Category

Technical

Why your compliance scan keeps failing

By | General, Technical | No Comments

At Anchor, a large number of our customers seek various certifications for their hosted properties. These commonly include PCI, IRAP and many others. The business drivers for undertaking a certification programme vary between customers, but often involve the need to meet some form or regulatory or industry compliance requirement. Whilst it may not be the initial driver, the fundamental goal of many of these activities is to reduce business risk by¬†improving¬†security posture. We’ve become accustomed to dealing with auditors to assist our customers in undertaking certification initiatives. Unfortunately, just as in any industry, the quality of service, analysis and rigour that these entities employ can vary wildly. Automated scans Auditors commonly use automated tooling as an initial mechanism when assessing the compliance of a hosted infrastructure against the certification that…

Read More

Bugfixing KVM live migration

By | Technical | 2 Comments

Here at Anchor we really love our virtualization. Our virtualization platform of choice, KVM, lets us provide a variety of different VPS products to meet our customers’ requirements. Our KVM hosting platform has evolved considerably over the six years it’s been in operation, and we’re always looking at ways we can improve it. One important aspect of this process of continual improvement, and one I am heavily involved in, is the testing of software upgrades before they are rolled out. This post describes a recent problem encountered during this testing, the analysis that led to discovering its cause, and how we have fixed it. Strap yourself in, this might get technical.

Read More

Putting OpenBSD in the cloud

By | Technical | 3 Comments

One of my recent personal interest projects was to get OpenBSD cloud images running on our OpenStack cluster. I used and extended the same pcib software we use for building our Linux images. In doing so, I learned some cool new things about OpenBSD and learned more about its limitations. Overall, I found adapting OpenBSD to the cloud to be a surprisingly straightforward experience, given that the OpenBSD developers eschew the complexity of x86 virtualisation. I credit this to the OpenBSD project’s approach of emphasising simplicity, correctness and portability in its design choices. Bootstrapping OpenBSD We begin with the tedious, yet rewarding task of putting all the bits into place which extract an OpenBSD filesystem tree into a chroot and make it bootable. The bulk of this work happened in…

Read More

Round ’em up with Jessie

By | Technical | No Comments

A new version of the Debian operating system, version 8 (codename “Jessie”) was released over the weekend. Just as we did two years ago with Wheezy, we are now immediately offering Debian Jessie as an option for new customers. This includes our new OpenStack infrastructure, where Jessie is our recommended option for Managed Operations and Unmanaged instances. If you already have a Debian server with us and would like to upgrade, drop us a line and we’ll be able to advise as to what’s involved to support your stack on Jessie. To find out more about the services we can offer, visit http://www.anchor.com.au/.

Read More

Making Magento Shine with Varnish – Part 1

By | General, Technical | One Comment

Developing for the web can be overwhelming – the stack of technologies involved has only grown over the years, whilst customers demand faster and more responsive websites. Performance is often an afterthought, partly because it can be tricky to define. New features are tangible and easily demonstrated, but it can be difficult to make a business case for performance during the development stage. Yet as studies by Akamai, Google and Amazon have shown, the success of e-commerce sites in particular is closely linked to how they perform. Magento is a popular e-commerce framework that offers a wealth of customisation through an extensible design, though this flexibility can easily result in slow, sluggish websites if you aren’t careful. But what does it even mean for a website to be slow or…

Read More

HTTP Basic Authentication in Snap Framework

By | Technical | One Comment

Hi, I’m Geoffrey Roberts, one of the web developers at Anchor. I’d like to discuss something I’ve built in Haskell, and hopefully give you some ideas for other things you can do in terms of web development with the language. I’ve been working on some web frontends in Snap Framework lately, and came to a point where I needed to know who was accessing the frontend, and whether they were allowed to use it. Seeing as the application needed to support both human-visible and RESTful interfaces, I realised that I couldn’t really use any off the shelf authentication methods. While Snap does provide you with something out of the box to do authentication, it’s intended for human-usable interfaces only, since it’s reliant on cookie-identified sessions. Also, most of our other…

Read More

DNS records and DNS management – an overview

By | General, Technical | No Comments

Arthur C. Clarke’s third law of prediction states that “Any sufficiently advanced technology is indistinguishable from magic” – a fair description of the elation you feel when after hours of stumbling around in the dark you finally fluke the right DNS configuration change and BAM! – your blog, website, mail server or load balancer suddenly springs into life. Well, that’s true for me anyway! DNS (or the Domain Name System) can be a complicated beastie if you’re not working with it day in and day out; it is however an essential building block that makes the Internet possible and if you have ever tried to get a website online you’ll have had to muck about with DNS records at some point in your life (and probably will again!). The role…

Read More

What is cloud storage?

By | General, Technical | 3 Comments

Storage ain’t storage anymore – not in the world of web hosting anyway. Long gone are the days of servers writing to locally installed hard disks; cloud storage is abstracted from the physical server itself, instead residing on a high-speed network of distributed storage clusters. These clusters contain gazillions of hard drives which automatically replicate your data between different nodes for safety, scalability, performance and ease of management. Storage can be consumed using one or more different interfaces depending on its suitability to the task at hand. Anchor’s distributed storage system is built using Ceph – and we love its speed, flexibility and industry leading reliability. Here’s an overview of the different ways in which Anchor’s storage platform can be consumed and why you might use one interface over the…

Read More

Extending PostgreSQL with high level languages (and cats)

By | Technical | No Comments

In a recent post we extolled the virtues of creating your own brand new operators in PostgreSQL. SELECT =^_^= FROM happycats; That’s well and good, but the output was a little lacklustre, returning “meow” for every tuple. We’d like to make it more interesting, and one way to add interesting functionality to Postgres is to embed a procedural language. This lets you juggle data with a little more finesse when it comes to certain operations, compared to the usual relational algebra. We’re going to use Perl because it’s easy to integrate with Postgres, and is generally a quick and dirty way to Get Stuff Done. When embedded in Postgres it’s referred to as PL/Perl. Let’s get started. We begin by “installing” the language into the database in which we wish…

Read More