Understanding Connection Gateway metrics - Amazon DCV Connection Gateway

Understanding Connection Gateway metrics

The Amazon DCV Connection Gateway is able to record and emit metrics which allow customers to monitor the performance of the Connection Gateway.

The emission of metrics is disabled by default. The Amazon DCV Connection Gateway supports emitting its metrics in a format compatible with StatsD. To enable the emission of the metrics, edit the /etc/dcv-connection-gateway/dcv-connection-gateway.conf and add the following:

[metrics-reporter-statsd] endpoints = ["127.0.0.1:8125"]
Note

It is up to the customer to install a StatsD service. See Sending Metrics to Amazon CloudWatch to use Amazon CloudWatch Agent as a StatsD service.

The values of endpoints and port must match the ones used by your installation of StatsD.

List of metrics

The following table lists the metrics emitted by the Amazon DCV Connection Gateway.

Name Unit Description
ClientConnectionRequestCount Count The number of connection requests processed by the Connection Gateway. Each DCV connection, during the connection phase, generates a single connection request
ClientConnectionRequestTime Milliseconds The time elapsed between the establishment of a connection from the DCV client to the Connection Gateway and the reception of the first message from the DCV client by the Connection Gateway
ClientConnectionRequestTimeoutCount Count The number of times a connection request has been rejected because of timeout. In other words, if a DCV client takes too long to send the first message, the connection will be actively closed by the Connection Gateway, in order to prevent malicious slow send attacks
ClientConnectionTimeoutCount Count The number of times a DCV connection has been closed because of a timeout between the DCV client and the Connection Gateway
ClientFailureLoginAuthenticationFailedCount Count The number of times a DCV connection has been rejected by the DCV server because of the authentication
ClientFailureLoginConnectionLimitReachedCount Count The number of times a DCV connection has been rejected by the DCV server because the maximum number of connections has been reached
ClientFailureLoginCount Count The number of times a DCV connection has been rejected by the DCV server
ClientFailureLoginGenericErrorCount Count The number of times a DCV connection has been rejected by the DCV server because of a generic error
ClientFailureLoginInternalServerErrorCount Count The number of times a DCV connection has been rejected by the DCV server because of an internal error
ClientFailureLoginInvalidConnectionIdCount Count The number of times a DCV connection has been rejected by the DCV server because request contains an invalid connection identifier
ClientFailureLoginInvalidSessionIdCount Count The number of times a DCV connection has been rejected by the DCV server because the request contains an invalid session identifier
ClientFailureLoginProtocolErrorCount Count The number of times a DCV connection has been rejected by the DCV server because of a protocol error
ClientFailureLoginUnknownErrorCount Count The number of times a DCV connection has been rejected by the DCV server because of an unknown error
ClientNetworkIn Bytes The number of bytes received from the clients and forwarded to the corresponding target by the Connection Gateway
ClientNetworkOut Bytes The number of bytes received from the targets and forwarded to a specific client by the Connection Gateway
ClientRequestReceptionTime Milliseconds The time elapsed between the establishment of a TLS connection from a client to the Connection Gateway and the reception of the HTTP request by the Connection Gateway
ClientRequestReceptionTimeoutCount Count The number of TLS connections dropped due to a timeout on the reception of the HTTP request. In other words, if a client takes too long to send an HTTP request after establishing the TLS connection, the TLS connection will be actively closed by the Connection Gateway, in order to prevent malicious slow send attacks
ClientSuccessfulLoginCount Count The number of times a DCV connection has been successfully accepted by the DCV server
ConnectionTerminatedShutdownCount Count The number of connections terminated due to the shutdown of the Connection Gateway
ConnectionThrottledCount Count The number of times a DCV connection has been rejected by the Connection Gateway because of throttling
ConnectionTime Milliseconds The time elapsed between the establishment and the termination of a connection
CurrentConnectedClients Count The number of DCV clients currently connected to the Connection Gateway
CurrentNetworkConnections Count The number of concurrent TCP/QUIC connections active from clients to the Connection Gateway and from the Connection Gateway to targets
GatewayHttpCode4XXCount Count The number of HTTP responses with error codes 4XX generated by the Connection Gateway
GatewayHttpCode5XXCount Count The number of HTTP responses with error codes 5XX generated by the Connection Gateway
GatewayInternalErrorCount Count The number of errors originating from the Connection Gateway itself that prevented a request from being processed successfully
LatencyOverhead Milliseconds Overhead introduced by the Gateway in forwarding the DCV messages
NetworkConnectionRequestCount Count The number of client connection requests processed by the gateway since startup
SessionResolverSuccessCount Count The number of HTTP requests to the Session Resolver which returned successfully (status code 200)
SessionResolverNotFoundCount Count The number of HTTP requests to the Session Resolver which returned an error because the destination host could not be found (status code 404)
SessionResolverInvalidResponseCount Count The number of HTTP requests to the Session Resolver which returned an error because it failed to handle the request (any status code different from 200 or 404)
SessionResolverConnectionErrorCount Count The number of HTTP requests to the Session Resolver which failed because the Session Resolver could not be reached
SessionResolverResponseTime Milliseconds The time between when an HTTP request is sent to the Session Resolver and when the corresponding response is received
TargetConnectionTimeoutCount Count The number of times a DCV connection has been closed because of a timeout between the Connection Gateway and the target (e.g., DCV server)
TargetHttpCode2xxCount Count The number of HTTP responses with codes 2XX generated by targets
TargetHttpCode3xxCount Count The number of HTTP responses with error codes 3XX generated by targets
TargetHttpCode4xxCount Count The number of HTTP responses with error codes 4XX generated by targets
TargetHttpCode5xxCount Count The number of HTTP responses with error codes 5XX generated by targets
TargetHttpResponseTime Milliseconds The elapsed time between the forwarding of a HTTP request to a target and the reception of the response from the target
TargetNetworkConnectionErrorCount Count The number of errors while enstablishing a TCP/QUIC connection to the target from the Connection Gateway
TargetTlsNegotiationErrorCount Count The number of TLS connection attempts initiated by the Connection Gateway that did not establish a connection with the target. Possible causes include a mismatch of ciphers or protocols
TargetUnreachableErrorCount Count The number of connection attempts initiated by the Connection Gateway that did not establish a connection with the target because the target is not reachable

Each metric specifies additional dimensions, which allow to filter and aggreagate the values. In particular, the Amazon DCV Connection Gateway adds a protocol dimension which can be set to HTTP, WebSocket, or QUIC, which respectively identify whether the value is related to a HTTP request, to a DCV connection using WebSockets, or to a DCV connection using QUIC.

Metrics of connection stats

The following table lists the metrics emitted by enabling the enable-quic-connections-stats and enable-tcp-connections-stats configuration parameters in the DCV and Gateway sections.

Name Config parameter Unit Description
ClientCongestionEvents [dcv] enable-quic-connections-stats Count The cumulative number of congestion events of the QUIC connection between the Connection Gateway and the target (e.g. DCV server)
ClientCongestionWindow [dcv] enable-quic-connections-stats Bytes The size of the congestion window. The congestion controller determines this dynamically based on estimated bandwidth between the Connection Gateway and the target (e.g. DCV server)
ClientDeliveryRateAppLimited [dcv] enable-tcp-connections-stats Boolean Indicates if the goodput was measured when the socket's throughput was limited by the sending application in the connection between the Connection Gateway and the target (e.g. DCV server)
ClientRtt [dcv] enable-quic-connections-stats

[DCV] enable-tcp-connections-stats

Milliseconds The round trip time of the TCP or QUIC connection between the DCV client and the Connection Gateway
ClientSegmentsLossRate [dcv] enable-tcp-connections-stats Percentage The percentage of packet loss in the TCP connection between the Connection Gateway and the target (e.g. DCV server)
ClientSegmentsRetransRate [dcv] enable-tcp-connections-stats Percentage The percentage of packets retransmitted in the TCP connection between the Connection Gateway and the target (e.g. DCV server)
TargetCongestionEvents [gateway] enable-quic-connections-stats Count The number of congestion events of the QUIC connection between the DCV client and the Connection Gateway
TargetCongestionWindow [gateway] enable-quic-connections-stats Bytes The size of the congestion window. The congestion controller determines this dynamically based on estimated bandwidth between the DCV client and the Connection Gateway
TargetDeliveryRateAppLimited [gateway] enable-tcp-connections-stats Boolean Indicates if the goodput was measured when the socket's throughput was limited by the sending application in the connection between the DCV client and the Connection Gateway
TargetRtt [gateway] enable-quic-connections-stats

[Gateway] enable-tcp-connections-stats

Milliseconds The round trip time of the TCP or QUIC connection between the Connection Gateway and the target (e.g. DCV server)
TargetSegmentsLossRate [gateway] enable-tcp-connections-stats Percentage The percentage of packet loss in the TCP connection between the DCV client and the Connection Gateway
TargetSegmentsRetransRate [gateway] enable-tcp-connections-stats Percentage The percentage of packets retransmitted in the TCP connection between the DCV client and the Connection Gateway

Sending Metrics to Amazon CloudWatch

The Amazon CloudWatch agent can be installed on the host running the Amazon DCV Connection Gateway and can be configured to collect the metrics and send them to the CloudWatch service of your AWS account.

To send the Amazon DCV Connection Gateway metrics to Amazon CloudWatch
  1. Install the Amazon CloudWatch agent on your host.

    Refer to the CloudWatch documentation for detailed instructions on how to install the agent and ensure that the required IAM roles are present.

  2. Enable the stasd plugin of the Amazon CloudWatch Agent.

    Refer to the CloudWatch documentation for detailed instructions on how to enable the StatsD plugin.

  3. Configure the Amazon CloudWatch Agent to collect the Amazon DCV Connection Gateway metrics.

    Create or edit the /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json with your preferred editor and add the following content:

    { "metrics": { "namespace": "DCV-Connection-Gateway", "metrics_collected": { "statsd": { "service_address": ":8125", "metrics_collection_interval": 5, "metrics_aggregation_interval": 60 } }, "append_dimensions": { "InstanceId": "${aws:InstanceId}" } } }
  4. Restart the Amazon CloudWatch Agent.

    sudo systemctl start amazon-cloudwatch-agent
  5. Enable the metrics in the Amazon DCV Connection Gateway.

    Edit the /etc/dcv-connection-gateway/dcv-connection-gateway.conf and add the following:

    [metrics-reporter-statsd] endpoints = ["127.0.0.1:8125"]
    Note

    The values specified for endpoints and port must match the ones used in the service_address parameter of the Amazon CloudWatch Agent statsd configuration file.

  6. Restart the Amazon DCV Connection Gateway service.

    sudo systemctl restart dcv-connection-gateway