|
Today, we are excited to introduce a new and improved version of AWS Systems Manager that provides a highly requested cross-account and cross-region experience for managing nodes at scale.
The new System Manager environment provides centralized visibility across all managed nodes, including various infrastructure types such as Amazon Elastic Compute Cloud (EC2) instances, containers, virtual machines from other cloud providers, on-premises servers, and edge Internet of Things. (IoT) devices. When Systems Manager Agent (SSM Agent) is installed and connected to Systems Manager, it is called a “managed node.”
If the SSM Agent stops working on a node for any reason, Systems Manager loses connectivity to that node and that node is called an “unmanaged node.” With the new update, Systems Manager can also help you easily discover and troubleshoot unmanaged nodes. You can also run and schedule automatic diagnostics that provide recommended runbooks that you can run to fix problems and re-establish connectivity to make your nodes managed again.
Systems Manager is now also integrated with Amazon Q Developer, the most capable generative AI-based assistant for software development. You can ask Amazon Q developers questions about your managed nodes using natural language, and they’ll also provide quick insights and a link to Systems Manager where you can take action or continue exploring further.
With this release, you can also use AWS Organizations to allow delegated administrators to centrally manage nodes across your organization thanks to new integration with Systems Manager.
Let’s look at a simple example to help demonstrate some of these new features.
Imagine a scenario where you are a cloud platform engineer leading a migration plan in your organization that aims to replace all nodes running Windows Server 2016 Datacenter. Let’s use the new Systems Manager environment to quickly gather information about all the nodes that need to be included in the plan.
Step 1 – Contact an Amazon Q developer
The easiest starting point is to use Amazon Q Developer and ask what you want to find using natural language. Using the AWS console, open the Amazon Q chatbot and enter the following: Find all of my managed nodes running Microsoft Windows Server 2016 Datacenter in my organization
.
Amazon Q provides answers quickly. It tells you that there are 10 nodes that meet your criteria and provides a list with an overview of each node.
There are also links that redirect to new pages. Node navigation This is the system administrator page where you can check detailed information. Let’s follow along.
Step 2 – Infrastructure Review
that Node navigation The page provides a comprehensive overview of all managed nodes across your organization, with options to group and filter results for quick access. In this case, you will see that the results have already been filtered. operating system name Provides a list of all running nodes. Microsoft Windows Server 2016 Data Center.
This is a good start! Just download the report and add those nodes to your migration plan. However, this page only displays information about managed nodes. Could there be unmanaged nodes that we need to include in our plan? Let’s find out.
Step 3 – Handle Unmanaged Nodes
Open the menu and go to: Node Insight Review page. Here you will see a dashboard with widgets that provide insightful, interactive charts that you can use to drill down to discover additional information about a node or take action. for example, Managed node type While the pie chart shows the types of management nodes we have; SSM Agent version The graph provides an overview of the different versions of SSM Agent running. You can also customize this view by adding and replacing widgets.
We want to look into our unmanaged nodes to make sure we don’t miss anything that we might need to add to our migration plan. that Node Summary The widget clearly shows that there are two unmanaged nodes. This may mean that the SSM Agent is not installed on that node, in which case you will need to investigate manually. However, problems with SSM Agent permissions or network connectivity may mean that Systems Manager cannot manage these nodes and treat them like other managed nodes. The new Systems Manager experience makes it easy to troubleshoot and resolve SSM Agent issues, so let’s give it a try now.
Start by selecting the part of the chart that shows unmanaged nodes. You will have the option to initiate a comprehensive diagnostic of all unmanaged nodes with a single click. Let’s run this:
The diagnostic reviews key configurations that can prevent SSM Agent from connecting to Systems Manager, such as missing Virtual Private Cloud (VPC) endpoints, misconfigured VPC DNS settings, and misconfigured instance security groups. Once the scan is complete, you will see two displayed. Misconfigured VPC endpoints find. It also provides links that can be used to open a side panel that contains recommended runbooks that you can run to troubleshoot problems, as well as links to related documentation.
When you choose to run a recommended runbook, you will be provided with a thorough overview of the tasks to be performed in addition to the input parameters used, links to view a breakdown of the steps involved, and a detailed preview of the changes that include the target nodes. For this run.
Let’s go ahead and select Execute. Costs may apply, so be sure to review before executing. On this page, you can keep track of our progress as we go through the steps of attempting to troubleshoot each node.
aha! Once remediation is complete, you can see that Systems Manager has discovered and fixed the issue with the SSM Agent with two nodes. This means that Systems Manager can successfully connect with the SSM Agent running on that node to create a “managed node.” we are Node navigation If you look at the page, you will see that the number of “unmanaged nodes” has now decreased to 0.
Now that you have all your nodes managed, you are ready to get a complete list of all the nodes you need to add to your migration plan.
Step 4 – Download the report
again Node navigation On the page, you can see that the number of nodes running Microsoft Windows Server 2016 Datacenter has increased from 10 to 12. This means that previously unmanaged nodes that you have fixed through automatic diagnostics are actually running the target operating system.
This is exactly what we need, so we choose to download. report. Name the file and then choose from several options, such as what columns to include. In this case, you choose to download a CSV file with rows containing column names.
That’s it! We have a CSV with detailed information about which nodes require upgrades across our entire infrastructure. And the best part? When you’re ready to move forward with your migration, you can also use Systems Manager to automate the upgrade.
conclusion
Systems Manager is a critical tool for gaining visibility and control over your computing infrastructure and performing large-scale operational tasks. The new experience provides a centralized cross-account, cross-region view of all nodes across AWS accounts, on-premises, and multi-cloud environments through a centralized dashboard, integration with Amazon Q Developer for natural language queries, and a one-click SSM agent. Problem solving. Go to the Systems Manager console and follow the simple instructions to activate your new environment at no additional cost.
To learn more, see our detailed documentation on the new Systems Manager experience.
Check out this interactive demo for a full visual tour of this experience.