Archive

To own a dedicated server, what do I look for?

Many when you are looking for a dedicated server, you compare prices at similar specification. This is a normal practice for a consumer, But how do you know they are the same. Like Intel XEON processor E3 has 6 revisions. Of course, it is not a must to get the latest but not too old though. Older parts have a shorter lifespan, the higher failure rate can cause disruptions. Here are a few tips helps individuals on choosing a dedicated server.

  • Do not rush. If the advertisement is unclear, please ask for details. Always ask for more details if you are unsure. Like XEON processors have a few revisions can affect CPU performance. Some hard drives are designed to use 247 as a server. You cannot use to normal hard drive for a desktop to a server.
  • Never make a long period of upfront payment. Price will start to drop for older parts. In past experience, the cycle is 9 -12 months. Longer upfront payment does not secure you a better deal, in fact, you could lose more.
  • A cheaper option might get you a desktop PC as a web or database server. They are not designed to run 247. Like cooling and continuous operation are major issues to these servers.
  • Rent a server slightly more than your needs. Servers are not portable, to upgrade a server, the chances are moving your data can be tedious.
  • Always buy a backup, if there is no backup might lead you to lose data in the event of hard drive failure.
  • Services monitoring, you should monitor the important services and receive an alert if your service is not operational. Remembered that you have rented a server for a few hundred dollars for a month, a non-operational service costs you more.
  • Protection is a must if you own a dedicated server. You have many websites or you have a high traffic website, to rent a dedicated server. This greatly increased the attacks because of its popularity. So access to the server must be restricted and limited.
  • Regular check on the health of the server. Whether you are using a Linux or Windows server, they are tools to do the diagnostic to the hardware in the server especially hard drives. Any pre-failure notices can save you time and money.

Dedicated Server? The common mistakes

If you put a website on a dedicated server, mainly there are 2 reasons. Either the website has a lot of users or visitors that you require resources or physical security is your concern. But there are many dedicated servers out there. How do you choose a server for your website? Price? Specification? or Brand?

Today, we gonna share the common mistakes we have seen to help you to make a better choice.

  • We have seen servers used less than 10% resources in our datacentre. Always do homework, if a server is required? There are alternative like VPS, VM, EC2 computing etc. They perform like a server with less expensive are they suffice for your need? Yes, if they are. They can be a much cheaper option.
  • 2. The more the merrier? The bigger is better?  Actually, this might not be the case. You are paying for more or bigger resources, however, your application might not utilize them optimally.  Example, if you are given 32Gb of RAM, 10 users will consume about 14Gb. In other words, you need 16Gb the most but you are paying 32Gb. Unless the price difference is small, otherwise it might be a good idea to stick to 16GB, Another example, you are given a 4Tb storage. Compare to 10 years ago, 4Tb is huge. What does 4Tb mean to you? More storage? or more websites? More storage means you need more storage to backup. As far as I’m aware, most hosting companies charge the storage space used. Using more storage on a server, you might be paying on a higher backup storage bills. I can add more websites. Yes, you can. Provided your CPU and RAM can cope with. Simple mathematics, let say the same CPU can host 20 websites. For 20 websites you are using 32GB of RAM and 2Tb of storage. Now, with 4Tb I get more spaces to host 40 websites haha I can make more money. Eventually, you will get more complaints and all the websites are affected, and they are slower than before. It is good to have more spaces. The additional storage space gives you an allowance. You can either allocate more spaces to a website or use it for backup to roll back. The less important task can be useful sometimes.
  • Prepare to pay more. When you own a dedicated server. Most things are physical. Example, firewall, backup, RAM etc. These items cost more usually. Basically, this can be your hidden costs and not likely there is a cheaper option.
  • Load balancing & High availability – They are more complicated and expensive to implement. Like I have mentioned, they are physical appliances, you need physical works unlike the virtual machine takes maybe only a couple of days and the costs are significantly lower.

Which type of VPS?

kvm vps
kvm vps

Many have asked which type of VPS to choose and what are the difference? The propose of this post is to help customer to make the right choice. It is not because Vastspace have dropped OpenVZ and we start praising KVM. Vastspace has dropped OpenVZ is base on demand and it is difficult to manage 2 types of virtualization at the same time., Finally we have chosen KVM instead.

We are not saying OpenVZ is bad. Honestly, there are many advantages for hosting vendors like us. Hosting providers can put more instances on one node compares to KVM. As you know OpenVZ is sharing files and kernel. Theoretically, you are using less space or space is available to you dynamically. Even you are given 40 Gb of space but OpenVZ is calculating the space only you are consuming and not allocated.

Because OpenVZ is sharing the node kernel, you cannot reboot the virtualized instance at your own. In other words, you cannot update a kernel bug or security fix. This has to be waited till the virtualization distribution released and schedule to be updated as a whole but not individually.

OpenVZ allows the use of memory does not belong to you or has been allocated to you. There is mean to say, if you are allocated with 1Gb of RAM you might be able to use more. If you look at other angle, you are stealing others RAM. What happen if someone is stealing from you? This will only happen to unused RAM. In many occasions, RAM is taken from the node and the entire server freezes because of overage. All the VPS hosted within the server are affected due to poor management and this will not happen to KVM. However, there are much improvements in virtualization, there is such thing know as burstable memory, this can be done on KVM VPS.

There are some applications required non-shared kernel. For example, a real-time anti-virus which is essential for today cyber world, can only install on a KVM VPS and not OpenVZ VPS due to its shared kernel.

In real world, CPU are shared in OpenVZ . CPU are dynamically shared among the client machine. You can say it is burstable unlike KVM, you only can use what is allocated to you. because of this feature, it has allow more instances to be hosted. In other words, it is cheaper per instance on OpenVZ.

These explained the difference between OpenVZ and KVM virtualization Hope that the article helped you to make a better choice in choosing a VPS.

cPanel 11.52 on LXC

Today, I’ve installed cPanel 11.52 on LXC. LXC knowns as Linux Containers certainly are a lightweight virtualization technology. They are more quite like an enhanced chroot instead of full virtualization like Qemu or VMware, they do not emulate hardware and share the same operating system kernel on a host. Linux-vserver and OpenVZ are two pre-existing, independently developed implementations of containers-like functionality for Linux.

Vastspace has no plan to launch LXC any time soon in spite of the benefits and performance gain over OpenVZ. In case you want to try it out yourself, this is the recommendation from cPanel.

To run cPanel & WHM inside an LXC container, cPanel strongly recommend that you use the following settings:

Host

We strongly recommend that you use Red Hat® Enterprise Linux (RHEL) 7, CloudLinux™ 7, or CentOS 7 as your LXC host. This ensures the best compatibility with cPanel & WHM. While other Linux distributions may work, they require that the system administrator performs additional steps, which we do not support.

Guest

We strongly recommend that your LXC containers use CentOS, RHEL, or CloudLinux 6 as the guest. A CentOS, RHEL, or CloudLinux 7 installation requires additional steps to use it as the guest.

Privileged vs unprivileged containers

cPanel & WHM functions in both privileged and unprivileged containers. We strongly recommend that you run cPanel & WHM in a privileged container, because it expects unrestricted access to the system.

The following limitations are inherent to an unprivileged container:

  • The host operating system treats the root user as a non-root user.
  • You cannot raise the hard limit of a process if you previously lowered it. This action could cause EasyApache 3 to fail.
  • Subtle behavior differences may occur.

Required changes for CentOS 7, RHEL 7, or CloudLinux 7

You must make the following configuration changes to run cPanel & WHM inside an LXC container:

  1. After you create the LXC container, change the lxc.include line in the lxc.conf file to the following line:
    lxc.include = /usr/share/lxc/config/fedora.common.conf
  2. Edit the lxc.conf file to drop setfcap and setpcap capabilities. To do this, comment the following lines:
    1
    2
    # lxc.cap.drop = setpcap
    # lxc.cap.drop = setfcap
  3. If your system uses AppArmor, you must uncomment the following line in the lxc.conf file:
    lxc.aa_profile = unconfined

 

cpanel on Linux Container

 

VPS ran out of space, are you informed?

Many users are tied up in their day-to-day routines. It is difficult for them to find time to check disk usage on their VPS on a daily basis, until one day they come to realize server has stopped working, website is down and emails are not sending.

Putting the customer at the heart of our business at Vastspace is our objective. To help customers to save time and ensuring good up-time of their VPS, our monitoring system collects daily disk usage statistic from each VPS. Engineers will identify the VPS have consumed 90% of the total disk storage and inform the customers in a timely manner.

SmarterMail 14.x is here

I urge all smartermail users to upgrade their current SmarterMail server to Version 14.0.5637. One of the significant improvement is the the newly compiled ClamAV 64bit which is more efficient and lower system overhead to replace the outdated and less efficient 32bit ClamAV.

 

Version 14.0.5637 (2015-06-08)

Key Features
  • A temporary address can now be generated by users with a short life span that operates as an alias to their account. This is to allow sign ups to external services without giving out the account’s real email address.
  • Message Sniffer is now available as an antispam add-on.
  • Multiple calendars can now be added to a single account.
  • Option to mark a domain as external and have messages to that domain sent either to the domain’s MX record or to a specified host address.
  • System administrators can now add customized HTML and change the login header text through settings on the General Settings page. They may also allow domain administrators to override these customizations.
  • Deleting email folders in either an email client or webmail will now have their associated folder on disk removed as well. Orphaned folders from earlier releases of SmarterMail will be cleaned up automatically.
Changes
  • IMPORTANT: SmarterMail 14 now requires Microsoft .NET 4.5. This prevents SmarterMail from running on Windows Server 2003.
  • Added: An instance of a recurring calendar event can now be deleted from the context menu.
  • Added: An option for external domains on whether messages should deliver locally or remotely if the user account exists locally.
  • Added: An option to toggle between overlaying multiple selected calendars, contacts, tasks or notes collections in a combined view versus displaying one at a time.
  • Added: CalDAV now supports syncing multiple calendars.
  • Added: Contacts, Tasks and Notes now allow multiple collections to be viewed at the same time.
  • Added: Domain conference rooms can now be selected to view on the calendar page.
  • Added: Dropbox is now available as a connected service allowing links to Dropbox files in email messages.
  • Added: Editing a recurring event now displays the series instance’s start and end dates.
  • Added: Exchange Web Services now supports syncing multiple calendars.
  • Added: Grids now support multi-selection on Apple Mac browsers by holding down the command key.
  • Added: IMAP authentication now supports Cram-MD5.
  • Added: Microsoft OneDrive is now available as a connected service allowing links to OneDrive files in email messages.
  • Added: Migrating Google calendars now migrates all calendars from a Google account.
  • Added: Multiple calendars can now be synced using Exchange ActiveSync.
  • Added: Multiple calendars can now be viewed together in a combined view, which color codes events from the different calendars.
  • Added: SMTP Accounts has been added to the Features tab in domain settings, allowing them to be enabled or disabled per domain.
  • Added: System administrators can now customize the messages sent for certain automated emails.
  • Added: Tasks can now be imported from Gmail.
  • Added: The My Today Page now displays appointments for all calendars in a user’s account.
  • Added: The reminders popup now displays items for all calendars in a user’s account.
  • Added: Unsubscribe links for mailing lists can now be given friendly text instead of just displaying the unsubscribe URL.
  • Changed: Blocked senders will now block on the From address in the header of the message, in addition to the Mail From address given in the SMTP session. Previously it only blocked on the Mail From address of the SMTP session.
  • Changed: Content filtering now decodes base64 and quoted-printable encoded text parts in email messages before applying filters.
  • Changed: Improved the ClamAV definitions update process, including 64 bit support and ClamSup.
  • Changed: Migrating the same Google calendar twice will now overwrite the previously migrated events instead of creating duplicates.
  • Changed: Time zone information now utilizes the built-in system registry time zone information instead of an external file.
  • Efficiency: Deleting a large number of items from the IP blacklist or whitelist is now much faster.
  • Efficiency: The load time of the monthly calendar view is now much faster.
  • Fixed: A recipient address formatted with a quoted username containing a certain sequence of characters will no longer cause high CPU during the SMTP session.
  • Fixed: Changed how recurring calendars with a recurrence count of zero are transmitted via Exchange Web Services to work around an error when syncing with emClient.
  • Fixed: Gmail email migration now functions correctly when one or more Gmail labels contain characters that are not allowed in Window’s folder names.
  • Fixed: IMAP search now handles search commands with multiple levels of parenthesized lists correctly.
  • Fixed: Messages displayed in the mobile interface now wrap text when the length of a line exceeds the width of the display.
  • Fixed: Migrating contacts from Gmail now functions correctly.
  • Fixed: The action “Send VCard(s)” now functions correctly for the Global Address List.
  • Fixed: The date and time input fields can no longer be edited when viewing a read-only appointment.
  • Fixed: Two scenarios within the mobile interface where downloading an attachment could fail.
  • Removed: All day appointments no longer display times in webmail.
  • Removed: The five-ten RBL check is no longer included as part of the default RBL checks for either spam filtering or server blacklist checks.

What is IP Reputation Protection?

IP Reputation Protection monitoring your IP reputation and DNSBL statusDNSBLs and RBLs are general used on mail servers to reject or flag messages sent from sites that have been Blacklisted. If your mail server has been added to the DNSBL’s database, emails sent are likely rejected or identified as SPAM.

Our IP Reputation Protection System queries major DNS-based Blackhole List databases and SenderBase which is one of the world’s largest email and web traffic monitoring network, and process these results to send alerts to our support team to take immediate action. We help customer to identify the root cause, contacting the various DNSBL agency to request removal and mitigate the impact on emails returned to sender due to blacklist.

If the event your mail server has been blacklisted, we usually take less than an hour to restore your mail service with IP Reputation Protection.

Install Windows 2012 Server with GUI on Vastspace SSD Cloud Server just under 4 minutes

If the article on “Cloud Server with SSD vs Cloud Server with spinning drives” isn’t enough to convince you the superior read and write performance of what SSD Cloud server offers, check out this video.

Installing Windows 2012 Server with GUI, just under 4 minutes is near impossible using the conventional spinning hard drives.

Cloud Server with SSD vs Cloud Server with spinning drives

We have been talking much about our new Cloud server with SSD and its performance. Today, we want to make a comparison and benchmark on the cloud servers with spinning drives SSDs.

Vastspace SSD Cloud Server nodes use only enterprise SSD drives ensuring fast and consistent command response times as well as protect data loss and corruption.

We have done the read & write tests  for our Cloud SSD VPS against a popular SSD VPS before. Today,  we are carrying out test on 2  identical Cloud servers with SSD and Raid 10 15,000 rpm SAS drives respectively.
The test Cloud Servers comes with 2 CPU core, 2Gb memory and 20Gb of disk space.

Both test servers are installed with CentOS 6.5 x64 and hosted in Vastspace Singapore Data Center.

The result is obvious that SSD Cloud server beat the Cloud server with spinning drives hands down, despite the Raid 10 15K rpm SAS drives is still slower in terms of write speed compares to the solid state drives.

Cloud server vs SSD Cloud Server

 

 

 

 

VPS with Ploop

To understand the benefits of having PLOOP On OpenVZ container (Linux VPS), we need to knows what are the limitations of the traditional file system on VPS.

  • Since containers are living on one same file system, they all share common properties of that file system (it’s type, block size, and other options). That means we can not configure the above properties on a per-container basis.
  • One such property that deserves a special item in this list is file system journal. While journal is a good thing to have, because it helps to maintain file system integrity and improve reboot times (by eliminating fsck in many cases), it is also a bottleneck for containers. If one container will fill up in-memory journal (with lots of small operations leading to file metadata updates, e.g. file truncates), all the other containers I/O will block waiting for the journal to be written to disk. In some extreme cases we saw up to 15 seconds of such blockage.
  • Since many containers share the same file system with limited space, in order to limit containers disk space we had to develop per-directory disk quotas (i.e. vzquota).
  • Since many containers share the same file system, and the number of inodes on a file system is limited [for most file systems], vzquota should also be able to limit inodes on a per container (per directory) basis.
  • In order for in-container (aka second-level) disk quota (i.e. standard per-user and per-group UNIX dist quota) to work, we had to provide a dummy file system called simfs. Its sole purpose is to have a superblock which is needed for disk quota to work.
  • When doing a live migration without some sort of shared storage (like NAS or SAN), we sync the files to a destination system using rsync, which does the exact copy of all files, except that their i-node numbers on disk will change. If there are some apps that rely on files’ i-node numbers being constant (which is normally the case), those apps are not surviving the migration
  • Finally, a container backup or snapshot is harder to do because there is a lot of small files that need to be copied.

 

In order to address the above problems OpenVVZ decided to implement a container-in-a-file technology, not different from what various VM products are using, but working as effectively as all the other container bits and pieces in OpenVZ.

The main idea of ploop is to have an image file, use it as a block device, and create and use a file system on that device. Some readers will recognize that this is exactly what Linux loop device does! Right, the only thing is loop device is very inefficient (say, using it leads to double caching of data in memory) and its functionality is very limited.

Benefits

  • File system journal is not bottleneck any more
  • Large-size image files I/O instead of lots of small-size files I/O on management operations
  • Disk space quota can be implemented based on virtual device sizes; no need for per-directory quotas
  • Number of inodes doesn’t have to be limited because this is not a shared resource anymore (each CT has its own file system)
  • Live backup is easy and consistent
  • Live migration is reliable and efficient
  • Different containers may use file systems of different types and properties

In addition:

  • Efficient container creation
  • [Potential] support for QCOW2 and other image formats
  • Support for different storage types

 

This article is extracted and found at : https://openvz.org/Ploop/Why