Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


ChicagoVPS Customer: Understanding the Implications of the "Thread"
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

ChicagoVPS Customer: Understanding the Implications of the "Thread"

MTUser2012MTUser2012 Member
edited March 2013 in General

As a Chicago VPS customer, I carefully read through most of the thread about the database the other day. I am not seeking to rehash the issues discussed in the thread, but to understand more about what it revealed so that I can understand my own situation.

  1. Do I understand the thread correctly to mean that the database included root passwords that I selected for the VPSs that I own? So potentially someone who has the database has root access to my VPSs?

  2. Can someone help me understand the overselling aspect?

I completely understand, and I'm not complaining about, that if you sold VPSs with 2 GB and every one of your customers only used 1 GB, you could sell more VPSs so that the idle memory was effectively used. No one could reasonably complain about the above scenario.

What I am trying to understand is does the openVZ system allow a host to so oversell a node that although it might appear through the Solus control panel that a customer has 2 GB and is using that, the physical reality is that person only has a very small portion of that memory available to them to use? And, would the numbers revealed in the thread for servers per node indicate that this latter scenario pertains.

I have only been running my own VPSs for around nine months and I'm still on the flat end of the learning curve.

«1

Comments

  • necsnecs Member

    1) Yes, change your root password.

    2) Sort of, it means if everyone used the ram allocation at the same time no one would be able to use the ram allocated to them in full, this if often the thing people hate about OpenVZ.

    It is unfair I think for hosts to call it dedicated Ram if they are selling the same Ram twice, but if everyone is open and clear and you know what you are buying OpenVZ is a great product that allows more effective use of resources in general.

  • AlexBarakovAlexBarakov Patron Provider, Veteran

    @MTUser2012 said: What I am trying to understand is does the openVZ system allow a host to so oversell a node that although it might appear through the Solus control panel that a customer has 2 GB and is using that, the physical reality is that person only has a very small portion of that memory available to them to use?

    OpenVZ allows over-commiting of everything (HDD, RAM, cpu). In reality, your node can have 16 gigs of RAM, you can sell 32 gigs. If the node is for example using 15GB and your VPS is idle, this means you would not be able to utilise the 2GB you purchased. Not absolutely sure what would happen if you do try, as I never passed over 60% of RAM usage on any of my nodes, however I asume it will get SWAPed and start working slowly.
    KVM allows RAM overselling. Xen does not allow overselling, if used through solusvm. Inr eality in Xen the providers can balloon the RAM as well, however can't be done through the widely used solusvm panel. Got no idea for the HDD, however I belive it can't be oversold on KVM/Xen.

  • 1.- Change all your root passwords even if you are not OLD customer of CHICAGOVPS, for security

  • It's the usual LEB approach: make an offer that people can't resist and then leave it idling.

  • Ash_HawkridgeAsh_Hawkridge Member
    edited March 2013

    @Alex_LiquidHost said: KVM allows RAM overselling. Xen does not allow overselling, if used through solusvm. Inr eality in Xen the providers can balloon the RAM as well, however can't be done through the widely used solusvm panel. Got no idea for the HDD, however I belive it can't be oversold on KVM/Xen.

    KVM Can oversell RAM, but we're talking really low numbers here, maybe 256MB to 512MB if your lucky, just because each VPS is running its own kernel etc, so idle KVM boxes will use much more than an idle OpenVZ box (Which doesn't run its own kernel).

    I like to be honest and back what im saying, so here are some real-life usage statistics for one of our KVM nodes. Keep in mind there are quite a few VPS shutdown or suspended on this node currently:

    21.81 GB of 31.27 GB Used / 9.46 GB Free
    Ram Allocated: 27.16 GB

    Neither KVM nor Xen can oversell HDD, hence why most of these plans offer much less diskspace than similar OpenVZ packages.

    We don't even attempt to sell HDD/RAM anyway, our servers are sliced into equal parts with absolutely nothing leftover. Do we oversell bandwidth, sure, because 99.9% of clients will never use anywhere near their monthly allocation, which means we can provide the ones that do with more traffic. After all, our bandwidth amount doesn't roll-over into the next month, so its pointless wasting it.

    As for OpenVZ, we oversell, because that's one of the main advantages of OpenVZ. However we build out smaller nodes which can be upgraded as and when required and im pretty sure our ratio is a lot better than most around here.

    @MTUser2012 I hope this helps a little.

  • AsadAsad Member
    edited March 2013

    Tip: Always set a temporary root password in SolusVM, you can then login using that password and use the passwd command to set a new secure one.

  • AlexBarakovAlexBarakov Patron Provider, Veteran

    @GetKVM_Ash said: KVM Can oversell RAM, but we're talking really low numbers here, maybe 256MB to 512MB if your lucky, just because each VPS is running its own kernel etc, so idle KVM boxes will use much more than an idle OpenVZ box (Which doesn't run its own kernel).

    I am aware of that, as I myself have KVM nodes up and running, nearly filled. However I was talking about beeing possible, not about the percentage that you can safely oversell.

  • @BronzeByte said: It's the usual LEB approach: make an offer that people can't resist and then leave it idling.

    How bad it sounds, it is true.

  • @Alex_LiquidHost said: I am aware of that, as I myself have KVM nodes up and running, nearly filled. However I was talking about beeing possible, not about the percentage that you can safely oversell.

    It wasn't aimed at you as i know you work with KVM daily, just aimed to be informative for any one that's interested.

  • Nick_ANick_A Member, Top Host, Host Rep

    @GetKVM_Ash said: Neither KVM nor Xen can oversell HDD, hence why most of these plans offer much less diskspace than similar OpenVZ packages.

    qcow allows it for kvm

  • @everyone. Thanks for the explanations. I understand better now about overselling

    @AsadHaider. So if did just what you say, I chose a password that did not include special characters because of the Solus limitation to sign up, and immediately logged in via SSH and used passwd command to change my root password to something that did include special characters then my root passwords are NOT in the DB dump? This clarification is important to me because this is exactly what I do. I cannot stand to have a root password that does not include special characters so I work around the Solus limitation this way.

  • AsadAsad Member

    @MTUser2012 Correct, only the root password entered using the "Change root password" option of solusvm is stored (why the heck is it stored?). If you change the password yourself in the operating system directly, then that password is not compromised.

  • vldvld Member

    You guys are forgetting about console passwords..

  • @AsadHaider. Great! Thanks. I am safe. My love of special characters saves me.

  • @vld Please be more specific. I am still a beginner and your comment is opaque to me.

  • @MTUser2012 said: Can someone help me understand the overselling aspect?

    Now that the numbers have been made public already anyway:
    ~712MB of the 2GB is actually dedicated to you. ~468MB of the 1GB is actually dedicated to you.

  • @Nick_A said: qcow allows it for kvm

    I haven't ever used qcow2 as the underlying storage format so i didn't even think about that.

    Well lets change it to hosts that use SolusVM cant oversell HDD on Xen/KVM :P

  • @vld said: You guys are forgetting about console passwords..

    Indeed.
    Same policy
    Change them too.

  • @AsadHaider said: why the heck is it stored?

    For reinstalls so the root pw is set.

    @vld said: You guys are forgetting about console passwords..

    I didn't, I notified CVPS about it

  • change root password and ssh port

  • So this is the part that I don't understand. According to the Solus Panel and VirtualMin, my ChicagoVPS VPS uses between 1.5 to 1.8GB of the "2GBs" showing available to me. Does that mean I really am using 1.5Gb of memory or am I using (1.5GB x 712MB/2GB = 534mb) of memory and 1GB of disk space as swap memory?

    @BronzeByte said: Now that the numbers have been made public already anyway:

    ~712MB of the 2GB is actually dedicated to you. ~468MB of the 1GB is actually dedicated to you.

  • @AsadHaider its stored for OS reloads so it can set the PW. But yes, everyone should use passwd with their uber secret PW. I also recommend disabling root login so you have to su from another user to get to root. Two levels of password's, just in case.

  • @MTUser2012 said: So this is the part that I don't understand. According to the Solus Panel and VirtualMin, my ChicagoVPS VPS uses between 1.5 to 1.8GB of the "2GBs" showing available to me. Does that mean I really am using 1.5Gb of memory or am I using (1.5GB x 712MB/2GB = 534mb) of memory and 1GB of disk space as swap memory?

    You're using what SolusVM says your using (better to check with free -m via SSH, but same sort of thing), however you're only able to use that much because someone else on the host node you are on isn't using all of what they paid for. If everyone was using ~1.5GB of their 2GB then it wouldn't work very well.

  • @Jono20201 said: however you're only able to use that much because someone else on the host node you are on isn't using all of what they paid for.

    Exactly

  • [root@server ~]# free -m
    total used free shared buffers cached
    Mem: 2048 1817 230 0 0 1009
    -/+ buffers/cache: 808 1239
    Swap: 0 0 0

    Virtualmin and Solus say 843mb on this VPS, but it looks like am using 1.8GB?

    @Jono20201 said: You're using what SolusVM says your using (better to check with free -m via SSH, but same sort of thing), however you're only able to use that much because someone else on the host node you are on isn't using all of what they paid for. If everyone was using ~1.5GB of their 2GB then it wouldn't work very well.

  • CVPS is using .32 now?

  • @GetKVM_Ash said: It wasn't aimed at you as i know you work with KVM daily, just aimed to be informative for any one that's interested.

    Just for the record, that was a very informative description of how overselling works on KVM. Thanks for posting that.

  • @MTUser2012 said: [root@server ~]# free -m

    total used free shared buffers cached
    Mem: 2048 1817 230 0 0 1009
    -/+ buffers/cache: 808 1239

    Always look at what is free in the buffer thing, 2048 - 1239 = 809

  • @BronzeByte said: Always look at what is free in the buffer thing, 2048 - 1239 = 809

    or what is used in the buffer thing, 808. ;)

This discussion has been closed.