x step 4 = database!
- image contextualisation
- dnsmasq
- metadata
  - for getting keys
- user metadata
- user authentication
  - otp or ldap or plain file
  - for registering keys
  - for creating VMs
- automating
- trigger / postgres / etcd
- building vm images!
- generate tap names matching vm??? problem, because inteerfaces are
  limited in length!

[root@diamond hackcloud]# ip link add b23456789012345 type bridge
[root@diamond hackcloud]# ip link add b234567890123456 type bridge
Error: argument "b234567890123456" is wrong: "dev" not a valid ifname
[root@diamond hackcloud]#

- VMID is not uuid, but counter; using hexa; using 16**10,
gives 1099511627776 VMs

>>> (16**10)/(1000*24*365)
125515.02600182648

interface names:

x = vxlan ?
b = bridge
v = vm


=> 16 types possible

10+1 used => 4 left

2 positions for interface id? => 256 interfaces per VM

mac:

48 bits = 6 bytes
1 byte = 2hexa positions

prefix is 02:00: = 2 bytes
we have 4 bytes = 8 hexa left!!!!
embed mac suffix as ID!
full mac = 12 bytes

No vmprefix + counter -> because counter size might always be wrong
(how many interfaces? 16? 256? ... )

--------------------------------------------------------------------------------
No stale firewall entries as we regnerate, not keep the list!

table bridge filter {
    chain prerouting {
        type filter hook prerouting priority 0;
        policy accept;

        ibrname br100 jump netpublic-$version
    }
    chain netpublic-10 {
    ...
    }

}

can generate new full chain, change only the jump

--------------------------------------------------------------------------------
Much later:
- rate limiting