Question
What should technology should I look into?
- Posted November 27, 2015
- Control PanelsDockerDigitalOceanGetting StartedLAMP StackPHPClusteringCentOSDebianUbuntu
Hi guys,
I mainly write reactjs webapplications with php (laravel) backends, backed by redis, nginx, node, … . Right now I have a managed dedicated server with the needed software and about 3-4 of those projects on that. The projects are mainly small, so nothing too fancy.
The problem is that my hoster can’t seem to handle the software, as he doesn’t know and care for it. We have had crashes the last couple of days and as I only have limited rights, can’t do much about it.
This is why I’m looking for alternatives and thought digitalocean actually sounds like a good idea. Since my projects are really small right now, but might grow, I could spend just as money for resources as I really need. My resources are rather limited, because those projects are mainly hobby projects but don’t really cover their costs right now.
I used to have everything on a root server a while ago, but I just didn’t have the time to keep up with all the security rules, updates and stuff like that.
I read about all those cool new things like docker, rancher, tutum, panamax, … and how easy it is to set up servers just for this use. I’ve read a lot of tutorials, but a few questions still remain:
What should I look into? I work with Linux and know my way around and I really don’t mind spending some time to set the thing up right. I just don’t want to spend every day fixing, worrying or reading on server administration to be sure that everything works as expected.
Docker on Digitalocean looks super easy. Just setup a droplet with docker preinstalled. I looked into panamax and rancher and they seem awesome to really orchestrate my docker containers and very easy to use.
So right now I’m leaning towards something like this.
Is it save though?
But is this really save then? Or do I need to fix a lot of things, change settings, secure the server, … If so: What would you recommend or do you have an article on this? I always just find howtos and explanations on installing or basic stuff, but not really deep securing it
Does it even make sense in my usecase?
I mean. Not cost wise. I plan on growing those apps, so it does make sense and I don’t mind paying a little more. I just can’t afford 400 €/month just to have a single webapp up.
What I mean is: will docker or rancher help me with my setup or is it easier and saver to just go with a basic lamp and add redis and nodejs?
What would you use or recommend?
I would really like to know about your setup. How do you do it and what are the good things about it?
I’m sorry for this long post. I’m just really confused by all those cool new things and don’t know where to start looking or if I’m even learning about the right thing right now.
best regards
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
@Gugumaster
First and foremost, DigitalOcean is an un-managed provider, meaning that you would be responsible for server (read: Droplet) setup, security, maintenance, updates etc. If you’re worried about security + don’t have the time to work on the server administration side, an un-managed provider would not be the right choice for your project.
DigitalOcean handles issues with the core server (read: node) where your Droplet is deployed, provides a bare OS from which you’ll build (by installing NGINX, Apache, PHP etc - or whatever your project needs) and support for network issues, though beyond that, you’re left to handle the rest (as you would be with any un-managed provider).
Docker can ease deployments, though it’s by no means a substitution for proper security measures. You’d be deploying containers within a virtualized solution essentially, which would allow you some control over a break in, in the event one occurs, though Docker alone isn’t going to keep you safe or implement proper security for your applications.
–
When it comes to running a server, it’s either DIY or hire a server administrator. There’s no such thing as a cookie-cutter solution that will inherently always be secure. Software Packages always need to be updated, Services need to be maintained, Firewall rules need to be setup (and monitored), etc (as a very brief overview).
If you venture in to multi-server deployments, things get more complex as then you’re handling multi-server routing and potentially High-Availability setups (i.e. failover).
Beyond that, since you’re running Laravel, PHP would need to be secured as well and, in turn, MySQL (if you’re using MySQL as your DB server).
–
While any of the solutions mentioned can help to ease things a bit, none of them are going to be all-in-one security measures. There will still be some “grunt” work to be done and it’s not a once a week or once a month type deal. You’d need to have eyes on the inside and on your app.
–
Of course, and as noted above, this isn’t specific to DigitalOcean, it applies to any un-managed service or service provider. The vast majority of managed solutions in the web hosting industry will force you to use cPanel as many web hosting providers that do provide management will only manage your server using a control panel (which is odd).