8

I have an EC2 instance that is running a few processes. I also have a Lambda script that is triggered through various means. I would like this Lambda script to talk to my EC2 instance and get a list of running processes from it (Essentially run ps aux on the EC2 box, and read the output).

Now this is easy enough with just one instance and its instance-id. Just SSH in, run the command, get the output, and be on my way. However, I would like to scale this to multiple EC2 instances, for which only the instance-id is known and SSH keys may not be given.

Is such a configuration possible with Lambda and Boto (or other libraries)? Or do I just have to run a microserver on each of my instances that will reply with the given information (something I'm really trying to avoid)

Improve this question
1
  • What about RunCommand via the EC2 API? Commented May 24, 2017 at 1:26

3 Answers 3

Reset to default
16

You can do this easily with AWS Systems Manager - Run Command

AWS Systems Manager provides you safe, secure remote management of your instances at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell.

Specifically:

  • Use the send-command API from Lambda function to get list of all processes on a group of instances. You can do this by providing a list of instances or even a tag query
  • You can also use CloudWatch Events to trigger a Run Command directly
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I don't think there is something available out of the box for this scenario.

Instead of querying, try an alternate approach. Install an agent on all ec2 instances, which reports the required information to a central service or probably a DynamoDB table, with HashKey as InstanceId.

You may want to bake this script as a cron job, (executed probably hourly?) in the AMI itself.

With this implementation, you reduce the complexity of managing and running a separate web service on each EC2 instance.

Query the DynamoDB table on demand. There will be a lag, as data may not be real time, but you can always reduce the CRON interval per your needs.

Improve this answer

Comments

0

Like Yeshodhan mentioned, There is no direct approach for this.

However, There is one more approach.

1) Save your private key file to an s3 bucket, Create a lambda function and use python fabric module to login to the remote machines from lambda function and execute commands.

The above-mentioned approach is possible but I highly recommend launching a separate machine and use a configuration management system (Preferably ansible) and get the results from remote machines.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.