(Note: This is a review of VPS hosting services provided by Web24 and Linode, and a migration of one of my sites from one to the other at the end of March 2008.)

Web24 — Virtuozzo VPS in Australia

Back in early this year I talked about writing a review on Web24.com.au, which I used to replace a VPS I got from GPLHost, which I terminated last December as I was using too much bandwidth (and was too cheap to pay :) The VPS I got from Web24 was their Silver package, a Virtuzzo Linux VPS running Ubuntu Linux, with 384MB guaranteed memory, over 6+GB of privvmpages (burstable memory), 50GB/month data transfer, and was located in Fujitsu data centre in Melbourne (see their profile on VPSAU). All these for under AUD$50/month — very affordable for my little sites.

First of all I have to confess that I have been very busy over the last months or two and have not really been motivated to write. I have a few other projects happening at the same time — at work, at home, at church and at my other websites, and I apologise for neglecting this blog. Hopefully I will get back to writing here again. I am also hoping to write shorter pieces — maybe just 2 or 3 paragraphs — so I can make more frequent posts.

Now, something I have been doing over the last couple of days is to upgrade my Ubuntu servers to 8.04 Hardy Heron, which was “officially” released last Thursday. Now it has been almost two months since I wrote my last blog post, which was about switching from Gentoo to Ubuntu, and now most servers/VPSs that I am personally responsible for (except those at work) are running Ubuntu. Hardy Heron is a LTS (Long Term Support) release which I am hoping to build most my apps on for the next 2 weeks. Upgrading to it from previous Ubuntu releases is surprisingly trivial.

SliceHost 3-Way-Handshake Podcast Episode 8 — over 80% of Slice at SliceHost runs on Debian-based distributions (Debian, Ubuntu), verses around 5.5% for Gentoo. RPM-based distributions (CentOS, Fedora, etc) is a bit bigger but simply does not compare with overwhelming domination of Debian-based distributions.

Over the last 3-4 months I have also gradually moved my Gentoo based servers to either Ubuntu or Debian (prefer the latest Ubuntu if available). In fact I have just deleted my 18 month old Gentoo slice at SliceHost, and moved all content to a new slice running Ubuntu 7.10 last month. Now I am happy to say that all of my live servers/VPS are now running either Ubuntu or Debian, and it has changed my Monday morning (my usual mass-update morning) from:

1. # emerge --sync
2. # emerge -avD world
3. Starring at compilation messages scrolling across the screen.
4. Trying to figure out why some packages are blocking, some packages do not emerge, and why some packages I upgraded last week is now down-grading again.
5. … 20 minutes later I finally got my root prompt back!
6. Restart all services that I have emerged, finger crossed hoping that nothing breaks, otherwise revdep-rebuild while reading special upgrading instruction on PAM, MySQL, or OpenSSL at Gentoo.org.

To:

1. # apt-get update
2. # apt-get upgrade

Upgrading all the packages in the Gentoo Portage system can be very time consuming, and it gets worse when you have quite a few servers to upgrade!

Saw this video on YouTube the other day, which leads to this website that exposes dirty secrets of web hosting review sites.

It is basically preaching the same message that DreamHost blogged about almost 2 years ago. None of these web hosting review sites are reliable because top spots can usually be bought with monthly subscription fee. Either that or a hefty affiliation payout. Basically they should have renamed the top 10 hosting companies to the Top 10 Web Hosting Companies that Pay Me The Most. Funny that the site is hosted on GoDaddy, which quite often appears on those “top web hosting site” lists as well.

There seems to be some connectivity issue with regarding to my VPS at Web24 (profiled at VPS AU here) right now. For my websites hosted there, the heading will load, and then part of the content, and then the browser will just stall there trying to fetch the rest of the page but they never arrive.

I do have a Virtuozzo VPS hosted in Melbourne, and the hosting company provides HSP complete control panel for me to login and view and change my account details. The column on the left also reports the resource usage of your VPS, showing you total traffic, amount of disk space, and the current “CPU usage”.

As you can see my VPS is currently using up 53% of CPU resource, out of 100% that is available. No wonder why my VPS feels so slow. However, when I actually jumped onto the VE and have a look, my processes weren’t using much CPU at all! vmstat shows my user and sys has always been under 5% combined (and under 2% most of the time). Type in upload shows that it is my 1 minute load average that is hovering around 0.5. HSP complete just conveniently interpreted to end user that VPS has used 50% of CPU resource, without trying to explain what load average is. That’s mad.

SecurityFocus: Linux kernel memory access vulnerabilities, exploit included to get you root account on stock kernels between 2.6.17 and 2.6.24.1. Web hosts responded — Holy !$#&!!! CentOS 5, Ubuntu Edgy-Gutsy, Debian Etch — all these Linux distributions are affected. Basically a local user can gain root access, and with help from vulnerable applications that allow executing arbitrary local code, a remote user might be able to take over the entire system.

Yesterday on my personal blog, I wrote about WordPress 2.3.3 upgrade due to a security exploit, and one issue I wrote in the comment, is that there are just too many blogs out there installed by Fantastico and alike, that are never updated. They are often targeted by the hackers, employed by blackhat SEO, to inject hidden links into existing blogs. Matt from WordPress agrees:

I think you also have a good point that we need to put pressure on the hosts and Fantastico to take responsibility for the blogs that they set up and stay current with releases.

Then I received DreamHost’s latest newsletter (January 2008), and in section 2 they introduced their new one-click install “easy mode”:

Last week I needed a small VPS to test a new project so I went to Web Hosting Talk VPS offers forum to look for something really cheap, and found this deal at ServerWays.com. ServerWays is a new company, with its domain registered in December 2007. It is also a one-man shop according to this discussion thread. However it does not really matter to me as (1) it is only less than $5 per month (2) it is for a throw away project. So I clicked on the Order button for their lowest spec’ed VPS 111.

This is what you get for $4.90/month, billed monthly and no set up fee.

• 100MB guaranteed memory
• 10GB storage
• 100GB/month transfer
• OpenVZ + HyperVM

Yes. Sure. Computers often crap themselves, but problem often exists between keyboard and chair, i.e. the actual users. Around 10 minutes ago an account executive at work called as all the site customisations are gone. It turns out she explicitly clicked on the option to wipe out all the customisation and had made no back up. Now she needs to dig up old backups from October last year and try to fill in all the missing pieces.

S*** happens. Some are big s***, however, a few are bigger!