Today we continue our interview series with LowEndTalk member @m4nu, proprietor of PikaPods. What are PikaPods, you ask? A very cool service where you pick apps to host and they do all the work. It’s a neat service and cool company and I think you’ll enjoy this interview. Be sure to check out PikaPods‘ site to learn more about this hosting option! Now on to the chat!
Where in the world are you located?
My company is fully remote since 2011. So everyone works from where they want but needs to deliver results on time. In the beginning, this included an office on a military base in Dhaka, where we had a team of web developers. They chose the place because it was safe and quiet. I also worked from there for a month. This year, I’ll spend the summer in Europe after waiting out the Covid mess in Asia. I’m grateful that this flexible setup is possible and regularly touch base with other remote companies, like Ghost (which we also offer on PikaPods), DNSimple (which we use for our DNS), and Automattic (creators of WordPress, which we also have on PikaPods). Compared to a more traditional setup, this gives us access to the best talent from around the world.
In a nutshell, what is a PikaPod?
There are so many great open source projects out there, but not everyone wants to be a sysadmin and take care of updates, security, etc. So PikaPods helps you run those apps with just a few clicks and everything is taken care of. At the same time, we share part of the revenue with app authors to make sure they can keep improving their apps. This isn’t possible for all projects, but we do get some uptake on it. Authors actively approach us to make their app more accessible.
So…Softaculous, only with hosting and less of the gory details exposed? That’s not an insult btw – turnkey packaging is awesome and not easy.
Softaculous works great for scripts on shared hosting. PikaPods works at the container level, which is a light way to package apps with all their dependencies. Where available, we run the official container image provided by the project to give users the most authentic experience. And all updates and improvements are applied to pods within 1-2 weeks of the official release. After some testing. That makes the service more comprehensive than a simple installer. We also monitor pods on a daily basis and will get in touch if there is e.g. a configuration issue.
I saw some apps I’d expect (WordPress, etc.) but not others (MediaWiki for example). Is there any criteria or just what’s been requested/you’ve had time to add so far?
There are some informal criteria. First I’ll look at the general demand and popularity of the app and category. Availability, complexity and maturity of the app’s container image play a role as well. So popular apps that are simple to run come first. I do hope to add most in-demand apps over time.
So I have to say, if you were offering a pod as a VPS, getting 1 CPU + 1GB of RAM + some storage for under $3 month is pretty decent pricing. Some folks will say “oh, but with a VPS I can control every last byte” and there are people who roll like that, but what you’re doing is catering to the “want it to just work” crowd. Is that how you see your market?
Indeed, we don’t offer the level of control of a VPS, but you don’t want that for many apps. Or if you are not a sysadmin. You may just want to run an app and not think about the details too much. It can also take a good amount of time to stay on top of security updates and ensure the app runs smoothly when you need it. Also, for most container images, there isn’t much to customize really. You just pass some minimal configuration via environment variables. We offer those too, in addition to SFTP access to mounted folders. The user shouldn’t need to mess with the inner workings of a container image.
Actually, I partly built PikaPods for myself. I found myself running a dozen apps on a larger VPS but often had to mess with app updates, permissions, OS updates, database issues, and the like. Now some of those apps just run on PikaPods.
Forgive me for asking but…shouldn’t you be charging a lot more? Or are we benefitting from a finely-tuned automation system?
The system is heavily automated and very light. Compared to a VPS, we can run more containers/apps on a single physical server. I also want to make the service approachable to offer an alternative to ad-supported services that may limit or remove features and sell your data.
Do you see VPN apps being added ever? I imagine with some things (VPN, email, TOR, etc.) you get into abuse headaches.
Dealing with abuse would add too much manual work and cause issues with shared IP addresses. So we’re avoiding those for now.
So some basics: after I deploy a pod, presumably I need to add DNS for my domain. Are you giving me an IP and NATing everyone to different ports or do I get my stuff on port 443?
Every pod gets its own subdomain that looks something like eager-beaver.pikapod.net. You can customize the first part to e.g. get bob-pictures.pikapod.net. Those are free and you don’t need your own domain.
In addition, you can also map your own domain, like pictures.bob.com. Many users take advantage of this to white-label their app. In those cases, we will also issue an SSL certificate for your domain to keep it secure. There is no extra charge for this, except the cost of the domain you already have.
We don’t support additional ports (in addition to the main HTTPS port) yet but hope to add those shortly, since a few apps would benefit from it. E.g. to do WebRTC. I’m hoping to finish this feature later this year.
Are things backed up?
Since PikaPods is built as an all-inclusive service for less technical users, we also do daily backups at the server level to keep data secure. The backups are encrypted on the server itself and then stored on BorgBase.com (our popular backup service). So if a server fully fails, we could restore it within a few hours.
How is bandwidth handled?
Our upstream providers give us unlimited bandwidth, so we don’t charge for bandwidth either. I also don’t want to surprise users with unexpected bandwidth charges.
You’re in the US, EU, and Hong Kong. Any other locations on the horizon? And why Hong Kong?
The service is pretty popular in Asia, particularly in China. Many users there are eager to try the blogging tools we offer. So we added a server for them early on. It’s not our most popular region, but I want to give it some time to grow and then evaluate if enough users take advantage of it. No new locations planned for this year, but I’m open to suggestions.
From your FAQ: “We use rootless containers with additional SELinux restrictions applied”. There are a lot of people who immediate disable SELinux upon OS installation, yet it can be a very powerful security tool. Apparently you guys like it – how does that fit into your overall sysadmin method? Is it a lot of work to tune SELinux for all these apps? You can tell I’m one of those people who turns it off.
I think SELinux is very important to run rootless containers securely. It helps to catch container escape bugs that aren’t even known yet because every interaction between security contexts is compared against a set of rules. This works relatively well and we only had to add a few additional rules for PikaPods. I would encourage everyone to invest the time to learn and use this technology.
If you’re using SELinux I’m guessing you’re working in a RedHat ecosystem? Where did you guys land on the whole RHEL/CentOS/CentOS Stream/Rocky/Alma fallout?
BorgBase started out using CentOS 7 back in 2018. This worked well and the discontinuation of CentOS 8 hit us by surprise too. We used the free developer program for small production setups provided by Red Hat for a while but quickly outgrew it. Currently, PikaPods runs on CentOS Stream 9, which gets the latest features quickly, but needs a testing environment to avoid pulling in breaking changes. For projects that don’t need cutting-edge packages, I like AlmaLinux. They are generally the fastest to bring out new versions and most cloud providers offer their images. I don’t want to pick a winner because all those distros are great and serve a specific purpose. Otherwise, they wouldn’t exist. This also includes Fedora, which is part of the same family.
Also from your FAQ: “Open source developers have the option to enter into a revenue sharing agreement to received 10-15% of revenues their app generates.” That’s pretty cool. Do you have open source projects taking advantage of that?
Yes, we do have a few projects taking advantage of this and we already made some payouts. I do want to add that this option isn’t suitable for all projects and we will never get 100% coverage. Actually, it’s really hard to give money to open source projects. Some possible obstacles: Often the project is forked and inherited from multiple authors. This can make it unclear, who should receive the payouts exactly. Other times, authors can’t issue an official invoice, which we need to categorize the payments as a business expense. And finally, many authors don’t want to commercialize their project and just work on it for the fun of it.
I still think open source authors should have the option to be rewarded for their work. So many businesses – including all hosting businesses – are built on open source. If your business makes money from open source, I would strongly encourage you to look at ways to give back. This could be simple cash donations, or taking ownership of a project and maintaining it for the benefit of everyone. This helps to keep our open source “commons” healthy and ensures your business can benefit from it for a long time. Win-win-win really.
You guys were the folks who brought us BorgBase, right?
Yes. BorgBase was our first public project and was built during Y Combinator’s startup school program. Like PikaPods, it first launched on LET and offered a generous beta program for the first year. Building your stuff in public and sharing it with real users helps build better products. So I’m grateful for LET to offer access to this community.
You emphasize there’s no tracking, no profiling, no injected ads, and customers have full control over their data. Is that a big issue that customers ask about? I’m curious if you get more questions in EU or US or other parts of the world about this.
Yes, privacy is important to our users and we get questions about it regularly. Reddit’s r/privacy subreddit was one of the first places we launched PikaPods and we got good feedback from there. While not everyone cares, there is a growing user segment that actively avoids the big data harvesting services. It also gives the power back to the user by allowing them to migrate their app to another provider or their own server if they wish to do so. For me, having your apps in portable containers is the real decentralized web. And we should give credit to Docker for popularizing it.
So you’ve got that darn cute mascot. Does the Pika have a name? I’d like to draw it to your attention that your logo also looks like like a smiling mammal of some sort lying on its back looking upwards, which is cool.
Thanks, I’m generally not very good at branding or names. So I was just looking at unusual animal names that work well with “Pod” on Wikipedia. I ended up with “Pika” because our pods are light and fast, just like the Pika. The very first version had the head of a mouse from the front. But it looked pretty similar to Mickey Mouse. I changed that to avoid copyright issues with Disney. :-)
Thanks for the great read, m4nu! Check out PikaPods.com to learn more.
- One Week From Tomorrow…THE WORLD WILL LOSE THEIR MINDS!Lines Are Already Forming! - November 21, 2024
- Crunchbits Discontinuing Popular Annual Plans – The Community Mourns! - November 20, 2024
- RackNerd’s Black Friday 2024: Bigger, Better, and Now in Dublin! - November 19, 2024
Leave a Reply