Apis Networks

Let’s Encrypt is here!

Let’s Encrypt support has been integrated into the control panel on Luna, a new platform launched last month. You may issue an SSL certificate for up to 50 hostnames[1] . These certificates are issued at no additional cost, other than the $2.50/month IP address base charge. Certificates automatically renew within 10 days of expiration and no further action is necessary other than initial issuance. Visit Web > SSL Certificates in the control panel to get started. Because there is no additional cost associated with Let’s Encrypt and no advantage, self-signed certificate issuance has been removed from the control panel.

Have fun!

Let's Encrypt support added to Luna

Let’s Encrypt support added to Luna

NOTE: this feature is only available on Luna at this time. It may trickle to Sol and possibly Helios platforms at a later date.

1: Specification is 100 common names, but the generator automatically permutes a www variation effectively halving the allowable limit

Comments (1)

 

Luna Launched, Open Beta

Luna, the next generation hosting platform, is here! Luna is now open for early testing. Open a ticket in the control panel for early access!

Luna incorporates multi-tenancy and virtualization enhancements introduced with Sol, and introduces further refinement in the HTTP stack. Initial page response times (time-to-first-byte/”TTFB”) have improved nearly 5x and page loads 1.4x over Sol, its predecessor. What’s more interesting in these figures is that Luna shares the same hardware as Sol. That means it’s influenced by I/O noise to the same extent as Sol, but still yields these improvements.

A number of changes occurred under the hood to achieve this. Many of which would not be possible if not for a confluence of innovation over the last year. A big thank you to everyone who contributed to this platform.

Changes

Rebased off RHEL 7.2
Redhat Enterprise Linux 7.2 was released at the end of the year, and all software is built with at least RHEL 7.2 in mind, including TCP optimizations used to reduce TTFB. Likewise, any packages pulled off npm or rubyforge will compile without incident.

Event MPM
In an ongoing struggle to reduce TTFB, Apache has switched to a threaded model to handle incoming requests. Worker MPM adapts to demand better by keeping those lingering TCP sockets on a separate thread and, allegedly, will keep a consistent response time irrespective of load.

HTTP2 Support
Yep, it’s here! You’ll need an IP address + SSL certificate to utilize. Once those two prerequisites are satisfied, it’s automatic if the browser supports it. HTTP2 provides a tremendous boost over traditional SSL (10-80% depending upon content). Akami has more nitty gritty details if you are interested.

PHP7
Depending upon benchmark, it’s 50%-290% faster over PHP 5.6. Regardless of which benchmark you follow, it’s a marked improvement.

OverlayFS
aufs is out for filesystem layering, OverlayFS in. OverlayFS provides the same composition behavior, but around 5-40% faster over aufs with less CPU usage that can be utilized elsewhere.

Let’s Encrypt support
This will be implemented in February, there’s a PHP-based ACME client to make this a reality.
UPDATE February 1: Let’s Encrypt launched on Luna!

Turbocache
Phusion Passenger 5 introduced a caching layer called Turbocache – imagine sticking Varnish in front of your Ruby/Node/Python requests. Some configuration is necessary. Oh and our platform-specific changes in Passenger are public now, enjoy! It adds cgroup and jailing support.

sudo expansion
Account owners may now cp and chown as root with restrictions!

Multi-tenant Node
Complementing support for multi-tenant Ruby and Python, nvm has been included to allow you to use whatever Node interpreter you’d like!

Multi-host Benchmark

And for kicks, we compared Luna against Sol, GoDaddy, Dreamhost, and A Small Orange, because a healthy competition always drives innovation. Here are our results:

WordPress Load Time + TTFB Comparison

WordPress Load Time + TTFB Comparison

Luna not only blitzed through Sol, but its competitors. Hats off to GoDaddy’s SSD-based hosting, which held its own. Luna still edged out that platform by 3%, whereas subsequent viewings were 12% faster – and at half the cost on a month-to-month plan. All tests were conducted through webpagetest.org from Dulles, VA using Internet Explorer 11. Each test was run 9 times and the mean used in calculating the statistic. A repeat request leverages keepalives by reusing open connections to send a request thereby eliminating some overhead. A repeat request accurately describes the time to download other assets like images, JavaScript, and CSS files.

Host Request (ms) Request Repeat (ms) TTFB (ms) TTFB Repeat (ms)
GoDaddy 993 279 168 123
A Small Orange 1264 577 392 391
Dreamhost* 2453 1152 849 455
Sol 1352 505 391 295
Luna 962 246 80 79
* Dreamhost benchmark ran twice because of extreme results

Comments (2)

 

Login to the CP now from a single location: secure, fast, and well— it’s fast

A few days ago a client sent me an inflammatory email that gave my index finger and scrollwheel some exercise, all with very good reason: there’s not even a modicum of security, except for entering your billing details, in the control panel or elsewhere. We live in a different era today; hacks are cheap, plentiful, and pervasive. Privacy is questionable. And, having multiple control panel installations makes certificate management a nightmare. New software, however, makes addressing these concerns a breeze. Introducing: cp.apisnetworks.com – the only control panel URL you need to know.

All requests through cp.apisnetworks.com are encrypted with military-grade security. There can be no man-in-the-middle attack. There are no reasonable methods to crack even a sample of traffic. What goes between your PC and the control panel is 100% secure, guaranteed. This encryption, with a little wrangling, only adds 10ms to total request time too! It leverages HTTP2 (previously SPDY) for fast SSL communication that will be part of Luna, the new hosting platform slated for release in Q1 2016. Oh, and we sat Nginx and Varnish in front for future testing purposes.

Enjoy, and throw those cumbersome cp.server.apisnetworks.com URLs in the garbage!

– Matt
Owner
Platform Developer

CP SSL rating

Hello Fort Knox!

Comments