We’re extremely excited to announce that the API that powers Control, Maxihost’s web interface, is now finally public! Head to https://developers.maxihost.com for documentation and a guide to getting started.
This has been a huge project that took us 6 months to complete. We wanted to build an easy to use and extremely resilient API that responds accordingly when you need it.
A great example of that is a queue system for server provisioning. When requesting deployment of a bare metal that’s not in stock, you can set the backorder parameter to true so the request is added to a queue. When a server with the requested specs comes back in stock, we automatically provision it.
Some technical details
Pagination is implemented following RFC5988’s convention of `Link` headers to provide URLs for the `next` page. It also provides links and meta attributes in responses if you rather not use headers.
Traffic is served on a separate domain to help shield from CSRF and session vulnerabilities, and to aid with monitoring, routing, and throttling.
Integration help for partners
For existing and new companies wanting to partner with Maxihost and integrate their software with ours, please reach out to us and we’ll be happy to discuss collaborating on an integration.
If you find any issues in the documentation or want a specific example added to it, please ping us on [email protected].
We’re excited to see what our customers will build and how they’ll use the API to better manage their infrastructure.
Containers consist in a runtime (configuration between hardware and software) that containerizes an application and all its dependencies, such as libraries, configuration files and other binaries in a single package, known as an image.
When the image of an application is created, differences between the distribution of the O.S. (Operating System) and other layers of the infrastructure are abstracted, solving one of the biggest problems of how to run a software: How to make an application work reliably in different environments.
What problems can Containers solve?
Delivery time: Containers can be created and deleted within seconds, meaning that they can be instantiated “just-in-time” since it is not necessary to initialize a whole O.S. for each new container.
Portability: Containers isolate services of an application. With that, it’s possible to move your app freely between environments, even when the server has a different Operating System.
Configuration: Changes can be made individually in each container automatically without the need of rebuilding the entire application. Because containers are lightweight, they can be instantiated when needed and are available almost immediately.
Differences between Containers and Virtual Machines
There are many differences between Containers and VMs, here are the most important:
The architecture of containers and virtual machines are different in terms of the Operating System in the sense that containers are hosted on a server with a single O.S. (the host O.S.) shared among them.
Virtual machines, on the other hand, have the host O.S. of the physical server where they are, and a guest O.S. on each of the VMs. The O.S. guest is independent of the host O.S. and might be different from one to another.
In practical terms, containers are most commonly used when you want to run applications in the same kernel. However, if you have applications or services that need to run on different Operating System distributions, VMs are usually required.
The sharing of the host’s O.S. between containers make them become very light, which reduces boot time. Because of this, the overhead (amount of physical resources required on the server) to manage a container system is much smaller when compared to VMs.
Because the host kernel is shared between containers, container technology has access to the kernel’s subsystems. As a result, a vulnerability in the application can compromise the entire host server. Because of this, giving root access to applications is not recommended.
On the other hand, VMs are unique instances with their own kernel and security settings. They can, therefore, run applications that need higher permissions.
Each image in a container is a standalone package that runs an application or part of it. As a separate guest O.S. is not required, this image can be moved between different platforms.
Containers can be started or stopped in a matter of seconds when compared to VMs due to their lightweight architecture. This makes it easier and faster to deploy containers to servers.
VMs, on the other hand, are isolated instances running their own Operating System. They can not be moved between platforms without a careful migration process being done.
For the purposes of developing the application or service where applications must be developed and tested in different environments, containers are the best option.
Containers are significantly lighter than VMs, thus requiring fewer resources.
As a result, container’s boot is much faster, since virtual machines need to load an entire Operating System to be initialized.
Another major difference is that the use of features like CPU, memory, I/O, etc., vary depending on the load or traffic on it. Unlike VMs, it is not necessary to allocate permanent resources in a container.
Because of this, it is possible to say that this technology is way more scalable.
Containers are considered the evolution of VMs and are being adopted by companies of all sizes.
Its flexibility and lower resource requirements make it a more complete choice when it comes to deploying and managing your applications.
Despite being a technology less mature than conventional virtualization, it has developed rapidly and is already the standard choice for the workloads of large companies such as Google and Walmart.
Bare Metal Cloud is a term that we’ll be hearing more and more in the coming years. As an alternative to conventional clouds, Bare Metal Cloud platforms have been growing and presenting themselves as a great alternative to virtualized environments by solving many of the problems that virtual machines deal with.
What is Bare Metal Cloud?
Bare Metal Cloud is a public cloud for physical servers, where machines can be provisioned and managed with simplicity and speed similar to virtual machines. It’s like a mix between the performance benefits found in physical servers, with the flexibility and scalability of VMs.
Those who opt for Bare Metal Cloud get access to all of the power of physical servers and the flexibility of virtualized servers, such as elastic storage capacity, on-demand network configurations, and other services they need. It is an option that offers high flexibility without giving up performance.
Dedicated Servers on a Bare Metal Cloud platforms have similar features to virtual machines and can be created and deleted in only a few minutes either through a dashboard or API, something that’s standard for any existing cloud.
In addition, they enable access to a number of common cloud tools such as O.S (Operating System) reinstallation, access to graphics and statistics, elastic storage, cloud-init scripts, security tools, and more.
Bare Metal Cloud vs Cloud
Because it is a physical machine, Bare Metal Cloud servers have the advantage of not having a hypervisor, which is a layer of software between the hardware and the operating system, responsible for virtualizing the infrastructure by segmenting physical machines in multiple VMs (Virtual Machines).
On a conventional cloud, some of the resources are consumed by the Hypervisor so it can run the virtualization layer. Because of that, you need more hardware resources to run an application in virtualized environments (called multi-tenant) than in dedicated environments (called single-tenant). For that reason, the cost of running VMs is often higher than running dedicated servers.
Also, because of the fact that you’ll be sharing resources with a bunch of other VMs, the performance of your own VM can be affected by the so called “noisy neighbor”, which consists of a user that makes excessive use of the server’s resources, impacting the security and stability of the entire virtual infrastructure. In that sense, Bare Metal Cloud platforms have a competitive advantage over the conventional cloud.
In sum, when choosing between physical or virtual servers, you first need to assess the demands of your applications and needs of your company. From this assessment you will have a better understanding on which of the options will meet your needs best.
Today we’re excited to release a new feature: OS reinstallation. Now you’ll be able to reinstall your Bare Metal Cloud servers with only a few clicks.
Users no longer have to access the Console or open a ticket and wait for the support team to perform the OS reinstall, making the process much more quicker and streamlined.
To reinstall the OS, follow these steps below:
1. Select your server in Control
By clicking on the Servers tab and on the server you want to perform the OS reinstall.
2. Click Reinstall
In the Server Settings screen, select the Reinstall option on the left side navigation. A new screen will open with the available OS options.
3. Choose the OS and perform the reinstallation
Click on the drop-down menu and select the desired OS from the list. Confirm your choice by clicking the Reinstall button.
4. Wait for the process to complete
After completing all three steps, the system will automatically format the hard drives and install the new OS. Once the new installation is completed, you will receive an e-mail with the new login info.
Your new OS is now installed and ready to use. Check it out now and tell us what you think.
We are excited to announce the release of new features in Control. We’ve added a feature to make it easier to quickly deploy new servers, a new feedback widget, and layout adjustments to make the dashboard more streamlined and easier to use.
We’ve developed a completely new server creation screen, allowing you to deploy a new Bare Metal instance with the settings you choose in 15 minutes. This makes it easier and faster for you to scale your IT infrastructure.
Your opinion is very important to us so we’ve created a tool where you can provide feedback directly from the dashboard. With it you can evaluate your experience with Control and share your thoughts on how we can make it better.
New menu layout
The Invoices menu item has been moved to Billing under the Settings menu. This helps you access all your settings in one place.
Thanks for reading. If you have any questions about Maxihost Control please let us know.
Maxihost announced a strategic partnership with Jelastic to deliver a secure container-based private cloud solution for Brazilian ISVs and SME’s
São Paulo, February 20, 2018 — Maxihost today announced a strategic partnership with Jelastic, a cloud company that supplies full-featured container-based platform for application deployment and management to offer a turnkey Platform-as-a-Service solution product for the Brazilian market.
The new offering includes stable, data safeguarded hardware and a cost-effective PaaS with full automation, advanced scaling and simplicity in usage. This on-premise solution perfectly suits the needs of ISVs and SMEs such as financial institutions, e-commerce websites and gaming companies that need full control over their Cloud deployments, accelerating time to market while maintaining a high level of scalability.
“The Brazilian market keeps showing increasing demand for IT solutions and thus demand scalable and reliable Cloud services. To deliver that, we’re launching a turnkey combination of the advanced Jelastic PaaS technology and the reliable local infrastructure from Maxihost,” said Ruslan Synytsky, CEO of Jelastic.
Jelastic enables DevOps teams to create, test and run their projects in production, with an advanced and user-friendly Cloud platform. This provides flexibility in terms of technology (Java, PHP, Node.js, Ruby, Python, .NET, Go, Docker), project types (Cloud-native and legacy, microservices and monoliths), scaling (vertical and horizontal on container and hardware level), automation (built-in tools and open API for extra integrations), and pricing (pay as you use model based on consumption).
“The partnership between Jelastic and Maxihost enables our customers to go to market faster with a proven PaaS platform and our resilient, compatible infrastructure setup,” said Guilherme Alberto, CEO of Maxihost.
Customers can request a demo from Jelastic’s website.
About Maxihost Since 2001, Maxihost is one of the fastest growing Dedicated Server and Colocation providers in Latin America. Maxihost is an Agile data center, providing companies with the power to control their infrastructure. Maxihost brings ultra-high reliability to customers requiring levels of agility and continuity not found at different sites.
We’re advising all Maxihost customers to update their Intel, AMD and ARM processor-based servers.
Maxihost security advisories are usually sent by email to our customers, but due to the importance of this new vulnerability, we’ve also decided to publish it here.
Earlier this month a major hardware flaw appears to have been discovered in processors that could potentially have devastating consequences.
The hardware bug causes an Intel, AMD or ARM CPU to prefetch system memory areas and gain control of any application.
At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel’s memory.
The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. These KPTI patches move the kernel into a completely separate address space, so it’s not just invisible to a running process, it’s not even there at all.
We urge all customers to apply the latest security patches for their Operating systems. Linux programmers, Microsoft and Apple have all already released emergency security updates for some versions of their OSs.
Cloud and Managed Solutions customers can expect Maxihost’s Security team to apply all current and upcoming security patches.
If you’re interested in how you can protect your infrastructure from this and other vulnerabilities, learn about our newest product: Hardware Firewall.
Keeping your account safe is an extremely important part of what we do at Maxihost. Today, we’re giving you a way to add extra security to your account by enabling two-factor authentication (TFA).
Why you should care
Two factor authentication provides stronger defense against credential theft attacks. It’s an easy way to verify that you’re who you say you are when signing in to Maxihost.
After typing in your password, just insert your six-digit code from an authenticator app such as Google Authenticator.
How to use it
To set up TFA on your account, log in to Control, click on Settings and then click on Security. From there you can click the enable button to start the setup process:
Once TFA is enabled, the next time you want to gain access to your account you’ll be prompted for your 6-digit code.
We highly encourage you to save your backup code—located right under the QR code when enabling TFA—in a safe place. If you lose your device and don’t have your backup code, you’re going to have to go through a really inconvenient process to verify your identity and get back into your account.
Safeguarding your data is a top priority. Today, as part of that effort, we’re happy to announce that Maxihost has achieved certification with ISO 27001.
ISO 27001 is recognized as the premier information security standard around the world. We’re excited to share this certification with Maxihost customers around the world.
In meeting the strict requirements of the International Organization for Standardization (ISO), we’re showing our commitment to using the best practices for information security management.
The 27000 series refers to the ISO family of standards dealing with information security. ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the organization. It also includes requirements for the assessment and treatment of information security risks.
Achieving ISO 27001 certification signifies that we’ve demonstrated our promise to continually improve the security of your data under the ISO/IEC 27001:2013 standard, shows Maxihost’s expertise in information security management and the company’s dedication in having the top levels of security in place.
Privacy and data protection regulations and norms vary around the world, and we’re confident this certification will help our customers meet their compliance needs.
Maxihost is committed to progressive improvement in information security standards. Our goal is to protect the data of our partners, customers and employees in this ever-evolving threat landscape.
You can view our ISO 27001 certificate here.
When deploying a server, security is always a major concern. The Internet is full of malicious code that examines vulnerabilities and open ports.
At Maxihost, we are constantly working to make the partnership with our customers easier and more transparent. Because of that, we decided to simplify how we sell our DDoS Protection service. We’ve moved from a model that was not very clear to most customers, ranging from $160 to thousands of dollars to a much simpler, straightforward pricing model: $169 per server.
The new pricing is already available for new customers here. If you already use our DDoS Protection service and want to change to the new pricing model, simply reach out to [email protected] and we’ll put you on the new plan.
Interested in protecting your servers against DDoS attacks? Contact us and see how we can help.