Delivering metrics from hosts outside Yandex Cloud
To deliver metrics to Yandex Monitoring from hosts located outside Yandex Cloud, use service account authorized keys. You can also use this method to send metrics from Yandex Cloud VMs without a linked service account.
Delivering metrics using an authorized key
To configure Yandex Unified Agent to deliver metrics using an authorized key, follow these steps:
-
Set up a service account under which metrics will be written to Yandex Monitoring and create an authorized key.
-
Create a service account in the folder you want to write metrics to and assign it the
monitoring.editor
role. -
Create an authorized key for your new service account using YC CLI:
yc iam key create --service-account-id <service_account_ID> --output jwt_params.json
Where
--service-account-id
is the service account ID.You can find more ways to create authorized keys in Creating authorized keys.
-
Deliver the jwt_params.json file with the parameters of the authorized key to the host where Unified Agent is installed.
Sample jwt_params.json file:
{ "id": "ajt4yut8vb12********", "service_account_id": "ajeo5pert10z********", "created_at": "2021-01-14T13:18:51.070026Z", "key_algorithm": "RSA_2048", "public_key": "-----BEGIN PUBLIC KEY-----\nMD...", "private_key": "-----BEGIN PRIVATE KEY-----\nMI..." }
-
-
Install and configure Yandex Unified Agent:
-
Create a file named config.yml in your home folder.
config.yml:
status: port: "16241" storages: - name: main plugin: fs config: directory: /var/lib/yandex/unified_agent/main max_partition_size: 100mb max_segment_size: 10mb channels: - name: cloud_monitoring channel: pipe: - storage_ref: name: main output: plugin: yc_metrics config: folder_id: "$FOLDER_ID" iam: jwt: file: "jwt_params.json" routes: - input: plugin: linux_metrics config: namespace: sys channel: channel_ref: name: cloud_monitoring - input: plugin: agent_metrics config: namespace: ua channel: pipe: - filter: plugin: filter_metrics config: match: "{scope=health}" channel_ref: name: cloud_monitoring import: - /etc/yandex/unified_agent/conf.d/*.yml
Where:
$FOLDER_ID
: ID of the folder you want to write metrics to.iam.jwt.file
: Name of the file with JWT parameters.
-
Install Unified Agent on your VM by running the following command in the home folder:
docker run \ -p 16241:16241 -it --detach --uts=host \ --name=ua \ -v /proc:/ua_proc \ -v `pwd`/config.yml:/etc/yandex/unified_agent/config.yml \ -e PROC_DIRECTORY=/ua_proc \ -e FOLDER_ID=a1bs81qpemb4******** \ cr.yandex/yc/unified-agent
You can find more ways to install the agent in Yandex Unified Agent installation and startup.
-
-
Make sure the metrics are delivered to Yandex Monitoring:
-
On the Yandex Monitoring home page
, go to Metric Explorer. -
In the query block, select:
- Folder where metrics are collected.
service=custom
label value.- Metric name starting with the
sys
prefix.
-