Webinar: Discover Zenoss Cloud SaaS-Based IT Monitoring
Forrester Insights:Powering Digital Transformation With Intelligent Monitoring & Analytics
Webinar: Eliminate Blind Spots With Nutanix & Zenoss
Zenoss Partner Portal
Become a Partner
Learn. Discuss. Participate.Join thousands of Zenoss users and experts to learn, discuss and participate in the Zenoss Community.
Customer Support Portal
Zenoss Learning Center
Customers for LifeAt Zenoss, our customers are at the core of everything we do.
Request A Demo
This ZenPack provides support for monitoring Amazon Web Services.
This ZenPack provides support for monitoring Amazon Web Services (AWS). Monitoring for the following EC2, VPC, RDS, CloudFormation and S3 entities is provided through a combination of the AWS EC2, RDS, CloudFormation and CloudWatch APIs.
This ZenPack supersedes the older ZenAWS (ZenPacks.zenoss.ZenAWS) ZenPack that was installed by default on versions of Zenoss prior to 4.2.4. Please remove ZenAWS before installing this ZenPack. This will remove the /EC2 device class and the EC2Manager device within. After installing this ZenPack, you will be able to add a new EC2 Account with much greater functionality.
The features added by this ZenPack can be summarized as follows. They are each detailed further below.
The following entities will be automatically discovered through an account name, access key and secret key you provide. The attributes, tags and collections will be updated on Zenoss’ normal remodeling interval which defaults to every 12 hours.
The following metrics will be collected every 5 minutes by default. Any other CloudWatch metrics can also be collected by adding them to the appropriate monitoring template. The Average statistic is collected, and the graphed value is per second for anything that resembles a rate.
The Amazon CloudWatch datasource type also allows for the collection of any other CloudWatch metric.
Besides CloudWatch metrics, the following metrics will also be collected every 5 minutes by default.
Monitoring large cloud may require to contact AWS support with request to increase CloudWatch API requests limit. Appropriate event will be created in Zenoss in case limit for CloudWatch requests has been exceeded.
CloudWatch datasources utilize multithreading for better performance. It is possible to increase speed by setting twistedthreadpoolsize value in configuration of zenpython daemon. Please note that setting higher value will result also in bigger memory usage.
Collection interval my be changed using zAWSCloudWatchCollectionInterval property. By default it is set to 300 seconds. This will affect most of Amazon CloudWatch datasources and may help in reducing monitoring costs.
Zenoss only reads the messages for each SQS Queue and will show them as Zenoss Events.
Zenoss SQS Message Event Fields
By default all generated events are mapped to /AWS/SQSMessage event class.
SQS Events generated might be delayed in their creation due to Amazons use of short polling by default.
Events will be sent only for messages created after previous monitoring cycle. This prevents from flooding Zenoss Events console with historical SQS messages.
Monitoring plugin collects CloudFormation Events for each CF Stack and shows them as Zenoss Events with the same time. Also it updates status of CF Stack or CF Resource component it belongs.
Standard Zenoss Event Fields
CREATE_FAILED and DELETE_FAILED events have CRITICAL severity, all others INFO one.
By default all generated events are mapped to /AWS/CloudFormation event class.
Once the event is sent, it will not be sent again. If the user clears the event, it will not reappear again.
In case zAWSCloudFormationEventsAutoClear zProperty set to True for each CREATE_COMPLETE and DELETE_COMPLETE corresponding autoclear event will be generated to clear previous CRITICAL ones.
Notifications for events now have the option to be sent with email using Amazon SES.
In addition to the standard email notification fields you will need to fill out the following additional fields.
The senders email and the email of the subscribers must be verified within SES for the target region.
The following resource counts subject to the soft-limits will be collected every 5 minutes and when any of these metrics approaches a soft limit threshold, a Zenoss event will be triggered.
The thresholds are set to the default limit values. If you changed this limit for your account, you should manually change the Max threshold value using the following steps:
You can optionally configure each monitored AWS account to attempt to discover and monitor the guest Linux or Windows operating systems running within each EC2 instance, when specific Tags are present. This requires that your Zenoss system has the network and server access it needs to monitor the guest operating system. VPC and non-VPC modes are supported.
The guest operating system devices’ life-cycle are managed along with the instance. For example, the guest operating system device is set to a decommissioned production state when the EC2 instance is stopped, and the guest operating system device is deleted when the EC2 instance is destroyed.
When combined with the Zenoss Service Dynamics product, this ZenPack adds built-in service impact capability for services running on AWS. The following service impact relationships are automatically added. These will be included in any services that contain one or more of the explicitly mentioned entities.
Service Impact Relationships
The ZenPack now provides a way to group and collect AWS components on an account based on AWS Tags. You can define a tag filter by navigating to your AWS account device and selecting “Add AWS Tag Filter” from the “+” menu in the lower left corner of the screen. On the dialog that pops up, give your Tag Filter a name, and select the tag you want to track. You can combine multiple tags with the AND and OR operators. You can also generate a Component Group based on the Tag Filter. Click Submit when finished.
The Tag Filter will be visible in the the navigation bar area, and the “AWS Tag Filters” section. This will allow you to view all components of any type matched by the filter, along with their graphs.
In addition, you can use this Tag Filter to view billing information for the group of components in the Expenses Analysis section (see Expense Analysis).
The AWS Tag Filters use a special monitoring template, TagFilter, which is not visible in the device-level monitoring template section, but is visible if you go to Advanced > Monitoring Templates. From here, you can add modify the template, should you need to do so.
To turn on monitoring of charges for Amazon services one should enable EstimatedCharges monitoring template for AWS device. This will add graphs with billing information into device overview page and on Expenses Analysis page.
To control spendings limit zAWSBillingCostThreshold zProperty should be used. It is set to 1000 by default. This property sets threshold for bullet-like billing graph to turn red and used in “Billing Cost” threshold as well. Event is generated if spendings go over it’s value.
Billing graphs shows estimated charges for whole account and detailed charges per service. Top 10 services displayed on pie chart.
This ZenPack uses linear interpolation to predict total per month charges and this information displayed on device overview page as well.
You can track AWS usage charges for a given tag or tag group, and grouped by specific services. In order to set this up, you must create a Tag Filter to match the tag or tags in which you are intested in. And then you must configure detailed billing reports in your AWS account. See Configuring Charges Per Tags Monitoring for details.
This zenpack uses the Amazon Cloudwatch API to collect metric data. The first 1,000,000 calls to this API each month are free, and then additional calls are charged at a rate of $0.01 per 1,000 calls. For specific pricing questions, see AWS Cloudwatch Pricing.
A report is provided (Reports -> AWS Reports -> Monitoring Costs) to provide a detailed breakdown of API calls and estimated cost per monitoring template on each monitored EC2 Account.
CloudFormation Stacks Blueprints provides graphical representation of all Stacks templates. The same way as it’s done in AWS Console.
At start only stacks are shown. Double click on the node expandes stacks and shows its resources. Also buttons for quick expanding and collapsing all visible stacks are available.
The set of visible stacks can be narrowed down by regions and stack’s name filters. Stack name filter sets the fragment needs to be present in stack’s name. After setting filters Refresh button should be pressed to apply changes.
Each node in stack is resource defined in template. First row of text specifies name of resource defined in template, the second one is type of resource and the last is id of deployed AWS entity.
By default diagram only shows resources were deployed, to show all resources Show Undeployed Resources checkbox can be used.
Links represent dependencies between resources (e.g. EC2 Instances refer Security Groups).
There also are separate blueprints for each CF Stack component.
Use the following steps to start monitoring EC2 using the Zenoss web interface.
Alternatively you can use zenbatchload to add accounts from the command line. To do this, you must create a file with contents similar to the following. Replace all values in angle brackets with your values minus the brackets. Multiple accounts can be added under the same /Device/AWS/EC2 section.
/Devices/AWS/EC2 loader='ec2account', loader_arg_keys=['accountid', 'devicename', 'accesskey', 'secretkey', 'devicePath', 'collector']
<devicename> accountid='accountid', devicename='devicename', accesskey='accesskey', secretkey='secretkey', devicePath='/Devices/AWS/EC2', collector='localhost'
You can then load the account(s) with the following command:
$ zenbatchload <filename>
Use zAWSRegionToModel property to narrow components modeled. By default it has empty value, so all EC2 regions and it’s child components will be discovered. Specify EC2 region name, or multiple names separated by comma in it. This will be used as a filter and may help with large AWS accounts.
Use the following steps to configure instance guest device discovery. Guest device discovery must be configured individually for each EC2 account.
If your instances are VPC instances, and are in a different VPC than the Zenoss server that’s monitoring the EC2 account, you must add a Collector tag to containing VPC with the value set to the name of the Zenoss collector to which discovered guest devices should be assigned.
You can optionally configure an alternate remote collector for the devices created from AWS Instances with the following configuration properties:
Guest devices should be discovered automatically during modeling. However, if an error occurs during modeling, or some other unexpected event, it is possible for guest devices to be skipped. If some guest devices appear to be missing, you can force the discovery process to be repeated.
In the Zenoss UI, navigate to your AWS EC2 Account device, and find the gear icon menu in the bottom left corner of the window. Under the this menu, click the option labeled “Find Missing Guest Devices.” This will schedule a job for immediate exection, which will clear the guest ID cache and run the discovery process for each instance. Existing guest devices will remain, but any devices previously missed will be detected. You can monitor the progress of this job in the Jobs section of the UI, under the Advanced Tab.
Several criteria must be met in order for a guest device to be discovered by the AWS ZenPack. Those requirements are as follows:
If all the criteria above are met by the EC2 Instance, and an existing device with and ID or title matching the EC2 Instance’s ID exists, or an existing device has a matching IP address, the EC2 Instance will be linked to that existing device.
If no existing device matches the EC2 Instance, but the criteria above are met, a new device will be created in the Linux or Windows device class configured for the account.
Note that guest device creation is triggered during modeling, but is queued as a job to be run later. Thus a guest device will not show up until after modeling has completed, and the corresponding scheduled job has completed.
If a device link appears to be missing, double check the criteria above, and run the Find Missing Guest Devices task described in the preceding section.
When creating guest devices a job should be scheduled for each guest device to be created. If a job was created for the guest device, but the guest device was not created, you can check the job output in the Jobs section of Zenoss.
If a job was not created, you can try running the modeler in debug mode to see why guest device creation was skipped.
You can optionally configure your monitored AWS account, so that the newly added or recently dropped instances are automatically reflected on Zenoss UI during monitoring:
If zAWSRemodelEnabled is false, only the instance state will be updated on existing instances. If set to true, then all instance properties will be updated on existing instances, and new instances will be added to the model.
You can disable auto change of the production state for EC2 Instances, for this purpose you have to:
By default, the production state is changed to ‘Production’ (1000) for running EC2 instances, and to ‘Decommissioned’ (-1) for stopped ones. These states may be customized by specifying the desired production state IDs (numbers) in zAWSAutoChangeProdStateRunning and zAWSAutoChangeProdStateStopped.
Use the following steps to specify the PEM file to region for use in auto-discovering instance guest operating systems:
In some cases, you may have a large quantity of AWS Snapshots in your environment, which can slow down performance of the modeler. If you do not need to model them, you can disable collection of snapshots by setting the zAWSEnableSnapshotCollection property to false. This will prevent the modeler from collecting and modeling snapshots in future. It will also cause current snapshot components to be removed from Zenoss the next time the model is updated.
If you have already modeled your AWS snapshots, and the count is high, removing them can cause the modeler to timeout. If this occurs, you can remove them manually by running the included dmd script delete_all_snapshot_components from the zope container.
Note: The delete_all_snapshot_component script will delete all AWS snapshot components from all AWS devices without prompting for confirmation. If you have multiple AWS devices and only want to delete snapshots from some devices, use zendmd.
If you use tag filters to organize your modeled AWS components, you may also want to enable monitoring charges per tag filter added to Zenoss. This will require configuration on both AWS and Zenoss sides.
To process Cost and Usage reports AWS Athena service is used, so please expect some extra costs for the service usage.
Configuration on AWS side (you may use a different account to collect billing data from the account being used for monitoring, by using zAWSBillingAccessKey and zAWSBillingSecretKey zProperties):
Note: It can take up to 24 hours for AWS to start delivering reports to your S3 bucket.
For configuration on Zenoss side set the next zProperties:
If Cost and Usage reports are stored on separate account, zAWSBillingAccessKey and zAWSBillingSecretKey zProperties should be set to access and secret keys of this account. If these properties are empty, access and secret key from device will be used.
If a tag is used for Tag Filter, but is missing in Cost and Usage reports, billing data will not be collected for such Tag Filter and corresponding Info event with list of missing tags will be generated.
If necessary, this zenpack can query AWS through an HTTP proxy. This is configured in the usual way, by setting the *_proxy environment variables. Because of this, the setting is global for a particular zenoss process. It is therefore important to be aware that, for instance, enabling proxying for zenpython may cause it to be used for other service monitoring beyond just AWS.
To configure these environment variables, edit the service definitions (via ‘serviced service edit’ or the Control Center UI) for the zenpython, zenmodeler, and zenjobs containers as follows:
"http_proxy=http://[proxy host]:[proxy port]",
"https_proxy=http://[proxy host]:[proxy port]",
Note that both http_proxy and https_proxy values must begin with http://. The no_proxy variable is required so that communication with other zenoss services is not impacted.
Note: Do not add this to the zope container.
Installing this ZenPack will add the following items to your Zenoss system.
The AWS Zenpack of versions 2.0.0 / 2.1.0 can be upgraded. To upgrade the ZenPack, install the latest version over the existing one. There is no action for the user to migrate the data. The performance data and events of old ZenPack are retained as per the retain policy settings.
During upgrade from version 2.x to 3.0.0 and above all performance data for S3 Buckets will be lost.
When upgrading from 3.x to 4.x, tags are structured differently. Devices must be remodeled to handle tags properly.
In the current version of Zenpack monitoring of large AWS account (e.g. >1000 EC2 instances and volumes) may cause performance issues:
It is possible to reduce number of datapoints collected by disabling monitoring templates you don’t need.
View the discussion thread.
This ZenPack is developed and supported by Zenoss Inc. Commercial ZenPacks are available to Zenoss commercial customers only. Contact Zenoss to request more information regarding this or any other ZenPacks. Click here to view all available Zenoss Commercial ZenPacks.