Posted On: Jan 17, 2023
Amazon EC2 network performance metrics now supports a new metric to monitor available EC2 instance tracked connections, the ConnTrack Utilization metric. EC2 instance Security Groups act as stateful virtual firewalls to control incoming and outgoing traffic. These stateful firewalls track network connection information to enable return traffic to and from an instance to pass through. With this new metric customers have visibility into the number of ConnTrack entries remaining, which will allow them to proactively manage capacity and select the right instance size to meet emergent demand.
Prior to this announcement, customers had the capability to monitor dropped packets once the instance exceeded its tracked connection allowance via the EC2 instance network performance metrics. With this metric, customers could scale up their EC2 instances after they started seeing packet drops. With this launch, customers can now monitor their EC2 instance ConnTrack Utilization to proactively manage EC2 instance capacity with scale up or out actions to help meet network connections demand before dropping packets. Customers can save on EC2 instance costs by scaling down or scaling in the instance fleet once the demand for tracked connections subsides. This new metric can also help customers benchmark a given workload for ConnTracks in pre-production environments to accurately assess EC2 instance production capacity needs.
The ConnTrack Utilization Metric (Conntrack_allowance_available) is available on Nitro based EC2 instances using the Linux driver for Elastic Network Adapter (ENA) starting from version 2.8.1, and it can be accessed from within the instance like other network performance metrics via the ethtool at no extra cost using simple command line tools. Customers can also export this metric to AWS Cloud Watch using Cloud Watch agent or 3rd party observability tools. Customers can download the required Linux driver for ENA from the Amazon github repository. EC2 instance ConnTrack Utilization metric is available in all AWS Commercial Regions and AWS GovCloud (US) Regions.
To get started, please read our blog and review the latest EC2 Documentation for supported instance types.
Jan 19, 2023: This What's New post was updated to reference Nitro based instances and supported instance types.