Get started
Yandex Monitoring

Delivering metrics from hosts outside Yandex.Cloud

Written by

To deliver metrics to Yandex Monitoring from hosts located outside Yandex.Cloud, use authorized keys of service accounts. You can also use this method to send metrics from Yandex.Cloud VMs without a linked service account.

Delivering metrics using an authorized key

To configure Yandex Unified Agent to deliver metrics using an authorized key, follow these steps:

  1. Set up a service account from which metrics will be written to Yandex Monitoring and create an authorized key.

    1. Create a service account in the folder you want to write metrics to and assign it the monitoring.editor role.

    2. Create an authorized key for your new service account using YC CLI, replacing <SA_ID> with your service account ID:

      yc iam key create --service-account-id <SA_ID> --output jwt_params.json

      You can find more ways to create authorized keys in Creating authorized keys.

    3. Deliver the jwt_params.json file with the parameters of the authorized key to the host where Unified Agent is installed.

      Sample jwt_params.json file:

      {
    "id": "ajt...",
    "service_account_id": "aje...",
    "created_at": "2021-01-14T13:18:51.070026Z",
    "key_algorithm": "RSA_2048",
    "public_key": "-----BEGIN PUBLIC KEY-----\nMD...",
    "private_key": "-----BEGIN PRIVATE KEY-----\nMI..."
}

  2. Install and configure Yandex Unified Agent.

    1. Install Unified Agent on your VM by running the following command in the home folder:

      docker run \
-p 16241:16241 -it --detach --uts=host \
--name=ua \
-v /proc:/ua_proc \
-v config.yml:/etc/yandex/unified_agent/conf.d/config.yml \
-e PROC_DIRECTORY=/ua_proc \
-e FOLDER_ID=a1bs... \
cr.yandex/yc/unified-agent

      You can find more ways to install the agent in Installing and running Yandex Unified Agent.

    2. Create a file named config.yml in your home folder. Replace $FOLDER_ID in the file with the ID of the folder you want to write metrics to. Enter the file name with the JWT parameters in the iam.jwt.file section.

      config.yml:

       status:
   port: "16241"

 storages:
   - name: main
     plugin: fs
     config:
       directory: /var/lib/yandex/unified_agent/main
       max_partition_size: 100mb
       max_segment_size: 10mb

 channels:
   - name: cloud_monitoring
     channel:
       pipe:
         - storage_ref:
             name: main
       output:
         plugin: yc_metrics
         config:
           folder_id: "$FOLDER_ID"
           iam:
             jwt:
               file: "jwt_params.json"

 routes:
   - input:
       plugin: linux_metrics
       config:
         namespace: sys
     channel:
       channel_ref:
         name: cloud_monitoring

   - input:
       plugin: agent_metrics
       config:
         namespace: ua
     channel:
       pipe:
         - filter:
             plugin: filter_metrics
             config:
               match: "{scope=health}"
       channel_ref:
         name: cloud_monitoring

 import:
   - /etc/yandex/unified_agent/conf.d/*.yml

  3. Make sure the metrics are delivered to Yandex Monitoring.

    1. On the Yandex Monitoring home page, go to Metric Explorer.

    2. In the query block, select:

    • The folder where metrics are collected.
    • The label value service=custom.
    • The metric name starting with the sys prefix.

What's next