New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
"naive" will change to "neural" once the math behind it becomes a little more advanced than simply looking at thresholds.
As a tangible example, let's talk concurrent HTTP connections. By default, ApisCP is fixed at 100 which will cover 95% of use cases. If you had an enormous server beyond 1000 clients, 100 concurrent connections might not be adequate. We can look at both worker count and connections/second to confirm it isn't a DoS/slowloris. Let's say that worker count is maybe at 75% capacity, then if run-queue size is below 1 per CPU boost the concurrent connection limit to 150 and reassess. Likewise if you've got a pretty quiet server pushing 2 connections/second at peak it may be worthwhile to reclaim 2 workers and free up 50 MB memory or so for use elsewhere.
The goal is to deliver a platform that can configure itself automatically. Whether you have 1 or 10,000 accounts, it will run just as efficiently without any further tweaking. Upside to this focus is that it reduces support costs and creates a more navigable product; less complexity increases productivity.
ApisCP now includes Remi PHP support for seamless any-version PHP (see PHP-FPM.md). It's as simple as adding the Remi repository, installing the packages, and a quick edit via systemd (<3 systemd).
Then override the pool service,
Where phpXX is the Remi version. Simple as that! Any PHP-FPM instances spawned through this method still report back performance statistics as well as obey resource limits and prescribed security. Remi also provides turnkey installation for exotic modules via PECL. ApisCP is designed - from my role as a hosting provider since 2002 - to provide a build environment to address most modules. Shortcuts take the guesswork out of builds,
With shortcuts come tradeoffs: it's not as fast as the monolithic builds delivered through source. From a couple rounds of benchmarks, it's about 9-15% throughput drop for a WordPress site (OPCache enabled). It's still faster than cPanel-based panels and leaps and bounds faster than Plesk's top heavy, convoluted stack.
If you need to juggle a variety of PHP builds to satisfy needs, then Remi is a great option. If you want to support just a version or two for pending modernization, then standby for native multiphp in ApisCP. You'll have the same capability to override whatever configuration parameters per interpreter (and delegate to site owners) in addition to the nice performance boost from native builds.
A 10% improvement in throughput means 10% more customers all things being equal Trade your inexhaustible resources where it's relevant.
.22 is pending which will showcase native multiphp + Remi PHP and possibly the preferences rewrite. Preferences will move over to LMDB or Redis; the current serialization/unserialization routine is prone to race conditions and unsuitable for ensuring consistency in high traffic environments. Rewriting to either which has no direct concept of multidimensional arrays means we have to flatten things.
I've moved ER macros (errors originating from the API) into a translation wrapper too, so we'll have a translation library soon enough of the flavor,
Hello %(forum)s: Hallo %(forum)s
There are %(num)i votes: Es gibt %(num)i Abstimmungen
With a translation abstraction layer smart enough to parse out numerical markers (d, u, f/F) and apply appropriate separators.
How does this perform on dedicated hosting? I get the impression this is more suited for resellers of shared hosting and vps's.
What's your use case and hardware? Hosting a single site on bare metal?
If you're using it for the platform buildouts and consistency checks, a DNS-only license through the licensing portal is free and gives you access to the platform infrastructure. Only catch is it cannot host sites, but may run a backup service or PowerDNS server.
Virtualization overhead is maybe 2-3% now, but the cost of BIOS initialization is heavy. There's an escape hatch built into the platform for example if you exceed a run-queue depth (load average) greater than 25x per processor, it'll perform an automated system recovery which is quicker than waiting for the spike to abate. Taking a production server of mine, Epsilon, for example, it's back up and serving sites in ~45 seconds. BIOS hardware initialization/memory tests on modern hardware add a few if not several minutes to the routine.
Same is said about cache sizes and monolithic configurations with diminishing returns in cache efficiencies past a certain threshold. Ginormous configurations can also impair the ability to recover quickly. The platform is derived from Ensim which used a modular per-site, per-service configuration for Apache that had significant scalability issues after the first hundred sites. ApisCP collapses Apache configuration into a monolithic one, which speeds up restarts considerably, but there are feasibility limitations. Smaller servers yield higher agility. Agility allows faster recovery from defects.
I keep servers around 150-300 clients and spread hardware across multiple VMs. The platform is smart enough to keep itself constantly configured through Bootstrapper. Argos will alert you of anomalies such as load average, memory, or CPU spikes thus allowing you distribute clients across a mixture of servers rather than building a single point of failure.
New documentation portal is available via docs.apiscp.com. This streamlines production quite well, mirroring what is released alongside source. Excellent layout, quite searchable.
A variety of new license classes are now available via my.apiscp.com:
Lastly, snapshots work great and baked into Web Apps. It's a convenient user alternative to full system backups, especially when venturing down uncharted territory when changing a production site around.
Now that licensing and documentation are addressed, Dashboard is getting gutted. It's time to make use of the telemetry module that has been quietly collecting statistics of the last couple months.
Now looking for new release and new lifetime promo )
@nem Can't see this feature in Web Apps. Or maybe I was looking at the wrong place? Rev: 9b8c5ce9
hmm > @quangthang said:
they working on new theme also..
Web > Web Apps. Enable Snapshots. Once snapshots are enabled, from the Snapshot dropdown, you'll be able to create a new checkpoint to rollback from. Alternatively you can enable on install time as well in the installation dropdown.
There's an issue open on expanding Web Apps to support Fortification/database integration for third-party apps. We'll have something to what is discussed in this issue in a couple months, so you can snapshot applications (database included) for apps beyond what is provided in the panel.
3.2 may not begin work until late this year. PostgreSQL logical replication into Redis is the last major feature I want to incorporate before beginning the next release. Logical replication is necessary for configuring email restrictions/features in rspamd without relying on a messy text file for configuration. I'll let you folks know once it's time .
--edit
Got it! thank you
Select the site first to drill down into options.
Is there any tutorials for noobs like me to set up the domain and server?
Reading the whole document is painful, to be honest.
I think I need to get familiar with the system by setting up a little project (for example, a free wordpress service for users? is it possible that only allows users use specific program?)
Please forgive my greedy.
And.. the url here direct to https://docs.apnscp.com/getting-started/installation/ which is a 404 error page.
Run the Customizer on a CentOS 7 machine. If you set an email address, and email is working correctly, the panel will send a confirmation with login information once installed. Otherwise you may access the panel through its shortcut.
Web Apps can be blacklisted to disallow everything but WordPress through a tuneable:
cpcmd scope:set cp.config webapps blacklist '*,!wordpress'
Old cached copy of the HTML build. A hard refresh should load the new copy.
Few updates,
Site Optimizer is a new feature that bolts into Pagespeed to provide a series of turnkey optimizations for your web sites. There's even a testing interface that uses Lighthouse to provide an assessment of your page performance. Lower Speed Index values are better.
Rampart is now integrated into the Dashboard for the server administrator. View performance and quickly unban an address if listed.
WHMCS module update now checks against Rampart and provides customers an opportunity to unban/whitelist their addresses upon login.
Lastly, Metrics are now available! It’s a space-efficient storage/query system based on TimescaleDB that covers a swath of features about your system and your hosted sites. From testing, it outperforms InfluxDB and adds no additional memory overhead beyond what’s already in place; a perfect union.
upcp will pull down the latest code and populate the “telemetry” module that exposes the endpoints. Enable telemetry if you haven’t yet:
cpcmd scope:set cp.config telemetry enabled true
A quick rundown of usage:
metrics: list all available metrics by name, ex:
cpcmd telemetry:metrics
get: get last recorded metric for a given name, e.g.
cpcmd telemetry:get memory-available
range: get sum of records in a range (begin, end), an optional sum parameter disables rollup behavior, e.g. show all memory points logged since inception
cpcmd telemetry:range memory-available 0 null null false
.If you want to sum records, such as with monotonic queries, omit the fourth ($sum) parameter: show aggregate query count since inception
cpcmd telemetry:range mysql-q 0 null null
And if you need to zero a metric because something went awry, drop_metric , e.g.
cpcmd telemetry:drop-metric mysql-q
Moving forward, successive releases will begin incorporating data into different aspects of the platform starting with automatically resizing OPCache as needed to always ensure your sites are served at optimal performance. Memory is to be utilized, not idolized
Any more owned licences?
luckly im one of the few got a free lifetime license.. I hope this license can add to my.apiscp.com also. for ownership protection(ip locking of license) then just make it non transferable...
You can purchased owned license when you login to ApisCP client portal.
However its $499
Any planned date for centos 8?
These are a collector's item now. There will be an opportunity coming up for content publishers and license credits that can be redeemed for revolving licenses.
Support will be added once CentOS 8 matures, but it's not a top priority at this time. Any particular reason you want to dive into CentOS 8 other than it's new?
Much of the stack for ApisCP is provided outside CentOS/EPEL distribution channels (Apache, PHP, Redis, Ruby, Node, Python, MariaDB, Postfix, Postgres, fail2ban). Language runtime environments are always decoupled from the OS. Even too the kernel can be switched to 4.x or 5.x using the system.kernel Scope,
cpcmd scope:set system.kernel stable
. scl is supported by the platform, so you could install gcc7 if you'd like to as well.cgroupv2 subdelegation/threading support in CentOS 8 looks fun, but I haven't built up the surrounding infrastructure to exploit that just yet.
Platform-to-platform migrations are quite straightforward with zero downtime. You could start today with CentOS 7 and migrate to 8 with little issue.
Scopes are now part of the frontend! I've spoken much about Scopes, but until now required opening the hood to appreciate. Scopes provide a variety of assisted maintenance knobs. No one wants to hear "TIMTOWTDI" when it comes to reconfiguring the internals of your server. As technology ages and outdated documentation reigns supreme, guidance will become far more critical to ensuring security. Scopes are simplified management points that do the error checking and configuration reconciliation for you. Best of all, they're vetted by Bootstrapper, which is responsible for printing your server from the CentOS factory. Every time it runs these changes are acknowledged and woven into Bootstrapper's logic.
And let's take the mail/rspamd role for example that configures rspamd for a server (via cp.bootstrapper Scope):
Anything ApisCP tunes is now available from within the GUI either under cp.bootstrapper or cp.config. Other named Scopes are provided to simplify complex operations, even switching Apache's port if you choose. Poke around and have fun!
Nexus will report cgroup stats when telemetry is enabled. telemetry is still in its infancy stages.
Storage and bandwidth are always reported. Inodes and cgroup consumption may be reported by enabling the options under Settings > App Settings > Nexus.
cgroup reporting also requires telemetry to be enabled,
cpcmd scope:set cp.config telemetry enabled 1
or use the Scopes app in the panel.ApisCP now has support for creating your own Scopes + loggable metrics, another fun perk in its continuous evolution.
Finally, there's so much content to publish, which requires some tinkering to achieve. If you're on lockdown like I am, now is as good a time as ever to explore boundaries and learn a bit more - learning is for a lifetime after all. I want to give folks an opportunity to explore these limits, publish content, and of course get rewarded for their endeavors. I'm giving away Startup licenses for users that explore the platform and publish content.
Here's how it works:
Find something novel with ApisCP or informative, a how-to, then publish it on your blog. Alternatively, PRs to the ApisCP docs are much appreciated. There's quite a bit of content to cover and not enough hours in a day. Email me or send me a PM with the content, and you'll get a license key for each publication.
Topic ideas include:
All conversations pose unique opportunities. If you have any questions with content, Discord is the best place to catch me.
Fine print: minimum content length of 350 words or at my discretion; code is hard to quantify. Limit 5 licenses per participant.
Other news,
@nem done, thanks in advance...
update
thank u
Thank you very much for this. I have successfully transferred my anonymous lifetime license to my account like kaz050457.
CentOS 8 is now supported with v3.1.41 released today.
Two notable features, first TLS v1.3 is available, which accelerates SSL delivery.
Second, which requires more work for me to flesh out, cgroupv2 is here including a unified hierarchy. If you're running a server in excess of 600+ accounts you might notice a couple second slowdown adding sites because each cgroup controller pollutes /proc/mounts. Each site consists of a set of 4 controllers. Hierarchy unification allows ApisCP to deduplicate these controllers into 1 monolithic mount for each site, which means anything that parses out /proc/mounts has to enumerate 600 lines rather than 2400 (or 3600 if you add net_cls + freezer controllers). I'm running a build with 650 accounts on my desktop VM to find optimization opportunities. A unified hierarchy greatly improves service startup times for anything that has
ProtectHome=yes
orReadWritePaths=
set. I'll have a bit more work on this available in a later release.Telemetry is enabled by default as well, (v3.1.40). WordPress also provides a backend package management feature in Web Apps. Accidentally bone your WP site with a bad plugin? You can disable it from within ApisCP if your WP admin portal is inaccessible. Moreover, it's possible now to configure update policies for themes/plugins. It's able to properly update commercial plugins/themes that rely on transients as well.
Now that the foundational stuff is out of the way and telemetry in full effect, next few releases will focus on Update Assurance, Web App screenshots (wide view), WP vulnerability scans, and glances that tie into telemetry. Stay tuned!
Are you able to migrate from centos web panel to your control panel?
There's presently not enough demand to warrant building a migration facility around CWP. cPanel exists and having worked through a few dozen outliers, it's a very inconsistent mess. I couldn't imagine what follies something written with PHP5 and a litany of CVEs would look like.
Before building out a cPanel migration facility, I did migrations by hand. It takes about 5 minutes to import a site by hand. Here's a breakdown I have from about 3 years ago, still valid:
For each account, add in Nexus.
For each domain in each account,
For email:
User > Add User. Create a new user. If using email for multiple domains, I recommend namespacing[4].
If working with 1 mailbox:
Login to SquirrelMail[5] on this server.
If working with multiple mailboxes:
1: https://kb.apiscp.com/control-panel/detecting-a-web-application/
2: https://kb.apiscp.com/control-panel/understanding-fortification/
3: https://kb.apiscp.com/dns/previewing-your-domain/
4: https://kb.apiscp.com/email/separating-mail-user-different-domain/
5: https://kb.apiscp.com/email/migrating-mail-from-elsewhere/
6: https://kb.apiscp.com/email/email-filesystem-layout/
I've just gone through this and testing it out now. Helped me to delete a lot of old websites i didnt need.
Looking over cPanel migrations, a couple other useful commands:
letsencrypt:bootstrap
(doc) will attempt to request SSL on the domain + wildcard if DNS permits. You can mix that command withadmin:collect()
to iterate over all sites and enable SSL, for example...admin:collect() (doc) works with an assortment of account parameters with some documentation now available via docs.apiscp.com.
admin:locate-webapps
(doc) will scour all accounts, looking for supported Web Apps.admin:update-webapps
(doc) will apply updates to all detected Web Apps, so it's a bit easier to perform in one fell swoop:Likewise once you import and update these apps, you can apply Fortification to them to restrict write access (generally a good thing):
I claimed 3 of these, can I do this for all of them? They've all been used offline/private use so far, for my clients (4 so far) I've got them to grab their own licenses and they're loving it over cPanel.
How does it update commercial plugins? Does it use the WordPress update mechanism? Or is it using an internal repository? Some commercial plugins don't have automatic updates, so have to be manually updated.
On a separate note, any plans to support ARM servers?
Certainly. Just email them to [email protected]. Glad to hear
From discussing with others, as I understand if the plugin is capable of updating itself automatically in WordPress, by broadcasting its version, then WP-CLI will be able to sniff it out. PUC or TGMPA-based plugins don't always hook in correctly to set update_themes/update_plugins via
pre_set_site_transient_...
. The same issue exists on ManageWP and MainWP for these bogus plugins.Easiest way to evaluate this is to flush transient data, then query status:
Whichever plugins don't broadcast an update url may not be updated through automated means. I'm not sure there's an automated means to update them period, but open to feedback if another route exists.
No immediate plans yet.
I saw someone link to https://github.com/captainhook/fu/ in reply to one of your tweets, so I am working on an 'internal repository'. This way I can push out an update across all domains, proactively protecting in the case of security vulnerabilities which is only becoming more common with WordPress plugins. I would contribute it to ApisCP but I don't yet have to skill to develop something so elaborate. But perhaps an idea for you; I believe Plesk are working on a solution for this but I've no idea what they're planning.
edit: actually, Plesk already has an 'internal wordpress plugin/theme repository'... I suspect they may expand this to more capabilities.
I had a ARM server with Scaleway - incredibly cheap yet powerful. Unfortunately they are discontinuing it due to stability concerns. Always got my eyes glued to your changelogs