Cloud Performance Monitor
Note: The Cloud Performance Monitor page is currently visible only to customers that have at least one AWS cloud registered in Settings » Public Clouds. |
Kentik's Cloud Performance Monitor module is covered in the following topics:
- About Performance Monitor
- Performance Monitor UI
- Manage Agents Dialog
- Interconnects Tab
- Services Tab
Note: For general information about monitoring your cloud resources with Kentik, start with Cloud Overview.
About Performance Monitor
Cloud Performance Monitor, which is visible in organizations with at least one Kentik-registered AWS cloud, features the following tabs:
- Interconnects (AWS only): Visualize and monitor your Direct Connect and Site-to-Site VPN connections. Using cloud metadata, Kentik identifies the elements of your AWS resources and enables cloud network engineers to easily view the critical cloud paths between AWS cloud and on-prem infrastructure as well as to monitor the performance of those links.
- Services: Manage synthetic testing of important AWS and Azure cloud services using flow data to guide you as you choose where to deploy synthetics agents and how to configure tests.
Notes:
- To use the Services tab of Cloud Performance Monitor for your Azure cloud resources your organization must also have at least one AWS cloud export.
- If your organization have no AWS cloud exports you'll see the below splash screen when you navigate to the page.
Performance Monitor UI
The Performance Monitor page includes the following main UI elements:
- Time Range: Choose the time range for which performance monitoring metrics and status will be displayed (see Time Range Control).
- Show (Services tab only): A set of buttons to select which cloud providers to show (AWS, Azure, or both).
- Filter (Interconnects tab only): Match a service in the list by its associated AWS Account ID, Entity ID, CIDRs, or Tags. Click the field to enter the text to match. A drop-down will list the matches of each type.
- Agents counters: Indicators showing information about Kentik private synthetics agents (see Kentik Synthetics Agents) deployed on your organization's AWS VPCs and Azure VNets. Kentik determines which VPCs and VNets are relevant to the current tab (VPCs and VNets with interconnects and using services). The indicators provide a breakdown of those VPCs and VNets into unmonitored (no agent deployed), pending (agent deployed but not yet active), and fully installed.
Note: On the Services Tab, the count shown in these counters depends on the services that have been selected for monitoring with the Configure Service Monitoring dialog. - Manage Agents: A button that opens the Manage Agents Dialog.
- Performance Monitor tabs: Each tab covers a different aspect of performance in your AWS and Azure cloud resources. See Interconnects Tab and Services Tab.
Note: Support for Azure within the Interconnects Tab is coming soon…
Time Range Control
The Time Range control combines two functions:
- An indicator that displays the current time range covered by the timeline.
- A button that opens a popup that enables you to define the time range.
The popup includes the following controls:
- Time Range: Two fields that each show a date-time, one for the start of the range and the other for the end. The fields are populated by clicking on the lookback list or on the calendars.
- Apply: A button that applies the time range from the values in the start and end fields and hides the popup.
- Cancel: A button that closes the popup and leaves the time range as it was before the popup was opened.
- Lookback list: A list of durations. Click in the list to set the duration (shown in the time range fields above) for which the time range will look back from the present.
- Calendars: Side-by-side monthly calendars that show the time range (if it spans more than one day) and enable you to change the range (shown in the time range fields above) by clicking on a date. The start and end days of the time range are indicated in blue, and the intervening days are indicated in light gray. The calendar controls include forward and back buttons to change the displayed months as well as drop-down selectors for month and year.
Manage Agents Dialog
The Manage Agents dialog enables you to manage the following aspects of ksynth private agents (see Kentik Synthetics Agents) deployed in your organization's AWS and Azure infrastructure:
- See which VPCs and VNets Kentik has identified as being relevant to the current tab of the Performance monitor.
- Deploy agents to monitor relevant VPCs and VNets.
- Configure agents that have been deployed.
The VPCs and VNets listed in the dialog vary depending on the current tab of the Performance Monitor:
- Interconnections: VPCs that are connecting to your on-premises infrastructure.
- Services: VPCs and VNets that are using AWS or Azure services (S3, EC2, Front Door, Storage, etc.).
Note: The VPCs listed in this dialog are not affected by which services have been selected for monitoring with the Configure Service Monitoring dialog on the Services Tab.
Manage Agents Tabs
The Manage Agents dialog consists of tabs that further break down the VPCs that are relevant to the current Performance Monitor tab:
- Unmonitored VPCs: A list of VPCs on which no agent has been installed. To deploy an agent on a VPC, click the Deploy Agent button, which opens the Agent Deployment Instructions dialog. The workflow for this dialog is the same as for Private Agent Setup.
- Pending Agents: A list of VPCs on which an agent has been installed but not yet activated.
- Private Agents: A list of VPCs on which an instance of the ksynth agent is currently monitoring performance. To edit properties of the agent, click the Configure Agent button, which opens the Configure Agent Dialog.
Note: A deployed agent can be uninstalled with the Remove button on the Agent Details sidebar in the Agent Management module of the portal's Synthetics section (see Details Sidebar UI).
Interconnects Tab
The Interconnects tab is covered in the following topics:
About the Interconnects Tab
The Interconnects tab enables you to see the VPCs in your cloud resources and the paths that connect those resources to your on-prem infrastructure. Depending on how the connections to your VPCs are configured, this tab will show you either or both of the following:
- Direct Connect: Each Direct Connect is a dedicated network connection between your network and public AWS resources through a virtual private gateway.
- Site-to-Site VPN: Each VPN refers to a connection between a VPC and your own on-premises network.
Note: For diagrammed examples of the different types of connections supported by AWS, see https://docs.aws.amazon.com/vpn/latest/s2svpn/Examples.html.
The VPNs and direct connects on this tab are represented in separate areas of the main display area (Direct Connects above and VPNs below). The VPCs of each type, grouped by region, are shown on the left, with their path to an AWS customer gateway shown to the right (the customer gateway is an AWS resource that represents the customer gateway device in your on-premises network).
Path Health Status
A legend at the upper right of the Interconnects tab explains the color of the links between the entities in the diagram:
- Dotted grey lines: Links from VPCs without active agents.
- Solid gray lines: Links from VPCs on which an agent is installed but for which a test has not yet been created (see Create Path Health Test).
- Solid colored lines: Links from VPCs for which a health test has been created. The color (green, orange, or red) depends on the health status (Healthy, Warning, Critical) determined by synthetic tests run from the agent (see Test Status Levels).
Create Path Health Test
To create a health test for the path between a VPC and a customer gateway, an agent must already be installed on the VPC (see Manage Agents Dialog).
- Click on any of the gray links between the entities on the path.
- The link popup will open. Choose Create Test.
- Testing will start. After about a minute the links in the path will be colored based on health status.
Using the Interconnects Tab
The Interconnects tab supports a number of actions that give you a clear picture of your connections to your cloud resources:
- For each region there is a View in Map link that will take you to the Kentik Map.
- Hover over a VPC to see the path that the traffic takes to your on-prem infrastructure.
- Hover over a link between network elements in the path (e.g. gateways and connections) to see the upstream (left) and downstream (right) connections that make up the remainder of that path.
- Click on a network element to slide out a Details drawer from the right of the screen. A details drawer provides further information about the element in areas such as Traffic, Performance, and Route Table.
- Click on a link (segment of a path) to open a popup with information about the link. The type of line representing each link depends on whether the link is being monitored with performance testing:
- Colored line: A green, orange, or red line indicates the health status of a tested link (see Test Status Levels). The popup will indicate the current status of the link for latency, packet loss, and jitter.
- Dashed gray line: The path is not currently being monitored. The popup (see screenshot at right) includes a Deploy Agent link, which opens the Deploy an Agent dialog so you can begin testing the link.
- In a link popup:
- Click Show Details to slide out a Details drawer from the right of the screen. The drawer contains details about the link in areas such as Traffic and Performance. These details parallel those shown in the details drawer on the Kentik Map (see Kentik Map Details).
- Click Create Test to activate health testing on the path that includes this link (see Create Path Health Test). - The Interconnects tab shows only Direct Connects from accounts (or child accounts using AssumeRole) that are configured within a Kentik cloud export. The No Interconnection Found message will display if either of the following is true:
- the account(s) covered by a cloud export don't include any instance of Direct Connect;
- the account(s) covered by a cloud export include an instance of Direct Connect but the relevant account permissions are incorrectly configured.
Services Tab
The Services tab of the performance monitor is covered in the following topics:
About Service Monitoring
The Services tab of the Performance Monitor helps you manage synthetic testing of important AWS and Azure cloud services (S3, EC2, Storage, Front Door, etc.) to evaluate their performance. Using flow data gathered by monitoring your cloud resources we can identify your utilization of various services based on IP address, either public or private (VPC or VNet endpoints that expose cloud services). We use this information to guide you as you determine the resources on which to test performance. We also make it easy to deploy agents to those resources.
Service Monitoring UI
The Services tab includes the following main UI elements:
- Search: A field that filters the Services List to services in which the text matches values one of the following fields in the list's cards and tables: Service name, Region, Connection Type, HTTP status, HTTP Latency.
- Update tests: A button that directs Kentik to automatically configure appropriate synthetic tests to the services that you've chosen to check (see Configure Service Monitoring) and Kentik has discovered that you use.
Note: This button is only active if agent deployment has changed since the last time tests were updated (see Manage Agents Dialog). - Test coverage: An indicator stating (a) as a percent of (b):
(a) the number of AWS VPCs or Azure VNets with agents that are active and configured to run tests;
(b) the count of your organization's VPCs or VNets that Kentik has "discovered" as using any AWS or Azure services. - Settings (gear icon): A button that opens the Configure Service Monitoring dialog, where you can include or exclude any discovered service from being tested.
Note: Changing the services that are monitored will change the counts shown in the agents counters at the upper right when you're on the Services tab of the Performance Monitor page. - Services list: A list of the AWS services used by your organization (see Services List).
Services List
The Services list is a set of cards that each provide information about your organization's usage of a cloud service (e.g. S3, EC2, Front Door, Storage, etc.). Each card includes the following UI elements:
- Expand/collapse: An arrow that you click on to expand or collapse the Services Table.
- Service name: The name of the monitored cloud service (CloudFront, EC2, S3, Global Accelerator, etc.).
- Connection type: An indicator stating the connection type and count of VPCs or VNets using the service via public and private connections.
- From service: An indicator showing, with numbers and a sparkline, the traffic volume in bps from the service to the monitored VPCs or VNets.
- To service: An indicator showing, with numbers and a sparkline, the traffic volume in bps to the service from the monitored VPCs or VNets.
- Actions menu (vertical ellipsis): The following option is available from the menu:
- View in Data Explorer: Opens (in a new tab) Data Explorer, with the Query sidebar set to show the cloud traffic for this service. - Services table: A list of VPCs/VNets using the service, grouped by region (see Services Table).
Note: If the health status of any of a service's regions, VPCs, or VNets is Warning or Critical then the card for that service will be outlined in red.
Services Table
The card for each service in the Services list includes a table in which traffic related to the service is broken down into VPCs (AWS) or VNets (Azure) grouped by region, each of which is represented in a heading row. This table includes the following columns:
- Expand/collapse: An arrow that you click on to expand or collapse the VPC rows for a region.
- Region:
- Region rows: The name of the region, with the number of VPCs given in parentheses.
- VPC/VNet rows: The name and ID of the VPC/VNet. - Connection Type:
- Region rows: The connection type and count of VPCs or VNets.
- VPC/VNet rows: The connection type (public or private). - From Kbits/s: The bitrate of traffic from the service to the region or individual VPC/VNet.
- To Kbits/s: The bitrate of traffic to the service from the region or individual VPC/VNet.
- Status Code (only for entities with an activated agent): The HTTP Return Code returned by AWS or Azure from requests to the monitored entity.
- Avg HTTP Latency (only for entities with an activated agent): The elapsed time (average during the current time range) from making an HTTP request to receiving the last byte of the response.
- Actions (vertical ellipsis): A popup menu with the following options:
- Synthetics (only if an agent is activated in the region/VPC): Configure Test (region only) takes you to the Test Settings Page for the synthetics test in this region that has been activated via the Update Tests button, while View Test Results takes you to the Test Details Page for that test.
- Open Quick-view: Opens (in a new tab) the Network Explorer details page for this region/VPC in Kentik's Core module (see Core Details Page).
- View in Kentik Map: Opens (in a new tab) the AWS Topology or Azure Topology page in Kentik Map.
- View in Data Explorer: Opens (in a new tab) Data Explorer, with the Query sidebar set to show the traffic for this region/VPC.
- Copy to Clipboard: Copies the region name or VPC ID to the clipboard.
Configure Service Monitoring
The Configure Service Monitoring dialog, which opens from the Settings button (gear icon), lets you choose the AWS or Azure services for which you'd like to enable performance monitoring via synthetic testing. The dialog is structured as two columns:
- Available Services: A list of services that Kentik has identified as being used by your AWS or Azure cloud resources. Use the Search field to filter the list to services whose name matches entered text.
- Selected Services: A list of the services that have been chosen from the Available Services list. An X at the right of each service enables you to deselect that service.
- Cancel: Buttons — a Cancel button at lower right and an X in the top right corner — that close the dialog without saving any changes.
- Save: A button that saves to the services monitored and returns you to the Cloud Performance Monitoring page.
To use the dialog:
- To select all discovered services, click All Services in the Available Services list.
- To select individual services
- In the Selected Services list, deselect All Services.
- In the Available Services list, click each individual service that you'd like to select.