I like it, it was released a couple of days ago so something might require a bit more polishing but overall it looks better to me.
I have heard of several cloud screw-ups as well, leading to charges of several thousands.
On one side this can happen if you experiment something outside of the free machine(s), on the other side you have all the reporting and notification tools to avoid surprises.
Nonetheless, I still see your point, reason why I prefer to use an almost dry revolut prepaid for all the cloud accounts instead of my main credit card.
As you wish, indeed the only free offer without credit cards is the one of azure for students. In any case you are not anonymous.
Considering the small audience and purpose, I would not have any problem using the always free offerings of either Oracle or Google (the latter especially if located in the US).
I don't know, wouldn't the Hypervisor be able to track resources usage by itself without anything else?
One of the answers in this discussion made me realize that this database is required only by the identity provider which I can change from the default. Considering this is a far less essential dependency than I thought I will get rid of it completely.
Running without docker is out of question, is a bundle of 6 docker containers. Deployment and management without it would be too complicated. Luckily somebody in another reply made me realize that the RAM eating container (cockroach DB) is far less essential than I thought and I can look for a replacement.
Thanks, this is a really good point, I can try to replace the identity provider! I did not realized that cockroachDB was only a Zitadel requirement! There are many great alternatives for mesh VPNs, netmaker, nebula, and headscale as you mentioned and all of them are much lighter. I ended up hosting netbird as it is natively able to traverse my corporate NAT (maybe headscale could do it as well, I did not try it since I do not like having to configure registry keys on windows clients and losing the kernel wireguard speed on linux clients) .
Yes exactly, burstable instances it's common jargon for AWS and GCP, but applies to all major providers.
I forgot to mention, I had plenty of swap available, now I disabled swap to force zram usage. I still need to see what happens running with both, it's hard when each trial takes 12-24 hours to show its result.
I am experimenting with ZRAM, it is indeed better than ZSWAP, that's why i am asking if any other kernel features can help.
Thanks again, I will look into your suggestions, never heard of neither Talos, RKE or Burmila. Indeed I should also look if I can do in the containers. The problem is only this database "CockroachDB" which is extremely memory hungry, maybe I can change something there.
This service consist of several docker containers, without docker I would not even know where to start for deploying it. Maintainance as well would be a mess, totally not an option
I believe it's a shared VCPU intentionally, I will recheck the terms and conditions, but I think I am not in the position to claim much.
Yes, this is a possibility. the ARM VPS is already running something else, but if I manage to run netbird behind a reverse proxy I can also move it there. BTW there are also 1 GB free VPS on azure (for students) and Google Cloud, but you guessed right.
Thanks for sharing your experience, indeed the distribution is relevant here. I am running Arch (BTW) on this VPS which idles at about 300 MB with dockerd and containerd, I am not sure how does exactly compare to Debian on RAM usage (I have a couple of other VPS running debian which seem to use a little bit more RAM but it could be because those images are bastardized by the addition of cloud provider services). In any case my setup is pretty minimal, to get some large benefit there I fear I should use something without systemd :/
The server is clearly overloaded, as soon as I start using some 10% of CPU frequently for some minutes (due to swap operations), the Hypervisor starts to throttle my instance and this of course makes the thing worse with an avalanche effect. When this happens steal time displayed from top can go literally as high as 90%.
Hi,
Do you have suggestions for kernel tweaks for getting the most out of a RAM limited system?
I am running a service requiring 2GB of RAM (netbird) on a VPS which has just 1 GB of memory. I am doing so because I am a stingy bastard and I use only free VPSs for my personal use so I get what I am paying for.
Because of this hardware limit in about 12 hours from service start I begin swapping a bit too much. This would still be manageable but soon the hypervisor gets really pissed and steals up to 90% of the CPU. So the only solution so far is restarting the docker containers every 12 hours (not great, not terrible).
Looking to improve this, Iam now experimenting with ZRAM and swappiness and it seems some benefit can be achieved by using some of the Linux kernel feaures. Is there anything else I should look into?
If postmarket os works on that device maybe you can go full Linux (alpine), there will be no systemd which might be a problem and I am not even sure about docker compatibility. You can look it up though.
In the past two weeks I set up a new VPS, and I run a small experiment. I share the results for those who are curious.
Consider that this is a backup server only, meaning that there is no outgoing traffic unless a backup is actually to be recovered, or as we will see, because of sshd.
I initially left the standard "port 22 open to the world" for 4-5 days, I then moved sshd to a different port (still open to the whole world), and finally I closed everything and turned on tailscale. You find a visualization of the resulting egress traffic in the image. Different colors are different areas of the world. Ignore the orange spikes which were my own ssh connections to set up stuff.
Main points:
-
there were about 10 Mb of egress per day due just to sshd answering to scanners. Not to mention the cluttering of access logs.
-
moving to a non standard port is reasonably sufficient to avoid traffic and log cluttering even without IP restrictions
-
Tailscale causes a bit of traffic, negligible of course, but continuous.
Hi,
What to do if the domain name of one of my webserver, that me and some lab members use for work related stuff, is no longer resolved by our university DNS? When I first noticed it, I could see no resolution at all while now the domain resolves to a wrong IP. The site can be normally reached on any other network so there is no problem on my side I think.
Should I just wait (now more than 24 hours) or should I try anything? I am entitled to complain to our IT even though the issue is only with this not-really-professional FreeDNS subdomain?
EDIT: apparently some automatism marked this domain as malicious (absolutely it is not, not willingly and not compromised) and somehow DNS resolves to CNAME sinkhole.paloaltonetworks.com.
Hi,
I am looking since a long time for a selfhosted tool that would allow the user to insert and visualize data in a hierarchycal structure (tree). Ideally custom schemas could be defined so that it can be also regarded as a rudimentary noSQL database. I've looked at the awesome-selfhosted page high and low for anything similar with no luck. Do you happen to know anything that could work? The best example for the functionality I am looking for is the open source desktop app treeline
Thanks for your inputs,
Hi,
I am looking since a long time for a selfhosted tool that would allow the user to insert and visualize data in a hierarchycal structure (tree). Ideally custom schemas could be defined so that it can be also regarded as a rudimentary noSQL database. I've looked at the awesome-selfhosted page high and low for anything similar with no luck. Do you happen to know anything that could work? The best example for the functionality I am looking for is the open source desktop app treeline
Thanks for your inputs,