Forgot to link the pr:
https://github.com/apache/cloudstack/pull/9415/
On 2024-10-01 14:59, Nux wrote:
That's a good approach, one can also use Prometheus with the libvirt
exporter and can get per-vm & per-NIC stats that way.
Worth mentioning that 4.20 will bring Security Groups in Shared
Networks (in regular Advanced Zones!), thus simplifying somewhat
people's lives in similar situations, as far as IPv4 usage is
concerned, you can more easily share a subnet with many customers, not
having to worry they'll spoof addresses etc.
On 2024-10-01 13:39, Stephan Bienek wrote:
We are using L2 networks with for example a /29 public subnet for the
customer network as well, as Lucian mentioned it.
This approach and quite a few other use cases i will share during my
talk at CCC 2024 in Madrid.
As an alternative to the L2 /29 approach, which is not the most
efficient approach if you only need a single IP, you could use a
Shared Network with specify VLAN, without VR and tell the customer
which single IP to use.
In order to make sure no customer is using "wrong" IPs, be sure to use
the approach Alex Mattioli mentioned once - creating fixed MAC-IP
entries on your routers.
We combine the L2 network approach with what Swen mentioned,
collecting netflow data from routers via open source "pmacct" for
traffic accounting.
This could help to get per-customer (or per-IP) accounting data even
when using one shared VR.
Best regards,
Stephan
Wei ZHOU <[email protected]> hat am 01.10.2024 14:11 CEST
geschrieben:
+1 with what Lucian said.
Please update the value of global setting "vm.network.stats.interval"
(by
default 0), and restart mgmt server.
then you can get network statistics of each nic on shared networks.
-Wei
On Tue, Oct 1, 2024 at 1:47 PM Nux <[email protected]> wrote:
> I thought the traffic usage is taken from the hypervisor, for the VM's
> NIC.
> Btw, you can also use L2 networks, may be more flexible and economic
> (with IPv4 usage).
>
> On 2024-10-01 10:24, Alexandru Stan wrote:
> > Hi everyone,
> >
> > I have a specific scenario with ACS that I'm not sure how to approach,
> > maybe someone here can share a solution/workaround. As far as I know,
> > the only way to have a public ip directly assigned to a vm (I mean on
> > the vm's network adapter) is to use a shared network. But in this case
> > all users would share one router and I wouldn't be able to track
> > network usage individually, correct? Is there any other way to do this
> > AND have traffic usage at vm/user level? Creating multiple shared
> > networks is not an option, it would require constant monitoring of the
> > routers to keep track of ip usage and so on.
> >
> > Thank you!
>
