AWS Observability Handbook E-Book

AWS Observability Handbook

Monitor, trace, and alert your cloud applications with AWS’ myriad observability tools

Phani Kumar Lingamallu

Fabio Braga de Oliveira

BIRMINGHAM—MUMBAI

AWS Observability Handbook

Copyright © 2023 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Mohd Riyan Khan

Publishing Product Manager: Surbhi Suman

Senior Content Development Editor: Adrija Mitra

Technical Editor: Irfa Ansari

Copy Editor: Safis Editing

Project Coordinator: Prajakta Naik

Proofreader: Safis Editing

Indexer: Pratik Shirodkar

Production Designer: Prashant Ghare

Marketing Coordinator: Agnes D'souza

First published: April 2023

Production reference: 1190423

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

978-1-80461-671-0

www.packtpub.com

I would like to take this opportunity to express my heartfelt gratitude to two very special people in my life. To my parents, Lakshmi and Mohan Rao, your unwavering support and guidance throughout my life have been a source of strength and inspiration. Your love and sacrifices have shaped me into the person I am today, and I am forever grateful for all that you have done for me. And to my wife, Usha, my loving partner throughout our joint life journey; you have been my rock during difficult times and my partner in every adventure. Your love has given me strength, and your friendship has brought me endless joy. Thank you for both being an integral part of my life and for making it truly special.

– Phani Kumar Lingamallu

My parents had a difficult life; they migrated from an impoverished region in Brazil to try for a better life. They found each other, fell in love, and brought up a family, doing the best they could with the knowledge they had. All three of their kids attended the best universities in our country. Thanks to their struggle and sacrifices, and despite all the bumps in the road, I was able to experience an international career, migrating to Germany with my small family. We may be far away, but I can’t start to think about any of my accomplishments without feeling thankful for everything they provided for me.

– Fabio Braga de Oliveira

Contributors

About the authors

Phani Kumar Lingamallu works as a senior partner solution architect at Amazon Web Services (AWS). With around 19 years of IT experience, he previously served as a consultant for several well-known companies, such as Microsoft, HCL Technologies, and Harsco. He has worked on projects such as the large-scale migration of workloads to AWS and the Azure cloud. He has hands-on experience with the setup of monitoring/management for over 45,000 servers, and the design and implementation of large-scale AIOps transformations for clients across Europe, the US, and APAC, covering monitoring, automation, reporting, and analytics. He holds a Master of Science in electronics and possesses certifications including AWS Solution Architect Professional and Microsoft Certified Azure Solution Architect Expert.

I am immensely grateful to my fellow colleagues, both those I have worked with in my current role and those from my previous roles. Your unwavering dedication and passion for the work we do have been a constant source of inspiration to me.

Fabio Braga de Oliveira works as a senior partner solution architect at AWS. He carries a wealth of experience from various industries – automotive, industrial, and financial services, working in the last 19 years as a software engineer/team lead/solutions architect. His professional interests range from big to small: he loves event-driven architectures, helping build complex, highly efficient systems, and also working on small devices, building devices fleet to collect data and support companies to drive new insights, using analytics techniques and machine learning. He majored in electronics and has a BS in computer science, an MBA in project management, and a series of IT certifications, among them AWS Certified Solution Architect – Professional. Nowadays, he supports AWS partners in the DACH/CEE region with application modernization (serverless and containers) and IoT workloads.

I would love to be as brilliant and smart as many of my colleagues. I am standing on the shoulders of giants, definitely. Every example, every code excerpt, and every concept is the result of the accumulated knowledge of practitioners and the computer science community as a whole. So, to all of you, my humble thank you; without all of you, I wouldn’t be half of what I am.

About the reviewers

Anand Rajanala’s expertise in Application Performance Management (APM) and AIOps observability. As a product manager, he has created roadmaps and identified opportunities to enhance product offerings to ensure that products meet customer needs and are aligned with business goals.

Working with companies such as CA, HCL Technologies, Broadcom, ConnX, and Rakuten has given Anand the opportunity to develop a deep understanding of the technology industry and the challenges that businesses face. He has strong communication and collaboration skills, which are essential for managing cross-functional teams and building relationships with stakeholders.

Anand Rajanala has a supportive family behind him – his lovely kids, Srisubodh and Paanya SriSisira, and his wife, Vasavi. To my family, my brothers and sister – I cannot thank you enough for everything you do for me and our family. Words cannot express how much your support means to me. From the bottom of my heart, thank you for being there for me every step of the way.

Peter Gergely Marczis brings 15 years of industry experience to his role as the leader of the DevOps platforms practice at Nordcloud. Starting his career as an embedded programmer, he quickly developed a passion for cutting-edge technologies, and he now works with industry-leading companies on their DevOps strategies. His unique expertise and insights have made him the ideal candidate to review technical content for its quality and relevance to the field.

Table of Contents

Preface

Part 1: Getting Started with Observability on AWS

1

Observability 101

Technical requirements

What is observability?

The need for observability in a distributed application environment

Building blocks of observability

Metrics

Logs

Traces

What is the relationship between the three pillars?

Benefits of observability

Understanding application health and performance to improve customer experience

Improving developer productivity

Getting more insight with visualizations

Digital eperience monitoring

Controlling cost and planning capacity

Summary

Questions

2

Overview of the Observability Landscape on AWS

Technical requirements

Overview of observability tools in AWS

Overview of native observability services in AWS

Amazon CloudWatch Metrics

Amazon CloudWatch Logs

AWS X-Ray

Amazon EventBridge

CloudWatch Alarms

CloudWatch Dashboards

CloudWatch Synthetics

Real User Monitoring (RUM)

CloudWatch Evidently

CloudWatch Container Insights

CloudWatch Lambda Insights

CloudWatch Contributor Insights

CloudWatch Application Insights

CloudWatch Metric Insights

CloudWatch Logs Insights

CloudWatch ServiceLens

Overview of AWS-managed open source observability services in AWS

Amazon Managed Service for Prometheus

Amazon OpenSearch Service

Amazon Managed Grafana

AI and ML insights

Instrumentation

Adoption of observability services in AWS

Summary

Questions

3

Gathering Operational Data and Alerting Using Amazon CloudWatch

Technical requirements

Overview of CloudWatch metrics and logs

Deployment and configuration of the CloudWatch agent in an EC2 instance

The unified CloudWatch agent

EC2 Windows instance monitoring with the unified CloudWatch agent

Manual installation and configuration of the CloudWatch agent

Automated installation using AWS Systems Manager

Overview of CloudWatch alarms and dashboards

CloudWatch alarms

CloudWatch dashboards

Overview of Amazon EventBridge

Summary

Questions

4

Implementing Distributed Tracing Using AWS X-Ray

Technical requirements

Overview of AWS X-Ray

X-Ray concepts

Navigating the AWS X-Ray console

Step 1 – deploying a sample application

Step 2 – navigating the application

Step 3 – navigating the AWS CloudWatch X-Ray user interface

Overview of the CloudWatch ServiceLens map

Overview of X-Ray Analytics

End-to-end instrumentation of a sample application deployed in an EC2 instance

Preparing the environment

Testing the sample application

Exploring the sample application running on an EC2 instance

Summary

Part 2: Automated and Machine Learning-Powered Observability on AWS

5

Insights into Operational Data with CloudWatch

Technical requirements

Deriving operational intelligence from CloudWatch metrics

CloudWatch metrics explorer

CloudWatch Metrics Insights

Metric math expressions

CloudWatch anomaly detection

Exploring CloudWatch Application Insights

Exploring CloudWatch Logs Insights

Exploring CloudWatch Contributor Insights and its use cases

Summary

Questions

6

Observability for Containerized Applications on AWS

Technical requirements

Introduction to CloudWatch Container Insights

Set up a Cloud9 development workspace

Set up an Amazon EKS cluster

Set up an Amazon ECS cluster

Implementing observability for a distributed application running on Amazon EKS

Container Insights metrics on your EKS EC2 or customer-managed Kubernetes clusters

Container Insights metrics on EKS Fargate

Implementing observability for a distributed application running on Amazon ECS

Container Insights on Amazon ECS for the cluster- and service-level metrics

Container Insights on Amazon ECS for instance-level metrics using ADOT

Collect logs and send them to CloudWatch Logs using FireLens

End-to-end visibility of containerized applications using AWS App Mesh

Add monitoring and logging capabilities

Add end-to-end tracing capabilities

Understanding and troubleshooting performance bottlenecks in containers

Workspace

Build the environments

Set up Container Insights

Explore Container Insights

Set up load tests

Load testing metrics

Accessing CloudWatch Logs Insights

Summary

7

Observability for Serverless Applications on AWS

Technical requirements

Deploying a basic serverless application running on AWS Lambda

Built-in metrics

Lambda logging

CloudWatch Logs Insights from Lambda logs

API Gateway metrics and logs

CloudWatch Lambda Insights

Single-function view

Multifunction view

End-to-end tracing of the Node.js application

Exploring Lambda Powertools

Lambda Powertools for enhanced logging

Lambda Powertools – custom metrics

Lambda Powertools – tracing

Troubleshooting performance issues using X-Ray groups

Summary

Questions

8

End User Experience Monitoring on AWS

Technical requirements

End user experience monitoring

CloudWatch Synthetics

How CloudWatch Synthetics works

Use cases of CloudWatch Synthetics monitoring

Understanding CloudWatch Synthetics canaries

Configuring CloudWatch Synthetics canaries

CloudWatch RUM

How CloudWatch RUM works

Setting up CloudWatch RUM for an S3 static website

Summary

Questions

Part 3: Open Source Managed Services on AWS

9

Collecting Metrics and Traces Using OpenTelemetry

Technical requirements

An open standard to collect metrics and traces using AWS Distro for OpenTelemetry

How to instrument once for multiple monitoring destinations

Traces

Metrics

Logs

OpenTelemetry Collector deployment

Instrumenting a container application running on ECS using OpenTelemetry

The OpenTelemetry Python SDK for traces

The OpenTelemetry Python SDK for metrics

Deploying the OpenTelemetry Collector

Checking the resulting application telemetry

Summary

10

Deploying and Configuring an Amazon Managed Service for Prometheus

Technical requirements

Prometheus and Grafana overview

Setting up Amazon Managed Service for Prometheus and Grafana

Setting up a Cloud9 development workspace

Setting up an AMP workspace

Setting up an AMG dashboard

Setting up an Amazon EKS cluster and tools

Ingesting telemetry data

Ingestion from a new Prometheus server

Ingestion using AWS Distro for OpenTelemetry (ADOT)

Querying Prometheus metrics via API and Grafana

Querying Prometheus metrics using Prometheus APIs

Querying Prometheus metrics using Amazon Managed Grafana

Implementing container monitoring

Summary

11

Deploying the Elasticsearch, Logstash, and Kibana Stack Using Amazon OpenSearch Service

Technical requirements

Amazon OpenSearch Service overview

Setup and configuration of Amazon OpenSearch Service

Installation of a standalone cluster of Amazon OpenSearch Service

Observability of the application traces and logs using Amazon OpenSearch Service

Application traces

Application logs

Anomaly detection in Amazon OpenSearch Service

Security for Amazon OpenSearch Service

Summary

Questions

Part 4: Scaled Observability and Beyond

12

Augmenting the Human Operator with Amazon DevOps Guru

Technical requirements

Overview of Amazon DevOps Guru

Enabling Amazon DevOps Guru

Analyzing resources using Amazon DevOps Guru

How DevOps Guru works

Reviewing Amazon DevOps Guru insights for serverless applications in AWS

Discovering and analyzing resources

Decreasing DynamoDB capacity

Generating traffic to create anomalies

Reactive insights

Proactive insights

Understanding Relational Database Service (RDS) performance issues using DevOps Guru

AI and ML insights

Amazon CodeGuru

Amazon Lookout for Metrics

Summary

Questions

13

Observability Best Practices at Scale

Observability best practices at scale

Understanding multi-account and multi-Region topologies

Exploring CloudWatch cross-account observability

How cross-account observability works

Configuring CloudWatch cross-account observability

Exploring cross-account cross-Region CloudWatch

Configuring AWS cross-account cross-Region in AWS Organizations

Limitations of CloudWatch cross-account cross-Region observability

Summary

Questions

14

Be Well-Architected for Operational Excellence

Technical requirements

An overview of the AWS Well-Architected Framework

Applying the Well-architected framework and exploring automated solutions

Operational excellence

Security

Reliability

Performance efficiency

Cost optimization

Sustainability

Understanding management and governance in the Well-Architected Framework

Summary

Questions

15

The Role of Observability in the Cloud Adoption Framework

Overview of Cloud Adoption Framework 3.0

Cloud transformation journey

Transformation domains

Foundational capabilities

Business outcomes

Developing an observability strategy for your organization

Benefits of defining an observability strategy

The output of the observability strategy

Applying an observability strategy

Operations perspective in the CAF

Observability maturity model

Best practices for faster observability maturity

Role of observability in the CAF and the best practices for quicker adoption of the cloud

Beyond observability

Observability

AIOps-based operations

Event management

Service management

Automated resolution

Dashboards

Summary

Questions

Index

Other Books You May Enjoy

Preface

Observability refers to the ability to gain insights into the internal state of a system by analyzing the external outputs or data produced by the system. Achieving observability is complex in modern application architectures due to their distributed nature.

While talking to customers and builders, we realized the information required to leverage observability benefits using AWS’s native tools and services is spread across many service-specific documents without a concise view and practical examples. That’s why we decided to write this book for practitioners looking for a straightforward, hands-on source.

In this book, we will explore how to configure and use various AWS services to achieve full-stack observability for your workloads running on AWS. The guide covers key concepts such as understanding the need for observability for different architectures, such as monolith, microservices, and serverless computing, on AWS. The book also highlights how Site Reliability Engineers (SREs) can benefit from AWS’s automated and machine learning offerings to achieve more with less management overhead. We will also look into how developers can achieve observability for their applications and roll out changes confidently with the help of observability. Furthermore, we will dive into the open source observability options available on AWS.

Then, we will look into the architecture best practice recommendations for your observability workloads, the importance of observability in achieving faster adoption of the cloud, and the approach to observability in a large organization.

Who this book is for

This book is intended for SREs, Cloud Developers, DevOps engineers, and Solution Architects who are looking to use AWS’s native services and open source managed services on AWS to achieve the required observability targets. Solution architects seeking to achieve operational excellence by implementing cloud observability solutions for their workloads will also find guidance in this book. You are expected to have a basic understanding of AWS cloud fundamentals and the different service offerings available on the AWS cloud to run applications, such as EC2, storage solutions such as S3, and container solutions such as ECS and EKS.

What this book covers

Chapter 1, Observability 101, will go through the fundamentals of observability and discuss its building blocks and concepts. It provides you with the required terminology and introduces the vocabulary and concepts that you need to know relating to observability in a modern distributed application environment.

Chapter 2, Overview of the Observability Landscape on AWS, will help you understand the basic, foundational services and infrastructure-, application-, and machine learning-based tools available in AWS in terms of cloud-native observability and managed open source observability solutions.

Chapter 3, Gathering Operational Data and Alerting Using Amazon CloudWatch, helps you navigate the fundamentals of CloudWatch metrics, CloudWatch Logs, CloudWatch alarms, and CloudWatch dashboards. It provides hands-on experience in the installation of a unified agent and ingesting metrics and logs from EC2 instances and provides an overview of how to visualize them on a unified dashboard. It also introduces the requirement of the EventBridge service and event rules and how they would be used for fault monitoring.

Chapter 4, Implementing Distributed Tracing Using AWS X-Ray, will take you through what the requirement for distributed tracing is in modern applications and the fundamentals of the services offered by AWS relating to performance monitoring and distributed tracing.

Chapter 5, Insights into Operational Data with CloudWatch, will deep-dive into CloudWatch metrics and CloudWatch dashboards. We will see how to do more with less using CloudWatch Log Insights, CloudWatch Contributor Insights, and CloudWatch Application Insights, deriving operational intelligence automatically from log data and metrics and allowing for faster troubleshooting during operations.

Chapter 6, Observability for Containerized Applications on AWS, enables you to understand the setup of end-to-end containerized applications running on ECS and EKS to achieve observability.

Chapter 7, Observability for Serverless Applications on AWS, gives an overview of Lambda Insights and explores the data generated from it. You will understand how to gather metrics, logs, and traces from the serverless Lambda application and how they can be visualized as a unified dashboard for end-to-end operational visibility.

Chapter 8, End User Experience Monitoring on AWS, will take you through the importance of user experience monitoring. It provides an overview of how synthetic canaries can be implemented in understanding the user experience for a web application. We will provide an overview of how to collect metrics to capture real user behavior while interacting with a web application.

Chapter 9, Collecting Metrics and Traces Using OpenTelemetry, will discuss the existing SDKs, APIs, and AWS services that support organizations looking for ways to implement observability but using the open source ecosystem. It shows how AWS services can easily integrate with existing practices, helping to reduce much of the heavy lifting of deploying and managing those open source tools done by your own infrastructure team.

Chapter 10, Deploying and Configuring an Amazon Managed Service for Prometheus, enables you to understand the foundation of Amazon Managed Grafana and Prometheus and guides you in setting up the services, ingesting metrics, logs, and traces from the cloud-native observability services, and setting up advanced dashboards for operational visibility. It also discusses how to set up Prometheus monitoring for containerized workloads on AWS.

Chapter 11, Deploying the Elasticsearch, Logstash, and Kibana Stack Using Amazon OpenSearch Service, enables you to understand the foundation of Amazon OSS and guides you on how to set up the services and ingest logs and traces from your application workloads and set up dashboards for operational visibility.

Chapter 12, Augmenting the Human Operator with Amazon DevOps Guru, looks at AWS DevOps Guru, which is a service powered by machine learning that automatically extracts the relevant metrics about workloads and detects anomalies before they impact end users. In this chapter, you will learn how to use it to enrich the already deployed set of tools and use it as an advisor to detect issues and recommend remediations.

Chapter 13, Observability Best Practices at Scale, covers some patterns and recommendations on how to scale the observability of applications in complex organizations for workloads distributed in multiple accounts and regions.

Chapter 14, Be Well-Architected for Operational Excellence, looks at the AWS Well-Architected Framework, which provides guidelines on how to apply best practices of the design, delivery, and operations of AWS environments. Its Operational Excellence pillar and Management and Governance Lens include guidance on how to run workloads effectively and continuously improve operations. In this chapter, we discuss some of those principles and how they are interconnected with observability best practices.

Chapter 15, The Role of Observability in the Cloud Adoption Framework, looks at the Cloud Adoption Framework (CAF), which helps customers and users to digitally transform their businesses by leveraging the AWS experience and best practices. Among the CAF pillars are Management, Governance, and Operations. This chapter will discuss the role of observability in an organization’s transformation journey.

To get the most out of this book

To get the most out of the book, we recommend you have an AWS account to practice the concepts discussed in the book. We have used quick-start templates where applicable to make your exercises as practical as possible. If you would like to understand the code and the CloudFormation templates used in detail, we suggest you access the book’s GitHub repository (a link is available in the next section).

Software/hardware covered in the book

Operating system requirements

Python 3.9

Windows, macOS, or Linux

Node.js 14/Node.js 16

JSON

If you are using the digital version of this book, we advise you to type the code yourself or access the code from the book’s GitHub repository (a link is available in the next section). Doing so will help you avoid any potential errors related to the copying and pasting of code.

Download the example code files

You can download the example code files for this book from GitHub at https://github.com/PacktPublishing/AWS-Observability-Handbook. If there’s an update to the code, it will be updated in the GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots and diagrams used in this book. You can download it here: https://packt.link/n7E68.

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: “Set the dataset name to my-dateset1.”

A block of code is set as follows:

Any command-line input or output is written as follows:

Bold: Indicates a new term, an important word, or words that you see onscreen. For instance, words in menus or dialog boxes appear in bold. Here is an example: “For the next step, let’s go ahead and decrease the table capacity in DynamoDB for both Read Capacity and Write Capacityto 1.”

Tips or important notes

Appear like this.

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, email us at [email protected] and mention the book title in the subject of your message.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata and fill in the form.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Share Your Thoughts

Once you’ve read AWS Observability Handbook, we’d love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we’re delivering excellent quality content.

Download a free PDF copy of this book

Thanks for purchasing this book!

Do you like to read on the go but are unable to carry your print books everywhere? Is your eBook purchase not compatible with the device of your choice?

Don’t worry, now with every Packt book you get a DRM-free PDF version of that book at no cost.

Read anywhere, any place, on any device. Search, copy, and paste code from your favorite technical books directly into your application.

The perks don’t stop there, you can get exclusive access to discounts, newsletters, and great free content in your inbox daily

Follow these simple steps to get the benefits:

https://packt.link/free-ebook/9781804616710

Part 1: Getting Started with Observability on AWS

This part provides an overview of observability and a discussion about the building blocks of observability. Additionally, it provides a review of the different services available in AWS to achieve observability in a modern distributed application environment.

This section has the following chapters:

2

Overview of the Observability Landscape on AWS

We spent the previous chapter understanding the requirement of observability in the modern application landscape and the building blocks of observability. In this chapter, we will go through various services that can be used to observe and manage your application landscape available on Amazon Web Services (AWS).

AWS offers several services that can be used to observe and manage your overall application landscape:

In this chapter, we are going to cover the following topics:

Technical requirements

To engage in the technical section of this chapter, you need to have an AWS account. You can quickly sign up for the AWS free tier if you do not have one.