Security and Compliance are one of the largest barriers when adopting the cloud according to this recent report from Accenture. An important part of dealing with security is making sure that the right people have access to the right resources.
Today we're pleased to announce Role-Based Access Control for the Maxihost dashboard.
With RBAC you can easily add and remove users, assign one of four predefined roles, and limit access to your account based on what people are allowed to do within your account.
You can select from three predefined roles:
Full Permission: Users with the Full Permission role have view and edit rights to all account information and settings. The Full Permission role can add users, create and manage all server settings, and even delete the entire account.
Collaborator: Collaborators have access and edit rights to all the information on Servers and Networking. Collaborators can create new Servers, add their SSH Key, request Additional IPs, and do all of the other server management actions, including deleting servers. They cannot view any account-related details, such as billing information or add team members.
Billing: Users with the Billing role are only able to view and edit billing information and view and pay invoices. They can't see or modify servers or services on your account.
API Access: You can set additional permission for users for API access. This is useful if you want to build an integration with a secondary user with limited Dashboard access.
Learn more about adding users and using RBAC here.
Maxihost started as a simple web hosting provider in late 2001. We then went on to build our own data center in 2015, which enabled us to work with some of the world’s most interesting and innovative companies as they distributed their workloads in Latin America.
Today we're taking the next step in our journey.
We’re launching a big update to our product offering, along with a new logo and website. This is more than a coat of paint on our brand—it’s the result of long and profound collaboration between our in-house marketing team and James Mikrut and the great team from Keen Studio, who worked to create a new, more cohesive visual identity for Maxihost.
The company is growing and changing at a rapid pace. We’re no longer a niche service provider. We’re building IT infrastructure products that make the internet faster for companies at the forefront of their industries.
This has resulted in changes to our products and the need for the Maxihost team to turn its complete focus to the platform that is enabling this change.
Incremental adjustments to the old website weren’t an option, as much of it didn’t reflect the Maxihost we are now. From our messaging to product features, we knew we needed to start from scratch.
It’s still us, but more consistent and, we hope, more instantly recognizable.
We hope you enjoy it.
It’s good to know that your Bare Metal is being deployed instantly after you requested it, but it’s much better when you know what’s happening during that process. Starting today, you can!
There are a few different stages we’ll show you during the deployment process.
Awaiting will tell you which servers have open invoices that need to be paid before being provisioned. For users in the hourly billing beta, we skip this stage as payment is due only at the end of the billing cycle.
Deploying means our systems are hard at work running additional hardware tests, installing the Operating System you selected and making sure everything is good to go.
When the device is ready to be used, we’ll show you a New stage. That’ll persist for 72 hours to make it easier for you and your team to know which servers have been deployed recently.
Give it a try
We hope this update makes it easier to keep track of your deployments. Let us know what you think!
Thanks again for being a Maxihost customer.
We’re extremely excited to announce that the API that powers Control, Maxihost’s web interface, is now finally public! Head to https://developers.maxihost.com for documentation and a guide to getting started.
This has been a huge project that took us 6 months to complete. We wanted to build an easy to use and extremely resilient API that responds accordingly when you need it.
A great example of that is a queue system for server provisioning. When requesting deployment of a bare metal that’s not in stock, you can set the backorder parameter to true so the request is added to a queue. When a server with the requested specs comes back in stock, we automatically provision it.
Some technical details
Pagination is implemented following RFC5988’s convention of `Link` headers to provide URLs for the `next` page. It also provides links and meta attributes in responses if you rather not use headers.
Traffic is served on a separate domain to help shield from CSRF and session vulnerabilities, and to aid with monitoring, routing, and throttling.
Integration help for partners
For existing and new companies wanting to partner with Maxihost and integrate their software with ours, please reach out to us and we’ll be happy to discuss collaborating on an integration.
If you find any issues in the documentation or want a specific example added to it, please ping us on [email protected].
We’re excited to see what our customers will build and how they’ll use the API to better manage their infrastructure.
Containers consist in a runtime (configuration between hardware and software) that containerizes an application and all its dependencies, such as libraries, configuration files and other binaries in a single package, known as an image.
When the image of an application is created, differences between the distribution of the O.S. (Operating System) and other layers of the infrastructure are abstracted, solving one of the biggest problems of how to run a software: How to make an application work reliably in different environments.
What problems can Containers solve?
Delivery time: Containers can be created and deleted within seconds, meaning that they can be instantiated “just-in-time” since it is not necessary to initialize a whole O.S. for each new container.
Portability: Containers isolate services of an application. With that, it’s possible to move your app freely between environments, even when the server has a different Operating System.
Configuration: Changes can be made individually in each container automatically without the need of rebuilding the entire application. Because containers are lightweight, they can be instantiated when needed and are available almost immediately.
Differences between Containers and Virtual Machines
There are many differences between Containers and VMs, here are the most important:
The architecture of containers and virtual machines are different in terms of the Operating System in the sense that containers are hosted on a server with a single O.S. (the host O.S.) shared among them.
Virtual machines, on the other hand, have the host O.S. of the physical server where they are, and a guest O.S. on each of the VMs. The O.S. guest is independent of the host O.S. and might be different from one to another.
In practical terms, containers are most commonly used when you want to run applications in the same kernel. However, if you have applications or services that need to run on different Operating System distributions, VMs are usually required.
The sharing of the host’s O.S. between containers make them become very light, which reduces boot time. Because of this, the overhead (amount of physical resources required on the server) to manage a container system is much smaller when compared to VMs.
Because the host kernel is shared between containers, container technology has access to the kernel’s subsystems. As a result, a vulnerability in the application can compromise the entire host server. Because of this, giving root access to applications is not recommended.
On the other hand, VMs are unique instances with their own kernel and security settings. They can, therefore, run applications that need higher permissions.
Each image in a container is a standalone package that runs an application or part of it. As a separate guest O.S. is not required, this image can be moved between different platforms.
Containers can be started or stopped in a matter of seconds when compared to VMs due to their lightweight architecture. This makes it easier and faster to deploy containers to servers.
VMs, on the other hand, are isolated instances running their own Operating System. They can not be moved between platforms without a careful migration process being done.
For the purposes of developing the application or service where applications must be developed and tested in different environments, containers are the best option.
Containers are significantly lighter than VMs, thus requiring fewer resources.
As a result, container’s boot is much faster, since virtual machines need to load an entire Operating System to be initialized.
Another major difference is that the use of features like CPU, memory, I/O, etc., vary depending on the load or traffic on it. Unlike VMs, it is not necessary to allocate permanent resources in a container.
Because of this, it is possible to say that this technology is way more scalable.
Containers are considered the evolution of VMs and are being adopted by companies of all sizes.
Its flexibility and lower resource requirements make it a more complete choice when it comes to deploying and managing your applications.
Despite being a technology less mature than conventional virtualization, it has developed rapidly and is already the standard choice for the workloads of large companies such as Google and Walmart.
Bare Metal Cloud is a term that we’ll be hearing more and more in the coming years. As an alternative to conventional clouds, Bare Metal Cloud platforms have been growing and presenting themselves as a great alternative to virtualized environments by solving many of the problems that virtual machines deal with.
What is Bare Metal Cloud?
Bare Metal Cloud is a public cloud for physical servers, where machines can be provisioned and managed with simplicity and speed similar to virtual machines. It’s like a mix between the performance benefits found in physical servers, with the flexibility and scalability of VMs.
Those who opt for Bare Metal Cloud get access to all of the power of physical servers and the flexibility of virtualized servers, such as elastic storage capacity, on-demand network configurations, and other services they need. It is an option that offers high flexibility without giving up performance.
Dedicated Servers on a Bare Metal Cloud platforms have similar features to virtual machines and can be created and deleted in only a few minutes either through a dashboard or API, something that’s standard for any existing cloud.
In addition, they enable access to a number of common cloud tools such as O.S (Operating System) reinstallation, access to graphics and statistics, elastic storage, cloud-init scripts, security tools, and more.
Bare Metal Cloud vs Cloud
Because it is a physical machine, Bare Metal Cloud servers have the advantage of not having a hypervisor, which is a layer of software between the hardware and the operating system, responsible for virtualizing the infrastructure by segmenting physical machines in multiple VMs (Virtual Machines).
On a conventional cloud, some of the resources are consumed by the Hypervisor so it can run the virtualization layer. Because of that, you need more hardware resources to run an application in virtualized environments (called multi-tenant) than in dedicated environments (called single-tenant). For that reason, the cost of running VMs is often higher than running dedicated servers.
Also, because of the fact that you’ll be sharing resources with a bunch of other VMs, the performance of your own VM can be affected by the so called “noisy neighbor”, which consists of a user that makes excessive use of the server’s resources, impacting the security and stability of the entire virtual infrastructure. In that sense, Bare Metal Cloud platforms have a competitive advantage over the conventional cloud.
In sum, when choosing between physical or virtual servers, you first need to assess the demands of your applications and needs of your company. From this assessment you will have a better understanding on which of the options will meet your needs best.
Today we’re excited to release a new feature: OS reinstallation. Now you’ll be able to reinstall your Bare Metal Cloud servers with only a few clicks.
Users no longer have to access the Console or open a ticket and wait for the support team to perform the OS reinstall, making the process much more quicker and streamlined.
To reinstall the OS, follow these steps below:
1. Select your server in Control
By clicking on the Servers tab and on the server you want to perform the OS reinstall.
2. Click Reinstall
In the Server Settings screen, select the Reinstall option on the left side navigation. A new screen will open with the available OS options.
3. Choose the OS and perform the reinstallation
Click on the drop-down menu and select the desired OS from the list. Confirm your choice by clicking the Reinstall button.
4. Wait for the process to complete
After completing all three steps, the system will automatically format the hard drives and install the new OS. Once the new installation is completed, you will receive an e-mail with the new login info.
Your new OS is now installed and ready to use. Check it out now and tell us what you think.
We are excited to announce the release of new features in Control. We’ve added a feature to make it easier to quickly deploy new servers, a new feedback widget, and layout adjustments to make the dashboard more streamlined and easier to use.
We’ve developed a completely new server creation screen, allowing you to deploy a new Bare Metal instance with the settings you choose in 15 minutes. This makes it easier and faster for you to scale your IT infrastructure.
Your opinion is very important to us so we’ve created a tool where you can provide feedback directly from the dashboard. With it you can evaluate your experience with Control and share your thoughts on how we can make it better.
New menu layout
The Invoices menu item has been moved to Billing under the Settings menu. This helps you access all your settings in one place.
Thanks for reading. If you have any questions about Maxihost Control please let us know.
Maxihost announced a strategic partnership with Jelastic to deliver a secure container-based private cloud solution for Brazilian ISVs and SME’s
São Paulo, February 20, 2018 — Maxihost today announced a strategic partnership with Jelastic, a cloud company that supplies full-featured container-based platform for application deployment and management to offer a turnkey Platform-as-a-Service solution product for the Brazilian market.
The new offering includes stable, data safeguarded hardware and a cost-effective PaaS with full automation, advanced scaling and simplicity in usage. This on-premise solution perfectly suits the needs of ISVs and SMEs such as financial institutions, e-commerce websites and gaming companies that need full control over their Cloud deployments, accelerating time to market while maintaining a high level of scalability.
“The Brazilian market keeps showing increasing demand for IT solutions and thus demand scalable and reliable Cloud services. To deliver that, we’re launching a turnkey combination of the advanced Jelastic PaaS technology and the reliable local infrastructure from Maxihost,” said Ruslan Synytsky, CEO of Jelastic.
Jelastic enables DevOps teams to create, test and run their projects in production, with an advanced and user-friendly Cloud platform. This provides flexibility in terms of technology (Java, PHP, Node.js, Ruby, Python, .NET, Go, Docker), project types (Cloud-native and legacy, microservices and monoliths), scaling (vertical and horizontal on container and hardware level), automation (built-in tools and open API for extra integrations), and pricing (pay as you use model based on consumption).
“The partnership between Jelastic and Maxihost enables our customers to go to market faster with a proven PaaS platform and our resilient, compatible infrastructure setup,” said Guilherme Alberto, CEO of Maxihost.
Customers can request a demo from Jelastic’s website.
About Maxihost Since 2001, Maxihost is one of the fastest growing Dedicated Server and Colocation providers in Latin America. Maxihost is an Agile data center, providing companies with the power to control their infrastructure. Maxihost brings ultra-high reliability to customers requiring levels of agility and continuity not found at different sites.
We’re advising all Maxihost customers to update their Intel, AMD and ARM processor-based servers.
Maxihost security advisories are usually sent by email to our customers, but due to the importance of this new vulnerability, we’ve also decided to publish it here.
Earlier this month a major hardware flaw appears to have been discovered in processors that could potentially have devastating consequences.
The hardware bug causes an Intel, AMD or ARM CPU to prefetch system memory areas and gain control of any application.
At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel’s memory.
The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. These KPTI patches move the kernel into a completely separate address space, so it’s not just invisible to a running process, it’s not even there at all.
We urge all customers to apply the latest security patches for their Operating systems. Linux programmers, Microsoft and Apple have all already released emergency security updates for some versions of their OSs.
Cloud and Managed Solutions customers can expect Maxihost’s Security team to apply all current and upcoming security patches.
If you’re interested in how you can protect your infrastructure from this and other vulnerabilities, learn about our newest product: Hardware Firewall.