February 21, 2014

How you can ruin your business by choosing self-managed hosting

I've been devops for my entire work life, for the last 3 years I have worked with various products that needed hosting. I've seen many examples how self-hosting can go bad.

A typical scenario - you have an idea for a product which needs hosting. You order cheap VPS or dedicated server with poor support, setup everything by hand from scratch, start continuous deployments of your application and you forget about it. Yet, there are still many things which must or at least should be taken into account:

  1. How often do you check for security updates?
    I won't count every CVE (Common Vulnerability and Exposures) you might encounter, because vulnerability statistics and severity data might be unreliable (you can read why, watch the presentation and slides). But you can't deny the presence of vulnerabilities, someone has to take care of this, read every day reports. Check if your server is affected, evaluate how important it is for your product and take proper action to protect your infrastructure.

  2. Is your <service name> still supported?
    Updates are pretty often: minor changes and fixes, security updates, major updates. This can be automated up to some level. However sometimes you will encounter end of line of your major services like database engines. It happened a few times within the recent past, PostgreSQL (8.x to 9.x) and MySQL (5.1 to 5.5) are good examples. Updates may be complicated, often require some preparations and lead to a downtime.

  3. Is your distribution still supported?
    Your (not-so) LTS Ubuntu or Debian reaches end of line, you have to upgrade 4-5 year old OS to the latest version. It's very rare to see such upgrade going without any minor issues. In most cases you have some custom packages (needed for some reason, but absent in your distro) built by hand on top of and old Linux distribution, which will get you into even more troubles.

  4. How do you know that your server is working fine?
    You need to monitor at least 10 things and probably much more. It's crucial to have thorough performance statistics, because it's easier to look for bottlenecks in the future. Besides fancy graphs you have to know how to interpret all of this and when to setup notifications.

  5. Do you know how to scale?
    Your application grows rapidly, you are working hard to improve the code itself. What about your server architecture? Do you need more servers? - easy, just a few clicks away. Reliable configuration with load balancers, various cache services, maybe database replicas and probably easy management - this could be harder and require some experience and time. Be prepared.

  6. What happens when the server goes down?
    How do you handle unexpected downtimes? It may not be a big problem in the middle of the day when you are around, but what about nights or public holidays? It's possible to have service which will call you when necessary, do you want to be bothered every time it happens? Especially in the middle of the night? Each downtime may be expensive. It's not just about money, but you may loose trustworthiness as well.

  7. How do you deal with your infrastructure troubleshooting?
    Troubleshooting common issues is relatively easy for experienced crew. Things get complicated for everything else. How error-prone your solution is and how much time and money do you spend to overcome all disruptions? To minimize the risk think about it before a serious outage occurs. This may save you a lot of stress, money and dissatisfied customers.

  8. How do you test your infrastructure?
    You probably use TDD methodology for your application code, what about your infrastructure? For some time thanks to tools like Chef and Puppet, it's possible for servers too (berkshelf way, parts #1, #2 and #3), without TDD making any major changes is like running through a mining field.

You can disagree, you can call it 'bias', just remember it's my opinion. Any constructive comments are kindly welcome.

Do you want to learn the hard way how difficult and time consuming self-hosting could be? No? Try Shelly Cloud, we'll give you €20 credit for start and we guarantee painless deployments. We're also very open for suggestion how to improve our platform and adapt to our clients needs.

Posted by D3eadd8e8a8ab3db2fd6b032a67903e9?s=22&d=https%3a%2f%2fshellycloud.com%2fassets%2favatar Szymon Szypulski

Read one of our other articles - The difference between back-references and global variables in Ruby regular expressions

Sign up for our newsletter and get updates
about Shelly Cloud on your email:

Platform for hosting Ruby and Ruby on Rails apps, focusing on the developers happiness. With us you'll soon forget about server administration and having to wake up at 3 a.m. again.