-
Notifications
You must be signed in to change notification settings - Fork 10
/
cloudwatch-agent.ts
73 lines (65 loc) · 2.22 KB
/
cloudwatch-agent.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
import * as ecs from 'aws-cdk-lib/aws-ecs';
import * as iam from 'aws-cdk-lib/aws-iam';
import { Construct } from 'constructs';
import { Service } from '../service';
import { ServiceExtension } from './extension-interfaces';
const CLOUDWATCH_AGENT_IMAGE = 'amazon/cloudwatch-agent:latest';
/**
* This extension adds a CloudWatch agent to the task definition and
* configures the task to be able to publish metrics to CloudWatch.
*/
export class CloudwatchAgentExtension extends ServiceExtension {
private CW_CONFIG_CONTENT = {
logs: {
metrics_collected: {
emf: {},
},
},
metrics: {
metrics_collected: {
statsd: {},
},
},
};
constructor() {
super('cloudwatchAgent');
}
public prehook(service: Service, scope: Construct) {
this.parentService = service;
this.scope = scope;
}
public useTaskDefinition(taskDefinition: ecs.TaskDefinition) {
// Add the CloudWatch Agent to this task
this.container = taskDefinition.addContainer('cloudwatch-agent', {
image: ecs.ContainerImage.fromRegistry(CLOUDWATCH_AGENT_IMAGE),
environment: {
CW_CONFIG_CONTENT: JSON.stringify(this.CW_CONFIG_CONTENT),
},
logging: new ecs.AwsLogDriver({ streamPrefix: 'cloudwatch-agent' }),
user: '0:1338', // Ensure that CloudWatch agent outbound traffic doesn't go through proxy
memoryReservationMiB: 50,
});
// Add permissions that allow the cloudwatch agent to publish metrics
new iam.Policy(this.scope, `${this.parentService.id}-publish-metrics`, {
roles: [taskDefinition.taskRole],
statements: [
new iam.PolicyStatement({
resources: ['*'],
actions: ['cloudwatch:PutMetricData'],
}),
],
});
}
public resolveContainerDependencies() {
if (!this.container) {
throw new Error('The container dependency hook was called before the container was created');
}
const appmeshextension = this.parentService.serviceDescription.get('appmesh');
if (appmeshextension && appmeshextension.container) {
this.container.addContainerDependencies({
container: appmeshextension.container,
condition: ecs.ContainerDependencyCondition.HEALTHY,
});
}
}
}