Will, What I want to do is enable some sort of accounting based on iptables counters (I only want to measure traffic to certain destinations, i.e. not count inter-vm traffic in a SG zone). I doubt it's something the events stream can help, but it's a good thing to be aware of nonetheless.
Thanks -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "Will Stevens" <wstev...@cloudops.com> > To: dev@cloudstack.apache.org > Cc: "Pierre-Luc Dion" <pd...@cloudops.com> > Sent: Friday, 1 April, 2016 15:38:19 > Subject: Re: Hooking into the SecurityGroups > Patrick, did you guys end up doing anything with these events? I know we > were messing with that at one point. Did we learn anything interesting? > Is it a viable solution for what Nux is trying to do? > > *Will STEVENS* > Lead Developer > > *CloudOps* *| *Cloud Solutions Experts > 420 rue Guy *|* Montreal *|* Quebec *|* H3J 1S6 > w cloudops.com *|* tw @CloudOps_ > > On Fri, Apr 1, 2016 at 9:59 AM, Patrick Dube <patrickdub...@gmail.com> > wrote: > >> @swill. You can configure CloudStack to push it's events to both mysql and >> RabbitMQ or Kafka ( >> >> http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4.8/events.html >> ) >> >> On Fri, Apr 1, 2016 at 8:37 AM, Will Stevens <williamstev...@gmail.com> >> wrote: >> >> > Pierre-Luc may have gotten something like this working. I think he tried >> > something similar. >> > >> > I think you can do something like redirect the events to redis and then >> > with a tool that uses the API and redis, build an event based overlay. >> > >> > I would have to look into this deeper, but I think PLD did some work on >> > this. >> > Thanks a lot Jayapal! >> > >> > Will, that sounds nice but I have not seen anything like this. >> > >> > Another interesting thing might be - as Wido suggested - to use libvirt >> > filters instead of our python scripts and I believe libvirt has it's own >> > way of hooking stuff into it. Could be another thing to explore, though >> it >> > sounds like a level lower than what you're proposing. >> > >> > Lucian >> > >> > -- >> > Sent from the Delta quadrant using Borg technology! >> > >> > Nux! >> > www.nux.ro >> > >> > ----- Original Message ----- >> > > From: "Will Stevens" <williamstev...@gmail.com> >> > > To: dev@cloudstack.apache.org >> > > Sent: Friday, 1 April, 2016 12:50:16 >> > > Subject: Re: Hooking into the SecurityGroups >> > >> > > Slightly off topic, but relevant. Ideally we could easily hook into the >> > > event logging and build added logic by simply tying them to specific >> > > events. This would limit the hackery and would provide a system that >> > others >> > > could use without having to change the core. Has anyone done something >> > like >> > > this? >> > > On Apr 1, 2016 6:42 AM, "Nux!" <n...@li.nux.ro> wrote: >> > > >> > >> Hi, >> > >> >> > >> I want to hook into the SGs and add a few iptables rules every time a >> VM >> > >> is spawned and delete them when the VM is moved/deleted. >> > >> Has anyone done this before? Any pointers before I go and butcher it? >> > :-) >> > >> >> > >> Lucian >> > >> >> > >> -- >> > >> Sent from the Delta quadrant using Borg technology! >> > >> >> > >> Nux! >> > >> www.nux.ro >> >
