Panix V-Colo Frequently Asked Questions

Words or phrases marked with this icon

will open a helpful Wikipedia article.

Answers

Panix and Xen

What is Xen? What is a Hypervisor or a Virtual Machine Monitor?
A Hypervisor , or Virtual Machine Monitor, is software that makes one computer seem to be many "virtual machines", each one capable of running an operating system that functions entirely independently of any other. Each OS is completely isolated from every other, and each one thinks it has sole control over all the resources of the machine. With this isolation comes security- even if one of the virtuals is compromised, the others are unaffected.
Xen is an Open-Source hypervisor with very widespread industry acceptance.
Links:
- Xen developers' site
- XenSource, a commercial company that promotes Xen

Why choose Xen over other options?
Xen has much better performance than other virtualization products- as little as one-tenth the overhead. This makes it cheaper to run, but it also makes every virtual perform better on I/O operations- that is, using disk storage or the network. Xen is now becoming the de facto industry standard for virtualization, with the support of almost all of the major industry players, including Intel, IBM, Sun, AMD, Cisco, Dell, HP, Novell, and Red Hat, among others.
Xen is Open Source Software, so it benefits from a rapid development pace and good security.

Does Panix contribute to the Xen project?
Panix has a NetBSD developer on staff. We've contributed significantly to the NetBSD Xen port.

What kind of support do you provide?
Please see our support page.

Why don't you offer (X, Y, Z) distributions?
We have to make sure that any distribution we offer has been tested so that we know it's stable. Only reasonably modern kernels will work with Xen, so some older ones will not be available. We already support a number of distributions of Linux, as well as FreeBSD, NetBSD, and Solaris. (We even allow oddities like Plan9, though with reduced support, and you have to order it by talking to us, not through our web page.) If we don't list what you're looking for, please ask - we can often add support for distributions in a few days.

What kind of hardware is Panix using for the V-Colo service?
Some Legacy hardware differs slightly from the hardware listed here, but not in any significant ways (so for example, we may still have a few 36GB disks in use, but they're all Fibre Channel 10k RPM, not consumer SATA drives).
- CPUs - All servers are Intel Xeon multiprocessor 1U rackmount units. As of late 2008 most are configured with two CPUs (8 cores) and 24GB RAM.
- SAN Disk Storage - All servers have Fibre Channel interfaces to our SAN. Our disk arrays are all 10k (or in some cases 15k) RPM Fibre Channel disks. All "disks" provided for customer V-Colos are actually a mirrored (redundant) pair of disks spread between two chassis.
  Unlike many (most?) Virtual Colo services, we do not use consumer-grade (SATA or PATA) disk drives. Consumer drives offer much more storage per dollar, as opposed to the drives we use, but they have a number of disadvantages. Aside from inferior performance, the key disadvantage is that they must attach to a specific server, whereas our disks are all connected to the SAN, and thus available for use by any SAN-attached server.
  Since there are no disk drives inside individual servers, a server hardware failure does not require lengthy downtime in order to dispatch an admin to the server location, remove disk drives, put them in another server, and boot it up. Instead, we can simply assign the disk volumes on the dead server to other servers with spare capacity, and boot up the virtuals on their new home right away.
- Internet connection - As of late 2008, our V-Colo servers connect to the Internet primarily through both Level3 and Cogent. Other carriers may be used in unusual circumstances and this may change over time, but we will always maintain at least two separate connections "upstream", each with enough bandwidth to support 100% of our V-Colo customer usage.
- Physical infrastructure - Panix V-Colos are currently located at a Navisite Colocation center in Manhattan. Power is backed up by dual generators and batteries. We also have some V-Colo space at Level3, which we use primarily for larger customers who require physically diverse locations for multiple V-Colos. Please contact us directly if you need physically diverse V-Colos.
- Rsync Backup server - Our backup server is a server with many large low-cost disks (we don't use the SAN for our backup server). It backs up all Panix servers, and now V-Colos as well. Tapes (actually, removable disks) are made from this server, for Panix hosts, but not for V-Colos unless customers specifically arrange for this, for an additional charge. Even without taping, however, customer files are always backed up on the rsync backup server, and can be retrieved in case of disaster.

Don't you know it's spelled "Collocate" and not "Colocate"?
Well, that's what the dictionary says today. But dictionaries are made by those who spell, or something like that. We like it better with one "l", and so does about 33% of the rest of the world (based on Google hits... and it was 20% when we first wrote this a year ago). Think of it as the cutting edge of spelling technology. In ten years, most people will spell it our way.

"Spelling technology"? You can't be serious!
Semiserious. As you may have noticed, we don't put punctuation inside quotation marks either, unless it's part of the quotation. Shall we get back to V-Colos now?

Practical matters

Can I upgrade to a bigger virtual machine later on?
Yes. You can change services, and increase any add-ons you may have, at any time. You can also decrease your services or add-ons at any time, unless you are pre-paying yearly. (You can't downgrade prepaid services.)
Almost any change can be made through our web control panel and will take effect immediately, though you may need to reboot your server to make use of increased resources. (Try out our web control panel here, using username "demo" and password "demo".) Service decreases also take effect immediately, but billing at the lower rate starts at the beginning of your next billing period.

How do I figure out how much disk space my distribution will need?
RAM and disk space usage are basically identical to what they'd be if you were running an actual (not virtual) server. The space taken by the various OSes and distributions we support is listed here, along with brief descriptions of what's included with each install. Of course, you can add or remove anything you like to your server- a truly stripped-down system might run in just a few hundred MB or less.

How can I increase my disk space or RAM, get more IP addresses, or get additional transfers? Can I reduce my service level or add-ons?
You can log into the web control panel to modify your settings, which become active upon reboot. (You can try it now, using username "demo" and password "demo".)

You can also reduce your service level or add-ons at any time. However, the change will not be reflected in your bill until the beginning of the next billing cycle.
Note: If you are reducing your disk space, either by giving up additional disk blocks or by reducing your level of service, you must first ensure that you have enough disk space to continue.

What's a GiB? How big are your GB? What about MiB and MB?
Short answer: We always use the larger number, so you're getting more for your money.
Long answer: The true meaning of "Gigabyte" ("GB" for short), as defined by international standards-setting organizations, is 1000 * 1000 * 1000 bytes (exactly one billion bytes). However, in the USA, when people speak of a "Gigabyte", they normally mean 1024 * 1024 * 1024 bytes, or 1,073,741,824 bytes. So when you see people talk about (for example) a Gigabyte of RAM, they always mean 1,073,741,824 bytes. Similarly, a Megabyte ("MB") is defined as 1,000,000 bytes, but most people mean 1024 * 1024 = 1,048,576 bytes.

The one exception to this rule is the disk drive industry. Disk manufacturers always use the "true" meaning of the words "Gigabyte" and "Megabyte". So a 100GB disk will hold about 100,000,000,000 bytes, and not 107,374,182,400 bytes.

On the Panix V-Colo pages, all references to "GB" or "Gigabytes" refer to the larger (1073741824) value, including virtual disk drive sizes. So, for example, a 3 GB configuration includes 3,221,225,472 bytes of storage, not 3,000,000,000. Similary, our "MB" always mean 1,048,576 bytes.

"GiB" is the short form for "Gibabyte". This is the correct term for the larger value (1073741824) above. "MiB" is short for "Mibabyte", the correct term for what we're calling "MB". However, almost nobody in the USA uses "GiB" and "MiB", and many outside the USA don't use it either.

To avoid confusing those who are not steeped in the arcana of standardized weights and measures (that is, just about everybody), we're using the popular "GB" instead of "GiB", and "MB" instead of "MiB", even though "GB" and "MB" are technically incorrect, throughout our site.

What happens if my server does more data transfers than I've paid for? Can I limit how much data my server can tranfer? How can I get an idea of how much I've used so far?
The vast majority of our customers never reach the limit of transfers included in their level of service, and thus never need to pay extra.

Each V-Colo package includes transfers up to a given limit (in GB/month).. You may also order additional transfers in blocks of 1GB/month or in cheaper bulk blocks of 25GB/month. In addition to the transfers you order in advance, we ask you to specify a specific dollar limit on transfers above the allocation included in your order. (That limit can be $0.00 or whatever dollar amount you choose.) We'll convert that to gigabytes at the standard rate (as of August 2008 40 cents/GB) and allow that much over your allocation. If you go over your allocation, we'll start billing at the standard rate, and if you hit the maximum you've specified, your virtual will have net access disabled (though you can still access it via the console) until the start of the next billing period.

Here's an example, based on pricing as of August 2008. The specific numbers may change, but the principle continues to apply: Say that you buy a package that includes 400GB of transfers for $40/month, and you also buy two "bulk" blocks of transfers (each 25GB/month @ $8). Your total allocation is 450GB/month. Suppose you also specify a limit of an additional $14/month in excess transfers. That means your monthly bill will be $56 ($40 + 2 x $8) in a month when you don't go over 450GB in transfers, but it could be as much as $70 ($56 + $14) if you do. So let's say you have 455 GB of transfers in a particular month: The first 450GB are included, and the remaining 5 GB are be billed at the standard rate or $.40/GB, which comes to $2.00, for a total bill of $58.00. If your server had hit 485 GB of transfers, it would have reached the $14 limit ($70 for your total bill) you specified, and it would have been blocked from further internet access until the start of the next billing period (or until you decided to pay for more transfers).

You can purchase more bulk transfers for the current billing period at any time up through the the end of the period. However, once the period is over, you can not retroactively purchase transfers at the bulk rate.

You can only specify up to $50/month of extra transfers. If you think you will need more than that, buy bulk transfer blocks in advance. You can always decrease your order in following months.

Remember that you can see how much traffic your server has sent in the current billing period, by logging in here.

How exactly do you measure transfers used? Is there any limit on how many transfers I can do?
To measure your use of transfers, we use "flow accounting" on the routers that handle all V-Colo traffic. The size of every packet sent to or from your V-Colo, except for traffic to the rsync backup server, is summed every fifteen minutes and added to your totals for the month. Whichever total (sent or received) is larger is your total transfer usage. At the beginnning of every billing period, we reset your totals to zero.

Traffic between V-Colos is free and does not show up in your usage report (just like traffic to the backup server, if any). However, if you are have multiple V-Colos, and have requested physical diversity (putting them in different data centers), then traffic between your V-Colos that crosses between data centers will count as transfers. We will not put your V-Colos in different data centers unless you *explicitly* ask us to, so you don't need to think about this unless you've done so.

There is a limit of 100Mbps on any transfers to or from your server. Practically speaking, you are unlikely to ever be in a situation where you can see this limit, since all transfers over the Internet are likely to be slower than that, unless you have a very fast machine with a very fast connection somewhere else on the net- much faster than a home DSL or Cable connection. You are also limited by the transfers you purchase. If you use more than the amount you paid for, and then use up all the excess transfers you authorized us to bill you for, your connection to the net will be shut down until the start of the next billing cycle (or until you authorize an increase in the excess transfers). More details are available in this FAQ.

If I use the free rsync backup service, won't that use up all of my transfers?
No. Our software specifically excludes rsync traffic from its tally of your network usage. Transfers to our rsync server are free.

How do you charge for services- before they're used, or after?
We charge (or bill you) in advance for fixed-fee services. That includes everything except for excess transfer fees. In this, we're just like your phone or cable companies (except that we don't suck)- typically, they also bill you ahead of time, for the service they're about to deliver, for all fixed-cost services.

When you incur excess transfer charges, we charge (or bill) you for them on your next bill. Again, this is just like your phone or cable companies- they may bill in advance for basic service, but they bill on the next statement for long distance, or pay-per-view, or other services that incur charges only when used.

For now, the only service we have that can accumulate charges is excess transfers. If you want to make sure that you never get billed for such charges (perhaps because you have a strict budget), or if you want to limit them to a certain maximum amount, you can do so. See this FAQ entry for info on how to do that.

How do I close my account?
You can do this from the Web Control Panel, or you can We'll ask you to authenticate over the phone using the challenge and response you set up with your account. (Please don't send them in email. That's not secure.)

On the technical side

How do I reboot my server? How can I get to it in single-user mode?
You have three options:
- You can reboot your machine, optionally into single-user mode, from our web control panel using this link.
- You can log into your machine normally (if it's running normally) and use the normal commands to reboot.
- You can reboot your machine from its console, if it's running (even in single-user mode), by logging in through our console server. See the Console Access page (which you can bookmark, or reach from the Web Console link in the left sidebar).
If you do reboot in single-user mode, of course, you'll only be able to reach your server through the console, until you bring it up in multi-user mode again.

How do I log into my console? How is the console different from a regular login?
You can log in to your server using ssh (or telnet, if you want). But the console is different- it's like a keyboard and screen physically attached to your server. Even if the network is down (perhaps because you've reached the limit you set on transfers for the current billing cycle), you can still attach to your console, which you can reach from the Web Console page.

How do I get superuser access on my system?
Use the root password and log in as root, or use "su" or "sudo" after logging in with a non-privileged account.

How do I change my root password? What do I do if I lose/forget my root password?
If you know the password, you can change it just as you would on a non-virtual server (using "passwd", in most cases).

If you don't know your password, connect to our console server and reboot the system in single-user mode (you can also reboot it from our Control Panel). Then use the console server to connect to your V-Colo's console, log in (without a password, since it's in single-user mode), and set a new password using the usual tool (typically "passwd").

How do I install a new distribution on my virtual server?
You can do this from the Web Console.

How can I find out what versions of software will be installed on my virtual, with each of the distributions?
In general, we provide the version that comes with each distribution. It is possible that we may provide a few specific updated/patched binaries to deal with severe security problems in the vanilla distribution. However, in general, we do not tamper with the contents of the distributions, so you'd be well advised to update your distribution as appropriate.

Over time, we will fill in more and more detail on our Operating Systems page.

How do I take advantage of the nightly rsync backup service?
It's set up for you automatically when we first install your server. You just have to remember not to break it by damaging the configuration we've set up. That configuration exists in these four files:
```
       /etc/xinetd.d/rsync     (Linux FC4)
       /etc/inetd.conf         (NetBSD)
       /etc/rsyncd.conf
       /etc/rsyncd.secrets
```
If you do manage to mess it up by accident, let us know and we'll help you fix it.

You may want to disable rsyncing temporarily (for example, if you want to prevent further backup runs, until we recover a file for you that was backed up previously). The easiest way to do that is to be root and then type:
```
	mv /etc/rsyncd.secrets /etc/rsyncd.secrets.saved
```
When you're ready to reenable rsyncing, just undo it:
```
	mv /etc/rsyncd.secrets.saved /etc/rsyncd.secrets
```
To invoke it, you can use this command line (where NNN is the number of your V-Colo):
rsync -a rsync://vcNNN@backup.vc.panix.com/vcNNN/path/of/files/wanted/ /path/to/restore/directory/
Though this may appear as two lines on this web page, make sure you type it in as one line.

What happens if I don't use the rsync backup service?
Nothing. But if something catastrophic happens to both halves of the mirror your data is on, and you're not using this service, there will be NO BACKUP of your data anywhere on our network. For some people, that's just fine. Make sure that you're one of those people before you choose not to use our backup service.

Note that our tape backup service tapes from our rsync server, so you MUST leave the rsync service running if you want to make use of our tape backup service.

How do I get data back from the backup service?
Just ask us.

How many generations of backups are available for recovery?
Just one. If you need to archive your data over time, you'll need to make other arrangements for this. One option would be to purchase tape backup service from us. Since we tape from our rsync backup server, you'll need to allow us to rsync your data in order to be able to tape it. Please contact us if you'd like to order tape backup. When you do make sure you understand how many generations of backups we keep, and that that's sufficient for your needs.

How do I restore my host if it gets irretrievably corrupted?
If you really can't fix it, we may be able to restore it from our rsync backups. But if even that won't work (perhaps because the damage was done long before it was discovered, and the backups contain the broken files too), you can always start from scratch. Pick an OS distribution you want installed on your server, from the Web Console.

Does Panix block any ports or kinds of traffic?
Not normally, but we reserve the right to do so in response to emergencies, such as an ongoing Internet virus/worm crisis. It is also possible that we will block outbound port 25 (SMTP), if mail abuse gets bad enough. We aren't planning on it at this time, though.

Does my virtual server need a domain name? If it has one, can I have a reasonable reverse DNS entry?
It doesn't need a domain name, but you can register one if you prefer. If you don't, it'll have a name like "vc293.vc.panix.com".

Its reverse DNS will also look up to such a name by default. However, you can use the Web Console to change it.

What kind of performance can I expect from my V-Colo server? How are customers protected from other customers using too many resources?
Performance analysis for V-Colos can be broken down into two major areas: CPU and Disk I/O.

CPU performance is guaranteed to be no less than that of a 100MHz Pentium for every 100MB of RAM in your V-Colo. So if you order a system that comes with 300MB RAM, you will have the performance of at least a 300MHz Pentium. In fact, most of the time, most V-Colos are not using all of their CPU allocation, and any spare CPU is shared between those V-Colos that want it, again in proportion to their RAM size. So most of the time, you'll have much more than your minimum CPU allocation available to you. This is all accomplished by Xen, which allows us to guarantee CPU time, and assign proportions of CPU time, in whatever manner we choose.

Disk I/O performance is a much trickier issue. In rare cases, it is possible for a V-Colo to generate an enormous disk load that will dominate disk I/O, to the detriment of other V-Colo users. Xen itself helps tremendously here, because it is much much faster than other virtualization technologies, for disk I/O performance. Nevertheless, we are taking two approaches to solve this problem:
- We're throwing resources at the problem, by using mirrored fast Fibre Channel disks, instead of the low- cost and much lower-performance PATA or SATA disks that most other service providers use.
- We're planning on adding a disk I/O scheduler which will guarantee a reasonable minimum of I/Os per second to every V-Colo. However, our operational experience has been that there is little need for this with our current architecture, so for now this has a low priority.
Coming soon: Dedicated disks for V-Colos. Please contact us if you'd like to be one of our early adopters.

I've noticed the clock on my server is off a little bit. What's wrong, and what can I do about it? Most of the time, your clock will be right. However, there are some things that can make it wrong. For example, we may "suspend" your virtual to migrate it to different hardware (we'd only do this in case of impending hardware failure, or for other good administrative reasons), or for scheduled maintenance. When we resume your OS, your system would have lost some time. There may also be bugs in Xen, or your operating system, that could conceivably cause the clock to be wrong, though this would be very unusual.
There are several solutions to this. The simplest one is to run "ntpdate" out of cron every hour (or day, depending on how much you care about timekeeping). Alternatively, you can run ntpd. However, there's a problem- ntpd will die if if sees time of out of sync by more than 1000 seconds (by design). The "-g" flag will prevent this, but just once. So, the safest thing to do would be to use a script that did this:
```
 while : ; do
                ntpdate {options ...}
                ntpd {options...}
        done 
```
Start that script when your OS starts (from rc.d, rc.local, or whatever you like).
You may find that this happens rarely enough that you don't care. When you do notice it, you can always run "ntpdate" by hand, or even reboot.

I just bought a new IP. How do I get the v-colo to see it?
Add the ip to the appropriate (OS specific) config files. Then either use ifconfig to bring up the new interface, or reboot.

Dedicated Disk coming soon!

Dedicated Disk FAQs

Why are dedicated disks such odd sizes? Nobody sells actual disks that are 65GB.
Consumer disks ("SATA") come in large sizes with round numbers, like 500GB. We use server-class disks that connect to our storage area network ("SAN") using the Fibre Channel interface. Those disks are faster, more reliable, more expensive, and smaller in capacity. The disks we use are rated as 73GB, 146GB, or 300GB. However, all disk manufacturers count a GB as 10^9 bytes, whereas we (and you) use 2^30 bytes, which is a larger number (see this FAQ ). Furthermore, we take a few GB from every disk we use for administrative purposes. However, we do not access that administrative partition under ordinary circumstances, so this doesn't reduce your disk I/O performance.

You should also keep in mind that (for example) a 65GB disk is exactly 65GB of usable but unformatted space. Most customers will be formatting their disks with a filesystem, and filesystems use up some space for bookkeeping overhead, resulting in a formatted capacity of somewhat less than 65GB.

Am I really getting *all* the use of the disk?
When you order 65GB, 130GB, or 270GB disks add-ons, you must select the "private disk" option, which is free. Assuming you've done so, then yes, you get 100% of the I/Os to your private disk in ordinary day-to-day operations. During maintenance (which is significantly less than 0.1% of the time) we may have short periods of access to the administrative area of the physical disk your disk block is on.

What kind of disks are you using for dedicated disks?
We're using the same disks we use for our shared disk resources - 10K RPM fibre Channel disks, currently the 73, 146, or 300GB sizes. By special order at a higher price, we can also provide 15k RPM FC disks.

How are dedicated disks different from regular V-Colo disk space?
Physically, they're the same (unless you're paying for 15k RPM disks). For daily use, they appear to you to be exactly like our normal shared disk resources (except that performance is better and invariant). However, most administrative changes to your disk usage that you might want to make (for example, deciding that you don't need a whole disk and eliminating your dedicated disk option) will require some action on the part of a Panix administrator. Thus, unlike ordinary administrative changes you make which happen as soon as you confirm them in our web interface, dedicated disk changes may take a business day (or in rare cases more) to take effect.

What options are available to me for mirroring, striping, or RAIDing dedicated disks?
Every dedicated disk you get from us is actually two identical mirrored disks (just as our regular shared disk space is actually mirrored). Each disk resides in a separate chassis, with a separate path to our FC network. Aside from this, we do not normally offer other RAID options to our customers, though you can set up any sort of RAID you like within your VC using the tools provided by your OS. Customers with special requirements may be able to order special services at a higher cost.

Panix V-Colo Frequently Asked Questions

Panix and Xen

Practical matters

On the technical side

Dedicated disk coming soon!

Dedicated Disk FAQs

Answers

Panix and Xen

Practical matters

On the technical side

Dedicated Disk coming soon!

Dedicated Disk FAQs