Reputation: 1542
AWS Lambda run command on EC2 instance and get result
I have an EC2 instance that is running a few processes. I also have a Lambda script that is triggered through various means. I would like this Lambda script to talk to my EC2 instance and get a list of running processes from it (Essentially run ps aux on the EC2 box, and read the output).
Now this is easy enough with just one instance and its instance-id. Just SSH in, run the command, get the output, and be on my way. However, I would like to scale this to multiple EC2 instances, for which only the instance-id is known and SSH keys may not be given.
Is such a configuration possible with Lambda and Boto (or other libraries)? Or do I just have to run a microserver on each of my instances that will reply with the given information (something I'm really trying to avoid)
Upvotes: 8
Views: 14651
Answers (3)
Reputation: 206
You can do this easily with AWS Systems Manager - Run Command
AWS Systems Manager provides you safe, secure remote management of your instances at scale without logging into your servers, replacing the need for bastion hosts, SSH, or remote PowerShell.
Specifically:
- Use the send-command API from Lambda function to get list of all processes on a group of instances. You can do this by providing a list of instances or even a tag query
- You can also use CloudWatch Events to trigger a Run Command directly
Upvotes: 16
Reputation: 1390
Like Yeshodhan mentioned, There is no direct approach for this.
However, There is one more approach.
1) Save your private key file to an s3 bucket, Create a lambda function and use python fabric module to login to the remote machines from lambda function and execute commands.
The above-mentioned approach is possible but I highly recommend launching a separate machine and use a configuration management system (Preferably ansible) and get the results from remote machines.
Upvotes: 0
Reputation: 2943
I don't think there is something available out of the box for this scenario.
Instead of querying, try an alternate approach. Install an agent on all ec2 instances, which reports the required information to a central service or probably a DynamoDB table, with HashKey as InstanceId.
You may want to bake this script as a cron job, (executed probably hourly?) in the AMI itself.
With this implementation, you reduce the complexity of managing and running a separate web service on each EC2 instance.
Query the DynamoDB table on demand. There will be a lag, as data may not be real time, but you can always reduce the CRON interval per your needs.
Upvotes: 0
Related Questions
- AWS lambda: how can I run aws cli commands in lambda
- Invoke a AWS Lambda function from EC2 instance
- Access EC2 Instance Service Via AWS Lambda Function
- how to invoke lambda from shell script in ec2 instance
- Fire command from Lambda to EC2 server instance
- Launch a shell script from Lambda in AWS
- Script to AWS Lambda?
- AWS EC2 and Lambda
- Get Instance EC2 Status using Lambda
- How can I invoke an AWS Lambda function from my EC2 instance?