this post was submitted on 01 Aug 2023
35 points (83.0% liked)

Selfhosted

40710 readers
563 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I started migrating my servers from Linode to Hetzner Cloud this month, but noticed that my quota only gave me ten instances.

I need many more, probably on the order of 25 right now and probably more later. I'd also like the ability to create test servers, etc.

I asked for an increase with all of that in mind, and Hetzner replied:

"As we try to protect our resources we are raising limits step by step and on the actuall [sic] requirement. Please tell us your currently needed limit."

I don't understand. Does Hetzner not have enough servers to accommodate me? Wouldn't knowing the size of the server be relevant if it's an actual resource question?

I manage a very large OpenStack cluster for my day job and we just give people what they pay for. I'm having a hard time wrapping my head around this unless Hetzner might not be able to give me what I ultimately want to pay for, and if that's the case, I wonder if they're the right solution for me after all.

It also makes me worry about cloud elasticity.

Does anyone have any insights that can help me understand why keeping a low limit matters?

all 20 comments
sorted by: hot top controversial new old
[–] [email protected] 70 points 1 year ago (1 children)

Just answer them with a little explanation like you did here, you will be fine. Done that, been there.

They just want to protect against people buying lots of servers for a short time, then not paying or doing ddos shit.

[–] 7fb2adfb45bafcc01c80 17 points 1 year ago (1 children)

Thank you. I hadn't considered the payment part. The cloud system that I manage is in education, so everyone pays in advance.

This makes sense, and I'll start with a lower number and ask it to go up later. It will take a couple of months to migrate everything from Linode anyhow, so I don't need them all at once.

[–] TheInsane42 20 points 1 year ago

Hetzner has been used for ddos attacks and spam runs, so they're cautious. You pay afterwards, I get the bill the 3rd of the month.

Also, be advised, sending email out is blocked by default and can be unblocked 30d after creating the 1st vps when the 1st invoice is paid. BTW blocking is pretty simply a block on port 25 and 465, so rerouting to anothe rport to a relay works when you need it the 1st 30 days. (for say monitoring)

[–] [email protected] 28 points 1 year ago

Maybe they got burned by too many assholes that run hundreds of VM on a stolen credit card to send spam or other bad behavior. At the end of the month they'll get a chargeback and they'll have to pay everything back

I'm sure the quota increases over time or can be manually increased.

For example, new accounts on dellmont voip can only make $10 in calls each month

[–] [email protected] 15 points 1 year ago* (last edited 1 year ago)

High cloud elasticity just increases the costs and environmental impact as the cloud is just someone else's computer and having a lot of them just sit there and do nothing is a waste.

Hetzner's relatively low prices are in part because of their very efficient hardware management.

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago)

A posible attack from an untrusted client, is to create a lots of VMs in a short period of time.

1440 VMs running for a minute cost the same as a single one running for a day. 43200 VMs running for a minute cost the same as a single one running for a month.

Therefore, attacks are kinda cheap, ~~specially if you are paid by the competence.~~

So, for an untrusted client, the best is to limit the maximum number of VMs she can create.

AWS does something similar. I recall something like 20 VMs as the limit for a new client.

Edit: Here are AWS docs about that: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html

[–] [email protected] 9 points 1 year ago (1 children)

So, did you tell them your currently needed limit?

[–] 7fb2adfb45bafcc01c80 10 points 1 year ago (1 children)

I told them everything that I wrote here in my original request -- I need 25 now, but would like a quota of 50 to maintain elasticity, testing, etc.

They followed up with the request for actual resources needed.

I haven't answered since then.

[–] eleitl 4 points 1 year ago

I had no problems communicating a higher limit. They are not AWS but you can get 100s of instances.

[–] [email protected] 3 points 1 year ago

Hetzner is a German company. We don't do this Internet thing very well. I guess they don't think anyone could have any reason to have more than one Server, but to be sure, they allow ten.

[–] ChrislyBear 0 points 1 year ago

Why not renting a few machines and virtualizing yourself? Can you install ESXi on a Hetzner server?

[–] johnnyfive -4 points 1 year ago (1 children)

In general everyone should use 1-2 servers, 10 is not exactly a low number. Even in the most boring players like AWS, using 1 month and paying the bill will already give you higher limits.

[–] 7fb2adfb45bafcc01c80 9 points 1 year ago (3 children)

My identity infrastructure alone uses a whole bunch of servers.

There are the three Kerberos servers, the two clusters of multiple LDAP servers behind HAProxy, the rabbitmq servers to pass requests around, the web servers also balanced/HA behind HAProxy... For me, service reliability and security are two of the biggest factors, so I isolate services and use HA when available.

[–] [email protected] 10 points 1 year ago (1 children)

Just for yourself? Why not rent or colo a dedicated server or two or three and install a hypervisor? What all do you even run for yourself that needs 25 servers?

[–] [email protected] 7 points 1 year ago (1 children)

Maybe OP is not doing this just as a hobby and has actual serious workloads?

I've had this kind of problem with Vultr, i was very pissed off when I found it but their support raised my limits when I explained what I'm migrating. I also had the comfort of being able to migrate in stages, 10 machines in the first month, then the rest. Maybe this appropach would work for you.

Credit card companies and Paypal are a big problem to hosting companies. They will happily apply chargeback after you provided a month of service to your client, because it took them a month to detect the transaction was fraudulent. How is it the hosting company's problem?

[–] [email protected] 5 points 1 year ago

Yeah maybe. I just read it as it's personal stuff based on this line.

I manage a very large OpenStack cluster for my day job and we just give people what they pay for.

[–] johnnyfive 2 points 1 year ago

it wasn't a criticism of your project, it's just a layer of security for these companies. you asked for a raise and they apparently responded promptly.

[–] [email protected] 2 points 1 year ago

Sounds really expensive... Do you have enough traffic to require so many servers?