×
![]()
Existing EC2 with Netprobe
The ExistingEC2withNetprobe.yaml CloudFormation template configures Netprobe on existing EC2 instances using AWS Systems Manager (SSM). It creates an SSM document and association to remotely install and configure Netprobe as a systemd service using IAM instance profile credentials.
Prerequisites Copied
- Target EC2 instances must have SSM Agent installed and running
- Target instances must have an IAM instance profile attached with permissions:
AmazonSSMManagedInstanceCore(for SSM communication)- S3 read access to the Netprobe artifacts bucket (and KMS decrypt if applicable)
- Netprobe installation package, setup file, and systemd service file in accessible S3 bucket
Input Parameters Copied
| Parameter | Description | Default | Required |
|---|---|---|---|
| Target EC2 Configuration | |||
InstanceIds |
Comma-separated list of existing EC2 Instance IDs | - | ✓ |
| AWS Credentials | |||
AWSRegion |
AWS Region (e.g., ap-southeast-1, us-west-2) | ap-southeast-1 | |
| Gateway Configuration | |||
GatewayHost |
Gateway host for Netprobe connection | - | ✓ |
GatewayPort |
Gateway port for Netprobe connection | 7039 | |
| Netprobe Configuration | |||
NetprobeInstallDirectory |
Directory where Netprobe will be installed | ~/geneos | |
S3NetprobeURL |
S3 URL to the Netprobe tar.gz file | - | ✓ |
NetprobePort |
Port number for Netprobe | 7036 | |
S3NetprobeSetupURL |
S3 URL to the Netprobe setup XML file | - | ✓ |
S3NetprobeServiceURL |
S3 URL to the Netprobe systemd service file | - | ✓ |
Configuration Copied
AWSTemplateFormatVersion: '2010-09-09'
Description: Configure existing EC2 instances with Netprobe setup using AWS Systems Manager
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: "Target EC2 Configuration"
Parameters:
- InstanceIds
- Label:
default: "AWS Credentials"
Parameters:
- AWSRegion
- Label:
default: "Gateway Configuration"
Parameters:
- GatewayHost
- GatewayPort
- Label:
default: "Netprobe Configuration"
Parameters:
- NetprobeInstallDirectory
- S3NetprobeURL
- NetprobePort
- S3NetprobeSetupURL
- S3NetprobeServiceURL
ParameterLabels:
InstanceIds:
default: "Target EC2 Instance IDs"
AWSRegion:
default: "AWS Region"
NetprobeInstallDirectory:
default: "Netprobe Installation Directory"
S3NetprobeURL:
default: "S3 URL for Netprobe"
NetprobePort:
default: "Netprobe Port Number"
GatewayHost:
default: "Gateway Host"
GatewayPort:
default: "Gateway Port"
S3NetprobeSetupURL:
default: "S3 URL for Netprobe Setup File"
S3NetprobeServiceURL:
default: "S3 URL for Netprobe Service File"
Parameters:
InstanceIds:
Type: CommaDelimitedList
Description: Comma-separated list of existing EC2 Instance IDs
AWSRegion:
Type: String
Description: AWS Region for CLI configuration (e.g., ap-southeast-1, us-west-2)
Default: ap-southeast-1
NetprobeInstallDirectory:
Type: String
Description: Directory where Netprobe will be installed
Default: "~/geneos"
S3NetprobeURL:
Type: String
Description: S3 URL to the Netprobe tar.gz file
NetprobePort:
Type: Number
Description: Port number for Netprobe
Default: 7036
GatewayHost:
Type: String
Description: Gateway host for Netprobe connection
GatewayPort:
Type: Number
Description: Gateway port for Netprobe connection
Default: 7039
S3NetprobeSetupURL:
Type: String
Description: S3 URL to the Netprobe setup XML file
S3NetprobeServiceURL:
Type: String
Description: S3 URL to the Netprobe systemd service file
Rules:
RequireS3NetprobeURL:
Assertions:
- Assert: !Not [!Equals [!Ref S3NetprobeURL, ""]]
AssertDescription: S3NetprobeURL must not be empty
RequireS3NetprobeSetupURL:
Assertions:
- Assert: !Not [!Equals [!Ref S3NetprobeSetupURL, ""]]
AssertDescription: S3NetprobeSetupURL must not be empty
RequireS3NetprobeServiceURL:
Assertions:
- Assert: !Not [!Equals [!Ref S3NetprobeServiceURL, ""]]
AssertDescription: S3NetprobeServiceURL must not be empty
RequireGatewayHost:
Assertions:
- Assert: !Not [!Equals [!Ref GatewayHost, ""]]
AssertDescription: GatewayHost must not be empty
Resources:
NetprobeInstallationDocument:
Type: AWS::SSM::Document
Properties:
DocumentType: Command
DocumentFormat: YAML
Content:
schemaVersion: '2.2'
description: Install and configure Netprobe on existing EC2 instances
parameters:
AWSRegion:
type: String
description: AWS Region
NetprobeInstallDirectory:
type: String
description: Netprobe installation directory
S3NetprobeURL:
type: String
description: S3 URL to Netprobe package
NetprobePort:
type: String
description: Netprobe port number
GatewayHost:
type: String
description: Gateway host
GatewayPort:
type: String
description: Gateway port
S3NetprobeSetupURL:
type: String
description: S3 URL to setup file
S3NetprobeServiceURL:
type: String
description: S3 URL to Netprobe systemd service file
mainSteps:
- action: aws:runShellScript
name: installNetprobe
inputs:
timeoutSeconds: '3600'
runCommand:
- |
#!/bin/bash
set -e
echo "=== Starting Netprobe Installation ==="
# Identify OS and version
echo "--- Identifying OS and version ---"
if [ -f /etc/os-release ]; then
. /etc/os-release
OS=$ID
VERSION_ID=$VERSION_ID
elif [ -f /etc/redhat-release ]; then
OS=$(awk '{print tolower($1)}' /etc/redhat-release)
VERSION_ID=$(awk '{print $3}' /etc/redhat-release)
else
echo "ERROR: Unsupported OS"
exit 1
fi
echo "Detected OS: $OS $VERSION_ID"
# Detect default user
if [ "$OS" = "ubuntu" ]; then
DEFAULT_USER="ubuntu"
else
DEFAULT_USER="ec2-user"
fi
echo "Default user: $DEFAULT_USER"
# Check if SSM agent user exists, fallback to detected user
if id "ssm-user" &>/dev/null; then
INSTALL_USER="ssm-user"
else
INSTALL_USER="$DEFAULT_USER"
fi
echo "Installation user: $INSTALL_USER"
# Install prerequisites
echo "--- Installing prerequisites ---"
case "$OS" in
ubuntu)
sudo apt-get update
sudo apt-get install -y unzip curl
;;
rhel|centos)
if [[ "$VERSION_ID" == 8* || "$VERSION_ID" == 9* ]]; then
sudo dnf install -y unzip curl
elif [[ "$VERSION_ID" == 7* ]]; then
sudo yum install -y unzip curl
fi
;;
esac
# Install AWS CLI if not present
echo "--- Setting up AWS CLI ---"
if ! command -v aws &> /dev/null; then
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
rm -rf aws awscliv2.zip
fi
# Set default values for optional parameters if they're empty
AWS_REGION="{{AWSRegion}}"
if [ -z "$AWS_REGION" ]; then
AWS_REGION="ap-southeast-1"
fi
export AWS_DEFAULT_REGION="$AWS_REGION"
# Parse the netprobe install directory (handle ~ expansion)
NETPROBE_DIR="{{NetprobeInstallDirectory}}"
if [ -z "$NETPROBE_DIR" ]; then
NETPROBE_DIR="~/geneos"
fi
if [[ "$NETPROBE_DIR" == ~* ]]; then
NETPROBE_DIR=${NETPROBE_DIR:1}
NETPROBE_DIR="/home/$INSTALL_USER$NETPROBE_DIR"
fi
# Create Netprobe directory
echo "--- Setting up Netprobe directory ---"
sudo mkdir -p "$NETPROBE_DIR"
sudo chown $INSTALL_USER:$INSTALL_USER "$NETPROBE_DIR"
# Download and extract Netprobe
echo "--- Downloading Netprobe ---"
aws s3 cp "{{S3NetprobeURL}}" "$NETPROBE_DIR/netprobe.tar.gz"
if [ ! -f "$NETPROBE_DIR/netprobe.tar.gz" ]; then
echo "ERROR: Failed to download Netprobe package"
exit 1
fi
cd "$NETPROBE_DIR"
tar -xzf netprobe.tar.gz
sudo chown -R $INSTALL_USER:$INSTALL_USER "$NETPROBE_DIR/"
# Download setup file
echo "--- Downloading Netprobe setup file ---"
aws s3 cp "{{S3NetprobeSetupURL}}" "$NETPROBE_DIR/netprobe/netprobe.setup.xml"
if [ ! -f "$NETPROBE_DIR/netprobe/netprobe.setup.xml" ]; then
echo "ERROR: Failed to download setup file"
exit 1
fi
# Install Java and dependencies
echo "--- Installing Java and dependencies ---"
case "$OS" in
ubuntu)
sudo apt-get install -y openjdk-21-jdk || sudo apt-get install -y openjdk-11-jdk
;;
rhel|centos)
if [[ "$VERSION_ID" == 8* || "$VERSION_ID" == 9* ]]; then
sudo dnf install -y openssl-libs glibc libnsl2 libxcrypt zlib libstdc++ libgcc libtirpc krb5-libs libcom_err keyutils-libs libselinux pcre2 libcurl
sudo dnf install -y java-21-openjdk || sudo dnf install -y java-11-openjdk
elif [[ "$VERSION_ID" == 7* ]]; then
sudo yum install -y epel-release
sudo yum install -y java-11-openjdk || sudo yum install -y java-1.8.0-openjdk
fi
;;
esac
# Set default values for gateway parameters if they're empty
GATEWAY_HOST_VAL="{{GatewayHost}}"
GATEWAY_PORT_VAL="{{GatewayPort}}"
if [ -z "$GATEWAY_PORT_VAL" ]; then
GATEWAY_PORT_VAL="7039"
fi
# Set up environment variables
echo "--- Setting up environment variables ---"
sudo -u $INSTALL_USER bash -c "
# Remove existing exports
sed -i '/^export GATEWAY_HOST=/d' /home/$INSTALL_USER/.bashrc
sed -i '/^export GATEWAY_PORT=/d' /home/$INSTALL_USER/.bashrc
sed -i '/^export JAVA_HOME=/d' /home/$INSTALL_USER/.bashrc
# Add new exports
echo 'export GATEWAY_HOST=$GATEWAY_HOST_VAL' >> /home/$INSTALL_USER/.bashrc
echo 'export GATEWAY_PORT=$GATEWAY_PORT_VAL' >> /home/$INSTALL_USER/.bashrc
echo 'export JAVA_HOME=\$(dirname \$(dirname \$(readlink -f \$(which java))))' >> /home/$INSTALL_USER/.bashrc
"
export GATEWAY_HOST=$GATEWAY_HOST_VAL
export GATEWAY_PORT=$GATEWAY_PORT_VAL
# Set up Netprobe systemd service
echo "--- Setting Up Netprobe Service ---"
# Set default value for netprobe port if empty
NETPROBE_PORT_VAL="{{NetprobePort}}"
if [ -z "$NETPROBE_PORT_VAL" ]; then
NETPROBE_PORT_VAL="7036"
fi
# Download netprobe service file
aws s3 cp "{{S3NetprobeServiceURL}}" /tmp/netprobe.service.template
if [ ! -f /tmp/netprobe.service.template ]; then
echo "ERROR: Failed to download netprobe service file"
exit 1
fi
# Substitute template variables with actual values
sed -e "s|NETPROBE_DIR|$NETPROBE_DIR|g" \
-e "s|NETPROBE_PORT|$NETPROBE_PORT_VAL|g" \
-e "s|GATEWAY_HOST_VAL|$GATEWAY_HOST_VAL|g" \
-e "s|GATEWAY_PORT_VAL|$GATEWAY_PORT_VAL|g" \
/tmp/netprobe.service.template > /tmp/netprobe.service
# Install service file
sudo mv /tmp/netprobe.service /etc/systemd/system/netprobe.service
sudo chown root:root /etc/systemd/system/netprobe.service
sudo chmod 644 /etc/systemd/system/netprobe.service
# Enable and start netprobe service
sudo systemctl daemon-reload
sudo systemctl enable netprobe.service
sudo systemctl start netprobe.service
# Wait a few seconds and check service status
sleep 3
if sudo systemctl is-active --quiet netprobe.service; then
echo "SUCCESS: Netprobe service started successfully"
else
echo "WARNING: Netprobe service failed to start"
sudo systemctl status netprobe.service
fi
echo "=== Netprobe Installation Complete ==="
NetprobeInstallationByInstanceIds:
Type: AWS::SSM::Association
Properties:
Name: !Ref NetprobeInstallationDocument
Targets:
- Key: InstanceIds
Values: !Ref InstanceIds
Parameters:
AWSRegion:
- !Ref AWSRegion
NetprobeInstallDirectory:
- !Ref NetprobeInstallDirectory
S3NetprobeURL:
- !Ref S3NetprobeURL
NetprobePort:
- !Ref NetprobePort
GatewayHost:
- !Ref GatewayHost
GatewayPort:
- !Ref GatewayPort
S3NetprobeSetupURL:
- !Ref S3NetprobeSetupURL
S3NetprobeServiceURL:
- !Ref S3NetprobeServiceURL
Outputs:
SSMDocumentName:
Description: Name of the SSM Document created for Netprobe installation
Value: !Ref NetprobeInstallationDocument
Export:
Name: !Sub "${AWS::StackName}-SSMDocument"
AssociationId:
Description: SSM Association ID for the Netprobe installation
Value: !Ref NetprobeInstallationByInstanceIds
Export:
Name: !Sub "${AWS::StackName}-AssociationId"
["Geneos"]
["Geneos > Netprobe"]
["User Guide"]