Delivering metrics from hosts outside Yandex Cloud

To deliver metrics to Yandex Monitoring from hosts located outside Yandex Cloud, use service account authorized keys. You can also use this method to send metrics from Yandex Cloud VMs without a linked service account.

Delivering metrics using an authorized key

To configure Yandex Unified Agent to deliver metrics using an authorized key, follow these steps:

1. Set up a service account from which metrics will be written to Yandex Monitoring and create an authorized key.

   1. Create a service account in the folder you want to write metrics to and assign it the monitoring.editor role.

   2. Create an authorized key for your new service account using YC CLI:

      yc iam key create --service-account-id <SA_ID> --output jwt_params.json
      

      Where <SA_ID> is the service account ID.

      You can find more ways to create authorized keys in Creating authorized keys.

   3. Deliver the jwt_params.json file with the parameters of the authorized key to the host where Unified Agent is installed.

      Sample jwt_params.json file:

      {
          "id": "ajt...",
          "service_account_id": "aje...",
          "created_at": "2021-01-14T13:18:51.070026Z",
          "key_algorithm": "RSA_2048",
          "public_key": "-----BEGIN PUBLIC KEY-----\nMD...",
          "private_key": "-----BEGIN PRIVATE KEY-----\nMI..."
      }
      

2. Install and configure Yandex Unified Agent.

   1. Create a file named config.yml in your home folder.

      config.yml:

       status:
         port: "16241"
      
       storages:
         - name: main
           plugin: fs
           config:
             directory: /var/lib/yandex/unified_agent/main
             max_partition_size: 100mb
             max_segment_size: 10mb
      
       channels:
         - name: cloud_monitoring
           channel:
             pipe:
               - storage_ref:
                   name: main
             output:
               plugin: yc_metrics
               config:
                 folder_id: "$FOLDER_ID"
                 iam:
                   jwt:
                     file: "jwt_params.json"
      
       routes:
         - input:
             plugin: linux_metrics
             config:
               namespace: sys
           channel:
             channel_ref:
               name: cloud_monitoring
      
         - input:
             plugin: agent_metrics
             config:
               namespace: ua
           channel:
             pipe:
               - filter:
                   plugin: filter_metrics
                   config:
                     match: "{scope=health}"
             channel_ref:
               name: cloud_monitoring
      
       import:
         - /etc/yandex/unified_agent/conf.d/*.yml
      

      Where:

      • $FOLDER_ID: ID of the folder you want to write metrics.
      • iam.jwt.file: File name with the JWT parameters.

   2. Install Unified Agent on your VM by running the following command in the home folder:

      docker run \
      -p 16241:16241 -it --detach --uts=host \
      --name=ua \
      -v /proc:/ua_proc \
      -v `pwd`/config.yml:/etc/yandex/unified_agent/config.yml \
      -e PROC_DIRECTORY=/ua_proc \
      -e FOLDER_ID=a1bs... \
      cr.yandex/yc/unified-agent
      

      You can find more ways to install the agent in Installing and running Yandex Unified Agent.

3. Make sure the metrics are delivered to Yandex Monitoring.

   1. On the home page Yandex Monitoring, go to Metric Explorer.

   2. In the query block, select:

   • The folder where metrics are collected.
   • The label value service=custom.
   • The metric name starting with the sys prefix.

What's next

• Review Unified Agent concepts
• Learn more about configuring Unified Agent
• Read the Unified Agent operating instructions