Amazon web services &引用;“无法确定aws地区”;在本地运行Cloudwatch代理时
我正在尝试将AWS Cloudwatch代理配置为在AWS之外的香草Ubuntu 18.04上运行。每次运行时,都会出现以下错误:Amazon web services &引用;“无法确定aws地区”;在本地运行Cloudwatch代理时,amazon-web-services,amazon-cloudwatch,amazon-cloudwatchlogs,Amazon Web Services,Amazon Cloudwatch,Amazon Cloudwatchlogs,我正在尝试将AWS Cloudwatch代理配置为在AWS之外的香草Ubuntu 18.04上运行。每次运行时,都会出现以下错误: # /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c "file:/path/to/cloudwatch/cloudwatch.json" -s /opt/aws/amazon-cloudwatch-agent/bin/co
# /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -c "file:/path/to/cloudwatch/cloudwatch.json" -s
/opt/aws/amazon-cloudwatch-agent/bin/config-downloader --output-dir /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.d --download-source file:/path/to/cloudwatch/cloudwatch.json --mode onPrem --config /opt/aws/amazon-cloudwatch-agent/etc/common-config.toml --multi-config default
Got Home directory: /root
I! Set home dir Linux: /root
Unable to determine aws-region.
Please make sure the credentials and region set correctly on your hosts.
Refer to http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
Fail to fetch the config!
在strace-f
下运行程序会显示它正在尝试读取/root/.aws/credentials
,然后退出。根据指南,以下是/root/.aws/credentials
的内容:
[AmazonCloudWatchAgent]
aws_access_key_id = key
aws_secret_access_key = secret
region = us-west-2
如果我运行aws configure get region,它就能够正确地检索区域。但是,Cloudwatch代理无法读取它。下面是common config.toml
的内容(每个策略也可以读取)
以下是我尝试过的其他事情:
- 将配置中的
(和所有值)括在双引号中,根据。这没有什么区别区域
- 添加/home/myuser/.aws/config、/home/myuser/.aws/credentials和/root/.aws/config并用适当的值填充它们。根据策略,这些文件未被读取
- 正在搜索CloudWatch代理的源代码(它不是开源的)
- 在程序环境中显式设置AWS_REGION=us-west-2(相同错误)
- 将
更改为[AmazonCloudWatchAgent]
以上的所有位置和排列(无差异)[profile AmazonCloudWatchAgent]
- 在所有配置文件中添加一个
节(没有区别)[default]
- 直接调用
程序,设置AWS\u区域等(相同错误)config downloader
- 成为非root用户,然后使用
调用程序,而不是在没有sudo
的情况下以root用户身份调用程序sudo
不管我怎么做,我都会犯同样的错误。根据这些说明,我于2020年3月23日下载了“最新”的deb,安装了CloudWatch代理 我使用了一个错误的带有无效字符的“secret”,导致INI文件解析器崩溃。CloudWatch代理错误地将此报告为“缺失区域”,而解析错误或“无效机密”错误可能更准确。aws配置默认为C:\Users\Administrator,而不是安装CloudWatch代理的用户。因此,您可能需要将/.aws/文件夹移动到CLoudWatch用户。或者……更直截了当:
aws configure --profile AmazonCloudWatchAgent
如下所述:
您还可以使用common config.toml
指定区域,如下所述:
在运行Windows server的服务器上,此文件位于C:\ProgramData\Amazon\AmazonCloudWatchAgent目录中。默认的common-config.toml如下所示:
如果需要,您还可以使用新位置更新common-config.toml。附带问题:您是否用正确的值替换
-c“文件:/path/to/cloudwatch/cloudwatch.json”
?(不知道是否有帮助,但这看起来很奇怪。)是的,我正在用一个有效的值替换它。您是否有[profile AmazonCloudWatchAgent]region=eu-west-1(或您所在的地区)的/root/.aws/config文件?这对我有用。
aws configure --profile AmazonCloudWatchAgent
# This common-config is used to configure items used for both ssm and cloudwatch access
## Configuration for shared credential.
## Default credential strategy will be used if it is absent here:
## Instance role is used for EC2 case by default.
## AmazonCloudWatchAgent profile is used for onPremise case by default.
# [credentials]
# shared_credential_profile = "{profile_name}"
# shared_credential_file= "{file_name}"
## Configuration for proxy.
## System-wide environment-variable will be read if it is absent here.
## i.e. HTTP_PROXY/http_proxy; HTTPS_PROXY/https_proxy; NO_PROXY/no_proxy
## Note: system-wide environment-variable is not accessible when using ssm run-command.
## Absent in both here and environment-variable means no proxy will be used.
# [proxy]
# http_proxy = "{http_url}"
# https_proxy = "{https_url}"
# no_proxy = "{domain}"