PMman managed servers
The PMman™ brand 'managed server' product line provides ready and affordable access to virtual and colocated servers, leased or simply managed, 'done right'. Located in a Tier IV datacenter; multiply 'homed' network connectivity at a major data cross-roads; and 'just enough' of an optional and non-invasive self-serve GUI control panel.
My face is red ...
Helping the Open Software community build the future
The owners and techs at PMman have been running ISPs and participating in the Open Source community for a long, long time. Because 'the customer is always right' as to the platforms they are comfortable in self deploying and administering, they run Linux, BSD, old line commercial Unix®, Microsoft Windows®, and Apple OS/X® offerings. But the back-end has always been Open Source when it came time to build the reliable foundation and infrastructure under it all in our Tier IV datacenter presence. No surprise, really -- the Internet and the RFC's that describe it were built the same way in the early days.
Part of the modern internet is the ability to solve authorization, access control, and authenticity ("triple A") issues in a hugely scalable fashion. Cryptographic 'signing keypairs' are part of that solution -- half of the keypair is totally public, and indeed freely given away with any piece of 'signed' content; the other half, the 'private key' part of the pair is closely guarded, because if carelessly exposed, one is vulnerable to 'identity theft' not only for oneself, but also for all who rely on content that you have [of here, may have] 'signed'
But as noted those 'public key' parts need to be readily and scalably available -- so-called "key-servers" can be one way to handle that distribution. Through carefully designed cross-peering they synchronize, and also make available those public keys.
We are please to announce that software developer Jeff Johnson has chosen to partner with us in establishing a "SKS OpenPGP Keyserver" peer at PMman. Mr. Johnson was the long time lead maintainer of RPM for Red Hat, and moved on after a decade to providing private consulting services on 'advance package management research' matters for a Fortune 500 clientele through the RPM5 project
Part of distributing software packages and updates over the internet is having a 'package signing' key. After research, Johnson concluded that the SKS approach was superior design engineering, and was the way to handle key distribution for his research efforts. From the SKS keyserver website:
[The SKS implementation f]ollows RFC2440 and RFC2440bis carefully --- unlike PKS, SKS supports new and old style packets, photoID packets, multiple subkeys, and pretty much everything allowed by the RFCs
This was and remains important to package management development work, because the incumbent mechanism in most package signing approaches have an inability to work with more complex public key payload forms. "It was a 'chicken and egg' situation that the freely available Open Source friendly keyserver infrastructure, and the package managers were unwilling to handle the pain of the conversion to fuller RFC compatibility in their use of signing keys," Johnson said. "SKS permits me to break out of that logjam"
That local server is up and presently a 'leaf node' connected through another peer to the main trunk of the SKS network, pending tune-up trials It is 'in production'.
We had one virtual instance broken into a couple months ago, and did some post-mortem work on the 'cracked image' Doing the 'root cause analysis,' I wrote a local 'hardening' outline. Nothing new and amazing there: run updates, turn off unused access methods such as password based authentication, perhaps add 'wrappers'. It all seems simple (or at least straightforward), but some people don't secure their instances well
We are pretty far along on a new feature to permit easy end user Read Only ('RO') access to any backup Slice image for disaster recovery purposes. It is working in trials, but making it more usable is tricky
A couple years ago, the operators of the 'carrier hotel' data center we were in suffered a need to take down for maintenance its non-redundant generator for five hours.
As such and due to that storm, we had a brief 'wink' of service after years of continuous scheduled availability when our on-site UPS back-up units were exhausted. Five nines; six nines -- we want our customers to have ALL nines available. We said: "NEVER AGAIN" and started a hunt to move some mission critical applications to a better location.
We moved most critical services up to the new 'Tier IV' grade data center we located in October 2008, and went live. Since then, we have had NO unscheduled unavailability. We need to schedule reboots from time to time, to change IP addresses for our AS (ARIN 'autonomous system') number assignments, to re-balance load, and such as we have added and re-configured systems, but that's about it for availability 'winks'
A 'Tier IV' data center is permitted an annual downtime of 0.4 hr. under the TIA-942 standard (PDF at page 5) [The Telecommunications Infrastructure Standard for Data Centers, which are adopted by ANSI]. We are pleased to not have needed any of that time at all in over a year.
The PMman managed servers product offering has been in development since early 2009. We had been doing some early testing with a private beta tester group since August.
One early release tester, Paul Aviles, who is a member of the ADempiere project, inadvertently 'let the cat out of the bag' by publicizing a demo instance he set up.
As such, we published the sign-up link to the work in process interface to purchase, fund, and manage a sample blank instance. Currently this is a CentOS 5 installation instance image.
Generally speaking, a dollar buys 100 points at the lowest pricing break level -- ask for a promo code discount code if interested a trial unit
Sign-up and adding funding of an account is easy, secure and takes perhaps five minutes (preview tour). Any such purchases are 'as is, where is', and without refund. Any damage award shall be limited to the total funds expended in the last calendar month in which a payment was made. Balancing that is the fact that one can buy access to everything that CentOS offers, with a basic installed instance up and running in minutes, for $20 for a month. If it is not your cup of tea, walk away from it with no further obligation.
There is a EULA of the conventional sort hastily put together to govern sign-ups, because of the leak; we are revising it to reflect this product offering -- If we suspect abuse from reports from our monitoring systems, we will freeze and lock access to an instance without advance notice; sadly, we've had to do that with an instance that an end user added a PHP script to, that turned out not to be worthy of his trust.
Much news of the build out process, now that we 'decloaked'.
We think the 'tours' provide a good look into the early usage steps, as to the sign-up and password setting and reset process; We still have a couple more 'tours' to screenshot and write, about getting started with an instance to complete the quick start guides. Also to appear is the price sheet, but we found some unclarity in our pricing model, and its communication through the provisioning interface that we need to clear up first.
Down the road is a more leisurely step by step guide to instance connection issues under both Windows, OS/X and Unix™-like operating
Copyright © 2009 .. 2013 PMMan.com, a division of 781 Resolution, LLC