A month later: The 2018 Windows 10 experience isn’t that bad..

.. except if you add an Active Directory into the mix – but that’s a whole different blog post.

So now I’m fully committed to Windows 10 – like I was back in 2016.  But that failed because Windows 10 just wasn’t right for me back then.  But my, how things have changed considerably!  I no longer use a Mac at work due to circumstances beyond my (or my employers) control – a long story.  One of biggest challenges for the move has been the ability to connect to remote computers via SSH.  Thankfully back in 2016, I renewed a maintenance contract for SecureCRT/SecureFX – a superb terminal emulator for Windows and Mac.  I actually used it on the Mac as its site manager feature was easier to manage substantial numbers of servers than a series of command aliases.

The next challenge was performing Linux style commands locally.  While Windows has its Command Prompt, it isn’t really good enough for my day to day tasks.  So thank goodness Microsoft invested in the Windows Linux Subsystem for Windows 10.  It’s still quite early days, and you can’t really use stuff like “mtr” that requires privilege escalation between the subsystem and Windows (amongst other things), it still gets stuff done 95% of the time.  Combine this with Chocolatey, a Windows package manager,  and you’ve got yourself a very nice platform on which to develop and maintain systems.

My only complaint is with Rackspace’s AWS service.  It uses ScaleFT as a method of connecting to AWS EC2 instances through a special client.  And it’s a bit of a pain in the arse.  I do wish third-party terminal emulators such as SecureCRT could integrate with it.  It’s not a terribly elegant solution in my view, and I’d wish both Rackspace and ScaleFT would do more to support Windows-client based SSH sessions.  It feels very rough right now.  I’d go as far as saying that I’d much rather just have a VPN instead.

Otherwise, Windows 10 has been pretty good.  The April 2018 update went smoothly, though we have now discovered why several laptops were locking up – there’s a bug which affects Chrome and Microsoft’s own Cortana. I’ve not experienced it myself across two (now three) machines, but it is definitely there.

Of course, the Alienware desktop is nothing short of remarkable when it comes to games thanks to its Geforce 1080 Ti.  He’s me in Fortnite getting one of my very rare first kills.  It’s a bit like a horror movie version of Mary Poppins.

So Windows 10 – it’s come a long way in the 2 years that I last used it in anger.  I will never rule out switching back to Mac, but for now, I’m happy, and the cost of ownership is significantly cheaper than Mac, even if you were to factor in any repairs (I have three onsite warranty for my desktop).

Going back to my roots.. now hosting with Memset Hosting

I spent a very happy 9 years at Memset Hosting as an employee, working my way up from systems administrator to a senior systems administrator and finally to First Line Team Leader.  Changed offices three times (with two location changes).  Dealt with more customers and configurations than I care to count.

Now I’m working for an entirely different company that specialises in e-commerce/e-business platform development, I don’t get the perk of free servers or hosting.  Have to pay for it myself now.  For two months after leaving Memset I moved my cPanel and Ubuntu server to Digital Ocean – mainly to avoid any potential conflict of interest and also I wanted to check DO out properly.  All was good – I have no complaints with Digital Ocean.  I’d recommend them for development or testing stuff, and no doubt I’ll be doing so when I need to spin up a server for a day or two to try something out.

But gradually I’ve been moving stuff back to Memset – this time as a paying customer.  I got a bit fed up with Rackspace Cloud Files and the lack of decent granular controls over containers.  It just wasn’t the same experience I had back at Memset.  So I set-up a pay-as-you-go Cloud Storage service for backing up my virtual private servers.  Interestingly I’m using Nick Craig-Wood‘s (one of my former bosses at Memset)  rclone to push the backups to Memset Cloud Storage as well as Backblaze’s B2 object storage system.  I like some redundancy in my backup strategy in case things go completely awry.  It’s been working great so far.  And since I started the new job, I’ve been exposed much more to “git” and BitBucket, so I now use that to store configuration and automation tools I’ve written for my blog server.

I finally decided to commit to Memset for my long-term virtual private server needs. I set-up two of them – one for the blog, the other for cPanel.  I have an external cPanel license which I can take with me from hosting company to hosting company, but the downside is that it’s about £3/month more expensive than Memset – so there I’ve made a mistake.  But next year I’ll probably switch to Memset’s cPanel license instead.  I find cPanel to be like the G Suite of the hosting world – I can set something up and it’ll just work.  Doesn’t require too much effort on my part (except for the initial set-up and hardening/locking down).  So I decided to move my blog (which was running Varnish as an exercise for what I’m playing around with now) to cPanel.  That doesn’t run Varnish, but Memcache is still giving WordPress the edge.  There are a few hundred milliseconds in it, but that’s fine.  Everything on one server.  So the old new(!) blog server is retiring next month.  I upgraded cPanel to a better specification (and here’s one difference between Digital Ocean and Memset – you get an extra 2 CPUs at the 4Gb RAM mark with Memset and you do notice the difference).

I’ve had to make just one support query with Memset about the initial set-ups of my servers, and my former colleagues did me proud with a quick turnaround.  The only other problem was that the monitoring configuration was slightly wrong – I guess the CentOS 7 image might need looking at – but it was easily fixed and I’m using the bundle self-managed Advanced Port Patrol to notify me of any problems.

I provisioned each server with 20Gb of block storage, mounting it under /backup and keeping backups dumped there.  If I ever need to re-image the server itself, that block storage will be persistent and I can just restore from the backups stored there.  I also have the Cloud Storage backups too, of course, but this is ever so slightly quicker.

Overall I’m paying £35.50 including VAT for a 4Gb, 4 vCPU, 60Gb SSD Centos 7 virtual private server including the extra 20Gb block storage.  Cloud Storage costs me around 60-70p per month including the backups AND two snapshot images of the server.  Compare that to the £26 I was paying just for my Times and Sunday Times iPad newspaper subscription, it’s an absolute bargin.

(And before anybody asks – no, Memset are not paying me to post this, nor are they giving me any freebies – I’m 100% paying my own way here )

You don’t need ransomware to make me WannaCry about Windows..

Windows Servers.  What a load of old tosh.  The past three weeks or so have seen me tinkering unnecessarily with the blasted things because of Microsoft’s inability to write an operating system which is so super sensitive to hardware changes – principally because of licensing – that just by upgrading underlying virtualisation software triggers the operating system to think it has a new network card.  You can imagine the chaos something like that can cause!

It’s not just that which makes me despise Windows Server.  For similar reasons, if a dedicated server chassis dies and needs to be swapped out – you’d better have a spare because any hardware changes will cause Windows to freak out.  Linux has no problem with such things providing you’re using a modern distribution and reasonably up to date hardware.  Generally speaking, with maybe a very few exceptions, Linux Just Works(tm).

Don’t get me started on those people that are still running the now 15 year old Windows 2003.. (though this article about Fasthosts running Windows 2003 for their backup platform made me laugh a lot more than it should – and bury my hands in my face for leaving an obsolete OS in charge of managing critical customer backups).

The whole WCry situation around these parts has been, strangely, pretty good – indeed, a lot more people have taken an interest in their backups and patching their systems and this is only to be commended.  A good old major outbreak tends to kick people in the teeth and get them thinking about disaster recovery.

Just because I use MacOS and Linux isn’t making me complacent – oh no.  Very recently Apple just released updates to iOS, MacOS and WatchOS to fix a rather nasty exploit, as well as general performance updates.  It’s one of the reasons I went back to iOS – Apple has become very good at rolling out updates much faster and on schedule than the likes of Samsung.

The server on which this blog runs on utilises something called KernelCare which patches the kernel in real time for newly discovered exploits.  This has the advantage of:

  1. Not having to wait for the OS vendor to release a patch.
  2. You don’t have to reboot the machine.

In my testing of KernelCare, it has worked very well.  If you’re using it in a VPS, it must support full virtualisation – paravirtualisation won’t cut it.

Meanwhile, Microsoft should stick to producing office productivity software and gaming (Xbox One) – it’s what they’re good at.  I’ve completely lost faith in their desktop and server operating system divisions.

Memset win Best Dedicated Hosting in the 2016 ISPA Awards!

We won, in part, due to my superb support team.  Couldn’t ask for a better bunch.  Always striving to be the best and fastest (response) for support in the industry.

ISPA Award Winners 2016

Best Dedicated Hosting winner: Memset

Memset’s response times, technical support options and resilience impressed the judges, as did having IPv6 as standard and their commitment to being carbon neutral.

EasyApache 4: Making cPanel/WHM more sysadmin friendly

One of the reasons for popping up to Edinburgh last week was to hear various representatives from cPanel/WHM talk about the many features of the cPanel/WHM ecosystem as well as glimpsing upcoming new features to make everybody’s life a bit more easier.

As as systems administrator of some 20 years (has it been that long?), I am most comfortable with a command line interface and a decent text editor.  cPanel/WHM provides a user friendly web interface to many of the complex tasks that one would to go through to configure a web hosting environment.  But I must admit to loving cPanel/WHM just as I love the command line because it is easier to set-up a blog like this through cPanel/WHM than it would take me to set-up nginx, php-fpm, MySQL (or MariaDB, or PerconaDB) from scratch.  That said, to get the very best out of cPanel/WHM, you should still know some Linux commands because not everything can (or should be) handled through a web interface.

As cPanel/WHM development storms ahead, we’re getting to the point where cPanel/WHM is becoming more standardised so that you’ll be able to manage it just as you would any other kind of bare bones Linux box, with full LSB compliance (with configuration files and scripts in meaningful places) along with full API and command line support for most features.

With the forthcoming EasyApache 4, for example, you can set-up Apache and PHP through the use of RPMs rather than having to wait for cPanel/WHM to compile everything for you.  I cannot tell you how much faster it is installing everything through a Linux package management system.

EasyApache 4 is still considered beta, with plans for it to be released within the next major release of cPanel/WHM – version 58, which is about 12-16 weeks away.  Beta or not, EasyApache 4 is perfectly serviceable right now.  With EasyApache 4, it’ll make it much easier for folk to run multiple versions of PHP (so older sites can run PHP 5.3/5.4 and WordPress and the ilk can run PHP 7).  Of course, one would recommend deploying CloudLinux to provide a greater amount of segregation and security for the older, potentially more exploitable apps, but this feature in EasyApache 4 makes it possible for all folk to run multiple versions of PHP side-by-side.

There will still be a user interface to configure EasyApache profiles.  Indeed, I used it to specify the relevant Apache and PHP packages for this server.  The MultiPHP INI editor is a wonderful inclusion that makes it dead simple to go through all the php.ini options and set them to your liking.  The changes will be applied to whatever PHP handler is being used.

Full PHP-FPM support is among one of the biggest and greatest features I’ve been waiting for in cPanel/WHM.  It should be fully supported in version 58, but I’m making great use of it right now with a bit of command line tinkering.  I’m running this blog (and the stats system) on PHP 7 with PHP-FPM.  It wasn’t difficult, and I find that I’m loving the performance from having made the effort.  Having nginx would be a nice have (as a web server rather than as a front end proxy to Apache), but beggars can’t be choosers and Apache 2.4’s performance is pretty decent as it is.