I finally finished moving everything off Microsoft Azure. Using Azure made me realize that as much as I wanted to use it it was just a huge money sink for what I was going to use it for. Over the days that passed I was just pondering whether or not I should stay with Azure. It didn’t sit well for me paying additional fees for Bandwidth, disk performances (reads, writes, premium, standard), and other types of details.

I hope that in a near future Microsoft Azure offers a B-series virtual machine with the capability of reserving bandwidth capacity. It’s a much needed feature for customers that have small or medium sites. I know that most of Azure is managed, as in, if I open a ticket the standard support is supposed to do the work and investigate what’s going on. I know it’s not profitable assigning so many resources to support small/medium customers when you want to keep that response time low for enterprises.

I hope that in the following days I have the time to write a long winded post about the cloud and the current prices. In fact I’m hoping to talk about Linode, Digital Ocean, Scaleway, and other services where I spent my time doing setups.

Now, having said all that. I ended up in ArubaCloud. I thought long and hard about it. I gathered that many people didn’t have problems with them. I’m actually excited because not only I got a low cost out of it but I can now create actual affordable virtual machines based on current needs: Do I need an e-mail server? Let me spin up a VM. Do I need an additional SQL Server? Let me spin up a VM and see if I can even out the current load.

I ended up creating a setup I really liked. For a long time I wanted to have SQL Server separated from NGINX/Apache, and with ArubaCloud that was made possible so now I have a dedicated SQL server serving this site and a HTTP server (nginx) serving all dynamic/static data. I loved working with UFW, setting up the firewall, fail2ban, etc. I think if I have to put an order out there it would be like this:

  • Spin up a VM in ArubaCloud with Ubuntu.
  • Notice that it doesn’t have the latest Ubuntu, but that’s okay with Ubuntu Xenial I can jump to 18.04.
  • Jump to do-release-upgrade -dand that will guide you through the process.
  • Once upgraded, which shouldn’t take you more than 30 minutes, apply security settings to sshd_config and add the rules I need to protect my VMs with UFW which is a tool to simply firewall management.
  • Install fail2ban, change SSH port and so on.
  • Configure server roles (DB, HTTP Server in my case)
  • Install LetsEncrypt’s amazing certbot.
  • Generate certificates for your site and be sure to enable SSL on your virtual host.

And the steps goes on and on and on. It looks tedious, and sometimes it is. I enjoy setting up my environments. After all the configurations were done?

I had a few hiccups from the MySQL Server. I wasn’t getting a decent response time, I think it was a network issue because as I’m writing it the response times have improved greatly.

There’s still a few security enhancements I have left to do, but they aren’t exactly priorities. I feel incredibly accomplished with my little journey on configuring my first remote MySql server and making it work with the HTTP server. At first sight it isn’t hard, but as you start considering security things become a bit harder.

 

Before you comment

  • You can use Markdown in your comments, here's a guide.
  • Keep things civil.
  • That means don't do personal attacks.
  • Profanity is highly discouraged.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.