Understanding Connection Gateway metrics
The Amazon DCV Connection Gateway is able to record and emit metrics which allow customers to monitor the performance of the Connection Gateway.
The emission of metrics is disabled by default. The Amazon DCV Connection Gateway supports emitting its metrics in a format compatible with StatsD.
To enable the emission of the metrics, edit the /etc/dcv-connection-gateway/dcv-connection-gateway.conf
and add the following:
[metrics-reporter-statsd] endpoints = ["127.0.0.1:8125"]
Note
It is up to the customer to install a StatsD service. See Sending Metrics to Amazon CloudWatch to use Amazon CloudWatch Agent as a StatsD service.
The values of endpoints
and port
must match the ones used by your installation of StatsD.
List of metrics
The following table lists the metrics emitted by the Amazon DCV Connection Gateway.
Name | Unit | Description |
---|---|---|
ClientConnectionRequestCount |
Count | The number of connection requests processed by the Connection Gateway. Each DCV connection, during the connection phase, generates a single connection request |
ClientConnectionRequestTime |
Milliseconds | The time elapsed between the establishment of a connection from the DCV client to the Connection Gateway and the reception of the first message from the DCV client by the Connection Gateway |
ClientConnectionRequestTimeoutCount |
Count | The number of times a connection request has been rejected because of timeout. In other words, if a DCV client takes too long to send the first message, the connection will be actively closed by the Connection Gateway, in order to prevent malicious slow send attacks |
ClientConnectionTimeoutCount |
Count | The number of times a DCV connection has been closed because of a timeout between the DCV client and the Connection Gateway |
ClientFailureLoginAuthenticationFailedCount |
Count | The number of times a DCV connection has been rejected by the DCV server because of the authentication |
ClientFailureLoginConnectionLimitReachedCount |
Count | The number of times a DCV connection has been rejected by the DCV server because the maximum number of connections has been reached |
ClientFailureLoginCount |
Count | The number of times a DCV connection has been rejected by the DCV server |
ClientFailureLoginGenericErrorCount |
Count | The number of times a DCV connection has been rejected by the DCV server because of a generic error |
ClientFailureLoginInternalServerErrorCount |
Count | The number of times a DCV connection has been rejected by the DCV server because of an internal error |
ClientFailureLoginInvalidConnectionIdCount |
Count | The number of times a DCV connection has been rejected by the DCV server because request contains an invalid connection identifier |
ClientFailureLoginInvalidSessionIdCount |
Count | The number of times a DCV connection has been rejected by the DCV server because the request contains an invalid session identifier |
ClientFailureLoginProtocolErrorCount |
Count | The number of times a DCV connection has been rejected by the DCV server because of a protocol error |
ClientFailureLoginUnknownErrorCount |
Count | The number of times a DCV connection has been rejected by the DCV server because of an unknown error |
ClientNetworkIn |
Bytes | The number of bytes received from the clients and forwarded to the corresponding target by the Connection Gateway |
ClientNetworkOut |
Bytes | The number of bytes received from the targets and forwarded to a specific client by the Connection Gateway |
ClientRequestReceptionTime |
Milliseconds | The time elapsed between the establishment of a TLS connection from a client to the Connection Gateway and the reception of the HTTP request by the Connection Gateway |
ClientRequestReceptionTimeoutCount |
Count | The number of TLS connections dropped due to a timeout on the reception of the HTTP request. In other words, if a client takes too long to send an HTTP request after establishing the TLS connection, the TLS connection will be actively closed by the Connection Gateway, in order to prevent malicious slow send attacks |
ClientSuccessfulLoginCount |
Count | The number of times a DCV connection has been successfully accepted by the DCV server |
ConnectionTerminatedShutdownCount |
Count | The number of connections terminated due to the shutdown of the Connection Gateway |
ConnectionThrottledCount |
Count | The number of times a DCV connection has been rejected by the Connection Gateway because of throttling |
ConnectionTime |
Milliseconds | The time elapsed between the establishment and the termination of a connection |
CurrentConnectedClients |
Count | The number of DCV clients currently connected to the Connection Gateway |
CurrentNetworkConnections |
Count | The number of concurrent TCP/QUIC connections active from clients to the Connection Gateway and from the Connection Gateway to targets |
GatewayHttpCode4XXCount |
Count | The number of HTTP responses with error codes 4XX generated by the Connection Gateway |
GatewayHttpCode5XXCount |
Count | The number of HTTP responses with error codes 5XX generated by the Connection Gateway |
GatewayInternalErrorCount |
Count | The number of errors originating from the Connection Gateway itself that prevented a request from being processed successfully |
LatencyOverhead |
Milliseconds | Overhead introduced by the Gateway in forwarding the DCV messages |
NetworkConnectionRequestCount |
Count | The number of client connection requests processed by the gateway since startup |
SessionResolverSuccessCount |
Count | The number of HTTP requests to the Session Resolver which returned successfully (status code 200 ) |
SessionResolverNotFoundCount |
Count | The number of HTTP requests to the Session Resolver which returned an error because the destination host could not be found (status code 404 ) |
SessionResolverInvalidResponseCount |
Count | The number of HTTP requests to the Session Resolver which returned an error because it failed to handle the request (any status code different from 200 or 404 ) |
SessionResolverConnectionErrorCount |
Count | The number of HTTP requests to the Session Resolver which failed because the Session Resolver could not be reached |
SessionResolverResponseTime |
Milliseconds | The time between when an HTTP request is sent to the Session Resolver and when the corresponding response is received |
TargetConnectionTimeoutCount |
Count | The number of times a DCV connection has been closed because of a timeout between the Connection Gateway and the target (e.g., DCV server) |
TargetHttpCode2xxCount |
Count | The number of HTTP responses with codes 2XX generated by targets |
TargetHttpCode3xxCount |
Count | The number of HTTP responses with error codes 3XX generated by targets |
TargetHttpCode4xxCount |
Count | The number of HTTP responses with error codes 4XX generated by targets |
TargetHttpCode5xxCount |
Count | The number of HTTP responses with error codes 5XX generated by targets |
TargetHttpResponseTime |
Milliseconds | The elapsed time between the forwarding of a HTTP request to a target and the reception of the response from the target |
TargetNetworkConnectionErrorCount |
Count | The number of errors while enstablishing a TCP/QUIC connection to the target from the Connection Gateway |
TargetTlsNegotiationErrorCount |
Count | The number of TLS connection attempts initiated by the Connection Gateway that did not establish a connection with the target. Possible causes include a mismatch of ciphers or protocols |
TargetUnreachableErrorCount |
Count | The number of connection attempts initiated by the Connection Gateway that did not establish a connection with the target because the target is not reachable |
Each metric specifies additional dimensions, which allow to filter and aggreagate the values. In particular, the Amazon DCV Connection Gateway adds a protocol
dimension
which can be set to HTTP
, WebSocket
, or QUIC
, which respectively identify whether the value is related to a HTTP request, to a DCV connection
using WebSockets, or to a DCV connection using QUIC.
Metrics of connection stats
The following table lists the metrics emitted by enabling the enable-quic-connections-stats
and enable-tcp-connections-stats
configuration parameters in the DCV and Gateway sections.
Name | Config parameter | Unit | Description |
---|---|---|---|
ClientCongestionEvents |
[dcv] enable-quic-connections-stats | Count | The cumulative number of congestion events of the QUIC connection between the Connection Gateway and the target (e.g. DCV server) |
ClientCongestionWindow |
[dcv] enable-quic-connections-stats | Bytes | The size of the congestion window. The congestion controller determines this dynamically based on estimated bandwidth between the Connection Gateway and the target (e.g. DCV server) |
ClientDeliveryRateAppLimited |
[dcv] enable-tcp-connections-stats | Boolean | Indicates if the goodput was measured when the socket's throughput was limited by the sending application in the connection between the Connection Gateway and the target (e.g. DCV server) |
ClientRtt |
[dcv] enable-quic-connections-stats [DCV] enable-tcp-connections-stats |
Milliseconds | The round trip time of the TCP or QUIC connection between the DCV client and the Connection Gateway |
ClientSegmentsLossRate |
[dcv] enable-tcp-connections-stats | Percentage | The percentage of packet loss in the TCP connection between the Connection Gateway and the target (e.g. DCV server) |
ClientSegmentsRetransRate |
[dcv] enable-tcp-connections-stats | Percentage | The percentage of packets retransmitted in the TCP connection between the Connection Gateway and the target (e.g. DCV server) |
TargetCongestionEvents |
[gateway] enable-quic-connections-stats | Count | The number of congestion events of the QUIC connection between the DCV client and the Connection Gateway |
TargetCongestionWindow |
[gateway] enable-quic-connections-stats | Bytes | The size of the congestion window. The congestion controller determines this dynamically based on estimated bandwidth between the DCV client and the Connection Gateway |
TargetDeliveryRateAppLimited |
[gateway] enable-tcp-connections-stats | Boolean | Indicates if the goodput was measured when the socket's throughput was limited by the sending application in the connection between the DCV client and the Connection Gateway |
TargetRtt |
[gateway] enable-quic-connections-stats [Gateway] enable-tcp-connections-stats |
Milliseconds | The round trip time of the TCP or QUIC connection between the Connection Gateway and the target (e.g. DCV server) |
TargetSegmentsLossRate |
[gateway] enable-tcp-connections-stats | Percentage | The percentage of packet loss in the TCP connection between the DCV client and the Connection Gateway |
TargetSegmentsRetransRate |
[gateway] enable-tcp-connections-stats | Percentage | The percentage of packets retransmitted in the TCP connection between the DCV client and the Connection Gateway |
Sending Metrics to Amazon CloudWatch
The Amazon CloudWatch agent can be installed on the host running the Amazon DCV Connection Gateway and can be configured to collect the metrics and send them to the CloudWatch service of your AWS account.
To send the Amazon DCV Connection Gateway metrics to Amazon CloudWatch
-
Install the Amazon CloudWatch agent on your host.
Refer to the CloudWatch documentation for detailed instructions on how to install the agent and ensure that the required IAM roles are present.
-
Enable the stasd plugin of the Amazon CloudWatch Agent.
Refer to the CloudWatch documentation for detailed instructions on how to enable the StatsD plugin.
-
Configure the Amazon CloudWatch Agent to collect the Amazon DCV Connection Gateway metrics.
Create or edit the
/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
with your preferred editor and add the following content:{ "metrics": { "namespace": "DCV-Connection-Gateway", "metrics_collected": { "statsd": { "service_address": ":8125", "metrics_collection_interval": 5, "metrics_aggregation_interval": 60 } }, "append_dimensions": { "InstanceId": "${aws:InstanceId}" } } }
-
Restart the Amazon CloudWatch Agent.
sudo systemctl start amazon-cloudwatch-agent
-
Enable the metrics in the Amazon DCV Connection Gateway.
Edit the
/etc/dcv-connection-gateway/dcv-connection-gateway.conf
and add the following:[metrics-reporter-statsd] endpoints = ["127.0.0.1:8125"]
Note
The values specified for
endpoints
andport
must match the ones used in theservice_address
parameter of the Amazon CloudWatch Agent statsd configuration file. -
Restart the Amazon DCV Connection Gateway service.
sudo systemctl restart dcv-connection-gateway