I'm confused by the pricing, why is going from Base to Medium more than double the price? It's cheaper to get two base tier servers and distribute containers instead, which is unusual.
I like the idea of the service though, but pricing is not that attractive for me currently.
Yeah fair point, its a bit confusing. We really wanted to have the cheapest price under 10, and just kept the other prices at a point that make this business sustainable for us. Pricing is hard :D
I had a good experience using https://coolify.io/ for this, I think it's a good business model to resell VPS with a friendly interface, basically what cPanel is right?
Personally I think the price is high given the free alternative, but would pay it if you made some kind of security guarantees around one docker container not pwning the others, maybe you marketing can emphasize that self hosting docker containers is a footgun if you don't know what you're doing.
Copying from another reply:
I love coolify and I think they are doing amazing work! In the end it mostly comes down to convenience I'd say. With coolify you are still responsible for more things like migrating away if your host decides to die. I think a lot of people also chose us because we have pretty good support
Re footgun: Yes, just dont want to start with fear mongering marketing :D
Very cool!
From what I can see you're allowing users to provision servers on Hetzner and then run their docker containers?
I built a similar in-house project like this for a client. I used the Go docker SDK and had quite a few edge cases to solve! Very curious to see if you had a similar experience.
Thank you! Yea we also heavily rely on the Go Docker SDK, also had a fair share of weird Docker edge cases to solve. I've spent more time in the Docker source code to debug stuff than I'd like to admit.
Yeah tell me about it. At one point I was very tempted to just reach out to bash and running docker cli as a subprocess :/
Especially getting the output of a running container proved nontrivial at the time.
That's the best kind of start, you know it's a useful thing when you've build similar things before when freelancing.
I'm currently building a similar service but for 'serverless functions' (hate that terminology to be honest), so not long running containers but one off tasks. Similar to AWS Lambda and the likes.
I love the idea. Here is possible next steps: use packer and/or azure image builderto add support for custom azure vm base image. This way people can just run OS with docker and all your cool add-ons everywhere. Next step sell the saas to azure or AWS.
Looks cool. I've been using PythonAnywhere for simple hosting before but this seems like a good option for other languages.
I noticed that your locations are the same as the ones that Hetzner offers, do you happen to use their servers?
Congrats on the launch! Is deploying to Kubernetes targets and managing deployment to multiple colo providers on your roadmap? Understandable if not, but curious if it has been considered.
This looks nice. Congrats on the launch! Small point of feedback: if you can, I would recommend to simplify the US and Singapore cost to be whole amounts.
Thank you! The main difference is that DO charges per app, we charge per server. So with us you can buy one server and host as many apps on there as you can fit and only pay for the server, not the apps. We're also cheaper (but lack features like autoscaling)!
from the servers list, i guess that you're hosting at Hetzner.
i already hosted things there, and you made a really great choice : price, availability and most of all the experience is buttery smooth !
gonna try and probably recommend your product to some friends who need this :)
I love coolify and I think they are doing amazing work! In the end it mostly comes down to convenience I'd say. With coolify you are still responsible for more things like migrating away if your host decides to die. I think a lot of people also chose us because we have pretty good support
I can't see your landing page without accepting tracking cookies for "live chat"? This is probably a GDPR violation. There's no consent without choice.
I should also point out that "Docker hosting" is rather ambiguous. I had to scroll way down the page to figure out whether you are storing Docker images (like DockerHub) or running them (like ECS or fly.io).
Yeah, just the cookie banner on its own doesn't inspire trust.
Post-GDPR rules in the EU are clear about the Cookie Banner, providers must make it as easy to refuse cookies as it is to accept them.[1] Also, as you said, livechat cookies are definitely not required when visiting the website, but they make it impossible to opt out. I assume they cut this corner because it was too much work for them to conditionally include their livechat javascript.
If the authors moved fast and broke things on basic stuff, my first thought is "what kind of other corners did they cut when deploying/running docker?" There is a lot of security and isolation options/configuration involved when one runs docker in a secure environment, which are not enabled by default.
> rules in the EU are clear about the Cookie Banner
The linked doc is 8 pages of rules about layout, placement, color, contrast, function, etc. of components in a cookie banner. Said document references (without quote or link in most cases) various EU statutes, directives, regulations, and opinions.
Even with all that, the doc carries a disclaimer that it is not to be considered authoritative and various other requirements and interpretations may also govern said banners.
Telling people that this is "clear" is perhaps you saying that you have developed an uncommon expertise in this area. For which: that is great for you.
But let's be absolutely straight about this: none of this is clear to a person who does not possess the uncommon expertise you have.
Can you point me in the direction of documentation for isolating docker containers more judiciously? I have a few applications running on my Synology NAS and know less than I'd like to admit about what risks I'm taking running untrusted code on the same machine as my backups.
It's hard to point to a canonical documentation, it's more institutional knowledge that is gained over years of practice. It's a little bit as if you asked "could you point at the documentation to secure a linux server?"
There is none really. Usually, some beginner wrote a blog post that basically says "install fail2ban" and that's how many people consider their linux server "secured". But there is much more than that. For example, "put your entire firewall to DENY, and only open what is really necessary." Or "put SSH behind spiped[1] or wireguard". Or "Harden the maximum of your systemd units"[2]. Or "don't do chmod 777, try to understand why it doesn't work." And so on and so on...
For docker, it's the same, I'm not a docker fan, as I mostly use podman, which allows to runs container as different users. In general for security, I would recommend podman running as non-root, but if you insist to run Docker, here are a few places where you could start to harden it:
* Make sure you don't run any priviledged container, if you do, look into alternatives to run them in non-priviledged mode
Docker has a page about security, it looks like they echo a lot of things I'm saying: https://docs.docker.com/engine/security/ . Avoid GRSEC though, it's basically security theater. They mention docker seccomp profiles[3], which I've never used, but is definitely a good idea when hardening untrusted code.
Also, hardening the OS that you're running docker on (using the things I mentioned earlier about Linux) won't hurt.
Thanks for taking the time. I recently switched to a CentOS/SELinux box for tunneling traffic to my homeserver and appreciate knowing that nothing happens unless explicitly allowed. I'll take a look at how I might set that up on the container side of things too.
While both are "consumer protection regulation" they are also extra work for early startups. A good case study on how the EU bureaucracy affects a startup.
Yes! And its not like we don't care about that or don't want to follow all the rules, it's just really hard. Especially when you're not funded and a tiny team.
We are trying to be more focused on just Docker and our pricing model is different. At sliplane you pay a flat fee for your resources and never more, at railway you pay exactly for the resources you use. If you have high utilization sliplane should be cheaper, but that depends on your usecase!
In the EU you're not allowed to advertise a price without all taxes. This means that per country you need to know the VAT % and adjust the price accordingly. You cannot change the price per EU country. You set a base price for the EU and add VAT. Since VAT differs per country this will cause non-round numbers. But this is expected.
Looks like the EU finds pricing a non-physical product on a country-by-country basis to be price discrimination against EU nationals:
"When you buy goods online in the EU, prices may vary from country to country or across different versions of the same website, for example due to differences in delivery costs. However, if you buy goods online without cross-border delivery – such as when you buy something online which you intend to collect from a trader or shop yourself – you should have access to the same prices and special offers as buyers living in that EU country." [1]
What I understand from there is that you cannot have prices different for people in a country, and for those who buy from another country.
I am French. I could buy something for X€ in Germany, and someone in Germany would have the same price. But I can buy this for Y€ in France and Z€ in spain.
This is a common thing to do with, say, Amazon where I can buy something in Germany because the price is better and have it delivered from France to France (the delivery can also be cross-border, it depends)
The cookie law does not demand websites display cookie banners. It requires users to explicitly opt-in to their data being collected for advertising purposes.
If your website is not user-hostile and only uses cookies for site functionality (log-in, remembering settings, cache…) then there is no need for the user to ever see or accept any banner/disclaimer.
tl;dr
Ask US data-hoarding startups and corporations
I'm confused by the pricing, why is going from Base to Medium more than double the price? It's cheaper to get two base tier servers and distribute containers instead, which is unusual.
I like the idea of the service though, but pricing is not that attractive for me currently.
Yeah fair point, its a bit confusing. We really wanted to have the cheapest price under 10, and just kept the other prices at a point that make this business sustainable for us. Pricing is hard :D
I had a good experience using https://coolify.io/ for this, I think it's a good business model to resell VPS with a friendly interface, basically what cPanel is right?
Personally I think the price is high given the free alternative, but would pay it if you made some kind of security guarantees around one docker container not pwning the others, maybe you marketing can emphasize that self hosting docker containers is a footgun if you don't know what you're doing.
Copying from another reply: I love coolify and I think they are doing amazing work! In the end it mostly comes down to convenience I'd say. With coolify you are still responsible for more things like migrating away if your host decides to die. I think a lot of people also chose us because we have pretty good support
Re footgun: Yes, just dont want to start with fear mongering marketing :D
Yea true, best to avoid FUD, but security can be a big upsell over self managed FLOSS for some.
I remember seeing your posts about sliplane on my X for you page. Cool stuff.
All the best for you and your project!
Thanks!
How about docker compose deployment for multi services talking via private network ?
docker compose is one of our most requested features, we're working on that!
Hehe, that would accidentally kill kubernetes as a service from giant PAAS to me ;)
Looks great!
would like to see a supported Terraform provider
Thanks! As a Terraform user I agree, but I sadly think that most of our customers couldnt care less about Terraform :D
Very cool! From what I can see you're allowing users to provision servers on Hetzner and then run their docker containers?
I built a similar in-house project like this for a client. I used the Go docker SDK and had quite a few edge cases to solve! Very curious to see if you had a similar experience.
Congratulations on launching!
Thank you! Yea we also heavily rely on the Go Docker SDK, also had a fair share of weird Docker edge cases to solve. I've spent more time in the Docker source code to debug stuff than I'd like to admit.
Yeah tell me about it. At one point I was very tempted to just reach out to bash and running docker cli as a subprocess :/ Especially getting the output of a running container proved nontrivial at the time.
BTW, this is also kinda how Sliplane started. We both are coming from a freelancing background and had built similar things for clients before
That's the best kind of start, you know it's a useful thing when you've build similar things before when freelancing.
I'm currently building a similar service but for 'serverless functions' (hate that terminology to be honest), so not long running containers but one off tasks. Similar to AWS Lambda and the likes.
Thats cool! Id like to check that out if you want to share! jonas@sliplane.io or you can find me on Twitter/X (JonasScholz19) :)
I love the idea. Here is possible next steps: use packer and/or azure image builderto add support for custom azure vm base image. This way people can just run OS with docker and all your cool add-ons everywhere. Next step sell the saas to azure or AWS.
Looks cool. I've been using PythonAnywhere for simple hosting before but this seems like a good option for other languages. I noticed that your locations are the same as the ones that Hetzner offers, do you happen to use their servers?
Yeah, we are mostly running on Hetzner Infrastructure for now!
Congrats on the launch! Is deploying to Kubernetes targets and managing deployment to multiple colo providers on your roadmap? Understandable if not, but curious if it has been considered.
Thanks! No, I dont think this is a direction we want to go in. For now we are focused on simpler usecases :)
Kubero is very similar, 100% open source, and runs on any Kubernetes.
This looks nice. Congrats on the launch! Small point of feedback: if you can, I would recommend to simplify the US and Singapore cost to be whole amounts.
Yeah, good point :D
this is cool, especially for folks running multiple small apps. the pricing model reminds me of old-school VPS days but with modern PaaS conveniences.
thats what we are aiming for :)
First of all: congrats on your launch! This looks interesting, kinda similar to Fly.io and DO. I don’t see the exact difference to DO App plattform.
Thank you! The main difference is that DO charges per app, we charge per server. So with us you can buy one server and host as many apps on there as you can fit and only pay for the server, not the apps. We're also cheaper (but lack features like autoscaling)!
Why not use a hetzner server for half the price?
Because your time is either worth more doing other things or you don't know how to do it :)
from the servers list, i guess that you're hosting at Hetzner. i already hosted things there, and you made a really great choice : price, availability and most of all the experience is buttery smooth !
gonna try and probably recommend your product to some friends who need this :)
Yes, we're on Hetzner! The availability is actually insane. Thank you :)
well you can showcase your project on Hetzner's subreddit :)
I am running my small apps on Hetzner Cloud + Coolify. What are the advantages of your product?
I love coolify and I think they are doing amazing work! In the end it mostly comes down to convenience I'd say. With coolify you are still responsible for more things like migrating away if your host decides to die. I think a lot of people also chose us because we have pretty good support
I can't see your landing page without accepting tracking cookies for "live chat"? This is probably a GDPR violation. There's no consent without choice.
I should also point out that "Docker hosting" is rather ambiguous. I had to scroll way down the page to figure out whether you are storing Docker images (like DockerHub) or running them (like ECS or fly.io).
Yes I think you're right, going to fix that asap! And yes I agree, we need to work on our messaging. Thanks for the feedback :)
Yeah, just the cookie banner on its own doesn't inspire trust.
Post-GDPR rules in the EU are clear about the Cookie Banner, providers must make it as easy to refuse cookies as it is to accept them.[1] Also, as you said, livechat cookies are definitely not required when visiting the website, but they make it impossible to opt out. I assume they cut this corner because it was too much work for them to conditionally include their livechat javascript.
If the authors moved fast and broke things on basic stuff, my first thought is "what kind of other corners did they cut when deploying/running docker?" There is a lot of security and isolation options/configuration involved when one runs docker in a secure environment, which are not enabled by default.
[1] https://www.edpb.europa.eu/system/files/2023-01/edpb_2023011...
> rules in the EU are clear about the Cookie Banner
The linked doc is 8 pages of rules about layout, placement, color, contrast, function, etc. of components in a cookie banner. Said document references (without quote or link in most cases) various EU statutes, directives, regulations, and opinions.
Even with all that, the doc carries a disclaimer that it is not to be considered authoritative and various other requirements and interpretations may also govern said banners.
Telling people that this is "clear" is perhaps you saying that you have developed an uncommon expertise in this area. For which: that is great for you.
But let's be absolutely straight about this: none of this is clear to a person who does not possess the uncommon expertise you have.
Can you point me in the direction of documentation for isolating docker containers more judiciously? I have a few applications running on my Synology NAS and know less than I'd like to admit about what risks I'm taking running untrusted code on the same machine as my backups.
It's hard to point to a canonical documentation, it's more institutional knowledge that is gained over years of practice. It's a little bit as if you asked "could you point at the documentation to secure a linux server?"
There is none really. Usually, some beginner wrote a blog post that basically says "install fail2ban" and that's how many people consider their linux server "secured". But there is much more than that. For example, "put your entire firewall to DENY, and only open what is really necessary." Or "put SSH behind spiped[1] or wireguard". Or "Harden the maximum of your systemd units"[2]. Or "don't do chmod 777, try to understand why it doesn't work." And so on and so on...
For docker, it's the same, I'm not a docker fan, as I mostly use podman, which allows to runs container as different users. In general for security, I would recommend podman running as non-root, but if you insist to run Docker, here are a few places where you could start to harden it:
* Look into enabling and enforcing SELinux policies or Apparmor profiles on your host: https://www.mankier.com/8/container_selinux or https://docs.docker.com/engine/security/apparmor/
* Look into root-less docker daemon: https://docs.docker.com/engine/security/rootless/
* Make sure you don't run any priviledged container, if you do, look into alternatives to run them in non-priviledged mode
Docker has a page about security, it looks like they echo a lot of things I'm saying: https://docs.docker.com/engine/security/ . Avoid GRSEC though, it's basically security theater. They mention docker seccomp profiles[3], which I've never used, but is definitely a good idea when hardening untrusted code.
Also, hardening the OS that you're running docker on (using the things I mentioned earlier about Linux) won't hurt.
[1] https://www.tarsnap.com/spiped.html
[2] https://ruderich.org/simon/notes/systemd-service-hardening
[3] https://docs.docker.com/engine/security/seccomp/
Thanks for taking the time. I recently switched to a CentOS/SELinux box for tunneling traffic to my homeserver and appreciate knowing that nothing happens unless explicitly allowed. I'll take a look at how I might set that up on the container side of things too.
> I assume they cut this corner because it was too much work for them to conditionally include their livechat javascript.
No, just stupid and wasn't aware. Fixing that right now!
Half of the comments on this HN section are
- EU cookie banners and GDPR
- How to display prices in the EU
While both are "consumer protection regulation" they are also extra work for early startups. A good case study on how the EU bureaucracy affects a startup.
Yes! And its not like we don't care about that or don't want to follow all the rules, it's just really hard. Especially when you're not funded and a tiny team.
indeed! The people who complain are not your users, most likely anyway.
> Note: Docker compose is not yet supported.
Darn.
We are working on that! One of our most requested features
How does this compare with railway?
We are trying to be more focused on just Docker and our pricing model is different. At sliplane you pay a flat fee for your resources and never more, at railway you pay exactly for the resources you use. If you have high utilization sliplane should be cheaper, but that depends on your usecase!
This reminds me a lot of caprover.
Your cookie Banner may not be legal, please change it
On how you display your prices:
In the EU you're not allowed to advertise a price without all taxes. This means that per country you need to know the VAT % and adjust the price accordingly. You cannot change the price per EU country. You set a base price for the EU and add VAT. Since VAT differs per country this will cause non-round numbers. But this is expected.
Why couldn't that have different prices per country?
Looks like the EU finds pricing a non-physical product on a country-by-country basis to be price discrimination against EU nationals:
"When you buy goods online in the EU, prices may vary from country to country or across different versions of the same website, for example due to differences in delivery costs. However, if you buy goods online without cross-border delivery – such as when you buy something online which you intend to collect from a trader or shop yourself – you should have access to the same prices and special offers as buyers living in that EU country." [1]
[1] https://europa.eu/youreurope/citizens/consumers/shopping/pri...
What I understand from there is that you cannot have prices different for people in a country, and for those who buy from another country.
I am French. I could buy something for X€ in Germany, and someone in Germany would have the same price. But I can buy this for Y€ in France and Z€ in spain.
This is a common thing to do with, say, Amazon where I can buy something in Germany because the price is better and have it delivered from France to France (the delivery can also be cross-border, it depends)
Good point, will change that asap. Thanks!
I am browsing from Europe and I don't get why I need to allow necessary cookies just to see the homepage.
Ask Brussels
The cookie law does not demand websites display cookie banners. It requires users to explicitly opt-in to their data being collected for advertising purposes. If your website is not user-hostile and only uses cookies for site functionality (log-in, remembering settings, cache…) then there is no need for the user to ever see or accept any banner/disclaimer.
tl;dr Ask US data-hoarding startups and corporations