data

The metrics that Containers Insights collects for Amazon ECS collection are for aggregated and averaged metrics at the family level. To analyze the data, use CloudWatch Logs Insights. Note that CloudWatch Logs Insights doesn't track single tasks.

Container Insights retrieves performance log events and automatically collects the performance metrics as logs. To collect the performance metrics, open the CloudWatch Logs insights console. Then, use the following format to select a log group:

/aws/ecs/containerinsights/<CLUSTER_NAME>/performance

The following example query shows the task-level usage for CPU and memory:

stats avg(CpuUtilized) as CPU, avg(MemoryUtilized) as Mem by TaskId  
| filter Type="Task"  
| sort Mem, CPU desc

Related information

Amazon ECS clusters

Amazon ECS Container Insights metrics

Setting up Container Insights on Amazon ECS for cluster- and service-level metrics

Deploying the CloudWatch agent to collect EC2 instance-level metrics on Amazon ECS

Viewing Container Insights metrics

AWS OFFICIAL
AWS OFFICIALUpdated 6 months ago
1 Comment

Dear AWS,

I first discovered this functionality myself, an then found this article - although this is very valuable functionality, but it's completely not ready for real-world usage. Same for task level logs - click on logs tab for task in containerinsights directs to Service log group, not to container log stream as expected. I'd appreciate you implementing this as CloudWatch metrics instead of logs. At the same time implementing this as metrics would involve creating metric dimension per container that would severely impact CloudWatch usage price. So if you implement this in simple and cheap way, you could make customers, us included, to make choice of CloudWatch instead of DataDog, Dynatrace or other solutions providing container-level metrics and logs out of the box.

replied 5 days ago