Re: [openstack-dev] [OpenStack][Neutron][Monasca] Traffic counters at Layer 3
Thanks for replying. Yes, Armando. I've seen it and I'm using that approach to cater explicit labels/traffic the user wants to monitor by providing CIDRs in my plugin's configuration file. However, it gives overall bandwidth for a particular label. I want the traffic going in, out and generated at the router in separate metrics. like qrouter.in_packets_sec qrouter.forward_packets_sec qrouter.out_packets_sec Akihiro, I'm doing something similar. Instead of consuming notifications (which are insufficient in my case) generated by metering agent, I'm collecting router's traffic counters from already deployed iptables per network namespace through monasca agent[1] that performs checks against your system after configured intervals. I'm using the approach that if a user deploys monasca agent on a node and qrouter plugin is enabled, per router per tenant in/out/generated traffic can be visualized using grafana and used for alarm generation without having to configure something(such as manual label and rule creation) on neutron side. I just want to make sure I'm not missing any traffic passing through router. Makes sense? [1] https://github.com/openstack/monasca-agent Thanks! On Tue, Apr 26, 2016 at 10:24 AM, Akihiro Motoki wrote: > Neutron already supports L3 router with network namespaces which send > notifications, as Armando mentioned. > Ceilometer can consume these notification and I think monisca can do > similar things. > I believe you can collect enough information for neutron ovs > implementation. > > 2016-04-25 13:20 GMT-05:00 Rubab Syed : > > Hi folks, > > > > I'm writing a plugin for Monasca to monitor traffic at layer 3. My > Neutron > > backend is OVS and I'm using iptables of network namespaces for getting > > traffic counters. Would the following rules in router namespace cover all > > the traffic at layer 3 per router per tenant? > > > > - Chain MONASCA-INPUT in filter table > >- src: anywhere dest: gateway port IP // north-south traffic for > > SNATed and FIPs > > > > - Chain MONASCA-FORWARD in filter table > > - src: anywhere dest: anywhere // east-west traffic > > inter-network and intra-network > > > > - Chain MONASCA-OUTPUT in filter table > > - src: gateway port dest: anywhere // north-south traffic from > > VMs to public network > > > > > > Would these be sufficient or am I missing something? > > > > Thanks! > > > > Rubab > > > > > __ > > OpenStack Development Mailing List (not for usage questions) > > Unsubscribe: > openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [OpenStack][Neutron][Monasca] Traffic counters at Layer 3
Neutron already supports L3 router with network namespaces which send notifications, as Armando mentioned. Ceilometer can consume these notification and I think monisca can do similar things. I believe you can collect enough information for neutron ovs implementation. 2016-04-25 13:20 GMT-05:00 Rubab Syed : > Hi folks, > > I'm writing a plugin for Monasca to monitor traffic at layer 3. My Neutron > backend is OVS and I'm using iptables of network namespaces for getting > traffic counters. Would the following rules in router namespace cover all > the traffic at layer 3 per router per tenant? > > - Chain MONASCA-INPUT in filter table >- src: anywhere dest: gateway port IP // north-south traffic for > SNATed and FIPs > > - Chain MONASCA-FORWARD in filter table > - src: anywhere dest: anywhere // east-west traffic > inter-network and intra-network > > - Chain MONASCA-OUTPUT in filter table > - src: gateway port dest: anywhere // north-south traffic from > VMs to public network > > > Would these be sufficient or am I missing something? > > Thanks! > > Rubab > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [OpenStack][Neutron][Monasca] Traffic counters at Layer 3
On 25 April 2016 at 11:20, Rubab Syed wrote: > Hi folks, > > I'm writing a plugin for Monasca to monitor traffic at layer 3. My Neutron > backend is OVS and I'm using iptables of network namespaces for getting > traffic counters. Would the following rules in router namespace cover all > the traffic at layer 3 per router per tenant? > > - Chain MONASCA-INPUT in filter table >- src: anywhere dest: gateway port IP // north-south traffic for > SNATed and FIPs > > - Chain MONASCA-FORWARD in filter table > - src: anywhere dest: anywhere // east-west traffic > inter-network and intra-network > > - Chain MONASCA-OUTPUT in filter table > - src: gateway port dest: anywhere // north-south traffic from > VMs to public network > > > Would these be sufficient or am I missing something? > Have you looked at the iptables driver already available in Neutron [1]? That should give enough pointers. [1] https://github.com/openstack/neutron/blob/master/neutron/services/metering/drivers/iptables/iptables_driver.py > > Thanks! > > Rubab > > __ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [OpenStack][Neutron][Monasca] Traffic counters at Layer 3
Hi folks, I'm writing a plugin for Monasca to monitor traffic at layer 3. My Neutron backend is OVS and I'm using iptables of network namespaces for getting traffic counters. Would the following rules in router namespace cover all the traffic at layer 3 per router per tenant? - Chain MONASCA-INPUT in filter table - src: anywhere dest: gateway port IP // north-south traffic for SNATed and FIPs - Chain MONASCA-FORWARD in filter table - src: anywhere dest: anywhere // east-west traffic inter-network and intra-network - Chain MONASCA-OUTPUT in filter table - src: gateway port dest: anywhere // north-south traffic from VMs to public network Would these be sufficient or am I missing something? Thanks! Rubab __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
