Show HN: Simple Docker Hosting

(sliplane.io)

64 points | by jonas_scholz 8 days ago ago

63 comments

  • dax_ 8 days ago

    I'm confused by the pricing, why is going from Base to Medium more than double the price? It's cheaper to get two base tier servers and distribute containers instead, which is unusual.

    I like the idea of the service though, but pricing is not that attractive for me currently.

    • jonas_scholz 8 days ago

      Yeah fair point, its a bit confusing. We really wanted to have the cheapest price under 10, and just kept the other prices at a point that make this business sustainable for us. Pricing is hard :D

  • jazzyjackson 8 days ago

    I had a good experience using https://coolify.io/ for this, I think it's a good business model to resell VPS with a friendly interface, basically what cPanel is right?

    Personally I think the price is high given the free alternative, but would pay it if you made some kind of security guarantees around one docker container not pwning the others, maybe you marketing can emphasize that self hosting docker containers is a footgun if you don't know what you're doing.

    • jonas_scholz 8 days ago

      Copying from another reply: I love coolify and I think they are doing amazing work! In the end it mostly comes down to convenience I'd say. With coolify you are still responsible for more things like migrating away if your host decides to die. I think a lot of people also chose us because we have pretty good support

      Re footgun: Yes, just dont want to start with fear mongering marketing :D

      • jazzyjackson 8 days ago

        Yea true, best to avoid FUD, but security can be a big upsell over self managed FLOSS for some.

  • nurlennart 8 days ago

    I remember seeing your posts about sliplane on my X for you page. Cool stuff.

    All the best for you and your project!

  • revskill 8 days ago

    How about docker compose deployment for multi services talking via private network ?

    • jonas_scholz 8 days ago

      docker compose is one of our most requested features, we're working on that!

      • revskill 8 days ago

        Hehe, that would accidentally kill kubernetes as a service from giant PAAS to me ;)

  • anentropic 8 days ago

    Looks great!

    would like to see a supported Terraform provider

    • jonas_scholz 8 days ago

      Thanks! As a Terraform user I agree, but I sadly think that most of our customers couldnt care less about Terraform :D

  • michaelanckaert 8 days ago

    Very cool! From what I can see you're allowing users to provision servers on Hetzner and then run their docker containers?

    I built a similar in-house project like this for a client. I used the Go docker SDK and had quite a few edge cases to solve! Very curious to see if you had a similar experience.

    Congratulations on launching!

    • jonas_scholz 8 days ago

      Thank you! Yea we also heavily rely on the Go Docker SDK, also had a fair share of weird Docker edge cases to solve. I've spent more time in the Docker source code to debug stuff than I'd like to admit.

      • michaelanckaert 8 days ago

        Yeah tell me about it. At one point I was very tempted to just reach out to bash and running docker cli as a subprocess :/ Especially getting the output of a running container proved nontrivial at the time.

    • jonas_scholz 8 days ago

      BTW, this is also kinda how Sliplane started. We both are coming from a freelancing background and had built similar things for clients before

      • michaelanckaert 7 days ago

        That's the best kind of start, you know it's a useful thing when you've build similar things before when freelancing.

        I'm currently building a similar service but for 'serverless functions' (hate that terminology to be honest), so not long running containers but one off tasks. Similar to AWS Lambda and the likes.

        • jonas_scholz 7 days ago

          Thats cool! Id like to check that out if you want to share! jonas@sliplane.io or you can find me on Twitter/X (JonasScholz19) :)

  • amir734jj 7 days ago

    I love the idea. Here is possible next steps: use packer and/or azure image builderto add support for custom azure vm base image. This way people can just run OS with docker and all your cool add-ons everywhere. Next step sell the saas to azure or AWS.

  • nicklas_rondot 8 days ago

    Looks cool. I've been using PythonAnywhere for simple hosting before but this seems like a good option for other languages. I noticed that your locations are the same as the ones that Hetzner offers, do you happen to use their servers?

    • jonas_scholz 8 days ago

      Yeah, we are mostly running on Hetzner Infrastructure for now!

  • toomuchtodo 8 days ago

    Congrats on the launch! Is deploying to Kubernetes targets and managing deployment to multiple colo providers on your roadmap? Understandable if not, but curious if it has been considered.

    • jonas_scholz 8 days ago

      Thanks! No, I dont think this is a direction we want to go in. For now we are focused on simpler usecases :)

    • 2cpu1container 8 days ago

      Kubero is very similar, 100% open source, and runs on any Kubernetes.

  • etothet 8 days ago

    This looks nice. Congrats on the launch! Small point of feedback: if you can, I would recommend to simplify the US and Singapore cost to be whole amounts.

  • fasten 8 days ago

    this is cool, especially for folks running multiple small apps. the pricing model reminds me of old-school VPS days but with modern PaaS conveniences.

  • kiruio 8 days ago

    First of all: congrats on your launch! This looks interesting, kinda similar to Fly.io and DO. I don’t see the exact difference to DO App plattform.

    • jonas_scholz 8 days ago

      Thank you! The main difference is that DO charges per app, we charge per server. So with us you can buy one server and host as many apps on there as you can fit and only pay for the server, not the apps. We're also cheaper (but lack features like autoscaling)!

  • la_fayette 8 days ago

    Why not use a hetzner server for half the price?

    • jonas_scholz 8 days ago

      Because your time is either worth more doing other things or you don't know how to do it :)

  • EDM115 8 days ago

    from the servers list, i guess that you're hosting at Hetzner. i already hosted things there, and you made a really great choice : price, availability and most of all the experience is buttery smooth !

    gonna try and probably recommend your product to some friends who need this :)

    • jonas_scholz 7 days ago

      Yes, we're on Hetzner! The availability is actually insane. Thank you :)

      • EDM115 6 days ago

        well you can showcase your project on Hetzner's subreddit :)

  • dandaka 8 days ago

    I am running my small apps on Hetzner Cloud + Coolify. What are the advantages of your product?

    • jonas_scholz 8 days ago

      I love coolify and I think they are doing amazing work! In the end it mostly comes down to convenience I'd say. With coolify you are still responsible for more things like migrating away if your host decides to die. I think a lot of people also chose us because we have pretty good support

  • remram 8 days ago

    I can't see your landing page without accepting tracking cookies for "live chat"? This is probably a GDPR violation. There's no consent without choice.

    I should also point out that "Docker hosting" is rather ambiguous. I had to scroll way down the page to figure out whether you are storing Docker images (like DockerHub) or running them (like ECS or fly.io).

    • jonas_scholz 8 days ago

      Yes I think you're right, going to fix that asap! And yes I agree, we need to work on our messaging. Thanks for the feedback :)

    • acatton 8 days ago

      Yeah, just the cookie banner on its own doesn't inspire trust.

      Post-GDPR rules in the EU are clear about the Cookie Banner, providers must make it as easy to refuse cookies as it is to accept them.[1] Also, as you said, livechat cookies are definitely not required when visiting the website, but they make it impossible to opt out. I assume they cut this corner because it was too much work for them to conditionally include their livechat javascript.

      If the authors moved fast and broke things on basic stuff, my first thought is "what kind of other corners did they cut when deploying/running docker?" There is a lot of security and isolation options/configuration involved when one runs docker in a secure environment, which are not enabled by default.

      [1] https://www.edpb.europa.eu/system/files/2023-01/edpb_2023011...

      • runako 8 days ago

        > rules in the EU are clear about the Cookie Banner

        The linked doc is 8 pages of rules about layout, placement, color, contrast, function, etc. of components in a cookie banner. Said document references (without quote or link in most cases) various EU statutes, directives, regulations, and opinions.

        Even with all that, the doc carries a disclaimer that it is not to be considered authoritative and various other requirements and interpretations may also govern said banners.

        Telling people that this is "clear" is perhaps you saying that you have developed an uncommon expertise in this area. For which: that is great for you.

        But let's be absolutely straight about this: none of this is clear to a person who does not possess the uncommon expertise you have.

      • jazzyjackson 8 days ago

        Can you point me in the direction of documentation for isolating docker containers more judiciously? I have a few applications running on my Synology NAS and know less than I'd like to admit about what risks I'm taking running untrusted code on the same machine as my backups.

        • acatton 8 days ago

          It's hard to point to a canonical documentation, it's more institutional knowledge that is gained over years of practice. It's a little bit as if you asked "could you point at the documentation to secure a linux server?"

          There is none really. Usually, some beginner wrote a blog post that basically says "install fail2ban" and that's how many people consider their linux server "secured". But there is much more than that. For example, "put your entire firewall to DENY, and only open what is really necessary." Or "put SSH behind spiped[1] or wireguard". Or "Harden the maximum of your systemd units"[2]. Or "don't do chmod 777, try to understand why it doesn't work." And so on and so on...

          For docker, it's the same, I'm not a docker fan, as I mostly use podman, which allows to runs container as different users. In general for security, I would recommend podman running as non-root, but if you insist to run Docker, here are a few places where you could start to harden it:

          * Look into enabling and enforcing SELinux policies or Apparmor profiles on your host: https://www.mankier.com/8/container_selinux or https://docs.docker.com/engine/security/apparmor/

          * Look into root-less docker daemon: https://docs.docker.com/engine/security/rootless/

          * Make sure you don't run any priviledged container, if you do, look into alternatives to run them in non-priviledged mode

          Docker has a page about security, it looks like they echo a lot of things I'm saying: https://docs.docker.com/engine/security/ . Avoid GRSEC though, it's basically security theater. They mention docker seccomp profiles[3], which I've never used, but is definitely a good idea when hardening untrusted code.

          Also, hardening the OS that you're running docker on (using the things I mentioned earlier about Linux) won't hurt.

          [1] https://www.tarsnap.com/spiped.html

          [2] https://ruderich.org/simon/notes/systemd-service-hardening

          [3] https://docs.docker.com/engine/security/seccomp/

          • jazzyjackson 8 days ago

            Thanks for taking the time. I recently switched to a CentOS/SELinux box for tunneling traffic to my homeserver and appreciate knowing that nothing happens unless explicitly allowed. I'll take a look at how I might set that up on the container side of things too.

      • jonas_scholz 8 days ago

        > I assume they cut this corner because it was too much work for them to conditionally include their livechat javascript.

        No, just stupid and wasn't aware. Fixing that right now!

  • miohtama 8 days ago

    Half of the comments on this HN section are

    - EU cookie banners and GDPR

    - How to display prices in the EU

    While both are "consumer protection regulation" they are also extra work for early startups. A good case study on how the EU bureaucracy affects a startup.

    • jonas_scholz 8 days ago

      Yes! And its not like we don't care about that or don't want to follow all the rules, it's just really hard. Especially when you're not funded and a tiny team.

    • kiru_io 8 days ago

      indeed! The people who complain are not your users, most likely anyway.

  • andybak 8 days ago

    > Note: Docker compose is not yet supported.

    Darn.

    • jonas_scholz 8 days ago

      We are working on that! One of our most requested features

  • burnJS 8 days ago

    How does this compare with railway?

    • jonas_scholz 8 days ago

      We are trying to be more focused on just Docker and our pricing model is different. At sliplane you pay a flat fee for your resources and never more, at railway you pay exactly for the resources you use. If you have high utilization sliplane should be cheaper, but that depends on your usecase!

  • birdman3131 8 days ago

    This reminds me a lot of caprover.

  • bpfrh 8 days ago

    Your cookie Banner may not be legal, please change it

  • OptionOfT 8 days ago

    On how you display your prices:

    In the EU you're not allowed to advertise a price without all taxes. This means that per country you need to know the VAT % and adjust the price accordingly. You cannot change the price per EU country. You set a base price for the EU and add VAT. Since VAT differs per country this will cause non-round numbers. But this is expected.

    • BrandoElFollito 8 days ago

      Why couldn't that have different prices per country?

      • jkman 8 days ago

        Looks like the EU finds pricing a non-physical product on a country-by-country basis to be price discrimination against EU nationals:

        "When you buy goods online in the EU, prices may vary from country to country or across different versions of the same website, for example due to differences in delivery costs. However, if you buy goods online without cross-border delivery – such as when you buy something online which you intend to collect from a trader or shop yourself – you should have access to the same prices and special offers as buyers living in that EU country." [1]

        [1] https://europa.eu/youreurope/citizens/consumers/shopping/pri...

        • BrandoElFollito 8 days ago

          What I understand from there is that you cannot have prices different for people in a country, and for those who buy from another country.

          I am French. I could buy something for X€ in Germany, and someone in Germany would have the same price. But I can buy this for Y€ in France and Z€ in spain.

          This is a common thing to do with, say, Amazon where I can buy something in Germany because the price is better and have it delivered from France to France (the delivery can also be cross-border, it depends)

    • jonas_scholz 8 days ago

      Good point, will change that asap. Thanks!

      • 8 days ago
        [deleted]
  • aiono 8 days ago

    I am browsing from Europe and I don't get why I need to allow necessary cookies just to see the homepage.

    • miohtama 8 days ago

      Ask Brussels

      • frail_figure 8 days ago

        The cookie law does not demand websites display cookie banners. It requires users to explicitly opt-in to their data being collected for advertising purposes. If your website is not user-hostile and only uses cookies for site functionality (log-in, remembering settings, cache…) then there is no need for the user to ever see or accept any banner/disclaimer.

        tl;dr Ask US data-hoarding startups and corporations