I may be confused about the MSP edition & the requirement of assigning each site to a single customer. Quoting the documentation:
The separation of data only works if you create a separate site for each customer and connect this to your provider site.
I used to think that this means that I cannot have instances that operate on multiple customers. We do have three instances (one of them the central one from which configuration is distributed), though, that all have to query multiple customers.
Yeah, I understand. My question was not about piggyback in particular but if it’s possible, in general, to have several sites with all customer data even in the MSP edition. Your question was just the trigger that made me wonder & re-check my assumptions.
Each customer can be assigned to one or more dedicated monitoring sites, depending on their individual requirements. However, each site is exclusively assigned to a single customer. This strict separation ensures that no customer can access or view data from another, which is essential in any MSP environment.
Of course, it is also technically possible to host all customers on a single site under “Global” and restrict access using the usual permission mechanisms. However, in such a setup, it cannot be guaranteed with 100% certainty that a misconfiguration won’t accidentally expose data from one customer to another. This potential risk is one of the main reasons for using the MSP edition.
Currently, data cannot be shared between individual sites. With the new piggyback approach, it is expected to become possible to collect data centrally and selectively distribute relevant parts to other sites. This would, for example, allow customer-specific data collected centrally from ESX hosts to be forwarded to the respective customer site.
However, as Andreas pointed out, this does not yet seem to be working reliably in an MSP setup. It’s likely that this functionality hasn’t been fully implemented for MSP use cases yet—probably because the requirements are more stringent. It must be guaranteed that only data belonging to a specific customer is forwarded to their respective site, and nothing more.
Sooo… how do y’all actually handle situations with many customers, with a significant of them only needing monitoring from some public cloud infrastructure (AWS, Hetzner, whatver)? Do you really run one instance (either multiple sites on a handful of VMs or even one VM per customer)?
We have about… not sure… well we have 68 sites at the moment in total. Of those 65 are instances that run on customer premises. Those aren’t my issue. The remaining three are the ones I’m concerned with. Effectively they serve (run checks for) quite a bit more customers. For some customers we have both monitoring on prem (with their own site, like I said before) and from public cloud datacenters so that monitoring of external services continues no matter the status of those customers’ internal networks.
If I really wanted separation of data, I would really have to spin up another maybe 30 sites?
Easy answer, strictly all customers separated to own sites.
Every customer has it’s own site. Only in the central (provider) instance we see all the data.
If a customer logs in to his site he only see’s his data.
Some sites are without customer login but for data separation it is the same doing.