amuck-landowner

How do you manage your clients VPS? (Managed Providers)

Prestige

New Member
Do you actually go and check each VPS for updates, etc?

I was thinking of creating a management (admin) portal that connects to all virtual servers via a SSH Key inserted into the template (with the user's permission), and can execute commands to multiple servers, monitor servers, configure cron jobs, and more. Would that work or will it create issues?
 

Enterprisevpssolutions

Article Submitter
Verified Provider
No there is a system in place that will watch all the servers and if the clients are managed an agent is placed on all the servers to report back any issues.
 

H4G

New Member
Verified Provider
We have an "access server" which has it's key added to all Managed VPS's for us to access them directly. Updates are rolled out using parallel shell, it's something like http://commando.io/ (without the GUI). We also have a monitoring system that shows the version of cPanel running and the number of updates available for the container. 
 

TruvisT

Server Management Specialist
Verified Provider
We use puppet/chef for managing and monitoring servers. There are so many options with these.
 

RTGHM

New Member
Do you actually go and check each VPS for updates, etc?

I was thinking of creating a management (admin) portal that connects to all virtual servers via a SSH Key inserted into the template (with the user's permission), and can execute commands to multiple servers, monitor servers, configure cron jobs, and more. Would that work or will it create issues?
That's smart, let's store everyone SSH's keys with root-level permissions.

So when your site gets hacked and they take all the SSH keys and dump all the VPS data....

You can see where I'm going right?
 

InertiaNetworks-John

Inertia Networks, LLC
Verified Provider
That's smart, let's store everyone SSH's keys with root-level permissions.

So when your site gets hacked and they take all the SSH keys and dump all the VPS data....

You can see where I'm going right?
Most systems are IP restricted, and are built with encryption to prevent this.
 

InertiaNetworks-John

Inertia Networks, LLC
Verified Provider
So, if I have root access to your nodes, which is whitelisted under the IP to access all over vms via SSH keys..... 
I'm not talking about the nodes. The SSH Gateway which contains all of the keys is usually IP restricted and/or on a private LAN. The keys are encrypted.

Nodes do not have access to the SSHG.
 

winnervps

New Member
Verified Provider
If you are using OVZ for virtualization, you might consider using nodewatch to monitor 'resources'.

But if the 'contents' that you concerned of, so you might need to consider something 'tricky' (because it'll be related to the 'privacy')

Nodewatch is adequate for avoiding some issues per experiences. Just tune it based on your requirement.
 

bigcat

Member
Verified Provider
I'm sysadmin. So I would like to think my company as my client. 

Internet <--> Bastion Host <--> Webserver

Simplest security implementation would be to create intermediary server(bastion host) between public internet and server that store the only access path to server. I turn on the bastion host whenever I need access only. So basically SSH or MySQL access is impossible from outside.

I'm not fond of Chef/Puppet/Ansible. Everything I need is in /usr/bin/ bash script inside the bastion host.

Nowadays I use Bash to drive AWS CLI which automate all this. MRW.
 
Top
amuck-landowner