talexander/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

amazon-cloudwatch-agent: let users specify configuration file paths

Browse Source
This commit is contained in:
commiterate 2024-11-23 14:26:07 -05:00
parent 5f023837c8
commit 43caf2e0f9
4 changed files with 95 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ci/OWNERS
View File

@ -134,14 +134,16 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @NixOS/nix-team @raitobeza
/nixos/modules/installer/sd-card/ /nixos/modules/installer/sd-card/
# Amazon # Amazon
/nixos/modules/virtualisation/amazon-init.nix @arianvp /nixos/modules/virtualisation/amazon-init.nix @arianvp
/nixos/modules/virtualisation/ec2-data.nix @arianvp /nixos/modules/virtualisation/ec2-data.nix @arianvp
/nixos/modules/virtualisation/amazon-options.nix @arianvp /nixos/modules/virtualisation/amazon-options.nix @arianvp
/nixos/modules/virtualisation/amazon-image.nix @arianvp /nixos/modules/virtualisation/amazon-image.nix @arianvp
/nixos/maintainers/scripts/ec2/ @arianvp /nixos/maintainers/scripts/ec2/ @arianvp
/nixos/modules/services/misc/amazon-ssm-agent.nix @arianvp /nixos/modules/services/misc/amazon-ssm-agent.nix @arianvp
/nixos/tests/amazon-ssm-agent.nix @arianvp /nixos/tests/amazon-ssm-agent.nix @arianvp
/nixos/modules/system/boot/grow-partition.nix @arianvp /nixos/modules/system/boot/grow-partition.nix @arianvp
/nixos/modules/services/monitoring/amazon-cloudwatch-agent.nix @philipmw
/nixos/tests/amazon-cloudwatch-agent.nix @philipmw
# nixos-rebuild-ng # nixos-rebuild-ng
/pkgs/by-name/ni/nixos-rebuild-ng @thiagokokada /pkgs/by-name/ni/nixos-rebuild-ng @thiagokokada

117
nixos/modules/services/monitoring/amazon-cloudwatch-agent.nix
View File

@ -10,8 +10,16 @@ let
tomlFormat = pkgs.formats.toml { }; tomlFormat = pkgs.formats.toml { };
jsonFormat = pkgs.formats.json { }; jsonFormat = pkgs.formats.json { };
commonConfigurationFile = tomlFormat.generate "common-config.toml" cfg.commonConfiguration; commonConfigurationFile =
configurationFile = jsonFormat.generate "amazon-cloudwatch-agent.json" cfg.configuration; if (cfg.commonConfigurationFile == null) then
(tomlFormat.generate "common-config.toml" cfg.commonConfiguration)
else
cfg.commonConfigurationFile;
configurationFile =
if (cfg.configurationFile == null) then
(jsonFormat.generate "amazon-cloudwatch-agent.json" cfg.configuration)
else
cfg.configurationFile;
# See https://docs.aws.amazon.com/prescriptive-guidance/latest/implementing-logging-monitoring-cloudwatch/create-store-cloudwatch-configurations.html#store-cloudwatch-configuration-s3. # See https://docs.aws.amazon.com/prescriptive-guidance/latest/implementing-logging-monitoring-cloudwatch/create-store-cloudwatch-configurations.html#store-cloudwatch-configuration-s3.
# #
# We don't use the multiple JSON configuration files feature, # We don't use the multiple JSON configuration files feature,
@ -24,13 +32,30 @@ in
options.services.amazon-cloudwatch-agent = { options.services.amazon-cloudwatch-agent = {
enable = lib.mkEnableOption "Amazon CloudWatch Agent"; enable = lib.mkEnableOption "Amazon CloudWatch Agent";
package = lib.mkPackageOption pkgs "amazon-cloudwatch-agent" { }; package = lib.mkPackageOption pkgs "amazon-cloudwatch-agent" { };
commonConfiguration = lib.mkOption { commonConfigurationFile = lib.mkOption {
type = tomlFormat.type; type = lib.types.nullOr lib.types.path;
default = { }; default = null;
description = '' description = ''
Amazon CloudWatch Agent common configuration. See Amazon CloudWatch Agent common configuration. See
<https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html#CloudWatch-Agent-profile-instance-first> <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html#CloudWatch-Agent-profile-instance-first>
for supported values. for supported values.
{option}`commonConfigurationFile` takes precedence over {option}`commonConfiguration`.
Note: Restricted evaluation blocks access to paths outside the Nix store.
This means detecting content changes for mutable paths (i.e. not input or content-addressed) can't be done.
As a result, `nixos-rebuild` won't reload/restart the systemd unit when mutable path contents change.
`systemctl restart amazon-cloudwatch-agent.service` must be used instead.
'';
example = "/etc/amazon-cloudwatch-agent/amazon-cloudwatch-agent.json";
};
commonConfiguration = lib.mkOption {
type = tomlFormat.type;
default = { };
description = ''
See {option}`commonConfigurationFile`.
{option}`commonConfigurationFile` takes precedence over {option}`commonConfiguration`.
''; '';
example = { example = {
credentials = { credentials = {
@ -44,13 +69,34 @@ in
}; };
}; };
}; };
configurationFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
Amazon CloudWatch Agent configuration file. See
<https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html>
for supported values.
The following options aren't supported:
* `agent.run_as_user`
* Use {option}`user` instead.
{option}`configurationFile` takes precedence over {option}`configuration`.
Note: Restricted evaluation blocks access to paths outside the Nix store.
This means detecting content changes for mutable paths (i.e. not input or content-addressed) can't be done.
As a result, `nixos-rebuild` won't reload/restart the systemd unit when mutable path contents change.
`systemctl restart amazon-cloudwatch-agent.service` must be used instead.
'';
example = "/etc/amazon-cloudwatch-agent/amazon-cloudwatch-agent.json";
};
configuration = lib.mkOption { configuration = lib.mkOption {
type = jsonFormat.type; type = jsonFormat.type;
default = { }; default = { };
description = '' description = ''
Amazon CloudWatch Agent configuration. See See {option}`configurationFile`.
<https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html>
for supported values. {option}`configurationFile` takes precedence over {option}`configuration`.
''; '';
# Subset of "CloudWatch agent configuration file: Complete examples" and "CloudWatch agent configuration file: Traces section" in the description link. # Subset of "CloudWatch agent configuration file: Complete examples" and "CloudWatch agent configuration file: Traces section" in the description link.
# #
@ -110,6 +156,15 @@ in
}; };
}; };
}; };
# Replaces "agent.run_as_user" from the configuration file.
user = lib.mkOption {
type = lib.types.str;
default = "root";
description = ''
The user that runs the Amazon CloudWatch Agent.
'';
example = "amazon-cloudwatch-agent";
};
mode = lib.mkOption { mode = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = "auto"; default = "auto";
@ -122,7 +177,7 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# See https://github.com/aws/amazon-cloudwatch-agent/blob/v1.300048.1/packaging/dependencies/amazon-cloudwatch-agent.service. # See https://github.com/aws/amazon-cloudwatch-agent/blob/v1.300049.1/packaging/dependencies/amazon-cloudwatch-agent.service.
systemd.services.amazon-cloudwatch-agent = { systemd.services.amazon-cloudwatch-agent = {
description = "Amazon CloudWatch Agent"; description = "Amazon CloudWatch Agent";
after = [ "network.target" ]; after = [ "network.target" ];
@ -140,40 +195,28 @@ in
# 3. Runs "amazon-cloudwatch-agent" with the paths to these generated files. # 3. Runs "amazon-cloudwatch-agent" with the paths to these generated files.
# #
# Re-implementing with systemd options. # Re-implementing with systemd options.
User = lib.attrByPath [ User = cfg.user;
"agent"
"run_as_user"
] "root" cfg.configuration;
RuntimeDirectory = "amazon-cloudwatch-agent"; RuntimeDirectory = "amazon-cloudwatch-agent";
LogsDirectory = "amazon-cloudwatch-agent"; LogsDirectory = "amazon-cloudwatch-agent";
ExecStartPre = '' ExecStartPre = builtins.concatStringsSep " " [
${cfg.package}/bin/config-translator \ "${cfg.package}/bin/config-translator"
-config ${commonConfigurationFile} \ "-config ${commonConfigurationFile}"
-input ${configurationFile} \ "-input ${configurationFile}"
-input-dir ${configurationDirectory} \ "-input-dir ${configurationDirectory}"
-mode ${cfg.mode} \ "-mode ${cfg.mode}"
-output ''${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.toml "-output \${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.toml"
''; ];
ExecStart = '' ExecStart = builtins.concatStringsSep " " [
${cfg.package}/bin/amazon-cloudwatch-agent \ "${cfg.package}/bin/amazon-cloudwatch-agent"
-config ''${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.toml \ "-config \${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.toml"
-envconfig ''${RUNTIME_DIRECTORY}/env-config.json \ "-envconfig \${RUNTIME_DIRECTORY}/env-config.json"
-otelconfig ''${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.yaml \ "-otelconfig \${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.yaml"
-pidfile ''${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.pid "-pidfile \${RUNTIME_DIRECTORY}/amazon-cloudwatch-agent.pid"
''; ];
KillMode = "process"; KillMode = "process";
Restart = "on-failure"; Restart = "on-failure";
RestartSec = 60; RestartSec = 60;
}; };
restartTriggers = [
cfg.package
commonConfigurationFile
configurationFile
configurationDirectory
cfg.mode
];
}; };
}; };
meta.maintainers = pkgs.amazon-cloudwatch-agent.meta.maintainers;
} }

1
nixos/tests/amazon-cloudwatch-agent.nix
View File

@ -27,7 +27,6 @@ import ./make-test-python.nix (
in in
{ {
name = "amazon-cloudwatch-agent"; name = "amazon-cloudwatch-agent";
meta.maintainers = pkgs.amazon-cloudwatch-agent.meta.maintainers;
nodes.machine = nodes.machine =
{ config, pkgs, ... }: { config, pkgs, ... }:

8
pkgs/by-name/am/amazon-cloudwatch-agent/package.nix
View File

@ -16,13 +16,13 @@ buildGoModule rec {
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "aws"; owner = "aws";
repo = "amazon-cloudwatch-agent"; repo = "amazon-cloudwatch-agent";
rev = "refs/tags/v${version}"; tag = "v${version}";
hash = "sha256-gJrK+ai+EEKvBErjOyvu677WykUPuxYy9NrR+qV2yyo="; hash = "sha256-gJrK+ai+EEKvBErjOyvu677WykUPuxYy9NrR+qV2yyo=";
}; };
vendorHash = "sha256-OQSl7nFvnDjJbs756QN5ZE/Dx/AZqxsijG0Ks7FYCB8="; vendorHash = "sha256-OQSl7nFvnDjJbs756QN5ZE/Dx/AZqxsijG0Ks7FYCB8=";
# See the list in https://github.com/aws/amazon-cloudwatch-agent/blob/v1.300048.1/Makefile#L68-L77. # See the list in https://github.com/aws/amazon-cloudwatch-agent/blob/v1.300049.1/Makefile#L68-L77.
subPackages = [ subPackages = [
"cmd/config-downloader" "cmd/config-downloader"
"cmd/config-translator" "cmd/config-translator"
@ -32,7 +32,7 @@ buildGoModule rec {
"cmd/amazon-cloudwatch-agent-config-wizard" "cmd/amazon-cloudwatch-agent-config-wizard"
]; ];
# See https://github.com/aws/amazon-cloudwatch-agent/blob/v1.300048.1/Makefile#L57-L64. # See https://github.com/aws/amazon-cloudwatch-agent/blob/v1.300049.1/Makefile#L57-L64.
# #
# Needed for "amazon-cloudwatch-agent -version" to not show "Unknown". # Needed for "amazon-cloudwatch-agent -version" to not show "Unknown".
postInstall = '' postInstall = ''
@ -43,6 +43,8 @@ buildGoModule rec {
nativeInstallCheckInputs = [ versionCheckHook ]; nativeInstallCheckInputs = [ versionCheckHook ];
versionCheckProgram = "${builtins.placeholder "out"}/bin/amazon-cloudwatch-agent";
versionCheckProgramArg = "-version"; versionCheckProgramArg = "-version";
passthru = { passthru = {