EventBridge 및 Lambda를 사용한 자동 문제 해결 및 ITSM 시스템
- 王林원래의
- 2024-08-23 06:00:32494검색
소개 :
여러분, IT 운영에서 CPU/메모리, 디스크 또는 파일 시스템의 활용도와 같은 서버 지표를 모니터링하는 것은 매우 일반적인 작업이지만, 지표 중 하나라도 중요하게 트리거되는 경우 전담 담당자가 몇 가지 기본 작업을 수행해야 합니다. 서버에 로그인하여 문제를 해결하고 지루함을 유발하고 전혀 생산적이지 않은 동일한 경고를 여러 번 받은 경우 어떤 사람이 여러 번 수행해야 하는 사용의 초기 원인을 알아냅니다. 따라서 해결 방법으로 알람이 트리거되면 반응하고 몇 가지 기본 문제 해결 명령을 실행하여 해당 인스턴스에 조치를 취하는 시스템을 개발할 수 있습니다. 문제제기서와 기대사항을 간단히 요약하자면 -
문제 설명:
기대 이하를 충족할 수 있는 시스템 개발 -
- 각 EC2 인스턴스는 CloudWatch로 모니터링해야 합니다.
- 경보가 트리거되면 영향을 받은 EC2 인스턴스에 로그인하고 몇 가지 기본적인 문제 해결 명령을 수행할 무언가가 있어야 합니다.
- 그런 다음 JIRA 이슈를 생성하여 해당 사건을 문서화하고 댓글 섹션에 명령 출력을 추가합니다.
- 그런 다음 모든 알람 세부정보와 JIRA 문제 세부정보가 포함된 자동 이메일을 보내세요.
아키텍처 다이어그램:
전제 조건:
- EC2 인스턴스
- CloudWatch 경보
- EventBridge 규칙
- 람다 함수
- JIRA 계정
- 간편 알림 서비스
구현 단계:
아. CloudWatch 에이전트 설치 및 구성 설정 :
Systems Manager 콘솔을 열고 "문서"를 클릭하세요
"AWS-ConfigureAWSPackage" 문서를 검색하고 필요한 세부정보를 입력하여 실행합니다.
패키지 이름 = AmazonCloudwatchAgent
설치 후 CloudWatch 에이전트는 구성 파일에 따라 구성되어야 합니다. 이를 위해 AmazonCloudWatch-ManageAgent 문서를 실행합니다. 또한 JSON CloudWatch 구성 파일이 SSM 매개변수에 저장되어 있는지 확인하세요.
지표가 CloudWatch 콘솔에 보고되는 것을 확인한 후 CPU 및 메모리 사용률 등에 대한 경보를 생성하세요.B. EventBridge 규칙 설정 :
경보 상태 변경을 추적하기 위해 여기에서는 경보 상태 변경을 OK에서 ALARM으로만 추적하는 것이지 역방향으로 추적하지 않도록 패턴을 약간 사용자 정의했습니다. 그런 다음 이 규칙을 람다 함수에 트리거로 추가하세요.
{
"source": ["aws.cloudwatch"],
"detail-type": ["CloudWatch Alarm State Change"],
"detail": {
"state": {
"value": ["ALARM"]
},
"previousState": {
"value": ["OK"]
}
}
}
- ㄷ. JIRA에서 이메일을 보내고 사건을 기록하기 위한 Lambda 함수 생성 : 이 람다 함수는 EventBridge 규칙에 의해 트리거되는 여러 활동에 대해 생성되며 AWS SDK(Boto3)를 사용하여 대상 SNS 주제로 추가됩니다. EventBridge 규칙이 트리거되면 함수가 여러 세부 정보를 캡처하여 다양한 방식으로 처리하는 JSON 이벤트 콘텐츠를 람다로 보냅니다. 여기서는 현재 두 가지 유형의 알람에 대해 작업했습니다. CPU 활용도 및 ii. 메모리 활용. 이 두 경보 중 하나가 트리거되고 경보 상태가 OK에서 ALARM으로 변경되면 EventBridge가 트리거되고 양식 코드에 언급된 작업을 수행하기 위해 Lambda 함수도 트리거됩니다.
Lambda 전제조건 :
코드가 작동하려면 아래 모듈을 가져와야 합니다.
- >> os
- >> 시스템
- >> JSON
- >> 보토3
- >> 시간
- >> 요청
참고: 위 모듈에서 '요청' 모듈 나머지를 제외하고 모두 기본적으로 람다 기반 인프라 내에 다운로드됩니다. '요청' 모듈을 직접 가져오는 것은 Lambda에서 지원되지 않습니다. 따라서 먼저 아래 명령을 실행하여 로컬 컴퓨터(노트북)의 폴더에 요청 모듈을 설치합니다.
pip3 install requests -t <directory path> --no-user
_이후 위 명령을 실행하는 폴더나 모듈 소스 코드를 저장하려는 폴더에 다운로드됩니다. 여기에서 로컬 컴퓨터에 람다 코드가 준비되기를 바랍니다. 그렇다면 모듈을 사용하여 전체 람다 소스 코드의 zip 파일을 만듭니다. 그 후 zip 파일을 람다 함수에 업로드하세요.
그래서 여기서는 아래 두 가지 시나리오를 수행합니다.
1. CPU 사용률 - CPU 사용률 경보가 트리거되면 람다 함수는 인스턴스를 가져와 해당 인스턴스에 로그인하고 소비량이 높은 상위 5개 프로세스를 수행해야 합니다. 그런 다음 JIRA 문제를 생성하고 설명 섹션에 프로세스 세부 정보를 추가합니다. 동시에 프로세스 출력과 함께 알람 세부정보 및 Jira 문제 세부정보가 포함된 이메일이 전송됩니다.
2. 메모리 활용 - 위와 동일한 접근 방식
Now, let me reframe the task details which lambda is supposed to perform -
- Login to Instance
- Perform Basic Troubleshooting Steps.
- Create a JIRA Issue
- Send Email to Recipient with all Details
Scenario 1: When alarm state has been changed from OK to ALARM
First Set (Define the cpu and memory function) :
################# Importing Required Modules ################
############################################################
import json
import boto3
import time
import os
import sys
sys.path.append('./python') ## This will add requests module along with all dependencies into this script
import requests
from requests.auth import HTTPBasicAuth
################## Calling AWS Services ###################
###########################################################
ssm = boto3.client('ssm')
sns_client = boto3.client('sns')
ec2 = boto3.client('ec2')
################## Defining Blank Variable ################
###########################################################
cpu_process_op = ''
mem_process_op = ''
issueid = ''
issuekey = ''
issuelink = ''
################# Function for CPU Utilization ################
###############################################################
def cpu_utilization(instanceid, metric_name, previous_state, current_state):
global cpu_process_op
if previous_state == 'OK' and current_state == 'ALARM':
command = 'ps -eo user,pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -5'
print(f'Impacted Instance ID is : {instanceid}, Metric Name: {metric_name}')
# Start a session
print(f'Starting session to {instanceid}')
response = ssm.send_command(InstanceIds = [instanceid], DocumentName="AWS-RunShellScript", Parameters={'commands': [command]})
command_id = response['Command']['CommandId']
print(f'Command ID: {command_id}')
# Retrieve the command output
time.sleep(4)
output = ssm.get_command_invocation(CommandId=command_id, InstanceId=instanceid)
print('Please find below output -\n', output['StandardOutputContent'])
cpu_process_op = output['StandardOutputContent']
else:
print('None')
################# Function for Memory Utilization ################
###############################################################
def mem_utilization(instanceid, metric_name, previous_state, current_state):
global mem_process_op
if previous_state == 'OK' and current_state == 'ALARM':
command = 'ps -eo user,pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -5'
print(f'Impacted Instance ID is : {instanceid}, Metric Name: {metric_name}')
# Start a session
print(f'Starting session to {instanceid}')
response = ssm.send_command(InstanceIds = [instanceid], DocumentName="AWS-RunShellScript", Parameters={'commands': [command]})
command_id = response['Command']['CommandId']
print(f'Command ID: {command_id}')
# Retrieve the command output
time.sleep(4)
output = ssm.get_command_invocation(CommandId=command_id, InstanceId=instanceid)
print('Please find below output -\n', output['StandardOutputContent'])
mem_process_op = output['StandardOutputContent']
else:
print('None')
Second Set (Create JIRA Issue) :
################## Create JIRA Issue ################
#####################################################
def create_issues(instanceid, metric_name, account, timestamp, region, current_state, previous_state, cpu_process_op, mem_process_op, metric_val):
## Create Issue ##
url ='https://<your-user-name>.atlassian.net//rest/api/2/issue'
username = os.environ['username']
api_token = os.environ['token']
project = 'AnirbanSpace'
issue_type = 'Incident'
assignee = os.environ['username']
summ_metric = '%CPU Utilization' if 'CPU' in metric_name else '%Memory Utilization' if 'mem' in metric_name else '%Filesystem Utilization' if metric_name == 'disk_used_percent' else None
metric_val = metric_val
summary = f'Client | {account} | {instanceid} | {summ_metric} | Metric Value: {metric_val}'
description = f'Client: Company\nAccount: {account}\nRegion: {region}\nInstanceID = {instanceid}\nTimestamp = {timestamp}\nCurrent State: {current_state}\nPrevious State = {previous_state}\nMetric Value = {metric_val}'
issue_data = {
"fields": {
"project": {
"key": "SCRUM"
},
"summary": summary,
"description": description,
"issuetype": {
"name": issue_type
},
"assignee": {
"name": assignee
}
}
}
data = json.dumps(issue_data)
headers = {
"Accept": "application/json",
"Content-Type": "application/json"
}
auth = HTTPBasicAuth(username, api_token)
response = requests.post(url, headers=headers, auth=auth, data=data)
global issueid
global issuekey
global issuelink
issueid = response.json().get('id')
issuekey = response.json().get('key')
issuelink = response.json().get('self')
################ Add Comment To Above Created JIRA Issue ###################
output = cpu_process_op if metric_name == 'CPUUtilization' else mem_process_op if metric_name == 'mem_used_percent' else None
comment_api_url = f"{url}/{issuekey}/comment"
add_comment = requests.post(comment_api_url, headers=headers, auth=auth, data=json.dumps({"body": output}))
## Check the response
if response.status_code == 201:
print("Issue created successfully. Issue key:", response.json().get('key'))
else:
print(f"Failed to create issue. Status code: {response.status_code}, Response: {response.text}")
Third Set (Send an Email) :
################## Send An Email ################
#################################################
def send_email(instanceid, metric_name, account, region, timestamp, current_state, current_reason, previous_state, previous_reason, cpu_process_op, mem_process_op, metric_val, issueid, issuekey, issuelink):
### Define a dictionary of custom input ###
metric_list = {'mem_used_percent': 'Memory', 'disk_used_percent': 'Disk', 'CPUUtilization': 'CPU'}
### Conditions ###
if previous_state == 'OK' and current_state == 'ALARM' and metric_name in list(metric_list.keys()):
metric_msg = metric_list[metric_name]
output = cpu_process_op if metric_name == 'CPUUtilization' else mem_process_op if metric_name == 'mem_used_percent' else None
print('This is output', output)
email_body = f"Hi Team, \n\nPlease be informed that {metric_msg} utilization is high for the instanceid {instanceid}. Please find below more information \n\nAlarm Details:\nMetricName = {metric_name}, \nAccount = {account}, \nTimestamp = {timestamp}, \nRegion = {region}, \nInstanceID = {instanceid}, \nCurrentState = {current_state}, \nReason = {current_reason}, \nMetricValue = {metric_val}, \nThreshold = 80.00 \n\nProcessOutput: \n{output}\nIncident Deatils:\nIssueID = {issueid}, \nIssueKey = {issuekey}, \nLink = {issuelink}\n\nRegards,\nAnirban Das,\nGlobal Cloud Operations Team"
res = sns_client.publish(
TopicArn = os.environ['snsarn'],
Subject = f'High {metric_msg} Utilization Alert : {instanceid}',
Message = str(email_body)
)
print('Mail has been sent') if res else print('Email not sent')
else:
email_body = str(0)
Fourth Set (Calling Lambda Handler Function) :
################## Lambda Handler Function ################
###########################################################
def lambda_handler(event, context):
instanceid = event['detail']['configuration']['metrics'][0]['metricStat']['metric']['dimensions']['InstanceId']
metric_name = event['detail']['configuration']['metrics'][0]['metricStat']['metric']['name']
account = event['account']
timestamp = event['time']
region = event['region']
current_state = event['detail']['state']['value']
current_reason = event['detail']['state']['reason']
previous_state = event['detail']['previousState']['value']
previous_reason = event['detail']['previousState']['reason']
metric_val = json.loads(event['detail']['state']['reasonData'])['evaluatedDatapoints'][0]['value']
##### function calling #####
if metric_name == 'CPUUtilization':
cpu_utilization(instanceid, metric_name, previous_state, current_state)
create_issues(instanceid, metric_name, account, timestamp, region, current_state, previous_state, cpu_process_op, mem_process_op, metric_val)
send_email(instanceid, metric_name, account, region, timestamp, current_state, current_reason, previous_state, previous_reason, cpu_process_op, mem_process_op, metric_val, issueid, issuekey, issuelink)
elif metric_name == 'mem_used_percent':
mem_utilization(instanceid, metric_name, previous_state, current_state)
create_issues(instanceid, metric_name, account, timestamp, region, current_state, previous_state, cpu_process_op, mem_process_op, metric_val)
send_email(instanceid, metric_name, account, region, timestamp, current_state, current_reason, previous_state, previous_reason, cpu_process_op, mem_process_op, metric_val, issueid, issuekey, issuelink)
else:
None
Alarm Email Screenshot :
Note: In ideal scenario, threshold is 80%, but for testing I changed it to 10%. Please see the Reason.
Alarm JIRA Issue :
Scenario 2: When alarm state has been changed from OK to Insufficient data
In this scenario, if any server cpu or memory utilization metrics data are not captured, then alarm state gets changed from OK to INSUFFICIENT_DATA. This state can be achieved in two ways - a.) If server is in stopped state b.) If CloudWatch agent is not running or went in dead state.
So, as per below script, you'll be able to see that when cpu or memory utilization alarm status gets insufficient data, then lambda will first check if instance is in running status or not. If instance is in running state, then it will login and check CloudWatch agent status. Post that, it will create a JIRA issue and post the agent status in comment section of JIRA issue. After that, it will send an email with alarm details and agent status.
Full Code :
################# Importing Required Modules ################
############################################################
import json
import boto3
import time
import os
import sys
sys.path.append('./python') ## This will add requests module along with all dependencies into this script
import requests
from requests.auth import HTTPBasicAuth
################## Calling AWS Services ###################
###########################################################
ssm = boto3.client('ssm')
sns_client = boto3.client('sns')
ec2 = boto3.client('ec2')
################## Defining Blank Variable ################
###########################################################
cpu_process_op = ''
mem_process_op = ''
issueid = ''
issuekey = ''
issuelink = ''
################# Function for CPU Utilization ################
###############################################################
def cpu_utilization(instanceid, metric_name, previous_state, current_state):
global cpu_process_op
if previous_state == 'OK' and current_state == 'INSUFFICIENT_DATA':
ec2_status = ec2.describe_instance_status(InstanceIds=[instanceid,])['InstanceStatuses'][0]['InstanceState']['Name']
if ec2_status == 'running':
command = 'systemctl status amazon-cloudwatch-agent;sleep 3;systemctl restart amazon-cloudwatch-agent'
print(f'Impacted Instance ID is : {instanceid}, Metric Name: {metric_name}')
# Start a session
print(f'Starting session to {instanceid}')
response = ssm.send_command(InstanceIds = [instanceid], DocumentName="AWS-RunShellScript", Parameters={'commands': [command]})
command_id = response['Command']['CommandId']
print(f'Command ID: {command_id}')
# Retrieve the command output
time.sleep(4)
output = ssm.get_command_invocation(CommandId=command_id, InstanceId=instanceid)
print('Please find below output -\n', output['StandardOutputContent'])
cpu_process_op = output['StandardOutputContent']
else:
cpu_process_op = f'Instance current status is {ec2_status}. Not able to reach out!!'
print(f'Instance current status is {ec2_status}. Not able to reach out!!')
else:
print('None')
################# Function for Memory Utilization ################
###############################################################
def mem_utilization(instanceid, metric_name, previous_state, current_state):
global mem_process_op
if previous_state == 'OK' and current_state == 'INSUFFICIENT_DATA':
ec2_status = ec2.describe_instance_status(InstanceIds=[instanceid,])['InstanceStatuses'][0]['InstanceState']['Name']
if ec2_status == 'running':
command = 'systemctl status amazon-cloudwatch-agent'
print(f'Impacted Instance ID is : {instanceid}, Metric Name: {metric_name}')
# Start a session
print(f'Starting session to {instanceid}')
response = ssm.send_command(InstanceIds = [instanceid], DocumentName="AWS-RunShellScript", Parameters={'commands': [command]})
command_id = response['Command']['CommandId']
print(f'Command ID: {command_id}')
# Retrieve the command output
time.sleep(4)
output = ssm.get_command_invocation(CommandId=command_id, InstanceId=instanceid)
print('Please find below output -\n', output['StandardOutputContent'])
mem_process_op = output['StandardOutputContent']
print(mem_process_op)
else:
mem_process_op = f'Instance current status is {ec2_status}. Not able to reach out!!'
print(f'Instance current status is {ec2_status}. Not able to reach out!!')
else:
print('None')
################## Create JIRA Issue ################
#####################################################
def create_issues(instanceid, metric_name, account, timestamp, region, current_state, previous_state, cpu_process_op, mem_process_op, metric_val):
## Create Issue ##
url ='https://<your-user-name>.atlassian.net//rest/api/2/issue'
username = os.environ['username']
api_token = os.environ['token']
project = 'AnirbanSpace'
issue_type = 'Incident'
assignee = os.environ['username']
summ_metric = '%CPU Utilization' if 'CPU' in metric_name else '%Memory Utilization' if 'mem' in metric_name else '%Filesystem Utilization' if metric_name == 'disk_used_percent' else None
metric_val = metric_val
summary = f'Client | {account} | {instanceid} | {summ_metric} | Metric Value: {metric_val}'
description = f'Client: Company\nAccount: {account}\nRegion: {region}\nInstanceID = {instanceid}\nTimestamp = {timestamp}\nCurrent State: {current_state}\nPrevious State = {previous_state}\nMetric Value = {metric_val}'
issue_data = {
"fields": {
"project": {
"key": "SCRUM"
},
"summary": summary,
"description": description,
"issuetype": {
"name": issue_type
},
"assignee": {
"name": assignee
}
}
}
data = json.dumps(issue_data)
headers = {
"Accept": "application/json",
"Content-Type": "application/json"
}
auth = HTTPBasicAuth(username, api_token)
response = requests.post(url, headers=headers, auth=auth, data=data)
global issueid
global issuekey
global issuelink
issueid = response.json().get('id')
issuekey = response.json().get('key')
issuelink = response.json().get('self')
################ Add Comment To Above Created JIRA Issue ###################
output = cpu_process_op if metric_name == 'CPUUtilization' else mem_process_op if metric_name == 'mem_used_percent' else None
comment_api_url = f"{url}/{issuekey}/comment"
add_comment = requests.post(comment_api_url, headers=headers, auth=auth, data=json.dumps({"body": output}))
## Check the response
if response.status_code == 201:
print("Issue created successfully. Issue key:", response.json().get('key'))
else:
print(f"Failed to create issue. Status code: {response.status_code}, Response: {response.text}")
################## Send An Email ################
#################################################
def send_email(instanceid, metric_name, account, region, timestamp, current_state, current_reason, previous_state, previous_reason, cpu_process_op, mem_process_op, metric_val, issueid, issuekey, issuelink):
### Define a dictionary of custom input ###
metric_list = {'mem_used_percent': 'Memory', 'disk_used_percent': 'Disk', 'CPUUtilization': 'CPU'}
### Conditions ###
if previous_state == 'OK' and current_state == 'INSUFFICIENT_DATA' and metric_name in list(metric_list.keys()):
metric_msg = metric_list[metric_name]
output = cpu_process_op if metric_name == 'CPUUtilization' else mem_process_op if metric_name == 'mem_used_percent' else None
email_body = f"Hi Team, \n\nPlease be informed that {metric_msg} utilization alarm state has been changed to {current_state} for the instanceid {instanceid}. Please find below more information \n\nAlarm Details:\nMetricName = {metric_name}, \n Account = {account}, \nTimestamp = {timestamp}, \nRegion = {region}, \nInstanceID = {instanceid}, \nCurrentState = {current_state}, \nReason = {current_reason}, \nMetricValue = {metric_val}, \nThreshold = 80.00 \n\nProcessOutput = \n{output}\nIncident Deatils:\nIssueID = {issueid}, \nIssueKey = {issuekey}, \nLink = {issuelink}\n\nRegards,\nAnirban Das,\nGlobal Cloud Operations Team"
res = sns_client.publish(
TopicArn = os.environ['snsarn'],
Subject = f'Insufficient {metric_msg} Utilization Alarm : {instanceid}',
Message = str(email_body)
)
print('Mail has been sent') if res else print('Email not sent')
else:
email_body = str(0)
################## Lambda Handler Function ################
###########################################################
def lambda_handler(event, context):
instanceid = event['detail']['configuration']['metrics'][0]['metricStat']['metric']['dimensions']['InstanceId']
metric_name = event['detail']['configuration']['metrics'][0]['metricStat']['metric']['name']
account = event['account']
timestamp = event['time']
region = event['region']
current_state = event['detail']['state']['value']
current_reason = event['detail']['state']['reason']
previous_state = event['detail']['previousState']['value']
previous_reason = event['detail']['previousState']['reason']
metric_val = 'NA'
##### function calling #####
if metric_name == 'CPUUtilization':
cpu_utilization(instanceid, metric_name, previous_state, current_state)
create_issues(instanceid, metric_name, account, timestamp, region, current_state, previous_state, cpu_process_op, mem_process_op, metric_val)
send_email(instanceid, metric_name, account, region, timestamp, current_state, current_reason, previous_state, previous_reason, cpu_process_op, mem_process_op, metric_val, issueid, issuekey, issuelink)
elif metric_name == 'mem_used_percent':
mem_utilization(instanceid, metric_name, previous_state, current_state)
create_issues(instanceid, metric_name, account, timestamp, region, current_state, previous_state, cpu_process_op, mem_process_op, metric_val)
send_email(instanceid, metric_name, account, region, timestamp, current_state, current_reason, previous_state, previous_reason, cpu_process_op, mem_process_op, metric_val, issueid, issuekey, issuelink)
else:
None
Insufficient Data Email Screenshot :
Insufficient data JIRA Issue :
Conclusion :
In this article, we have tested scenarios on both cpu and memory utilization, but there can be lots of metrics on which we can configure auto-incident and auto-email functionality which will reduce significant efforts in terms of monitoring and creating incidents and all. This solution has given a initial approach how we can proceed further, but for sure there can be other possibilities to achieve this goal. I believe you all will understand the way we tried to make this relatable. Please like and comment if you love this article or have any other suggestions, so that we can populate in coming articles. ??
Thanks!!
Anirban Das
위 내용은 EventBridge 및 Lambda를 사용한 자동 문제 해결 및 ITSM 시스템의 상세 내용입니다. 자세한 내용은 PHP 중국어 웹사이트의 기타 관련 기사를 참조하세요!
json define if for Logging auto Lambda using Event Generic console function default this alert jira issue
성명:
본 글의 내용은 네티즌들의 자발적인 기여로 작성되었으며, 저작권은 원저작자에게 있습니다. 본 사이트는 이에 상응하는 법적 책임을 지지 않습니다. 표절이나 침해가 의심되는 콘텐츠를 발견한 경우 admin@php.cn으로 문의하세요.