[DOCS-15617] [SERVER] Document new server status metrics related to TLS Created: 08/Sep/22  Updated: 13/Nov/23  Resolved: 20/Sep/22

Status: Closed
Project: Documentation
Component/s: manual, Server
Affects Version/s: 6.2 Targeted
Fix Version/s: 6.2 Targeted, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113

Type: Task Priority: Major - P3
Reporter: Backlog - Core Eng Program Management Team Assignee: Jason Price
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
documents SERVER-67238 Record Ingress TLS Handshake Duration Closed
Participants:
Days since reply: 1 year, 8 weeks, 2 days ago
Epic Link: DOCSP-22091
Story Points: 5

 Description   
Original Downstream Change Summary

Added two new server status metrics:
'metrics.network.totalIngressTLSConnections' - the cumulative number of ingress connections that used TLS
'metrics.network.totalIngressTLSHandshakeTimeMillis' - the cumulative time across all ingress connections spent waiting on TLS handshake.

Description of Linked Ticket

Log ingress TLS handshake duration after TLS handshake concludes for incoming connections. Additionally, record whether OCSP stapling was used during the handshake. Also add the TLS version and cipher information.

Finally, add a counter that tracks the cumulative time the process has spent doing TLS handshaking for ingress connections. Add this cumulative measurement to FTDC.

For details on OCSP stapling/questions, you can contact george.wangensteen@mongodb.com or mark.benvenuto@mongodb.com on the security team



 Comments   
Comment by Githook User [ 12/Dec/22 ]

Author:

{'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}

Message: DOCS-15617-remove-all-mention-of-cluster-metrics-from-v6.1 (#1892)

Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com>
Branch: indexes-refactor
https://github.com/10gen/docs-mongodb-internal/commit/145f194b5fb34299a82e0920469ec47b73bb947d

Comment by Githook User [ 20/Sep/22 ]

Author:

{'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}

Message: DOCS-15617-TLS-metrics-and-move-others-to-6.2 (#1886)

Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com>
Branch: v6.2
https://github.com/10gen/docs-mongodb-internal/commit/1d02fc43eb143fadea6867688c54e42d18c6b59c

Comment by Githook User [ 20/Sep/22 ]

Author:

{'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}

Message: DOCS-15617-remove-all-mention-of-cluster-metrics-from-v6.1 (#1892)

Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com>
Branch: master
https://github.com/10gen/docs-mongodb-internal/commit/145f194b5fb34299a82e0920469ec47b73bb947d

Comment by Jason Chan [ 14/Sep/22 ]

Note that although SERVER-67238 was included in 6.1, the metrics above are actually not enabled to be shown under serverStatus yet as they are hidden under a feature flag that is disabled by default.

Comment by Jason Chan [ 14/Sep/22 ]

Output looks like:

 "metrics" : {
      ...
      "network" : {
         ...,
         "totalIngressTLSConnections" : NumberLong(<num>),
         "totalIngressTLSHandshakeTimeMillis" : NumberLong(<num>),
      },

Generated at Thu Feb 08 08:13:23 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.