Everytime Hetzner comes up I tried to make the comment hoping it reaches the right ppl !
Hetzner has THE BEST UX for their cloud-vps stuff.
Please don't change a thing, just for the sake of changing something. Looking at "YOU Spotify !" Compared to most of the other cloud vendors, its refreshingly simple and elegant ! Good job whoever did it, now the job is to KEEP it like that.
Hi there! This is Chris, Design & Integrations Lead at Hetzner Cloud. Thanks a lot for the kind words on behalf of the whole team! Your comment got passed on to our team channel in our internal chat. Really really glad to read comments like yours – keeps us motivated to do even better :-)
Anything you'd like us to improve in terms of UX or DX of our Open Source integrations?
Ohh lol sorry didnt see reply ! You are very welcome. No is perfect as is ! A cool writeup of the ux work process you guys have might be awesome blog article. Metrics, design philosophy, team makeup, tools, ux importance in org etc etc :)
I'd second that. We have stuff on both Digital Ocean and Hetzner, and switching between them I'm constantly reminded how much better the ux on Hetzner is. The fact that they now do hugely capable ARM servers for stupidly cheap is a bonus, and if they ever open a London data centre I'd probably drop Digital Ocean immediately.
I just got 28.1ms IPv4 pinging between a server in the UK (i.e. a good connection) and Hetzner Germany. The timing within Hetzner's network is surprisingly varied, so pings to some of my servers are 27.1ms instead, and pings to some IPs on a server are lower by a few ms than other IPs on the same server.
I just tried IPv6 and got 23.0 to 23.3 ms, so that's a pleasant suprise. Last time I checked IPv6 was higher latency. Unfortunately I don't have IPv6 at my office or at home so it's not worth using for my work.
From both my office and home, pings to my Hetzner servers are 50 to 85ms. That's because of the slow links I have locally.
Those times are not huge but all the little latencies add up when doing things interactively, especially those that take multiple round trips. You probably wouldn't want to run a game server with those latencies.
I found remote editing files with Emacs Tramp particularly slow at that latency because it does too many unnecessary round trips. For remote compiles I have an SSH session open and use Git or rsync to transfer files to/from my laptop, but that's annoyingly slow as well. I still use Hetzner servers for development because the compute hardware is much better than anything for a comparable price in the UK, but I would probably switch to a UK-located version if Hetzner opened a data center in the UK with similar hardware and pricing - which seems unlikely!
Basically, I'm working on building the kind of company that I've always wanted to: simple technology (not k8s!) to do cool things (ingest tons of data into a database.) I can run the software on a single server, but my customers didn't want downtime when I deployed (who would've thought?) so I implemented a rolling deploy.
I've recently started hosting on Hetzner (ran out of AWS credits!) and have found the experience to be pretty good, and by far the best value of compute per dollar. If you don't want anything in the container world - I worked at huge companies that IPOed without containers - then consider their server offerings.
You can use HAProxy on a cheap shared Hetzner server (2GB or RAM will be plenty for it) as an alternative for Hetzner LB. It will give you more flexibility and dynamic scaling [1] without downtime (plus it has very good management API through socat). Even if you use a hard hacks, like updating the HAPproxy config through Ansible and reloading it, HAProxy will not terminate running connections but redirect requests to live backends.
Hetzner is fantastic. We switched from Linode to Hetzner over a year ago for our website and backend, and have been running with zero downtime. The pricing is also pretty darn cheap. Hoing they expand their US locations!
Great writeup and thanks for providing the code as well!
I think if I were to do this I'd probably do it the other way around. I'd introduce the new code first on a new node, add it to the load balancer, check it's healthy, and then remove the old node.
It allows a bit more growth for new functionality should it be needed. For example you can run a canary for an hour and check the error rates before promoting the deployment. Or you can rollback if the new code fails to start for some reason without needing to reload the previous application version first.
On the other hand, this works great if you want to keep the VPS more long lived by recycling it.
Interesting! So you'd provision a new VM, deploy and add it to the LB, and then destroy the old node? I think that's where a docker-based deployment would shine, it would be way faster.
This is how I've done things in the past when working with VM's. It definitely works well with containers as well though. The really great benefit is you can check the new version is healthy before introducing it to public traffic, and then you can hold off as long as you want before pushing on with replacing the other nodes.
You also make sure you get a clean VM each time configured the way your IaC dictates. Obviously if your nodes hosting the application are not under IaC or for some reason you want them to be long lived, then this doesn't work as well and your model is going to the better way to go.
Hetzner looks so good and I wanted to move my storage there, but as I tried to create an account I was requested to upload the picture of an ID. I said OK, I mean, they're just trying to guard against some edge cases. However, then they just sent an email that my account is closed and this is final. No answer to my mails either.
As a result, I'm obviously very reluctant to believe the praise about them as I found this incredibly rude. There ought to be a better way to do this. I realize that this is only tangentially related to their technology, but still.
Hetzner is great, but recently ran into an issue where their (newly introduced?) cloud security just spins instead of ever progressing to the login prompt on Mull and Librewolf. I assume because it's detecting something it doesn't like.
When I reported it to the support, I was first told to visit the account login screen at the provided URL. To which I responded that, yes, that was what I was trying to do but could not reach. Next I was asked to reset my password; I did so, as that page is not protected by the same security challenge. Alas no change. Finally, it was suggested that I reset my router. Since it was the middle of the day with many other users on my network, I asked whether this was to see if IP blocking was in place. They said yes. Rebooting the router didn't change anything. I switched browsers, and it immediately worked.
So if anyone at Hetzner is listening, maybe have a look at your login protection and consider whether there is an alternative way to block bots (or whatever) without impacting legitimate customers.
Interesting. I'm in the process of trying to setup a k3s cluster on Hetzner but it's really a can of worms trying to make sense of all the different services and configuration. Makes me think should I ride the Ansible horse just a little longer. All I want is things not to break for users if something happens. Like me making a mistake or a region going down.
Hetzner has THE BEST UX for their cloud-vps stuff. Please don't change a thing, just for the sake of changing something. Looking at "YOU Spotify !" Compared to most of the other cloud vendors, its refreshingly simple and elegant ! Good job whoever did it, now the job is to KEEP it like that.
Happy customer for about 1.5 years now.