New Relic now supports AWS Systems Manager Distributor

Today we’re announcing an integration between New Relic and AWS Systems Manager Distributor, which makes it quick and easy to install our infrastructure agent on your multiple nodes, directly through the AWS interface. The integration allows you to monitor your services, query incoming data, and build dashboards in New Relic without the effort of instrumenting each AWS instance, which are often spread across different hardware architectures and systems. And, you'll be able to manage the agent lifecycle of 30K instances right from the AWS console without any overheads.

Using this integration gives you virtually instant observability by instrumenting New Relic infrastructure agent installation across a bulk of EC2 instances that may exist at present in your AWS account. This provides auto instrumentation to bootstrap agent installation on any new EC2 instance that may get created in the future as a part of your ephemeral infrastructure. You'll also be able to use AWS CLI or any AWS IaC tooling to install the New Relic agent.

What is AWS Systems Manager Distributor?

AWS Systems Manager helps you manage your applications and infrastructure in the AWS Cloud. It provides a number of capabilities for targeting distributions to nodes, which are machines configured for AWS Systems Manager. By configuring Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, on-premises servers, and virtual machines (VMs) in a hybrid environment as managed nodes, these instances can be grouped together by AWS Region, AWS account IDs, node IDs, or tags, which allows them to be easily targeted.

Advantages of using the integration

AWS Systems Manager Distributor, which I’ll call Distributor for brevity, enables New Relic storage of software packages in a centralized, version-controlled location which can then be distributed to your fleet of managed instances, or nodes. It integrates with existing AWS Systems Manager features to simplify and scale the package distribution, installation, and update process. 

This makes it so much easier to deploy the New Relic infrastructure agent across your fleet of nodes than instrumenting each one individually. Because the Distributor takes into account the different operating system types and autoscaling, you won’t have to worry about instrumenting for every node depending on these factors. But, if you need to control managed nodes instrumentation, Distributor can group your nodes by tags, regions, account numbers, or deviceIDs and install different package versions as needed. Plus, you can decide whether to deploy your package one time or at a scheduled interval. So when new packages become available, you’ll have an easy way to auto-update our infrastructure agent. All of this can be done right through the AWS CLI, so there’s no need to switch contexts while you’re working. 

How do I use this integration?

Before using the integration, you’ll need the following prerequisites:

• Install AWS Systems Manager (SSM) Agent on the Amazon Elastic Compute Cloud (Amazon EC2) instances. SSM Agent is preinstalled on some Amazon Machine Images (AMIs) provided by AWS, as detailed here.
• Ensure that the EC2 instances have outbound network connectivity with SSM endpoints or setup Amazon Virtual Private Cloud (VPC) Endpoint, as detailed here 
• Ensure, the AWS Identity and Access Management (IAM) instance profile that is attached to the EC2 instance uses a role, which has the policies at least as defined in this AWS documentation. Alternatively, consider granting access at the account level using the Default Host Management Configuration. More details are available in this AWS documentation.

Next, complete the following steps to create an AWS Systems Manager State Manager association to ensure any EC2 instance that is available in your AWS account at present or at any time in the future is automatically bootstrapped with the New Relic infrastructure agent as long as it addresses the prerequisites mentioned above.

1. Create an association from the AWS Console.
2. Select AWS-ConfigureAWSPackage. Installing a distributor package uses the AWS-ConfigureAWSPackage automation document.
3. Fill in the following parameters:
   1. Action: Install
   2. Installation type: choose either Uninstall and reinstall or In-Place update: The package is completely uninstalled, and then reinstalled. The New Relic agent is unavailable until the reinstallation is a complete in-place update. The application remains available throughout the update process.
   3. Additional arguments: paste the code that follows. Be sure to replace YOUR_NEWRELIC_LICENSE_KEY with your New Relic API Key

{
  "SSM_NR_LICENSE_KEY" : "YOUR_NEWRELIC_LICENSE_KEY"
}

When you see data flowing into New Relic from your Systems Manager-controlled nodes, you can build dashboards to observe everything you need at-a-glance, upping your observability game.

4.  In the target selection, select Choose all instances. Alternatively, you can specify instance tags to install the New Relic agent to a subset of your EC2 instance, if required.

5.  In Specify schedule, select No schedule, which ensures that the New Relic agent runs at least once on all the existing or new EC2 instances. 

Note: If you want to ensure that the New Relic agent is updated once a month, create another State manager association following steps one through four above, but instead select On Schedule and specify Rate schedule builder to run the scheduler every 30 days.

6.  (Optional) Output options to write the install logs to an Amazon S3 bucket. If you do, we recommend that you additionally set up New Relic log ingestor for S3, so that you're able to query the install logs directly from the New Relic UI for end-to-end observability.

7.  Create an Association. 

Now, within minutes, the New Relic agent will be installed on all the existing EC2 instances and any new EC2 instances and data will be instantly observable from New Relic UI.