Details on our new seedbox platform
We are very excited to announce that few days ago our new seedbox platform that we have been working on for the past 6 months has been officially launched. In this blog post, we will provide additional information, for our technical-savvy clients that are interested to read about it.
Our new platform is built on top of linux containers. If you do not know what linux containers are, you can read all about them here.
Linux containers were a perfect fit for our service because:
- They have little no none performance overhead because there is no emulation or an intermediate virtual machine involved. Seedboxes require to have as direct access to the hardware as possible in order to get the best performance possible from it
- They provide very good user and network isolation
- With the use of Docker, it is very easy to separate seedbox function into separate application images, easily maintainable and distributable to all servers
So what are the benefits in using containers in our setup?
- Each seedbox is completely isolated on the server. It feels like a dedicated server, but in fact it uses the shared resources of the whole server, providing more power and resources during times that are needed. This would not be possible on a dedicated server
- Better security. Each user is contained and can see only his processes and his own seedbox structure. Each action of a user posses less threat to the integrity of the whole server and it is more difficult to affect the performance of others. It is also possible now to specifically limit the cpu priority and ram available to a specific seedbox on the server, in rare cases that this might be needed (abusive users for instance).
- The network is also isolated, meaning that we have full control on what a client runs on his/hers account. For instance, a client now cannot run a 3rd party application (server) that requires an external port. In the past inexperience users running 3rd party apps on their slots, were interfering with system ports or other user’s ports causing issues in the service. This is no longer a problem anymore.
- A wild range of apps. Apps are more easy to be distributed and maintained, which allows us to be able to add more and more of them into our catalog. Apps that previously were only able to run once per server (ex. Teamspeak, Plex) are now able to run once per user. Apps that required server wide installation and were not possible to be installed on a shared hosting platform, are now possible to be used in containers, once per user. The advantages of the dockerised images for apps, makes distribution and upgrades for them even easier. Just creating a new app container image with the new version, allows us to upgrade all containers over all our servers, simultaneously with 1 command within minutes and virtually only seconds of downtime for the client. Furthermore allows us, to migrate accounts from one server to the other without the need of changing configuration of the apps and settings afterwards. Just copy the data of the client on the new server and re-run the container applications and everything is exactly as before. Containers are server agnostic, meaning their configuration and the final result, is the same on any server that they will run.
- we no longer need to use URLs for the service that are server specific. We plan to make the service as server agnostic as possible. We can now migrate account from server to server and the service URL links will remain EXACTLY the same for the end client. This means that we can make migrations with minimal downtime if needed.
In our new platform, we made security our top concern. All service links are now always over SSL. Applications, http access, SSH, FTP, torrent client webUIs, are now always SSL enabled (protected by our own valid SSL certificates) and not with self signed certificates. Even if an application does not support SSL by its own, is now served over SSL on our servers.
Also, there are no more service links with ports inside (ex. http://server.seedboxes.cc:34523). All service links are now semantic, in order to be memorable and easily accessible from everywhere. We use a standard url form for everything -> https://username-app.cloud.seedboxes.cc
These were just a few of the new changes that we introduced on our new platform. We will keep you updated with more technical blog posts in the future on developments of our seedbox platform
So what about our old platform seedboxes ? Will they be migrated eventually in our new platform?
The answer is of course yes. Beginning of the new year we plan to migrate all our servers, one by one to the new platform. However we want to do this change as transparently as possible, and we are still working on migration scenarios to debug our migration procedure in order to have minimal downtime.
When the time comes, we will post a migration schedule for our servers, and notify customers in advance for the expected downtime and procedure of these migrations