Pair of scales is made of stones on the cliff

How to leverage between simplicity and new features? A message to DigitalOcean CEO Ben Uretsky (PART2)

Mitch Wainer, DigitalOcean Co-Founder and CMO  said on(check out the video) that they target and

owe their success to high growth startups  and individual developers.

Ben Uretsky(CEO of DigitalOcean) said for venturebeat (December 15th 2014)

“These providers(he was referring to the competition) focus on the technical features, and what we focus on is — this is why were highly differentiated — is we’re focused on people, and in this specific case, we’re focused on developers,”

He also said…

“I don’t think anyone really focuses on price,” Uretsky said — the directive is to ensure DigitalOcean remains user-friendly.


 

I agree with Ben – yes I‘ve chose DigitalOcean over RamNode not because of the price but because:

  1. they made their UI and UXD really simple
  2.  they have a beautiful  community site  (filled with so much useful Q&A that it’s unbelievable)
  3. other bunch of stuff that system admins and developers love (snapshots,backups,VPN, nice looking API documentation)
  4. Again…the community is of the charts good –this is the reason why I’m in a committed relationship with DO.

Bryan Liles ( A fellow Software engineer and also dealing with  Digital Ocean Strategy) mentioned two things(check out the video) that really caught my attention when he was asked about DDoS attacks and how they handle it.

He basically answered that they operate in a sense “I know a guy who knows a guy”, meaning they refer you to someone who can help you, they probably notice it before you, and it is an issue also for them (because it is also influencing their network obviously), but they will not jump in and solve it, saying in a sense that it is your droplet – administrate it the best way you can.

I hear what Bryan is saying,because with over 500.000 user –doing this  any  differently  would  be ludicrous.

 

 

So what is the solution and how to keep up with the

“Simple cloud focused on developers and growing startups”

strategy?

 

They really need to think about it in this way….

 

Pair of scales that describes the situation DO is in
Pair of scales that describes the situation DO is in

 

In order to keep DigitalOcean in perfect balance between it’s new features (including existing ones) and it’s simplicity (the thing that got it where it is today) is… 

Communication

 

and can be divided into two parts:

 

1.Direct (Notifications, E-mail, Messages, etc.)

Here’s a problem I encountered while working with my droplet that could have easily avoided with good communication.

I have a droplet running Ubuntu 14.04 x64

The moment I had my droplet online it had around 12 bots scanning my page ( by looking at the logs I saw that most of them were trying to brute force my ssh root account).

So I found a solution and made changes to my SSH config file (/etc/ssh/ssh_config), changed the port number, removed permitrootlogin without-password

also I Installed fail2ban and  configured it.

My root password was strong to begin with, but I noticed that malicious by third party activity(bots,hackers) made my CPU and processes go up and in essence they were slowing down my server.

This could be an issue for the user and more work for you (tickets,complaints…etc.)

The thing is that this could be easily avoided by sending out an e-mail or giving a short message at end of the droplet creation…. something like this :

Hey Rene!

You’ve successfully set up your droplet with Ubuntu on it, please do the following to ensure your droplets safe future – as you probably know there a lot of bad guys lurking in the vast world of internet, trying to ruin your day. Keep safe by following these tips, tutorials,webinars…… – or reach out to our support team for some help.

DigitalOcean has a e-mail that is kinda warning you of this stuff…but not quite.

e-mail_after_droplet_creation

Keep in mind – developers are not system admins. Application security isn’t network /server security a typical developer will not know about ssh configuration or fail2ban (most of them do – but that’s only because we’re so awesome :) )

DigitalOcean….follow your own advice… check out this “develop strategies together” part of the video below – you need to be Jay the Sysadmin guy from the video to the girl(developer) approaching.

2. Through UI /UXD

Some inconsistency  in the UX/UI department

I mentioned some of them in the blog post about Ideas for DO

region_select_DO

What’s up with the 3,2,1? What valuable info do I get on what is the best choice? Does it even matter?

Tell me if it does!

 

UPDATE(6th of August 2015)

I got response from the DO support team about the difference in choosing 3,2,1

datacenter_region

END OF UPDATE

 

power_off_story

This seems off – it seems as though this has been put here because a guy from support told the guys from product development that they’ve been getting a lot of tickets about data corruption problems, and the product development team reacted in a way that they told the front-end guys the usually response support guys give out to the customers :) , and I completely understand – obviously there a bunch of smart girls and guys working in DO but maybe they are really tight on time?

 

Let’s go on….

 

command_line_DO

 

It would be great to have a “Access Console here” button

 

no_backup_after_creation_DO

Tell me how to do it with my current droplet ( add something like take a snapshot of the current one…rebuild a new one?)

Another thing….

Sometimes I feel a bit anxious about using some of the features…especially snapshot where you have this loading bar that isn’t showing you what is really going on…you can just sit and wait…biting your fingernails…

destroy_processing_DO

Like this one…

-It would be great to have just a little loader…or something else to see if it is alive. Almost every-time I do a snapshot – I go out to take a walk because looking at it makes me feel like something is stuck, and I’ll have to hard-reset the server…and the data will be corrupted, and my client will go berserk on me…etc…

 

Conclusion:

 

Don’t get me wrong -these are some of the things that I feel that are missing when it comes to DigitalOcean and it’s  mostly the way of communicating to developers / startups.

I realize that there is a huge challenge in  keeping customers satisfied by adding new features and keeping DO in a “simple cloud provider” state.

New features  tend to open a door to a simplicity killer(huge menus with a billion options) and that’s not something I want DigitalOcean to become.

 

 

Hope this review and Ideas will help DigitalOcean become a even cooler cloud provider.

 

Rene

Read More

the “Timeout waiting for PADO packets” hassle

Sep 2 09:56:21 maia pppd[2805]: Timeout waiting for PADO packets
Sep 2 09:56:21 maia pppd[2805]: Unable to complete PPPoE Discovery
Sep 2 09:57:26 maia pppd[2805]: Timeout waiting for PADO packets
Sep 2 09:57:26 maia pppd[2805]: Unable to complete PPPoE Discovery
Sep 2 09:58:31 maia pppd[2805]: Timeout waiting for PADO packets
Sep 2 09:58:31 maia pppd[2805]: Unable to complete PPPoE Discovery
Sep 2 09:59:36 maia pppd[2805]: Timeout waiting for PADO packets
Sep 2 09:59:36 maia pppd[2805]: Unable to complete PPPoE Discovery
Sep 2 10:00:41 maia pppd[2805]: Timeout waiting for PADO packets
Sep 2 10:00:41 maia pppd[2805]: Unable to complete PPPoE Discovery
Sep 2 10:01:46 maia pppd[2805]: Timeout waiting for PADO packets
Sep 2 10:01:46 maia pppd[2805]: Unable to complete PPPoE Discovery
Sep 2 10:01:46 maia pppd[2805]: Exit.


Your error log looking like this? Be sure to double check with your ISP if bridge has been enabled

Read More

One command away from hell :D

So there I was cleaning out the e-mail server (Postfix running on Debian), and I noticed that a lot of customers have their trash folder with up to 6 GB of data in them. Since e-mail server was running out of space I decided to clean it up.
So I proceed casually to type in the following while in the trash directory..
root@XYXY:/rm *

rm: cannot remove `bin’: Is a directory
rm: cannot remove `boot’: Is a directory
rm: cannot remove `dev’: Is a directory
rm: cannot remove `emul’: Is a directory
rm: cannot remove `etc’: Is a directory
rm: cannot remove `home’: Is a directory
rm: cannot remove `initrd’: Is a directory
rm: cannot remove `lib’: Is a directory
rm: cannot remove `lost+found’: Is a directory
rm: cannot remove `media’: Is a directory

The one thing that went through my mind is…Sh** – what a massive fu** up

After panicking for a hour or two…started from bits and pieces to pull it all back together.

Fortunately I had a pretty updated backup on a another server and that eased my mind because it wasn’t a total disaster – I just had to find a way to start up the VM that I had successfully deleted.

I took a look at the other VM I had running and copied their boot – I knew I was going to need this because , I have realised (after A LOT of googling 😀 ) that I removed /lib64 and /lib32 (which are symlinks to /lib).
Thus disabling me from executing any command because it depends on /lib64/ld-linux-x86-64.so.2.

Here’s the part where I got lucky and saved my sorry a** :)

So there is this one file that is tatically linked on the system – and it doesn’t need any libs (/lib64) – and that is the /lib/ld-linux-x86-64.so.2 file.
If you use this file you can force ln command to check out /lib for the libs instead of the missing (deleted by yours truly) /lib64.

So all you need to do is type in /lib/ld-linux-x86-64.so.2-library-path /lib /bin/ln-sf/lib /lib64
Which in fact recreates the /lib64 symlink… HURRAY 😀

Read More

Debian server crashing after a lot of data transfer

I’m running 2.6.32-5-xen-amd64 version of Debian….

Recently I’ve had quite of a surprise when all of a sudden my DNS server crashed – to make matters even worse this happened during a presentation of a newly created web page, making the presentation impossible.

I rushed to connect to the server only to realize that the VM that is running and everything seems to be just fine.
Before further examination I’ve decided to restart the whole machine (running a couple of VMs).

After restart and successfully booting of all the services / VMs – everything seemed to be in order. All of our online web services started running and it looked like DNS started working again.

I was completely confused…and started to check logs (one by one) in order to find out of what was going on.

This is what caught my eye in /var/log/syslog

Jun 17 03:00:02 **YourServerName** kernel: [10600465.191348] EXT4-fs (dm-15): ext4_orphan_cleanup: deleting unreferenced inode 131315
Jun 18 03:00:05 **YourServerName** kernel: [10686867.920018] EXT4-fs (dm-15): ext4_orphan_cleanup: deleting unreferenced inode 131315
Jun 19 03:00:03 **YourServerName** kernel: [10773266.248593] EXT4-fs (dm-15): ext4_orphan_cleanup: deleting unreferenced inode 131315
Jun 20 03:00:02 **YourServerName** kernel: [10859664.573971] EXT4-fs (dm-15): ext4_orphan_cleanup: deleting unreferenced inode 131315

After googling it…I found out it is a issue for a lot of IT folk out there

http://ubuntuforums.org/showthread.php?t=1861588

Some are suggesting that it is hardware related (HDD bad sectors)

https://bbs.archlinux.org/viewtopic.php?id=95683

It seems like a lot of data transfer locks the HDD into read only mode!

The only thing that I found in common is that it happens when a lot of data transfer(heavy hard disk activity) is being done 12h / 24 h before on Unix machines.
The night before I have scp a DB from my computer to the server and then later on to another server that acted as a host.

Read More