I want to configure Amazon CloudWatch Container Insights to monitor my Amazon Elastic Container Service (Amazon ECS) tasks and container deployment.
Resolution
Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you use the most recent AWS CLI version.
To configure CloudWatch Container Insights to monitor your Amazon ECS tasks and container deployment, complete the following steps.
Modify account settings
To turn on Container Insights for all the new clusters that you created, configure the Container Insights account settings.
Use the CloudWatch console to modify account settings
Complete the following steps:
- Open the Amazon ECS console.
- In the navigation bar, use the Region selector to choose a Region.
- Choose Account Settings.
- In the CloudWatch Container Insights section, set or clear the check box for each setting for the authenticated AWS Identity and Access Management (IAM) user and role.
- After you configure these settings, choose Save.
- On the confirmation screen, choose Confirm.
When you log in as the AWS root user account, you can change the account's default setting. Or you can change the setting of any specific IAM user or IAM role in the account.
Use the AWS CLI to modify the default account settings for all IAM users or roles
To modify the default account setting for all IAM users or roles on your account, run the following AWS CLI command:
aws ecs put-account-setting-default --name containerInsights --value enabled --region <REGION_NAME>
Note: The changes from the preceding command apply to the entire AWS account unless an IAM user or role explicitly overrides these settings. For more information, see Modifying Amazon ECS account settings.
Create a cluster with Container Insights turned on
To turn on Container Insights when you create a cluster, use either the Amazon ECS console or the AWS CLI.
Create a cluster with Container Insights turned on
Complete the following steps:
- Open the Amazon ECS console.
- In the navigation bar, use the Region selector to choose a Region.
- In the navigation pane, choose Clusters.
- Choose Create cluster.
- On the Create cluster page, choose the required settings to create your cluster.
- Expand Monitoring, and then select Use Container Insights.
- Choose Create.
Use the AWS CLI to create a cluster with Container Insights turned on
To create a new cluster with Container Insights turned on, run the following command:
aws ecs create-cluster --cluster-name <CLUSTER_NAME> --settings "name=containerInsights,value=enabled" --region <REGION_NAME>
Turn on Container Insights on an existing Amazon ECS cluster
To turn on Container Insights on an existing cluster, run the following command:
aws ecs update-cluster-settings --cluster <CLUSTER_NAME> --settings name=containerInsights,value=enabled --region <REGION_NAME>
Container Insights options
When you use CloudWatch Container Insights, review the following options:
- When you use an Amazon Elastic Compute Cloud (Amazon EC2) launch type, your task isn't required to have container CPU resource configurations. To show the CPU utilization metrics at the Amazon ECS task level, define the CPU parameter at the task level or the container level in the task definition.
- Network metrics are available for all tasks that run on AWS Fargate and for tasks that run on Amazon EC2 instances that use the bridge. Metrics are also available for tasks that use Amazon Virtual Private Cloud (Amazon VPC) network modes.
- To collect the instance-level metrics from the ECS clusters that are hosted on an EC2 instance, deploy the CloudWatch agent.
Use CloudWatch Logs Insights to view Container Insights data
The metrics that Containers Insights collects for Amazon ECS collection are for aggregated and averaged metrics at the family level. To analyze the data, use CloudWatch Logs Insights. Note that CloudWatch Logs Insights doesn't track single tasks.
Container Insights retrieves performance log events and automatically collects the performance metrics as logs. To collect the performance metrics, open the CloudWatch Logs insights console. Then, use the following format to select a log group:
/aws/ecs/containerinsights/<CLUSTER_NAME>/performance
The following example query shows the task-level usage for CPU and memory:
stats avg(CpuUtilized) as CPU, avg(MemoryUtilized) as Mem by TaskId
| filter Type="Task"
| sort Mem, CPU desc
Related information
Amazon ECS clusters
Amazon ECS Container Insights metrics
Setting up Container Insights on Amazon ECS for cluster- and service-level metrics
Deploying the CloudWatch agent to collect EC2 instance-level metrics on Amazon ECS
Viewing Container Insights metrics