我正在尝试配置AWS Cloudwatch代理,以便在AWS之外的Ubuntu 18.04上运行。每次运行时,我都会收到这个错误。
# /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c "file:/path/to/cloudwatch/cloudwatch.json" -s
/opt/aws/amazon-cloudwatch-agent/bin/config-downloader --output-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --download-source file:/path/to/cloudwatch/cloudwatch.json --mode onPrem --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default
Got Home directory: /root
I! Set home dir Linux: /root
Unable to determine aws-region.
Please make sure the credentials and region set correctly on your hosts.
Refer to http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
Fail to fetch the config!
在以下情况下运行程序 strace -f 显示它正试图读取 /root/.aws/credentials 然后退出。根据指南,以下内容是 /root/.aws/credentials:
[AmazonCloudWatchAgent]
aws_access_key_id = key
aws_secret_access_key = secret
region = us-west-2
如果我跑 aws configure get region它能够正确检索该区域。但是,Cloudwatch代理却无法读取它。以下是以下内容 common-config.toml (也会被读取,每条)。
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
[credentials]
shared_credential_profile = "AmazonCloudWatchAgent"
shared_credential_file = "/root/.aws/credentials"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"
以下是我试过的其他东西。
封闭 region (和所有值),用双引号表示,按 https:/forums.aws.amazon.comthread.jspa?threadID=291589。. 这并没有什么不同。
添加homemyuser.awsconfig、homemyuser.awscredentials和root.awsconfig,并给它们填充适当的值。这些文件没有被读取。
搜索 CloudWatch 代理的源代码(它不是开源的)。
在程序环境中明确设置AWS_REGION=us-west-2(同样的错误)。
变化 [AmazonCloudWatchAgent] 到 [profile AmazonCloudWatchAgent] 遍体鳞伤
增加一个 [default] 在所有配置文件中的部分(没有区别)
援引 config-downloader 程序,直接设置AWS_REGION等。(同样的错误)
成为非root用户,然后使用以下方法调用程序 sudo 而不是以root用户的身份调用程序,而不使用 sudo.
无论我怎么尝试,都会得到同样的错误。我在2020年3月23日通过下载 "最新 "deb安装了CloudWatch代理,按照这些说明。https:/docs.aws.amazon.comAmazonCloudWatchlatestmonitoringdownload-cloudwatch-agent-commandline.html。
我使用了错误的 "秘密 "和无效字符,导致INI文件解析器崩溃。CloudWatch 代理错误地将其报告为 "缺失区域",而解析错误或 "invalid secret "错误会更准确。
aws 配置默认为 C:\Users/Administrator,而不是您安装 CloudWatch 代理的用户。因此,您可能需要将 .aws 文件夹移动到 CLoudWatch 用户。或者......更直接。
aws configure --profile AmazonCloudWatchAgent
您也可以使用 common-config.toml 如这里所述。https:/docs.aws.amazon.comAmazonCloudWatchlatestmonitoringinstall-CloudWatch-Agent-commandline-fleet.html#CloudWatch-Agent-profile-instance-first。
在运行Windows Server的服务器上,这个文件在C:\ProgramData\Amazon/AmazonCloudWatchAgent目录下。默认的 comm-config.toml 如下。
# This common-config is used to configure items used for both ssm and cloudwatch access
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
# [credentials]
# shared_credential_profile = "{profile_name}"
# shared_credential_file= "{file_name}"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"
如果需要的话,你也可以用新的位置更新comm-config.toml。