Hello all.
Just a quick query really. Is it possible to boot Clonezilla or similar
on the VPS via the Xen interface? It's not something I know much about,
but I wanted a complete and definite way of backing up. I can put the
image data to another server somewhere and write to HDD as a complete
offsite backup.
Clonezilla comes as an ISO, which with Grub2 can be booted, but I don't
really want to mess around with Grub too much in case I break it.
If there is a better solution to create a complete bit-level backup,
fire away.
Thanks in advance.
George, M1GEO.
george-smart.co.uk
Hello,
TL;DR:
This email is purely informational and there's no need for you to
take any action as a result of it.
The base VPS memory will go from 480M to 1,024M soon, and the
incremental upgrade will go from 240M to 256M, with the prices
remaining the same for those line items. It will take some time
(months) for this to be phased in. You don't need to do anything at
present.
Not Long Enough, Give Me More Info To Read:
Ideally I wanted to avoid saying anything about this until it had
started affecting csutomers, but I'd already given some time
estimates to a few people ("somewhere around the first week of
July"). Now there's been a few delays and some would be left
wondering what is going on, so I thought I better say something.
Clearly an upgrade of VPS specs has been well overdue for ages. In
June, hardware orders were made and this process is now under way.
It's not quite as simple as just buying "the same, but new". The
current BitFolk customer base is spread across 9 servers, and every
single one of them is basically not upgradeable at this stage. I
don't really want to replace them with 9 new ones, so a little more
scalability is required.
The bottleneck at present is either IOPs or CPU. IOPs is the hardest
one to solve so to increase scalability, new hardware must be
SSD-only. That's obviously really expensive, so this is not
something I want to get wrong.
There was quite a long lead time on the hardware I'd selected. I
felt it was worth the wait because the motherboard and CPU have a
really good bang per Watt factor, and the predominant cost for
BitFolk is power. That's now arrived, is in colo, and is being
worked on, so hopefully won't be as much of an issue in future.
The delaying issue now is software. There's a bunch of changes in
both Debian¹ and Xen² which I need to account for in BitFolk's own
software infrastructure.
Once that's progressed a bit more I will need to start putting
BitFolk's own infrastructure VMs on the new hardware to give things
a bit more of a soak test³. Around that time I will also be talking
to those I have already spoken to about this—and seeking some more
volunteers—to have their VPSes moved to the new hardware. There's
no need to contact me now to volunteer. I have to select the most
suitable customers for this and then ask them.
A key thing I need to discover is when the CPU and IOPs will run
out for this specification. For that reason the initial candidates
will have only the base amount of RAM (1G), so that the maximum
number of them can be packed on, and only the base amount of storage
(10G), again so hopefully that doesn't run out before another limit
is reached.
For some sense of comparison, the 3 busiest current servers look
something like this:
Name | # VPSes | RAM used | Storage used
----------+---------+----------+-------------
bellini | 74 | 47G | 2.71T
president | 60 | 45G | 2.71T
sol | 50 | 47G | 1.69T
The new hardware has 1.6T of usable SSD per box, and I want to fit
more customers on each, so obviously I have to start with low
storage VPSes first if I don't want storage to run out first.
Obviously SSD storage costs vastly more than HDD storage. Not very
many BitFolk customers order more storage, but it is unclear at this
stage if I can continue to offer additional (SSD-backed) storage for
the same price as the current HDD-backed storage. I do not want to
put both HDDs and SSDs into the same hosts, so I want to avoid
selling a mixture. I will know more once I've found out where the
CPU and IOPs limits lie.
The backup storage that is currently sold at the same price as live
storage is going to remain on HDD and so will remain at the same
price as now (or cheaper), whatever the case.
Even after I am satisfied that the setup is working well, and the
limits have been found, still I can't just move absolutely anyone in
any order. The next priority will be to decommission the most
power-hungry hosts. By this stage I will be continually ordering and
commissioning new hardware and then migrating customers to it.
During this time, as hosts are emptied, it will be possible to
increase the RAM of some customers without moving them. Eventually
however it will be necessary for every customer to have their VPS
moved between hosts because existing hardware probably run around 3
to 4 times as power hungry than new hardware that should support more
customers per box.
So, there is no need for you to take any action at this time, other
than to ask any questions you may have. I will be in touch with you
directly once it is time for anything to happen. I just wanted to
let you know what was going on, and to reassure those who I've
already spoken to that I have not forgotten about this! The first
set of hardware is bought already, the money is spent, and having
both new and older hardware live is costing BitFolk even more money,
so it is definitely going ahead. :)
Cheers,
Andy
¹ Debian jessie comes with systemd. I have to make sure I'm
comfortable with this and that other various bits of software are
integrated.
I use Puppet for config management. Debian jessie comes with a
version of puppet client which will not talk to the puppetmaster
that is packaged with Debian wheezy. Upgrading the puppetmaster
may necessitate wide-ranging changes elsewhere.
As an aside, upgrades forced by Puppet are probably in my top 5
annoyances with it and I probably wouldn't use it in a new
development. So I don't need to hear about your Puppet hate. :)
² The major piece of work here is accounting for the removal of
Python code from Xen (guest) config files.
At the moment each VPS has a config file which is actually a
fragment of Python that only has variables in it, with a call to a
Python script at the bottom. That script decides whether to just
boot your VPS, or in fact to boot the rescue VM or to download an
installer kernel/initramfs and boot that.
The ability to do that has now gone away and a guest config file
is now just a set of key/value pairs. This means that the Xen
Shell will need to write a new config file for each command or
change you make, and boot that one.
³ Obviously it's already been punished with memtest86+ and IO
throughput tests. I mean more operational testing.
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Hi All,
Maybe it is me that have missed something (as usual), but it seems
that I have a strange behaviour at (in? on? with?) the vps console. I
can login as usual, and screen is starting up a shell on my vps. But
if I detach the screen process from the console (with C^-a d for
example), I am immediately logged out. At that stage I expected to get
to the xen shell so I could control the state of my vps. But that does
not happen.
Anyone got any ideas as to why this is happening?
Thanks,
__
/ony
Following the recent upgrade and reboot of my Bitfolk server, OpenVPN
had stopped working. (I don't use it very often on that server; hence I
hadn't noticed.)
After some trying, the issue turned out to be that the server had
stopped functioning as a router - I thought I'd share what I did to make
it work, in case others run into the same problem.
I ran
echo 1 > /proc/sys/net/ipv4/ip_forward
modprobe tun
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
/etc/init.d/openvpn restart
Not sure if all of these were needed - the iptables one definitely was
as that was the one that fixed it.
Is there an easy way to make these changes permanent so that they will
survive a future reboot?
Thanks
Martijn.
Hi all,
Hoping to crowdsource your knowledge.
In Ubuntu/Debian, is it possible to set up the www-data user with SSH
access (for development purposes; read/write to the web server document
root) but not "shell access" otherwise?
The SSH will be pub-key only, but I already know how to do such things (to
avoid obvious "do it key only" suggestions).
Kind regards
Murray Crane
Thanks Matt/Hugo.
scponly sounds perfect, will go have a look.
Kind regards
Kind regards
Murray Crane
On 3 September 2015 at 16:50, Mail Delivery Subsystem <
mailer-daemon(a)googlemail.com> wrote:
> Delivery to the following recipient failed permanently:
>
> hugo-bf(a)carfax.org.uk
>
> Technical details of permanent failure:
> Google tried to deliver your message, but it was rejected by the server
> for the recipient domain carfax.org.uk by mail.carfax.org.uk.
> [2001:ba8:1f1:f1d9:216:3eff:fe14:aef9].
>
> The error that the other server returned was:
> 550 Unrouteable address
>
>
> ----- Original message -----
>
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
> d=gmail.com; s=20120113;
>
> h=mime-version:in-reply-to:references:date:message-id:subject:from:to
> :content-type;
> bh=qUsmRotgDrePcgGkI3DnWeS619sY44YzDcMeKhOU5v4=;
>
> b=J+zTvt9/Iedp7OimfHkFm/PpIQhGZzoe5DHLC/pS+a8oG7urV/0dlNyrRZZzFlAQqK
>
> sECRimLaeNqtpGSk98+W+cs1VkDq4ecclWGmtcZqh9QV+o0CYXtn5ijgW/9DY5We9vmi
>
> AQJoWjo1snV2eqTZ/6eVUN4eft3NVD2hOFcFf09oYWGRLcz1u91e/G5SbBx72Tytv0uZ
>
> kxKRCYWIQaEXIwpgboZZPJRZdnWh8pz2BCCrZsrEo7cHUGUFneL4cf8TWxTtkSFgtFBo
>
> XnYtLHyqnBgJG7Lq9MnGloDCD3Zg8d8eUs5prVbKCPgcBmcihinHrO4ln8oQ0h1WhTDQ
> uovw==
> MIME-Version: 1.0
> X-Received: by 10.112.170.129 with SMTP id
> am1mr22610658lbc.116.1441295439506;
> Thu, 03 Sep 2015 08:50:39 -0700 (PDT)
> Received: by 10.112.53.4 with HTTP; Thu, 3 Sep 2015 08:50:39 -0700 (PDT)
> In-Reply-To: <20150903154935.GH11358(a)carfax.org.uk>
> References: <CAAiW_G=sCOXr3g+0KzTpkJmuZYpfDLRY4O3zovk4a0BKEWt=
> Jw(a)mail.gmail.com>
> <20150903154935.GH11358(a)carfax.org.uk>
> Date: Thu, 3 Sep 2015 16:50:39 +0100
> Message-ID: <CAAiW_GkyVwYG4WeNnrC3-ThYSnwUuDLyTOezJEO1=
> c3-G0a7Uw(a)mail.gmail.com>
> Subject: Re: [bitfolk] SSH query
> From: Murray Crane <murray.crane(a)gmail.com>
> To: Hugo Mills <hugo-bf(a)carfax.org.uk>
> Content-Type: multipart/alternative; boundary=001a11c372eab03a74051ed9bee9
>
> Thanks Matt/Hugo.
>
> scponly sounds perfect, will go have a look.
>
> Kind regards
>
> Murray Crane
>
> On 3 September 2015 at 16:49, Hugo Mills <hugo-bf(a)carfax.org.uk> wrote:
>
> > On Thu, Sep 03, 2015 at 04:42:27PM +0100, Murray Crane wrote:
> > > Hi all,
> > >
> > > Hoping to crowdsource your knowledge.
> > >
> > > In Ubuntu/Debian, is it possible to set up the www-data user with SSH
> > > access (for development purposes; read/write to the web server document
> > > root) but not "shell access" otherwise?
> > >
> > > The SSH will be pub-key only, but I already know how to do such things
> > (to
> > > avoid obvious "do it key only" suggestions).
> > > Kind regards
> >
> > There's a project called scponly that you can use to set this
> > up. You set it as the login shell for the account, and it implements
> > the absolute minimum that a shell needs to do to support scp, without
> > giving any kind of interactive access.
> >
> > Hugo.
> >
> > > Murray Crane
> >
> > > _______________________________________________
> > > users mailing list
> > > users(a)lists.bitfolk.com
> > > https://lists.bitfolk.com/mailman/listinfo/users
> >
> >
> > --
> > Hugo Mills | I spent most of my money on drink, women and
> fast
> > hugo@... carfax.org.uk | cars. The rest I wasted.
> > http://carfax.org.uk/ |
> > PGP: E2AB1DE4 | James
> > Hunt
> >
>
