Monitoring the traffic usage (bytes received/transmitted) of Xen VMs can be tricky, there are very few management scripts and panels available for you. Here is a tutorial to get you started with monitoring, alerting and null routing abusive Xen guests.

Just want the source?

If you just came here for the source and the script it's available on Github otherwise read on for installation guidelines.

Installation

First off make sure that MongoDB is installed (apt-get install mongodb for Debian/Ubuntu) and the Xen hypervisor is installed using the xm toolstack. Next follow these steps:

  1. bundle install install necessary dependencies.
  2. Edit bwmon.rb lines 101, 110 and 112 to your own email address, domain and subject respectively.
  3. ruby addvm.rb Add all your VMs with their hostnames (must be the same as xm list and their config file).
  4. ./install.sh Move the necessary scripts in place.
  5. Edit your crontab (crontab -e) to run bash /path/to/start.sh at your specified interval.
  6. The monitor will then run the script at that interval and email you and nullroute the VM if it goes over its bandwidth allocation.

How does it work

The script bwmon.rb will parse the output of xentop or xm top to get the current received & transmitted bytes for each VM. This is then logged to the DB in both cumulative and just raw form, this is then checked against the allowance and if it exceeds the VM's allowance then the IP address is null routed by REJECTing all packets in the chains INPUT, OUTPUT and FORWARD using iptables.

Contact

If you want to contact me for any more information I'm available on twitter @Will3942 or by email will@will3942.com