Stormy weather, the clouds are growing.

August 26th, 2015 by

Photo-2015-08-26-12-31-10_1016

A customer of ours has been extending their private cloud. This adds another 160 cores, 160Gbps, 2TB of RAM and over half a petabyte of storage. On the left you can see the black mains cable, then the serial for out of bound configuration, then red cabling for 1Gbps each to our main network, then 20Gbps per server to the very secure private LAN on SFP+ direct attach.

The out of place yellow cable is network for the serial server above, and the out of place black one is serial to the 720Gbps switch which isn’t quite long enough to route neatly.

There’s a few more bits and pieces to add, but soon it will join their OpenStack cloud and substantially increase the rate at which their data gets crunched.










Snapshot Backups – Public Beta

August 21st, 2015 by

VPS snapshots
We’ve just launched a public beta test of a new service available on all of our virtual servers: snapshot backups.

Snapshot Backups make it trivial to set up backups of your virtual server. Simply select how many daily, weekly, and monthly backups you’d like to retain, and what time of day you want the backups taken, and we’ll do the rest.

Snapshot backup configuration

Snapshots work by taking an instantaneous image of your virtual server’s disk, which is then placed into our storage cloud.

The service is priced based on the size of your server’s disk, and the number of backups you choose to retain. You can alter your backup retention policy at any time.

During the public beta, the service is being charged at half price. If you want to try it out, simply click on the “Backups” section of your virtual server’s control panel. If you have any feedback, please do let us know.

Happy Incorporation Day to Us

August 14th, 2015 by

Happy Incorporation Day to Us
Happy Incorporation Day to Us
Happy Incorporation Day to Mythic Beasts
Happy Incorporation Day to Us

Fifteen years ago today someone with a boring job processed the paperwork and Mythic Beasts Ltd sprang into existence as a legal entity.

We had existed informally for a bit longer than that, we had registered the mythic-beasts.com that April, and our shell server, sphinx, had been running for a while, although it wouldn’t be until early 2001 that we sent our first invoice.

As we all work on t’internet, it’s difficult to all meet in the same pub this Friday for a celebratory drink. That will have to wait until our next full company meetup in September. Slamming the bedroom door, staying in and watching Brazil seems a more apt way for a teenage company to celebrate its bureaucratic anniversary.

Happy Tenth Eleventh Birthday to The Cloud

August 13th, 2015 by

We had a plan to post this last year, but we forgot.

On August 13th 2004, ten eleven years ago, our first ever invoice for a virtual dedicated server was paid.

Mythic Beasts Ltd.                http://www.mythic-beasts.com/
103 Beche Road
Cambridge
CB5 8HX

To:



────────────────────────────────────────────────────────────────
Invoice date                                        02-Jul‐2004
Invoice number                                                         
────────────────────────────────────────────────────────────────

────────────────────────────────────────────────────────────────
Ref         Date            Description                 Amount
────────────────────────────────────────────────────────────────
 xxxx     2004‐07‐02  VDS256 virtual dedicated         £400.00
                      server server-name 2004‐07‐02 to
                      2005‐07‐01
────────────────────────────────────────────────────────────────
                                      total            £400.00
────────────────────────────────────────────────────────────────

This VM ran until 2009 at which point it upgraded to a much faster dedicated server. It’s still operational today.

Over the intervening years, our basic service has evolved through three different virtualisation technologies and the virtual machines are now thirty two times the size that they started.

  • 256MB, User Mode Linux
  • 1024MB, User Mode Linux
  • 1024MB, Xen
  • 4GB, KVM
  • 8GB, KVM with SSD

As computers have become much larger and faster it’s increasingly hard to find a single application that can fill the capacity of a single machine, meanwhile service oriented architecture means that even simple applications are now built out of lots of lighty loaded servers, virtualisation is the magic that means that fifty applications built from tens of servers each can fit into a handful of physical servers. Whilst managing the hardware has become much simpler the number of instances to manage has exploded.

Increasingly these days not only are the servers virtual but the entire infrastructure, routers and all. We now have entirely virtual networks existing within our VM cloud using virtual routers to route traffic to virtual machines.

Five reasons why you should have your own domain for your email

July 24th, 2015 by

canstockphoto5518994

0. We sell domain names

OK, we lied, it’s six reasons, but the first probably isn’t very compelling so let’s get it out of the way first: buying domains gives us beer money.

Obviously we’ve got a commercial interest here, but Mythic Beasts exists because a bunch of students spotted that their university-provided email addresses would stop working once they graduated. We’ve now had the same personal email addresses for over 15 years.

1. Provider independence

This is the big one. Changing your email address is a massive pain. Not only do you need to tell all your human correspondents about your new address, but you need to tell just about every site that you’ve ever logged on to. Most sites use your email address to identify you, and that’s the only address that you can get a password reset sent to if you forget it.

Not so long ago, many people used the “free” addresses provided by their broadband (or dial-up) provider. This had the obvious problem that changing broadband providers meant changing your email address. Having your own domain puts you in control.

2. Real provider independence

Realising the problem of having your email address tied to your connectivity provider, many people have switched to using an address from a free email provider such as Gmail or Yahoo!, but this is really just moving the same problem elsewhere: your email address is now tied to your email provider.

What happens when you get fed up with the amount of advertising you’re exposed to in order to fund your “free” email account? Or your provider changes their email policy in a way that causes your address to be banned from mailing lists? Or you discover that the provider’s anti-spam policy is binning your legitimate email? Or they simply change their web interface in a way that you don’t like?

By using your own domain name, you retain choice of email provider.

3. Disposable addresses

It’s hard to do anything online without being asked to provide an email address, but how can you trust that your address isn’t going to be added to a spam list? If you have your own domain, you can have as many addresses as you want. You can even have “wildcard” addresses so that you can make up new addresses on the spot. For example, if my address is paul@example.com and I want to sign up to a service at www.somedodgysite.com, I could invent an address of:

paul-somedodgysite@example.com

If I start getting spam sent to that address then firstly, I know which site lost or sold my details and secondly, I can easily setup a rule to bin all mail to that address.

4. More interesting and memorable addresses

Unless you’re lucky enough to have a particularly uncommon name, any address you can get at the big free mail providers is likely to be some complex variant of your name. With your own domain name, you’ve got complete control. You could even have just a single letter such as p@example.com.

This also means that it’s less likely that your email will end up in someone else’s inbox by mistake. If one of your friends forgets that you’re joebloggs1937@gmail.com rather than just joebloggs@gmail.com, the email will get delivered to someone else. With your own domain, it’s far more likely that typo-ed addresses will get bounced, and the sender will notice the mistake.

5. Domains are cheap

We sell UK domains for just £7+VAT for two years. £3.75 a year is a tiny price to pay for being in control of your own online identity. There’s also now a huge variety of generic top-level domains that can be had for not much more – .beer, .bike, .click, .cymru, .engineer, .guru, .scot, .wales, .wtf and hundreds more.

Of course, to use your domain, you’ll need somewhere to host it. We can sell you a hosting account too, but you don’t have to use us if you don’t want to. That’s the point!

OpenSSL release due

July 8th, 2015 by

If you read security lists, you will already be aware that we’re expecting a new release of OpenSSL tomorrow to fix a high severity vulnerability.

We will be reviewing the details as soon as the vulnerability is released, and will be patching the affected servers shortly after the updated packages are released, if necessary we will be contacting customer to reissue keys as we did after the now infamous Heartbleed vulnerability.

If you have any questions, or would like to upgrade to a manged service so we catch these kinds of issues for you, you can contact us at support@mythic-beasts.com.

Women in Technology and avoiding ISP filters

June 29th, 2015 by

One of the Mythic Beasts, Rhosyn has written an article on filtering for trefor.net, a widely read blog on technology and networking.

The part we particularly like this this quote,

As a long standing customer of Mythic Beasts 
(shameless plug; outstanding service and support, 
so good that I switched companies recently to work 
for them)

More disk space for all web hosting accounts

June 19th, 2015 by
512px-Floppy_disk_2009_G1

Sometimes disks get bigger and smaller at the same time

Disks just keep getting bigger. So, as the technology allows, we like to increase the disk space allocations of our hosting accounts too. We have just doubled the allocations of all our web hosting accounts. For the Super account, we’ve given it a 2.5x boost.

Account Was Now
Standard 1GB 2GB
Plus 5GB 10GB
Super 10GB 25GB
Jumbo 50GB 100GB

These are proper, full-fat GiB (230 bytes), not disk manufacturers’ GB (109 bytes).

All of our web hosting accounts can host as many domains as you want (free, provided the domains are registered with us), with as many email addresses, mailboxes, and web pages as you want. You are limited only by the total disk space. And if that’s not enough, it’s easy to upgrade from size of account to the next.

Order hosting accounts here

Finally, please don’t be misled by the picture above. We no longer use floppy disks for storage. Instead, all our web hosting servers now use mirrored “enterprise grade” SSDs for the best possible performance.

The hazards of 301 (permanent) redirects

June 15th, 2015 by

When you visit a web page, you’ll often see the URL change as it loads.  For example, if you attempt to visit http://mythic-beasts.com you’ll end up at https://www.mythic-beasts.com .   This is achieved using HTTP redirects, a response from a server that tells your browser that the page it is trying to load has moved.

HTTP redirects come in two flavours:

Permanent (301)
This tells the client that the page requested has moved permanently, and crucially, if it wants to load the page again, it needn’t bother checking the old URL to see if the situation has changed. This is a good way of redirecting something that you never want to undo, for example, if you’re permanently moving a website from one domain to another.
Temporary (302)
As the name suggests, this tells the client that the page has moved, but only temporarily, so the client should continue requesting the old URL if it wants to load the page again. This is a good way of telling users that your site is down for maintenance, that they they don’t have enough credit to access a site, or of some other issue that is likely to change.

#makeitwrong

three-301-fail

Getting this wrong can be a massive pain for your users. For example, Three use a permanent redirect if you’ve run out of credit on your data plan, or you’re trying to use tethering in the wrong country, or some other temporary problem.

So imagine what happens when you run out of data on your plan. You attempt to visit your favourite website, say, http://www.xkcd.com . Three tell you that that page has been replaced by http://tethering.three.co.uk/TetherNoProductPost. Permanently.

Now find a working internet connection, attempt to load http://www.xkcd.com, and find that your browser quite reasonably takes you straight to the Three fail page, even if you’re no longer using a Three connection. Shift+Reload doesn’t help, even restarting your browser may not help.

Three have told your browser that every page you visited whilst out of credit has moved permanently to their fail page.

Expiring permanent redirects

The example given above is very obviously a place where a temporary 302 redirect should be used, but webmasters are often encouraged to prefer 301s in the name of improving search rankings. 301 redirects allow you to tell search engines that your .co.uk site really is the same site as your .com site, thus accumulating all your google juice in the right place. They also save a small amount of time in loading the page by avoiding an unnecessary HTTP request.

Even when used legitimately, 301 redirects are obviously hazardous, as there’s no way to undo a permanent redirect once it’s been cached by a client.

The safe way to do a 301 redirect is to specify that it will expire, even if you don’t expect to ever change it. This can be done using the Cache-Control header. For example, the redirect that we issue for http://mythic-beasts.com includes the following header:

Cache-Control: max-age=3600

This tells clients that they can remember the redirect for at most one hour, allowing us to change it relatively easily at some point in the future. We use the mod_expires Apache module to create this header, which also produces an equivalent “Expires” header (the old HTTP 1.0 equivalent of Cache-Control).

.htaccess example

The above can be implemented using a .htaccess file as follows:

ExpiresActive on
ExpiresDefault "access plus 1 hour"
Redirect 301 / https://www.mythic-beasts.com/

mod_rewrite example

Redirects are often implemented using Apache’s mod_rewrite. Unfortunately, mod_expires doesn’t apply headers to RewriteRules, but mod_header can be used instead:

RewriteRule ^.* http://www.mythic-beasts.com/ [L,R=301,E=limitcache:1]
Header always set Cache-Control "max-age=3600" env=limitcache

The RewriteRule is used to sent an environment variable which is used to conditionally add a Cache-Control header. Thanks to Mark Kolich’s blog for the inspiration.

Escaping 301 hell

Fortunately, if you’re unlucky enough to get caught by a broken 301 redirect, such as the one issued by Three, there is an easy way to get to the page you actually wanted: simply append a query string to the end of the URL. For example, http://www.xkcd.com/?foo=bar. Browsers won’t assume that the cached redirect is valid for this new URL and websites will almost always ignore unexpected query parameters.

2015-07-03 – Updated to add mod_rewrite example

iOS9, IPv6, £20pa off v6 only VMs

June 11th, 2015 by

tldr; Apple say IPv6 support vital, we offer £20pa off any VM that is IPv6 only.

Apple have announced that as of iOS 9, all apps require support for IPv6 and must run on an IPv6 only network. The motivation is fairly clear, T-Mobile USA runs an IPv6 only network, Comcast is deploying IPv6 and on IPv6 launch day in Finland 5% of users had IPv6 enabled simultaneously. Google sees around 7% of all traffic as IPv6 now.

Like it or not, IPv6 is here and the predictions of a lengthy period of being dual stack were wrong. Nobody bothered to turn on IPv6 until IPv4 ran out, then instead of IPv6 and Network Address Translation we’re skipping quickly to IPv6 only. If your application doesn’t work on an IPv6 only network an increasing fraction of users simply can’t use it.

At Mythic Beasts we’ve been using IPv6 for a long time. Two years ago we rebuilt the hosting infrastructure for Raspberry PI to be IPv6 only for all internal connections. A future article will explain our scale up to vastly more VMs, many IPv6 only. IPv6 at Mythic Beasts isn’t an add-on, if our IPv6 connectivity breaks, customers go offline. We’re steadily working on spreading IPv6 connectivity throughout other providers.


 


We’ve been offering developers IPv6 only Virtual Machines for experimentation for a while, and have one of the most comprehensive IPv6 connectivity checkers for hosted software which is very good at demonstrating that enabling a v6 address isn’t quite enough.

Every single connection to this website uses IPv6.

The best way to build the hosting infrastructure today, is to have an IPv6 only network for the whole thing and a single IPv4 address on the load balancer for ‘legacy’ IPv4 connections. To give everyone an incentive to do it right, today we’re extending our IPv6 only VM offer – all virtual machines that are IPv6 only will be discounted for the lifetime of the rental.

If you’re really interested, this presentation at the North American Operators Group about the largest US ISPs moving straight to IPv6 only deployments including the information that over 20% of US users have native IPv6.