Introduction To System Owners
A system owner in Cloudmin is an additional account who is granted limited access to some virtual systems. They are typically created for customers of a VPS hosting business, and given permission to manage only their own systems. Owner accounts can also be granted the right to expand, delete and move virtual systems, up to limits defined by a plan.
Cloudmin also supports the creation of new virtual systems by owners, if enabled on their plans. You can define an upper limit on the number of systems each owner can create, and any additional disk, RAM or CPU use will count towards plan limits. A VPS hosting company can then create an owner account for each customer and leave the actual creation and deletion of systems up to the owners.
Creating and Managing Owner Accounts
To create a new system owner account, do the following :
- First create or edit a plan that contains the limits you want applied to this owner, as documented on the Account Plans page.
- Go to Cloudmin Settings -> System Owners , and click Add a new system owner.
- Fill in the Login username field with a unique username, like "joe".
- Fill in the Login password field.
- Enter the customer's email address in the Contact email address field.
- To allow the new owner to manage some existing systems, select them the Systems that can be managed list.
- Under Limits and restrictions, select the account plan the defines the limits for this owner.
- Click the Create button.
Once an owner has been created, he will appear in the list on the System Owners page. Click on his name to edit him, or check the box next to his username and click Delete Selected Owners to remove him.
Owner accounts can also be temporarily disabled or enabled on the same page, such as for non-payment. To disable, check the boxes next to the names of accounts to turn off and click the Disable Selected Owners button. Use the Enable button to turn the accounts back on. Disabling an owner has no effect on his running virtual systems.
System Owners and Backups
Cloudmin has backup and restore capabilities to save the filesystem contents of virtual systems. System owners can also be allowed to create their own backups, either to a central storage location defined by the master administrator or remote SSH and FTP servers.
To allow owners to create their own backups, do the following :
- Make sure that each of your host systems has a default backup location set, as documented on the backup and restore page.
- Go to the Account Plans page and click on a plan whose owners you want to allow.
- Fill in the Maximum space for backups field with the amount of disk space each owner should be able to consume for backups on central storage.
- In the Plan restrictions section, check the Backup and restore systems box.
- Click Save and Apply.
System owners will now see the backup and restore category on the left menu when they login.
When backing up to the destination defined by the host system, a sub-directory will be created for each owner to avoid over-writing of each others files. Each owner can create his own scheduled backups for his systems, and will be notified via email if they fail. Owners can also find, restore and delete old backups using the Backup Logs page.
Cloudmin keeps track of the uptime, CPU and RAM used by each virtual system over time, and can summarize it for the current accounting period (such as the current week or month). For example, if an owner had two systems with 512MB RAM and 1GB of disk each that were up for 2 and 3 days respectively over the week and used 10% CPU on average, his usage would be :
- Uptime : 2 x 24 + 3 x 24 = 125 hours
- Memory used : 2 x 24 x 512MB + 3 x 24 x 512MB = 62.5 GB hours
- CPU used : 2 x 24 x 10% + 3 x 24 x 10% = 125 percent hours
- Disk allocated : 2 x 24 x 7 = 336 GB hours
To see usage for an owner, click on his name in the System Owners list and open the Usage by all owned systems section. This is also available from the
list-owners API command. How you use this information is up to you, but it could be used for usage-based billing for VPS hosting customers.
The accounting period is the same as that set for Bandwidth Monitoring, at Cloudmin Settings -> Bandwidth Monitoring.
API Access By System Owners
If the Call remote API action is allowed for a system owner or his plan, the owner will be able to call the Cloudmin API via HTTP to manage his systems. Owners will only be able to perform the same actions on the same systems via the API that they would be able to do via the web interface, so there is no additional security risk to enabling this. In Cloudmin 4.1 and later, it is turned on by default.
For more documentation on the API, see https://www.virtualmin.com/documentation/cloudmin/devel/remote/