This article provides some useful technical information for BitFolk VPS customers.

Community
1. Mailing lists
2. IRC
3. More
Network settings
1. Network - London, UK
Nameservers
Standard facilities
Shared resources
Other services
Referral scheme
Frequently asked questions

Community

Sometimes the best help can be found in the community of BitFolk users. If you can't find the information you need in this document then here are some other places you could try asking.

Mailing lists

The preferred place for discussion amongst BitFolk customers is the users mailing list. The list has a public, searchable archive.

Please note that emails sent to the list are deemed to be for publication without condition, and the information will be available in perpetuity. We are not responsible for removing or otherwise concealing your communication after you caused it to become public.

We will usually edit or remove information from the list archives only in the event of an inadvertent disclosure of confidential information; however, a sender's contact information (name, email address, phone number, etc.) does not fall into that category.

The users list is also the primary place that any important notices, planned downtime and outage post-mortems will be posted, so it's recommended that all customers be subscribed to it.

IRC

There is a vibrant user community on IRC, although this is an unoffical, largely unmoderated environment recommended only for those with a thick skin, and probably not suited for minors. Or possibly anyone.

The channel #BitFolk can be found on irc.bitfolk.com. The channel also has a wiki.

There's a few other bits and pieces of social media such as Twitter, Facebook and Last.fm. You'll find the details listed on the contacts page.

Network settings

Network - London, UK

Address: 85.119.82.x or 85.119.83.x
Gateway: 85.119.80.1
Netmask: 255.255.248.0

In CIDR notation the network is 85.119.80.0/21

Nameservers

You can run your own nameserver, but resolvers are supplied. See Shared resources.

Standard facilities

BitFolk customers have access to a number of free services.

Xen console

Xen console (actually Steve Kemp's Xen Shell) is provided so that you may start, stop and access the console of your VPS even when it is not running or has no networking capability.

Documentation for this feature is now maintained in our customer wiki.

Cacti bandwidth/CPU monitoring

Cacti is used to gather and display real-time stats of your VPS's bandwidth and CPU usage. There are two ways to access Cacti:

Authenticated interface – username and password were given to you in /root/PASSWORDS when your VPS was set up.
Public interface – only updates every 30 minutes, small images, no ability to view custom time ranges.

Nagios monitoring

A Nagios instance is available to monitor most normal services you run and alert you via email if they become unavailable.

Please note that no guarantees are made of the accuracy of this service; if you have anything critical you may wish to monitor it yourself!

Please contact support with the details of any service you would like monitored.

BitFolk Panel

The BitFolk Panel is still under development, but contains a lot of useful information about your BitFolk account, including your VPS configuration, backup settings, and your invoice history. If you have any feature requests we'd love to hear about them, either directly to support or discussed on the users mailing list.

The login credentials for the BitFolk Panel are the same ones used for the console, Cacti and Nagios, and can be found in /root/PASSWORDS when your VPS is set up.

Shared resources

DNS

Recursive resolvers are supplied for use in your /etc/resolv.conf or as forwarders for your own resolver.

DNS - London, UK

85.119.80.232
85.119.80.233

You can also optionally reach these via IPv6:

2001:ba8:1f1:f205::53
2001:ba8:1f1:f206::53

NTP

NTP - London, UK

There are publically-available NTP servers on ntp0.lon.bitfolk.com and ntp1.lon.bitfolk.com. They only use nearby public servers themselves, but using these servers will reduce load on public servers, save you bandwidth and ensure some redundancy.

We recommend that you use at least the following NTP servers:

ntp0.lon.bitfolk.com
ntp1.lon.bitfolk.com
0.uk.pool.ntp.org
1.uk.pool.ntp.org
2.uk.pool.ntp.org

Also if you wish, ntp0 and ntp1 are available over IPv6:

ntp0-ipv6.lon.bitfolk.com
ntp1-ipv6.lon.bitfolk.com

apt cache

BitFolk provides an apt-cacher service so that users of Debian-based distributions can benefit from the packages already downloaded by other customers. See the apt-cacher page for more details.

Centos 5 mirror

A local Centos 5 mirror is provided. To use it, add a file /etc/yum.repos.d/bitfolk.repo that contains:

[base]
name=CentOS-$releasever-Base
baseurl=http://mirror.bitfolk.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

[updates]
name=CentOS-$releasever-Updates
baseurl=http://mirror.bitfolk.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

You may then wish to comment out the "[base]" and "[updates]" sections of any other .repo file in there.

You should then run "yum clean all" before updating, to clear the cache and force an update of the repository xml files.

Traffic from this mirror will not count against your monthly quotas.

SpamAssassin

You will not be able to influence the settings of the spamd servers, but you may find them useful as running your own spamd tends to eat up a lot of RAM. To use these spamd servers please use the username Debian-exim.

SpamAssassin - London, UK

There are multiple SpamAssassin spamd servers accessible from the hostname spamd.lon.bitfolk.com, which you can connect to with spamc or any other spamd client. If you need to connect by IP address then please use 85.119.80.248.

Other services

DNS secondaries

If you're a VPS customer then we are happy to provide a free DNS secondary service provided your DNS traffic is "reasonable" (below several hundred thousand requests per month for all your domains).

This free service is intended for customers with just a couple of domains who do not wish to go to the trouble of providing their own DNS infrastructure. As such it is limited to 50 domains per customer. If you need DNS for more domains then we suggest you purchase another VPS in order to manage the service yourself; alternatively we can recommend some companies specialising in these services.

You will need to run your own DNS server and our servers will do zone transfers from it. Any DNS server which supports the AXFR protocol is fine, for example BIND or PowerDNS.

We currently have 3 DNS servers:

London, UK;
San Francisco, California;
St. Louis, Missouri;

More to come soon!

Many of these servers are available over both IPv4 and IPv6.

Please see Setting up secondary DNS for more information.

Backup mail MX

If your primary MX is hosted by us then we are happy to offer a backup MX in the US, with antispam and antivirus setup. This will be free of charge provided you do not receive hundreds of thousands of emails per month across all your domains.

This free service is intended for customers with just a couple of domains who do not wish to go to the trouble of providing their own backup mail infrastructure. As such it is limited to 10 domains per customer. If you need backup MX and/or antispam/antivirus for more domains then we suggest you purchase another VPS; alternatively we can recommend some companies specialising in these services.

Please also bear in mind that you will not be able to affect the antispam or antivirus settings of BitFolk's mail servers.

Local backups

6 times daily incremental rsync backups to a local server (in same facility but different hardware, no bandwidth charge) are available for free. You will need to dedicate some of your normal disk space to this, or else purchase more disk space.

Please note that no guarantees are made of the integrity or availability of backups made; they are provided on a reasonable effort basis.

You will need to allow SSH access to your VPS from our backups hosts:

backup0-vip.bitfolk.com
backup2-vip.bitfolk.com
backup3-vip.bitfolk.com

by adding the rsnapshot SSH public key to your root user's .ssh/authorized_keys file. Please note that this file is PGP signed by key ID 0xBF15490B and the only line from the file that you should use is the one that starts with 'ssh-rsa'. If you wish you can restrict this key's command to rsync using a wrapper script, such as the one described under "Restricting The Key".

Once you have installed this command, please contact support with a list of the paths you want backed up, starting from the root of your filesystem. If you wish to exclude anything inside those paths from being backed up then you can use rsync's standard filter syntax in a file called .bitfolk-rsync-filter inside the directory containing whatever you want to exclude.

For example, if you have asked for /data/ to be backed up, but you wish to exclude /data/www/logs/, then you would create the file /data/www/.bitfolk-rsync-filter as follows:

- logs/

Filters only apply to the directory that the .bitfolk-rsync-filter file is in.

Backups will then take place according to the schedule you've chosen. You will not be charged for the bandwidth this uses, although it will show up on your Cacti graphs.

Referral scheme

There is a referral scheme in operation to encourage you to bring in new customers. Make sure to get them to quote your VPS name when they make their first payment.

Frequently asked questions

Your BitFolk Account

I've forgotten my password for the console / Cacti / Nagios / Panel, can you reset it?

Most BitFolk services that have a login are using centralized authentication. There's an email password reset feature linked from the Panel's login screen. It will ask you for your account name and then send an authorization link by email to the address we have on file for you. Once you follow the link, your password will be reset to a random string which it will tell you.

If you don't have access to the email address that we have on record for you, e.g. because it's out of date or because it's hosted on your VPS which is currently down, you're going to have to submit a support ticket by email. If your service is down and not knowing your password is preventing you from fixing it, please feel free to send an SMS to the emergency contact telephone number.

Which piece of actual hardware is my VPS hosted on?

There's several ways to tell.

It's listed on the Panel.
It's listed on all your invoices and data transfer reports.
You can do a traceroute or mtr to some remote location and you'll see which host the traffic goes through as the first hop.

You can resolve the host username.console.bitfolk.com, e.g.:

$ host ruminant.console.bitfolk.com
ruminant.console.bitfolk.com is an alias for console.barbar.bitfolk.com.
console.barbar.bitfolk.com is an alias for barbar.bitfolk.com.
barbar.bitfolk.com has address 212.13.195.134
barbar.bitfolk.com has IPv6 address 2001:ba8:0:1f1:230:48ff:feb9:e632

Indicates that this VPS is on barbar.

Xen Shell and console

How do I get out of my console and back to the Xen Shell menu?

Documentation for this answer is now maintained in our customer wiki.

Billing

If I'm paying by bank transfer, what reference should I use?

Either the account name of your VPS or else the invoice number you are paying are best.

If you don't or can't put either of these then we will have to guess at the identity of the payee when the payment comes in. If we can't guess then we may have to wait until you contact us to tell us you have paid.

Local Backups Service

How do the backups work?

The default backup schedule runs:

6 times per day (every 4 hours, hourly.0 to hourly.5)
7 times per week (from 0330Z daily, daily.0 to daily.6)
4 times per month (from 0300Z Sunday, weekly.0 to weekly.3)
The last 6 months of the above are retained (monthly.0 to monthly.5)

Every time the backup process runs the oldest snapshot is deleted and the remaining ones are cycled. This means that there are always 6 snapshots going back a day, 7 snapshots going back a week, 4 snapshots going back a month and 6 snapshots going back 6 months.

Duplicate files are not stored, though every time a file changes between snapshots the entire content of both versions of the file will be stored.

I don't like the default backup schedule, can I pick my own?

Yes. The most frequently we will run a snapshot is once every 4 hours, but other than that as long as you have the disk space you can choose any kind of backup schedule you like. More frequent snapshots with lots of different levels of scheduling will obviously use more disk space. Just contact support to discuss what schedule you would like.

For the existing schedules, you can tell from the name how the scheduling will work. For example, 6-7-4-6 was explained above; by contrast 3-3-2-0 means:

Every 8 hours, retain last 3
Seven times a week, retain last 3
Four times a month, retain last 2

How do I access my backups?

You may access your backup space as a set of read-only NFSv3 mounts. These are exported only to the IP address of your VPS. You can find your list of mount points in the "Backups" section of the BitFolk Panel.

Can you export my backups to somewhere else?

No, your backups are only available to your VPS. If your VPS is not in a functioning state you can reboot into the rescue environment and access your backups, or you can ask support to make them available to you on a one-off basis.

I've run out of disk space, can you make my backup space writable?

No, your backup space must remain read-only to ensure consistency. It is advised that you dedicate the smallest amount of disk space to backups that you think you will need, and rely on us to tell you when you need to purchase more (or backup less!). Growing or shrinking the filesystem of your VPS requires you to reboot, so it is best to keep as much space there are possible.

Does it really need to run as root?

The backup will need to run as root on your VPS in order to access all files it needs to read. If you are sure that all files will be accessible by a particular user then feel free to ask for the backup to run as that user. In most cases though, root access is required. It is possible to restrict the commands that can be run by the backup process.

How do I find out the current usage and configuration for my backups?

It's not possible for you to simply add up all the disk space used by your backup mount points (e.g. with du) as only file versions that differ are actually being stored. BitFolk calculates a true measure of disk space usage for you and makes this figure available at the "backups" setion of the BitFolk Panel.

You'll also find there a summary of which paths are being backed up.

Nagios Monitoring Service

I'm getting alerts from Nagios. How do I access the web interface?

There is a slightly experimental web interface at https://nagios.bitfolk.com/nagios/. You log in with your console username and password. This may change in future.

Which IP addresses will Nagios checks come from?

Nagios checks may come from any of:

85.119.80.238
85.119.80.244

These IPs will only ever be used for BitFolk monitoring checks, so they are safe to allow through your firewall. We would ask that at a minimum you allow ICMP ping from these IPs.

Why am I receiving alerts for this unfamiliar host/service?

In general BitFolk will not add any monitoring without you asking for it (so please ask! It's free!). In some circumstances though, monitoring will be added to support other BitFolk services.

For example, if BitFolk is backing up your data over SSH, we will add a ping and SSH check to aid in debugging problems with the backup service. If BitFolk is providing secondary DNS service for you then the master server for each domain will be checked by ping and DNS — you need to know if your master server is not available to us.

If none of that explains why you are receiving the alerts, it could be a simple mistake. Please contact support and we'll sort it out.

General OS Issues

Are my bandwidth limits outbound or inbound or both?

For our UK network there is currently an excess of inbound bandwidth, therefore you can have twice as much inbound as outbound. e.g. if your plan allows 50GB data transfer then this corresponds to 50GB out (people downloading from your VPS) and 100GB in (people uploading to your VPS). Excess data transfer is still charged the same.

Does my local traffic get counted towards my allowance?

No. Only traffic destined for or coming from outside of the local network (85.119.80.0/21) will be counted. This is great incentive for you to make use of the shared resources on offer such as an APT cache and recursive DNS.

Why do my Cacti bandwidth graphs seem to be backwards (i.e. inbound traffic shows as outbound and vice versa)?

The graphs are plotted from the point of view of the host machine where each VPS has a network interface going to it. Therefore traffic going to your server is going out from the host, and data coming from your server is coming in to the host.

Just reverse the directions if you want to think about from the point of view of your own server.

Why is my Cacti graph empty and the figures read "nan"?

"nan" stands for "not a number" i.e. "no results". If your VPS has only just been provisioned then this is completely normal - 3 readings are necessary to draw the initial graph, and as readings are done every 5 minutes the daily graph will remain empty for at least the first 15 minutes.

The weekly, monthly and yearly graphs are built from the daily one and will stay empty until the daily graph has the required amount of data: 30 minutes, 2 hours and one day respectively.

If your VPS has been in use for some time and the graphs are empty then there is possibly a problem; please contact support.

Do I need to synchronise my clock like I would on a normal server?

Yes. In theory each domain's clock is supposed to be locked to that of the real host but in practice this seems not to be very reliable. Therefore you should arrange for the following to be executed at each boot:

# echo 1 > /proc/sys/xen/independent_wallclock

or put:

xen.independent_wallclock = 1

into /etc/sysctl.conf, and then set up some means of keeping your clock in sync, such as NTP.

A list of recommended NTP servers appears above.

Is 240MiB of RAM really enough to do anything useful?

Sure. It's not a great deal, but it's not like trying to run an entire machine in 240MiB either. A Xen VPS kernel is very stripped-down and you probably don't need to run many daemons. However please don't expect to be able to run heavy daemons like spamd or clamd in less than a few 100MiB of RAM; it is possible to run both of these in 240MiB with some tuning.

If you find you're running out then you can purchase more RAM and it will be quickly provisioned.

Can/should I run my own firewall?

You can, and you probably should. Whatever you normally use should work. iptables works fine for Linux, for example. Don't forget to firewall IPv6 as well!

Why don't I see a change in my VPS's RAM when I reboot like you told me to?

What you will have been told to do is shutdown and then boot from your VPS console. If you only do reboot (either from your VPS or in the console) then the VPS will never be destroyed and so will never read the new settings from its config.

Why don't I see a new kernel after I've rebooted?

Due to the way Xen works, your virtual machine is only shut down when the operating system running inside it is fully shut down. Just as settings like RAM size or disk capacities are not updated on a reboot, neither is the chosen kernel. You must shut down (either from the OS or from the Xen Shell) and then boot from your Xen Shell console.

I've been told I have an open recursive nameserver. What's the problem?

Please see the Open recursive nameservers article.

How do I restrict rsync-over-ssh connections from BitFolk so they can only do rsync?

If BitFolk is rsyncing your files for backup or DNS purposes then you may wish to restrict these connections so that they may only use rsync, rather than allow them to have a complete interactive login. Please do not try to set this up until after the service in question is known to be working properly, as this makes debugging SSH key logins much more difficult.

For an overview on the subject please read Using Rsync and SSH, particularly the section on restricting to rsync.

When updating libc, the update fails and I get messages regarding `/lib/tls`

/lib/tls is a directory of libraries (usually owned by the libc package) which are incompatible with Xen.

When your VPS is provisioned these will be moved to /lib/tls.disabled, an empty file created at /lib/tls and then made unreadable and immutable. This is what probably causes your upgrade procedure to fail, but it is necessary because otherwise an update to libc would replace the incompatible TLS libraries.

The easiest way to deal with this is probably to remove everything to do with /lib/tls:

$ sudo chattr -i /lib/tls
$ sudo rm -fr /lib/tls /lib/tls.disabled

Now do your update as normal, and then take care to disable the TLS libraries afterwards:

$ sudo mv /lib/tls /lib/tls.disabled
$ sudo touch /lib/tls
$ sudo chmod 0 /lib/tls
$ sudo chattr +i /lib/tls

Fortunately libc updates are rare, and newer releases such as Debian Etch and Ubuntu Edgy contain a libc6-xen package which is compatible.

Can I compile my own kernel?

Yes; the kernel in use on boot is determined by your grub configuration, so as long as you can put a correctly-configured kernel with Xen support in there it should work. You may find it easiest to adapt your distribution's existing Xen kernel package. Typical reasons for compiling ones own kernel are to change the HZ value for example.

BitFolk however cannot support this sort of advanced usage so you should be very sure of what you are doing.

My VPS is not responding, is there anything I can do?

Most likely yes! If you can't access your VPS over the network then the first thing you should do is connect to your Xen console. Most of the time this turns out to be a misconfiguration or some other problem local to your VPS such as you using up all your RAM and swap. Your best chance of recovering from that is with the console command.

If you can't even log in over the console then the next thing to try is probably the usual Linux SysRq commands, using ctrl-o and then the command character. e.g. ctrl-o h will show the SysRq help. Your goal will be to try to get the kernel to cleanly unmount its filesystem(s) before you reboot.

If you have no luck with this approach then as a last resort you can use the destroy command. Please be aware that as the name implies this will instantly kill your VPS, will not cleanly unmount any filesystems, and so you would expect to see a fsck on next boot and may experience data corruption. If the VPS will not shutdown or reboot normally then it would be our only option anyway, so this at least will save you having to contact support.

Once your VPS is shutdown or destroyed you will be able to boot it again. Xen Shell runs inside GNU Screen so you may find it convenient to create a new screen (ctrl-a c) to run the console command in. That way you can watch your VPS shutdown/boot while issuing Xen Shell commands in the other window.

If none of this helped, or if you cannot even connect to the Xen console, please contact support and we'll do our very best to help you.

Can I upgrade or downgrade my plan part way through the payment period?

Yes! Here's the technical details of how it works:

Upgrading or downgrading a VPS plan basically means altering the amount of RAM and disk you are allocated. To alter your RAM we just edit a configuration and then the next time you boot from the Xen Shell you will see this new amount of RAM.

Changing the size of your disk allocation is a little more complicated. Your disk space is provided by one or more block devices, e.g. /dev/xvda. We can grow these block devices while your VPS is running, then you can shut down and boot again to see the new size. We can also shrink your block devices but we have to shut your VPS down first. If shrinking you would also of course need to ensure there is enough free space to take away!

Upgrades are subject to there being resources available on the host where your VPS currently resides. This is generally not a problem as hosts are overspecified with regard to RAM and disk. In the rare cases where it is an issue, we can almost certainly relocate your VPS to a host with more available RAM/disk. This would add a further 15 minutes or so onto the downtime required.

Once you have booted your VPS again you will be able to online resize your ext3 filesystem using something like:

$ sudo resize2fs -p /dev/xvda

If shrinking, however, you'll need us to do it for you with your VPS offline.

We are happy to coordinate a mutually-agreed time with you for any disruptive work to occur. If you are confident that your VPS shuts down and boots cleanly then there's no need for you to be available during the work.

Now for the financial details:

Upgrading part way through a payment period is not a problem. After the upgrade has taken place, an invoice will be raised for the pro-rata difference between the two plans. This invoice will be due immediately unless it is very small, in which case it will be added on to your next scheduled payment.

For example, let's say you are currently on a quarterly payment plan for £22 per quarter. You're 30 days in to this 90 day period and you decide that you want to upgrade to the £44 per quarter plan. The upgrade takes place and then an invoice is raised for (£44 - £22) / 90 * 60 == £14.67. In that 90-day period you would have been charged £22 + £14.67 == £36.67. Once the next payment period starts you would be invoiced for £44 as normal.

Where downgrades are concerned, we are happy to do them at any time, but we won't be giving you a pro-rata refund. Therefore you will most likely want to time the downgrade to coincide with the end of your current payment period.

Does BitFolk support IPv6?

Native IPv6 connectivity is available by default but is currently not officially supported until we work out the best way to manage it.

Please note that most Linux distributions will automatically configure IPv6 addresses and many daemons already support IPv6; those customers firewalling IPv4 will also want to firewall (or disable) IPv6.

An auto-configured IPv6 interface will look something like this:

$ /sbin/ip -6 addr show dev eth0
2: eth0:  mtu 1500 qlen 1000
    inet6 2001:ba8:1f1:f004:a800:ff:fe6a:380c/64 scope global dynamic
       valid_lft 2591934sec preferred_lft 604734sec
    inet6 fe80::a800:ff:fe6a:380c/64 scope link
       valid_lft forever preferred_lft forever

This indicates that the customer has been assigned 2001:ba8:1f1:f004::/64. All initial BitFolk IPv6 assignments are one /64 per customer; if this is insufficent then a further /56 can be routed to you.

If auto-configuration is not desired then you can configure your operating system to not listen to router advertisements and then statically configure any address(es) in the range, except ...::1/64. For example the above customer can use any address between 2001:ba8:1f1:f004::2/64 and 2001:ba8:1f1:f004:ffff:ffff:ffff:ffff/64.

I've forgotten my root password! How do I reset it?

Log in to your Xen Shell console via ssh username@username.console.bitfolk.com.
Shut down your VPS with the shutdown command.
Start up the rescue environment with the rescue command.
Mount your root filesystem somewhere inside the rescue VPS. Available block devices are listed in /proc/partitions so it will be one of those.
Either edit the shadow file (so if you mounted your filesystem on /mnt, you'd edit /mnt/etc/shadow) to put a new (or an empty) password hash in, or use chroot to change into your VPS's root filesystem and issue passwd root to change root's password.
halt the rescue environment.
boot your VPS.

Why is my swap a swap file, not a swap device?

We used to give swap as a separate device, but people kept asking for it to be bigger or smaller than we provided. In Linux, swap files in the 2.6.x kernel have identical performance to swap devices, and having one fewer block device is simpler, so we switched to providing VPSes with swap files instead.

Why has time-based filesystem check (fsck) been disabled?

The ext3 filesystem (which is in use by default at BitFolk) is traditionally set to require a fsck at boot time based on both elapsed time since last fsck and the number of mounts since last fsck. Since late April 2010 we have been disabling the time-based fsck for new VPS installs. Our rationale for this is as follows.

When one of BitFolk's host servers is rebooted, either for scheduled maintenance or because of some problem, most of the customer VPSes on it will not have been rebooted in a long time. With a typical check interval of 6 months, almost all of the customer VPSes will decide to do a fsck all at once on next boot. The IO load from 40-50 virtual machines all doing fsck at once is considerable and causes poor performance for all customers for some hours afterwards.

With time-based fsck disabled, the fsck on boot will only happen if the mount count goes above the maximum. You can see the values like this:

$ sudo tune2fs -l /dev/xvda | grep -i 'check\|mount count'
Mount count: 2
Maximum mount count: 34
Last checked: Sat Oct 17 09:10:33 2009
Check interval: 0 ()

(replace /dev/xvda with whatever your partitions are – see /proc/partitions)

If you weren't planning to reboot every 6 or so months anyway then the time-based fsck probably wasn't doing anything for you. You may like to consider using:

$ sudo shutdown -r -F

to do a reboot and force a filesystem check on boot, at times that are convenient to you.

Another trick is to do a fsck in read-only mode on an online, mounted filesystem:

$ sudo e2fsck -fvn /dev/xvda

This will tell you if the filesystem requires a modification to fix it, without actually doing anything. You can then decide whether to reboot to do a normal fsck.

If you really don't like the idea of disabling time-based fsck then it's easy to turn it back on, and we don't mind you doing so if you feel strongly about it. Here's how:

$ sudo tune2fs -i 6m /dev/xvda

This sets the interval to 6 months. You can also use a postfix of w for weeks or d (or no postfix at all) for days.

Debian-specific

(Mostly applicable to Ubuntu and other Debian-based distributions also.)

What should I put in my `/etc/apt/sources.list` file?

We've set up a local apt-cacher so that packages only need to be downloaded once. See the apt-cacher page for more information.

Keeping your VPS up to date

Your VPS is effectively its own separate server system and as such it is important that you keep all software running on it patched and up to date. For Debian Sarge-based servers with all software installed from Debian packages this is very simple.

First you need to make sure that you have the sarge/updates line from above in your /etc/apt/sources.list. Now all you need to do is arrange for the following commands to be run as root however often you wish to check for updates (we suggest daily):

# apt-get update
# apt-get upgrade

There are a few methods for automating this; you can probably come up with some yourself. If you like though you can use the same script that we use which can be found at https://src.bitfolk.com/repos/local-apt/trunk/. Copy local-apt.pl to /usr/local/sbin/ and make it executable. Copy local-apt.sh to /etc/cron.daily/local-apt (note no .sh on the end there - cron files shouldn't have dots in their names). You will now get a nicely-formatted email each day telling you what needs upgrading. You still need to do the apt-get upgrade manually.

cron-apt is a packaged Debian utility which does similar, and is also available in Ubuntu.

You may also find it useful to install apt-listchanges which will mail you regarding the changes introduced by each upgrade.

The above method also works for "testing" although you may find you have updates almost every day.

When doing an `apt-get` or `aptitude update` I see an error like `/dev/mem: mmap: Bad address`; is this a cause for concern?

This message is an error output of dmidecode which is called from within one of the scripts for a package you just installed or upgraded. dmidecode is trying to access low-level hardware information in order to pick some suitable default configuration. It will never work under Xen but it can be safely ignored.

Contents