Amazon ELB – monitoring packet count and byte size with Amazon Cloudwatch and VPC flow logs
We recently exceeded the capacity for one of our Amazon ELBs in a 60 second period. One of the points of our debrief was to monitor the network from the ELB. Amazon doesn’t provide statistics from ELBs to Amazon cloudwatch. So I came up with the following:
- Using amazons apis capture the network interfaces with attachment.instance-owner-id for “amazon-elb”.
- For each network interface create a cloudwatch metric filter with the network interface.
Amazon ELBs rotate their servers and the attached ENIs will obviously rotate, so the second part is to identify whether the ENIs have been released and clean up.
Amazon ELBs will add/remove nodes to/from DNS, which should be faster than a 5 minute period (the current minimum for a scheduled task).
As such the time taken to start graphing new ENIs added to the ELBs will not be immediate. The above graphs should help us to infer an increase in network traffic through the ELB and to observe to set sensible alarms.