Technology
ZFS ARK uses open-source technology. We utilize:
- Proxmox VE – KVM for VPS services
- OpenZFS – ZVOL for block storage
The architecture is VMs have a ZFS mounted block storage on a ZVOL on ZFS. So this is a nested ZFS setup. The reason it’s set up this way is twofold. The first is having each customer in their own KVM provides a greater amount of security and isolation between customers than using containers or a shared system. The second is it allows us to do live VM migrations between storage and hypervisors to re-balance as needed without incurring downtime.
We own our own hardware. We are not reselling storage from any other cloud provider. We store your data in North Idaho, a location likely to provide geo-redundancy for most customers. All servers are bought new. We have an extra server ready to swap in. Most of the time we can recover from a hardware failure the same day.
Data Protection
Underlying data is protected with RAID-Z. All hard drives are purchased new and proactively rotated out on a regular schedule. Any drives reporting SMART errors, performance issues, or reporting ZFS checksum errors are promptly replaced.
The underlying zpool is scrubbed monthly to check for any data integrity.
Maintenance Window
Our maintenance window is the last Friday of the month from 8pm-12am PDT. During this time we may perform updates and reboot your VM, the hypervisor, networking gear, etc. It may be wise to schedule your replication around this time to avoid any brief failures. Normally we’ll try to do maintenance during this time, but security updates may need to be installed sooner.
Uptime
This is not intended to be a service with high availability demands. We are targeting an annual 99.5% uptime. That said, external monitoring services report us having 99.98% uptime over the last year. We have a basic 30-minute battery backup but we’ll be down for extended power outages (rare, but they can happen).
Security
Security is provided by SSH, Fail2Ban IDS/IPS. VMs are configured to install security updates automatically and managed by Ansible.
We’re a bit lacking in physical security. The servers are located at my home office until we can get enough customers to justify co-location. Physical Security is provided by my two dogs. Blaze and Scout. I suggest you encrypt your data.