AWS Cloud Operations & Migrations Blog

Use Amazon CloudWatch Internet Monitor for greater visibility into online experiences

Today millions of internet users access applications hosted globally across 167,000 cities served by over 74,000 autonomous systems (ASNs). Tracking constantly changing network routes can be a daunting task for Site Reliability Engineers (SREs), application developers, network operators, systems engineers, and cloud solutions architects. With Amazon CloudWatch Internet Monitor, teams can quickly identify the network issues that impact their applications’ performance and availability. It offers near real-time observability and monitoring of internet performance, facilitating you to support an uninterrupted user experience.

Internet application monitoring can be overwhelming. When application users report a subpar experience, it’s often difficult to reclaim their confidence in the application’s ability to deliver. Identifying and resolving the root cause of the problem often requires stitching data from multiple sources and third-party tools. This can be both costly and challenging, especially during time-pressure scenarios. Furthermore, these tools often lack comprehensive end-to-end information, making it difficult to identify the issue’s exact location. Internet Monitor simplifies the process by swiftly narrowing down the scope of the problem. It helps teams quickly identify and remediate issues that may interrupt the user experience.

Considerations for Scaling with Amazon CloudWatch Internet Monitor

Internet Monitor monitors application internet traffic for all the locations where clients access your application resources, including their access through ASNs, including the city-networks for your application traffic. The cost for the first 100 city-networks is included with the service. In order to control costs as you increase the number of city-networks, you must establish thresholds for the internet traffic. This is done through identifying the percentage of internet traffic on the number of city-networks for each individual monitor. This limit can be adjusted based on your desired Service Level Objectives (SLOs). Note that you will only be charged for the number of city-networks that you actually monitor, up to the predetermined maximum.

Internet Monitor pricing has three components: a fee per monitored resource, a fee per city-network, and charges for the diagnostic logs that are published to CloudWatch Logs. For a detailed breakdown of these charges, refer to the CloudWatch pricing details.

Setting up your application monitoring

We assume that you are already familiar with how to set up Amazon Virtual Private Cloud (VPC), Amazon CloudFront distributions and Amazon WorkSpace directories. In this post, we focus on the operational efficiency with Internet Monitor, considering both its cost-effectiveness and business objectives. We also explore the tradeoffs between cost and traffic coverage when setting a higher limit for the city-networks maximum. We will walk through a detailed user experience of setting up, implementing operational best practices for Internet Monitor including cost estimates. Lastly, we contrast scenarios of a 1:1 ratio of monitors to resources versus a 1-to-many ratio, discussing the merits under each approach.

We demonstrate the use of Internet Monitor capabilities by referring to a common use case. We’ll refer to ABC Company, a fictitious startup. ABC’s primary application provides an interactive video service. In this scenario, ABC has identified its largest user base located in densely populated urban areas. ABC wants to monitor their users’ internet traffic. ABC’s video service is hosted on a Virtual Private Cloud (VPC) and distributed through a CloudFront distribution to its users.

We’ll provide step-by-step instructions for the monitor setup and offer recommendations to help achieve ABC video service objectives. We will use Internet Monitor to gain insights into the traffic and the internet service providers supporting ABC’s user connections.

To begin, create a monitor on the Internet Monitor console.

Step 1 – Create a monitor

On the Create Monitor page, enter a monitor name, ‘ABCMonitor.’ Select ‘Add resources’ to search for the VPC and CloudFront resources. Enter ‘VPC resource b’ and ‘CloudFront A’ in the Added resources field. Select the relevant resources from the search results. Click ‘Add resources.’

In the ‘Application internet traffic percentage to monitor’, decide on the percentage of application traffic to monitor. If you are uncertain, you can start with 95% by selecting the radio button for the percent of the traffic as shown in Figure 1. Internet Monitor will sort by traffic volume, covering the top ASNs.

Displaying the Create Monitor screen. Monitor name is ABC Monitor. There are 2 Added resources: 1) Resource name is CloudFront A, resource ID is 12345666, AWS Location is CloudFront-Edge, Resource type is Cloudfront. 2) Resource name is VPC resource b, Resource ID is 99999991, AWS Location is us-west-2, Resource type is VPC Application internet traffic percentage to monitor. 95% is checkedFigure 1 – Monitor creation wizard

Step 2 – Monitor dashboard

After a few days, you can see the observed traffic displayed for 95% of the total traffic, as shown in Figure 2.

Monitored traffic shows 95% semi-circle in green with a tool tip displaying "Explore details about your traffic locations and patterns" with a clickable button labelled "Go to Traffic Insights". Traffic health scores shows a graph with health score on y-axis starting at 92% to 100%. On the x-axis, Time (UTC) from 4AM to 3PM. The line graph steadily hovers between 98%-100% except for a dip to 92% between 5:30-6AMFigure 2 – Internet Monitor Overview tab

In the Monitored traffic widget, click ‘Go to Traffic insights’ to learn more about traffic coverage as shown in Figure 3.

ABCMonitor screen. Highlighted in this screen is the "Traffic monitoring coverage(recent) widget showing: 95% of total traffic is the Traffic percentage monitored. 4437 city-networks is the number city-networks monitored.Figure 3 – Internet Monitor Traffic insights tab

Step 3 – Review and tune Traffic Insights

On the Traffic insights tab, ‘Traffic monitoring coverage (recent)’, as highlighted in dotted lines on Figure 3, is displayed. It has the percentage of traffic being monitored: 95% of the total traffic, which corresponds to 4,437 city-networks being monitored. If you were uncertain about the percentage of traffic to monitor earlier, you now have insights into the number of city-networks being monitored with 95% traffic coverage.

From the traffic patterns observed, you can now examine traffic coverage alternatives. You can increase or decrease the traffic coverage percentage in the ‘Explore traffic coverage options’. In the ABC example, when the traffic coverage is increased to 100%, the number of city-networks shows 21,673 as shown in Figure 4.

Explore traffic coverage options screen The desired traffic coverage shows 100% with left and right arrows. The amount of city-networks for selected coverage is 21673. There is a button labelled "Set as monitor coverage". Figure 4 – Explore traffic coverage options

Let’s examine the costs for monitoring 95% vs 100% of traffic.

Monitor Costs for 95% traffic

Assume us-east-1 region

Monitored resources:
Number of VPCs: 1
plus CloudFront distributions: 1
Total resources = 2
Multiply by $0.01 ($0.01 /hr) = $0.02/hr
Multiply by 730 (hrs/month) = $14.60
Cost for monitored resources = $14.60 / month

City-networks:
Total city-networks monitored: 4437
Subtract 100 (the first 100 city-networks are included) = 4337
Multiply by $0.000074 = 0.3209380
Multiply by 730 (hrs/month)= $234.28
Cost for city-networks = $234.28/month

CloudWatch Logs:
Internet Monitor publishes events to CloudWatch Logs for a maximum of 500 city-networks. We also assume the following:
* Each event will use 1MB of space per city-network per day
* Cost is $0.50/GB
* 5GB is included per month in CloudWatch Logs, so we subtract $2.50/month

500 city-networks x 1 MB/ city network = 500 MB/day
We want to arrive at $/month, therefore:

(500 MB/day) x (730 hours/month) x (1 day/24 hours) x ($0.50/GB) x (1 GB/1000 MB) = $7.60/month
Subtract $2.50 = $5.10
Cost for CloudWatch Logs = $5.10/month

The total cost for ABC Company is $14.60 + $234.28+ $5.10 = $253.98/month

In CloudWatch Metrics, you can also see the Internet Monitor metrics for ABC’s application:

CityNetworksMonitored 4437
TrafficMonitoredPercent 95
CityNetworkFor100PercentTraffic 21673

Figure 5 – CloudWatch Metrics

Currently the TrafficMonitoredPercent is at 95%. Internet Monitor calculates the number of city-networks based on the current traffic patterns. It accounts for all the city-networks with the most substantial percentage share of the total traffic until it reaches 95%. In the ABC scenario, if the application performance need is higher than 95%, a 100% coverage is a better risk-averse decision. The other 5% of the traffic from the un-monitored city-networks, would not provide performance or availability information nor health alerts. So you can increase monitoring to 100% of ABC Company’s global application Internet traffic. To accomplish this, refer to the CityNetworksFor100PercentTraffic metric, which shows the corresponding number of city-network to be 21673. However, before doing so, you should also review the estimated monthly costs associated with monitoring 100% of traffic.

Monitor Costs for 100% traffic

Assuming us-east-1 region

Monitored resources: The number of monitored resources has not changed, so the cost is still $14.60/month.

City-networks:
Total city-networks monitored: 21673
Subtract 100 (the first 100 city-networks are included) = 21573
Multiply by $0.000074 = 1.59
Multiply by 730 (hrs/month)= $1165.37
Cost for city-networks = $1165.37/month

CloudWatch Logs:

Internet Monitor publishes events to CloudWatch Logs for a maximum of 500 city-networks. The cost was already factored into the estimate for 95% of the traffic. Therefore, this cost would remain unchanged at $5.10 per month, as we saw in the previous example. With all expenses considered, including the cost of traffic monitoring to 100%, the total monthly cost for ABC Company to effectively monitor the whole user base is $1185.07 monthly.

The total cost for ABC Company is $14.60 + $1165.37 + $5.10 = $1185.07/month

Step 4 – Edit Monitor application traffic percentage

After you have completed the cost analysis, and determined the better percentage for your use case, increase or decrease the coverage, then click on ‘Set as monitor coverage’ button to set desired value.

Step 5 – Review Traffic Insights

After you have changed the coverage percentage, it is important to review the outcome of the change. Use the Traffic Insights tab to identify any network degradation issues. If the Traffic insights filter provides entries suggesting certain users are experiencing network degradation issues, you can act upon the suggested resolutions. As an example in Figure 6, the Traffic optimization suggestions are as follows:

For City A, implementing a CloudFront Distribution could result in a predicted average TTFB (Time-To-First-Byte) of 20ms, compared to the current TTFB of 120ms.

For City B, switching to the region us-east-1 could lead to a predicted average TTFB of 55ms, as opposed to the current setup of 70ms using us-east-2.

City C is already optimized.

For City D, implementing a CloudFront Distribution may result in a predicted average TTFB of 38ms, compared to the current TTFB of 100ms.

You can choose to implement these traffic insights suggestions to improve the TTFB for the ABC service.

Traffic Optimization suggestions widget shows 4 client location entries: 1) City A current setup is EC2 (us-east-1) current setup TTFB is 120 ms. Lowest TTFB setup is Cloudfront distributions. Predicted TTFB is 20ms. 2) City B current setup is EC2 (us-east-2) current setup TTFB is 70ms Lowest TTFB is EC2(us-east-1). Predicted TTFB is 55ms. 3) CIty C current setup is Cloudfront distribution, current setup TTFB is 20 ms. Lowest TTFB setup is Optimized. 4) City D current setup is EC2 (us-east-2) current setup TTFB is 100ms, lowest TTFB setup is Cloudfront distribution,. predicted Average TTFB is 38.66ms. Figure 6 – Traffic optimization suggestions

How many monitors should be created?

In the ABC Company scenario, we only needed to create one monitor for VPC and CloudFront resources. However, you have several options for deploying monitors, each with its own set of advantages:

Best practices are to have a dedicated monitor for each application, in order to facilitate a metrics breakdown per application.
Customers who prioritize redundancy and convenience opt to create two or more monitors for all of their resources.
For customers seeking redundancy at a lower cost, a separate monitor can be created for each Region.

Summary

You can use Amazon CloudWatch Internet Monitor to monitor traffic, and use the Monitor Overview to view Traffic Health Scores (Availability and Performance scores). By clicking on the Traffic Insights, you can view details about traffic locations and patterns. You may choose to increase monitored traffic coverage not to miss key insights from unmonitored traffic. In this scenario, ABC Company chose to increase their traffic monitoring to 100%. They received traffic insights and suggested actions to mitigate any degraded user experience.

Conclusion

Monitoring internet applications can be difficult due to the complex path packets take between users and applications. Internet Monitor simplifies identifying network degradation experienced by your application users. Internet Monitor filters relevant internet measurements from the data collected by AWS, enabling you to identify and solve internet issues. This blog highlights how you can monitor application traffic and gain traffic insights necessary to serve your application users in a cost-effective manner.

About the authors:

Kelvin Ting

Kelvin Ting is a Senior Solutions Architect at Amazon Web Services (AWS) and collaborates with public sector customers to help them architect, build, scale, and monitor applications to achieve their goals.

Richi Kumari

Richi Kumari is a Senior Product Manager at Amazon Web Services (AWS) and contributes to the design of product strategies and requirements that effectively meet the needs of customers.