DigitalOcean – A Review

DigitalOcean Logo
DigitalOcean Logo

So, I have been a customer with DigitalOcean since (really) late 2013 – 2013-12-20 to be exact. I was moving from Linode in hopes for cheaper, faster hosting. At the time of my move, Linode charged double for resources starting at $20/month for a 1GB VPS. As to where DigitalOcean charged a mere $10/month for the same spec with newer hardware, SSDs, and faster network. Of corse I switched! Anyone with a mind would. Now that Linode has caught up with DigitalOcean in system specs and hardware, it is basically neutral except for this billing structures. They both appear to be the same from the homepage but DigitalOcean is credit based. You don’t get charged until the month is over and you pay exactly what you used. Linode tried to copy that as best they could but you still need to prepay for service.

Enough with the reasons of why I switched and more about DigitalOcean.

DigitalOcean has amazing support that doesn’t just give canned responses. They are actually intelligent! They know a lot about various open source platforms, Linux, and more! They are the support wizards we all wish we had for our ISPs.

DigitalOcean Meme Ticket
DigitalOcean Meme Ticket

That ticket (#836063) was about my community email not being changed when I changed my account email (Due to the way OAuth works). The support agents I was talking with were friendly and even meme’d the ticket! Being able to have fun is always on my list. When you have to open a support ticket for something stupid like an email change or a simple bug, it shouldn’t be a pain to talk with them. It should be easy and I value it a lot from companies. For the record, the memes that they linked were this and this, respectively. Another thing about their support, if you get troubled or any uptime that goes below than their claimed, they will easily give you credit. In fact, they give credit if their support makes a mistake or their was a billing mistake. It is awesome.

Moving on, all of their claims are true. You can deploy an instance in 55 seconds, They are blazing fast, and you even get 99.99% uptime! The uptime is an understatement. I have StatusCake check everything every minute. You get small micro-downtimes of corse but all less than a few seconds (or less). Total downtime out of the month for any of the DigitalOcean droplets totals to three minutes. Definitely holds to their claims. Some people on their unofficial community IRC channel have reported they have had hardware failures a few times. However, I have yet to experience any hardware failures with them – Or any host for that matter.

Currently, I have five droplets on DigitalOcean. All of which host most of my personal things. The specs of the droplets I have are two 512MB’s, two 1GB’s, and one 4GB. All run proportionally great. I currently manage all of my systems everywhere on a SaltStack instance hosted on one of my DigitalOcean droplets.

New Relic on Yuki Morikawa
New Relic on Yuki Morikawa

Performance-wise, there is no IO wait. It is very rare I have an IO wait at all. When I do, it is normally because my droplet is consuming a lot of disk operations and CPU. Even when there is an IO wait, it is lower than a whole percentage (as you can see in the New Relic graphs). It is truly performance I have not seen by anyone else yet.

Great news for developers too – They support OAuth for all your fancy developer needs. Even with an excellent API! You can do everything but mess with other API keys and account settings through their API. I have used it for various things.

Getting started with developing, system administration, and hosting your own stuff? This is pretty great for you then. DigitalOcean contains an extensive library of community contributed tutorials to get you started. All of them have been reviewed by staff and believe it or not, if you are good at documenting tutorials, you can make some money off it! Up to $200 worth!

So lets talk some improvements I’d like to see (and many others would too).

For one, backups should be more often. For 20% of the droplet price to have a weekly backup is kinda on the expensive side. Backups at minimum should be every two days. You should also be able to pick a time range where it would be best for them to take the backup. Mainly so if you have high traffic database, you have your backup during off-peak hours or have a dump script to create a dump in time for the backup. There are a few UserVoice threads about this – Including this one and this one.

Another big issue, not really a feature, is the way they implemented IPv6. Since most hosts give a /64 (AKA way too many) range of usable IPv6 addresses per system, many blacklists have caught on and ban/list the entire /64. Now the problem comes with the way DigitalOcean implemented this. They give 16 IPs from a /64 range. So, no, you cannot use all the /64.  But this means, you have potential for people to get your range listed in blacklists even though you could be doing nothing wrong. This is problematic and lead to DigitalOcean implementing IPv6 port filtering for common email ports – Including SMTP, IMAP, and POP. This gets annoying because if you use any SMTP gateway that support IPv6, you have to explicitly tell your droplet to use IPv4 for that host. There was a UserVoice thread started to fix the mail issues, but was declined. There are other threads opened, like this one, where it is asking just to fix the entire problem by giving /64’s. This issue can be breaking in the near future as IPv4 starts to go away.

Another thing I personally don’t like are the way team accounts work. The way you’d imagine team accounts would work is a single user can be assigned to multiple accounts and switch between them using some sort of switcher – Much like Google’s multi account sign on and MailChimp’s entire account system. But it works in just the opposite way. Each email can only go to one account. That account does have somewhat of a permission control of what each member can do. But the bad part is, you still need to manage separate accounts if you are a freelancer and have your clients manage accounts. This lead me to just reselling the droplets to my clients as it was becoming a pain to login and logout over and over. There are a few threads on UserVoice for this too – Like this one and mine.

Speaking of major issues, DDoS is a major issues when it comes to DigitalOcean. When you receive more than 1Gbps inbound for network, DigitalOcean will automatically null route (bring down) your droplet’s connection. The problem with this design is it lets the attacker win every time. Services to DDoS people are super cheap allowing virtually anyone to do it. With it being so easy to obtain for the average joe, it is even easier to take down droplets. If your droplet is taken down by a DDoS, the attacker achieved their goal of knocking you down for a little while. I guess DigitalOcean defines a little while as three hours. I figured this out after my ZNC was hit randomly with one and was taken down for an entire three hours. This also has a UserVoice thread started on it here. The issue with DDoS attacks is they are extremely difficult to stop because they work by hitting hardware capabilities. Either flooding your ethernet or hammering your CPU. But CloudFlare isn’t always the answer when DigitalOcean thinks it is. Providers like CloudFlare only provide DNS mitigation. You can bypass these types easily and then just take down the origin. And these services are also useless if your system sends any email. Email headers contain the IP of your system even behind a DNS mitigation service. Another thing is, DNS mitigation services, like CloudFlare, don’t support anything outside of the HTTP protocols. So protocols like IRC and such is not supported and is still vulnerable via an exposed IP. DigitalOcean needs to make something that protects at the datacenter level so there is no additional setup and we are working to hide a normally public IP.

Overall, DigitalOcean is an amazing host and I highly recommend. They are definitely 8.5/10 on my scale. Pluses being amazing support, super fast systems, great control panel with constancy, and great stability. The downsides: No DDoS protection, team accounts, their IPv6 implementation and their backup schedule for the price. They are truly worth a try. Speaking of worth it, they are hosting this very blog!

If you made it this far, thanks, if not you still tried! Remember that I do not use affiliate links outside of my affiliates page to link anywhere. If you are thinking of signing up on DigitalOcean, be sure to grab the free $10 from the referral link on that page. Also, as with all my reviews, these are not sponsored or paid for. This is an honest review of how I see the company. If you have anything you’d like to add or comment on, be sure to leave a comment!

Edit on 2015-12-14: I have redacted the content regarding their IRC channel as someone has reached out to me to explain the real reason the IRC community was dropped. This section was more based on my view of what happened and didn’t have sufficient answers to write about. Sorry for any confusion.

Author: Zachary DuBois

I am a person who makes random things and likes to problem solve.

4 thoughts on “DigitalOcean – A Review”

Comments are closed.