VPS or cloud hosting or bare metal system?
A web server on demand from the web hosting provider is popular for many companies in the age of the cloud. The cheap and often overbooked virtual servers (VPS) are now facing tough competition – from bare metal servers in the cloud.
Virtual Private Servers (VPS) are very inexpensive, but they have performance and security-restricted server instances with root access to the virtual machines. Because of these restrictions some companies and webmasters make the choice for a bare metal web server.
With a bare metal cloud server, the customer has full and exclusive access to the physical hardware of a server.
Thanks to falling prices, switching from VPS to bare metal servers is becoming increasingly popular.
The new digital world.
Due to the ever more extensive digitization, the Internet of Things (IoT), multimedia content, social networks and the resulting amounts of data, the demand for IT computing power is not only increasing enormously, it is also fluctuating extremely. New concepts such as DevOps, agile software development or continuous delivery also force professional IT infrastructures to adapt faster and faster. In the fortunate position of being able to plan and implement IT requirements for the next few years in advance, has become a difficult task.
Sudden peaks in data centers.
It is clear to every IT manager that if there are suddenly very high demands on the resources of the IT infrastructure that your own data center cannot meet, it is often too late to order additional server hardware or more bandwidth for the Internet. The expected response time should not be in the range of days or weeks, but in the range of minutes. The only way out in your own data center would be to have the appropriate hardware available in “cold stand-by” or to dimension the entire IT system so that it absorbs every conceivable peak load. Both options are unattractive from an economical point of view. The first option is too expensive for the customer while the second option would be an economically unattractive choice for the web hosting provider.
VPS, Dedicated and Bare Metal.
Servers at a hosting company provide a remedy here in an elegant way. These, in turn, are available on different performance levels:
- Virtual private servers, or VPS for short, are virtual machines or even just container instances that can be booked in seconds. As a rule, a Linux distribution of your choice runs on the VPS, to which the system administrator has access as root. These full access rights mean almost free configurability of the software, but on the other hand also full responsibility for the security of the server instance. As on any hypervisor or container host, a VPS web host can run a large number of virtual server instances and thus customers. More than a hundred customers on a physical server is nothing unusual.
- In the case of bare metal servers, on the other hand, the customer is provided with “pure metal” – that is, a complete server without software (apart from the remote administration software). The customer has sole access rights to this physical server, he can use the server’s resources entirely for himself and does not have to share CPU, memory and performance with anyone.
- Dedicated servers or root servers, which should actually be called dedicated resources, represent a hybrid form. There, the web hosts reserve a certain subset of the physical hardware for the customer, for example, he can rent four cores for himself on an eight-core CPU – and has these exclusively available at all times. Nevertheless, the entire system and the memory bandwidth are used by several customers in parallel. This is much less than with a VPS host, but another customer could use so much bandwidth in the memory, on the system or in the network that their own server instance suffers.
The restrictions of a VPS.
Although the simultaneous operation of many virtual servers on only one physical hardware uses this very efficiently, it is also its greatest shortcoming: Other users can – maliciously or not – exploit the resources of the physical hardware excessively. Be it that the processors are burdened with mining cryptocurrencies or excessive downloads bring the network connection to its limit, to name just two examples.
Hypervisors and automatic cloud management can help to a limited extent and redistribute the load through live migration. Nevertheless, for a virtual server or a VPS, this means that there is no guarantee that a booked service can be fully accessed at any time. Many terms and conditions even state that users are required to use the system’s resources “fairly” and only in moderation. While unpredictable performance bottlenecks are usually not a problem for simple web services, they are unacceptable for intensively used shop systems.
Another problem is security. As an example, we would like to point out the breakdown at the hosting company Digital Ocean a few years ago, in which the images of deleted VPS were not overwritten with zeros – the space was only released in the storage subsystem as with the old FAT file system. With a newly created VPS, you could use dd to create a complete image of the actually empty virtual hard disk – and find data from other deleted VPS there. The error has of course been fixed. In addition to configuration errors, there are also principle-related security problems on a hypervisor. The host system can be paralyzed by a DoS attack (Denial of Service) and guest systems – for example a VPS or a dedicated server – can compromise the host through security gaps in the hypervisor. If this is the case, the attacker receives access to all guest systems and possibly even other parts of the cloud infrastructure from there.
The problem is exacerbated by security gaps such as Meltdown or Specter in the processors, especially from the company Intel, but in some cases also from AMD or even ARM, PowerPC and SPARC. With Meltdown / Specter, a normal user can use inadequacies in the speculative execution of machine code in all modern CPU’s to access information in the kernel memory and thus to the processes of the host.
Of course, this implies that the attacker can execute code in the system – which is only feasible from outside using exploits on servers in your own data center, but is precisely the operating principle on a VPS or dedicated server. There are patches for all relevant operating systems to prevent these errors. In order to be armed against further unpublished Meltdown / Specter variants, only one thing helps: to operate the hardware without third parties, i.e. to use a bare metal server. Only this offers full and definitive access to all hardware resources and thus maximum security.
VPS or cloud service or bare metal?
Until recently, renting a bare metal server was a tedious, cumbersome and, above all, expensive undertaking. In recent years, the bare metal servers with monthly rents from around 120 USD have become more affordable. In the meantime, the provision has been simplified and accelerated using techniques known from the cloud. Ready-made systems can be automatically configured and administered remotely via remote management, similar to a virtual machine. The physical servers that the web host provides in the data center have learned from the fast deployment of the cloud servers. Today, bare metal servers are ready for use in a few minutes and billing is sometimes even based on operating hours.
With Plesk, but also with cPanel, VPS and bare metal servers can be administered completely via a web-based administration interface.
For the system administrator, the boundary between VPS, dedicated server and bare metal server is almost completely blurred, because the latter can also be orchestrated via API calls or Open Stack. But even without this automation, the path to a bare metal server is almost identical to that of a VPS: the systems are booked and managed via the web front end of the host, often cPanel or Plesk. While the VPS usually provides an operating system image, with bare metal servers this can also be a rescue system or remote maintenance access, via which the customer can remotely install the desired operating system. The administrator has working SSH access to the system in a few minutes and can start installing software.
Set up with the mouse.
How to set up a VPS should be known: In the provider’s web shop, the customer selects his VPS configuration or now often sets it with sliders for the variable components. After entering the customer data and possible payment, the system administrator receives an email with the IPv4 address and the root password – from then on the VPS is administered like a virtual machine via SSH (and first of all, of course, the root password is changed). Some providers allow you to specify an SSH key, which avoids the insecure e-mail with the password.
It’s basically the same with a bare metal server. With 1 & 1, for example, the first steps up to the SSH session to the VPS do not differ from those to a bare metal server. Linux Hosts Inc, on the other hand, has slightly different front ends for VPS and bare metal servers, but you can switch between them.
Here is an example: The VPS is managed in the graphical “Cloud Console” in the form of “Projects” to which several VPS instances can belong. In addition to backups and snapshots, “floating IP’s” are also managed here. These are fixed IP addresses that you can optionally assign to one of the VPS – during maintenance work, you simply switch to another VPS for a short time. SSH keys, API tokens for automatic control and other accesses for delegating tasks can also be found here. There are a number of additional functions for each VPS, for example an ISO image of the current OpenBSD 6.3 can be integrated and installed via the pre-configured system – a sure sign that Linux Hosts Inc. uses virtual machines here and not containers limited to Linux.
The WebGUI for bare metal servers appears more sober and allows access to more and more specific functions. Pre-installed bare metal servers can be transferred to other customers, virtual switches and firewalls regulate the connections (VLAN) between servers in the data center and even WoL (Wake on LAN) can be set up. Operating system installation and maintenance work on a bare metal server are carried out at Linux Hosts Inc. via the WebGUI or a rescue system (Debian or FreeBSD). Select the new system in the menu using install image and define any parameters. During the subsequent reboot, the new system generates fresh SSH keys; these must be replaced for a new SSH session. The management interfaces and options vary greatly from provider to provider, but are not a major problem for experienced system administrators.
New to VPS? Let’s compare two providers.
- Linux Hosts Inc. offers VPS from $11 per month. Disk space (SSD), CPU cores, bandwidth, RAM and IP addresses are very generous. You always have root access and there’s an unconditional 30 day Money Back Guarantee.
- Vultr has now lowered the lower limit for a functional VPS to $2.50 per month (10 GB SSD – 1 CPU – 512 MB Memory – No IPv4 IP address). An additional $0.004/hr is being charged. As you can see this attractive offer went hand in hand with a reduction in RAM, but for many areas of application a vCPU, 512 MB RAM and 10 GB SSD storage are sufficient. The mentioned minimum VPS for 0.4 US cents per hour or a maximum of 2.50 US dollars per month is new – small catch: This is the only VPS for which there is only IPv6 in the minimum configuration, but no IPv4 there.
VPS or cloud hosting which is better – a conclusion.
We hope to have answered the question which choice is the best: a virtual private server or a cloud web server. Of course, a bare metal server is the best choice, but it is also the most expensive option. So, disregarding this last choice, it can be said that a cloud server is best for a company that cannot afford to be offline for a second per year while the payment per minute should not be a problem for the entrepreneur in question. The VPS choice is best if you want complete freedom in server configuration and is also a better option in terms of security and price. Thanks for reading and good luck!