Telegraf running inside a docker container outputs to CloudWatch - Need Help

telegraf
#1

Hi,

I have a scenario that telegraf runs inside the docker container using which we would like to read the docker metrics and JVM metrics and post to Cloudwatch (AWS). What is the best practice to send the credentials to telegraf for AWS Cloudwatch and we are getting the following error while collecting and posting the data?

2017/03/23 20:09:55 E! cloudwatch: Error in ListMetrics API call : RequestError: send request failed
caused by: Post https://monitoring.us-east-1.amazonaws.com/: dial tcp 54.239.17.53:443: i/o timeout
2017/03/23 20:09:55 E! Failed to connect to output cloudwatch, retrying in 15s, error was ‘RequestError: send request failed
caused by: Post https://monitoring.us-east-1.amazonaws.com/: dial tcp 54.239.17.53:443: i/o timeout’

Any help is appreciated

Regards
Karthik

#2

@kpalanivelu The best bet is to use whatever container orchestrator you are using to deliver the credentials to the container via env or other. You could also store your credentials in a file and mount them into the container file system.

Do either of those options work for you?

#3

The timeout error looks to me like a firewall is dropping the packets.

#4

Thanks but it has the limitations by itself as I need to generate tokens every hour due to security issues. I do not have system credentials. If I provide rolearn, it is not working. It should be easier route for telegraf to use the role to generate tokens before posting to cloudwatch. Your thoughts?

#5

Let me add proxy and test but here I am hard coding temp credentials looking for permanent solutions.

#6

Proxy worked as an environment variable. But when I do the same in the aws, it was not. How do embed the proxy within the telegraf or docker container?