Arm yourself against cloud attacks

Stormy Weather

The Tiresome Subject of Billing

A final threat scenario in the cloud is less a concrete technical threat and more a commercial one: How does a cloud customer avoid being overcharged? After all, all providers promise "by-the-minute billing" and billing exclusively for resources used.

At least in the standard situation, you are dependent on trusting the figures shown in the invoice because the systems in the cloud, which collect all user data, are usually inaccessible to the customer. How can you protect yourself effectively and efficiently against abuse of accounting sovereignty?

The answer is as simple as it is frustrating: you can only protect yourself effectively if you take your own measurements and regularly compare them with the provider's figures. Slight differences are unavoidable, but major differences will quickly be noticed and allow you to ask the provider for further information.

Unfortunately, only those who use software like Prometheus or InfluxDB, which can process the time series data and store it for a long time, can perform these measurements. Additionally, software is needed to collect metric data on the target systems – and both together can cause some administrative overhead.

At the end of the day, images and containers with Prometheus and like monitoring tools exist and can be put into operation quickly in all environments. Rolling out the Prometheus Node Exporter or TICK Stack Telegraf is also easy. The reward for all this effort is a reliable database that allows you to detect inconsistencies quickly (Figure 5).

Figure 5: With Prometheus, metric data (e.g., from Kubernetes clusters) can be recorded – making invoice data verifiable.

The Author

Martin Gerhard Loschwitz is Senior Cloud Architect at Mirantis, where he focuses on topics such as OpenStack, Ceph, and Kubernetes.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus