Websocket Keepalive -- PingTimeInterval

[bdwyertech]

The websocket keepalives are set fairly high at 5 minutes. https://github.com/aws/session-manager-plugin/blob/1c9b600eca0b8b7d6e1e0b09dcdd7a78551582f5/src/config/config.go#L38

I am a large customer whose developers operate behind a busy corporate proxy which aggressively closes idle connections.

Would you be able to make this valuable configurable? Even if it was via environment variable that is fine. I need to lower this to around 15-30 seconds probably.

2021-10-13 00:48:01 DEBUG Closing websocket connection to:%!(EXTRA string=1.2.3.4:1234)
2021-10-13 00:48:01 ERROR Failed to close websocket: tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 4.3.2.1:50638->1.2.3.4:1234: write: broken pipe
2021-10-13 00:48:01 DEBUG Closing datachannel failed with error: tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 4.3.2.1:50638->1.2.3.4:1234: write: broken pipe
2021-10-13 00:48:01 INFO Opening websocket connection to: %!(EXTRA string=wss://ssmmessages.us-east-1.amazonaws.com/v1/data-channel/blah@blah.com-12345678912345678?role=publish_subscribe)
2021-10-13 00:48:01 DEBUG Resend stream data message: 1
2021-10-13 00:48:01 ERROR Unable to send stream data message: Can't send message: Connection is closed.
2021-10-13 00:48:01 DEBUG Resend stream data message: 1
2021-10-13 00:48:01 ERROR Unable to send stream data message: Can't send message: Connection is closed.
......
2021-10-13 00:48:01 DEBUG Resend stream data message: 1
2021-10-13 00:48:01 DEBUG Resend stream data message: 2
2021-10-13 00:48:01 DEBUG Resend stream data message: 3
2021-10-13 00:48:01 DEBUG Resend stream data message: 4
2021-10-13 00:48:01 DEBUG Resend stream data message: 5
2021-10-13 00:48:01 DEBUG Resend stream data message: 6

[bdwyertech]

Confirmed -- I compiled my own binary with PingTimeInterval set to 15 seconds and all issues were resolved. Any higher than 15 and the issue continued.

[artempartos]

Also need to decrease time

[yuting-fan]

Hi bdwyertech@,

Does the 15-second interval come from the proxy service that has keep-alive set to 15 seconds? As you tested our already, you could definitely customize the value in your own binary.

However I'm wondering if it's possible to tune the keep-alive value of the proxy service to higher, and leverage Session Manager IdleSessionTimeout feature if you'd want to close idle sessions faster. See the documentation here https://docs.aws.amazon.com/systems-manager/latest/userguide/session-preferences-timeout.html. If this is something that will help your use case, I'd be happy to capture a feature request to set the idle session timeout in a granularity of seconds, instead of minutes. This way you won't need to build the custom binary anymore.

Regards, Yuting

[bdwyertech]

@yuting-fan thanks for the reply.

Unfortunately, like most developers, I do not have control of my corporate proxy. It is also managed by a very large vendor, so I doubt that is something the admins could or would tune anyway. I presume there is good reason they keep the timeout so low, likely as to prevent idle/stale connections from wasting the limited number of ports available and affecting other clients.

It would be nice if this setting was exposed somehow, maybe via environment variable. Env var would work perfectly for our use case.

Fwiw, many other tools which use websockets allow you to set the keepalive ping interval as a configuration setting. Most also default to ~15 seconds. Visual Studio Code live sharing comes to mind -- I believe that is set pretty low but internally we had to set it to 10 seconds or else it does not work.

[yuting-fan]

Makes sense, @bdwyertech. I captured it as a feature request on the service team side. A team member will update and track this ask once it is prioritized.