I want to use standard NetApp tools, such as Harvest and Grafana, to monitor my Amazon FSx for NetApp ONTAP file system storage usage and performance in a different account.
Short description
Create an Amazon Elastic Compute Cloud (Amazon EC2) Linux instance with Harvest and Grafana software in an AWS Account. Then, use the instance to monitor an FSx for ONTAP file system in a different AWS account.
Resolution
Create an EC2 Linux instance with Harvest and Grafana software
Make sure that you're in the AWS Account that you want to use to monitor the file system. Complete the following sections in Monitoring FSx for ONTAP file systems using Harvest and Grafana:
- AWS CloudFormation template: Download the CloudFormation fsx-ontap-harvest-grafana.template to create an EC2 Linux instance with Harvest and Grafana software. Before you configure the template, make sure that you review the information in Amazon EC2 instance types.
- Instance port rules: Ports 3000 and 9090 must be open for inbound traffic from the new Harvest and Grafana EC2 instance's security group.
Note: You're billed for associated AWS services after you implement this resolution. For more information, see the pricing details pages for those services.
Set up a connection between your AWS accounts
- Use AWS Transit Gateway to create a transit gateway in the AWS Account that contains the file system (the source account).
- Use AWS Resource Access Manager to share the transit gateway to the AWS Account that you want to use to monitor the file system (the monitor account).
- After the transit gateway is shared, create a transit gateway attachment to the Amazon Virtual Private Cloud (Amazon VPC) in the source account. Then, select the correct subnets.
- Create a transit gateway attachment to the Amazon Virtual Private Cloud (Amazon VPC) where you deployed the CloudFormation template (the monitor account). Then, select the correct subnets.
- Navigate to the route table of the new transit gateway in the source account and choose Routes.
- Create two static routes in the route table. Create a route with the CIDR of the source account VPC or subnet. Attach it as a transit gateway attachment created in the source account.
- Then, create a second static route with the CIDR of the monitor account VPC or subnet. Attach the second route as a transit gateway attachment created in the monitor account.
- Navigate to the subnet's route table in the source account. Then, add the route with the destination as the EC2 VPC or subnet CIDR in the monitor account. The target is the new transit gateway. Make sure that you correctly associate the subnet.
- In the monitor account, find the route table associated with the subnet of your EC2 instance. Add a route with the destination as the file system's VPC or subnet CIDR and the target as the shared transit gateway. Make sure that you correctly associate the subnet.
- Allow the CIDR in the security groups associated with both the source and monitor account subnets.
Deploy the Harvest and Grafana solution in the monitor account
The procedure to deploy the Harvest and Grafana solution in a cross account scenario is the same as deployment within the same account. For more information, see Deployment procedure.
Log in to Grafana
After you deploy the solution, use your browser to log in to the Grafana dashboard. Log in at the IP address and port 3000 of the EC2 instance.
http://EC2_instance_IP:3000
When prompted, use the Grafana default user name (admin) and password (admin). It's a best practice to change your password as soon as you log in. For more information, see the NetApp Harvest page on GitHub.