Managing the VPC with ansible-selvpc-modules


As we’ve mentioned in previous articles, the Selectel Virtual Private Cloud is built on the OpenStack platform.

A lot of our clients are already used to using Ansible, a configuration management system that lets you automate routine tasks. Among its other advantages, Ansible already has a wealth of ready-made modules available, including those for automating processes with OpenStack components (list of modules). Read more

Auditing System Events in Linux


Original publication date: September 22, 2015.

The audit subsystem is used to raise the level of security in Linux systems. Although it doesn’t offer additional security per se, it’s used to retrieve detailed information on system events. This provides detailed information on system violations, which can be used to implement additional targeted security measures. We’ll be taking a deeper look at the audit subsystem in this article. Read more

Security Monitoring with Sysdig Falco

In May 2016, the developers of Sysdig released Falco, a tool for detecting anomalous system behavior.

Falco consists of two main components: the sysdig_probe kernel module (which Sysdig also runs on) and the daemon for writing the information it collects to the disk.

Falco tracks applications according to user-defined rules, and if any anomalies are detected, it writes the information to a standard output, syslog, or user-defined file. in their blog, the developers jokingly call Falco “…a hybrid of snort, ossec and strace,” and position it as a simple IDS that puts almost no additional load on the system.

Read more

Managing Containers in runC

Today we’ll be continuing our containerization blog series with a discussion about runC, a tool for launching containers according to Open Container Initiative (OCI) specifications. The initiative’s mission is to develop a single standard for containerization technology and is supported by such companies as Facebook, Google, Microsoft, Oracle, EMC, and Docker. The OCI Runtime Specifications were published in the summer of 2015.

Modern containerization tools already implement runC. The latest versions of Docker (starting with version 1.11) have been made according to OCI specifications and are built on runC. The libcontainer library, which is essentially a part of runC, has replaced LXC in Docker as of version 1.8.

In this article, we’ll show you how you can create and manage containers using runC.

Read more

1 Gbps Connections for Dedicated Servers

Every online service needs at least two things: the first is a working server that handles site requests; the second is an Internet connection that connects clients to the server. Here, bandwidth is a pivotal factor: the higher the reserve, the more stable the site. 1 Gbps, for example, is enough to handle sudden spikes in traffic—a typical consequence of a successful ad campaign.

If a client was looking for a faster connection, there were few options. Either they ordered the default plan, which included unlimited traffic and a 100 Mbps connection, and paid separately for additional bandwidth, or they could choose to pay for an expensive guaranteed 1 Gbps connection.

We’re happy to offer our clients another option that combines the best of both worlds: the price of the first option with the speed of the second. Read more

Selectel Career Day

On May 18th, we opened the doors of our Tsvetochnaya 2 data center for Selectel Career Day. Students were invited to see what exactly it means to work in a modern IT company and learn about the kinds of opportunities Selectel has to offer.

Read more

SelectelTechDay

On April 26th, Selectel held its first SelectelTechDay, a meetup for discussing current trends in international manufacturing and new technologies, in its St. Petersburg office. Individuals with a particular interest in these topics—IT directors, product managers, and technical specialists—were invited to take part in our conference hall.

Read more

PipelineDB: Working with Data Streams

We’ve already touched on the issue of processing events in real time. Today, we’re going to return to this topic and talk about a fairly new and interesting tool: the streaming DBMS PipelineDB.

PipelineDB is built on and fully compatible with the PostgreSQL 9.4 codebase. It was first released in June 2015 and the enterprise version came out in January 2016.

Below, we’ll compare PipelineDB with similar solutions, give brief installation and initial setup instructions, and also look at a use case.

Read more