I like it, it was released a couple of days ago so something might require a bit more polishing but overall it looks better to me.

Considering the small audience and purpose, I would not have any problem using the always free offerings of either Oracle or Google (the latter especially if located in the US).

I don’t know, wouldn’t the Hypervisor be able to track resources usage by itself without anything else?

One of the answers in this discussion made me realize that this database is required only by the identity provider which I can change from the default. Considering this is a far less essential dependency than I thought I will get rid of it completely.

Thanks for the suggestion, but my 24 GB are well employed already. I wanted at least to outsource the VPN manager to a smaller VPS.

Running without docker is out of question, is a bundle of 6 docker containers. Deployment and management without it would be too complicated. Luckily somebody in another reply made me realize that the RAM eating container (cockroach DB) is far less essential than I thought and I can look for a replacement.

The one managing my VPS, controlled solely by Oracle corporation

Thanks, this is a really good point, I can try to replace the identity provider! I did not realized that cockroachDB was only a Zitadel requirement! There are many great alternatives for mesh VPNs, netmaker, nebula, and headscale as you mentioned and all of them are much lighter. I ended up hosting netbird as it is natively able to traverse my corporate NAT (maybe headscale could do it as well, I did not try it since I do not like having to configure registry keys on windows clients and losing the kernel wireguard speed on linux clients) .

Yes exactly, burstable instances it’s common jargon for AWS and GCP, but applies to all major providers.

I forgot to mention, I had plenty of swap available, now I disabled swap to force zram usage. I still need to see what happens running with both, it’s hard when each trial takes 12-24 hours to show its result.

I am experimenting with ZRAM, it is indeed better than ZSWAP, that’s why i am asking if any other kernel features can help.

Thanks again, I will look into your suggestions, never heard of neither Talos, RKE or Burmila. Indeed I should also look if I can do in the containers. The problem is only this database “CockroachDB” which is extremely memory hungry, maybe I can change something there.

This service consist of several docker containers, without docker I would not even know where to start for deploying it. Maintainance as well would be a mess, totally not an option

I believe it’s a shared VCPU intentionally, I will recheck the terms and conditions, but I think I am not in the position to claim much.

Yes, this is a possible fallback plan.

Yes, this is a possibility. the ARM VPS is already running something else, but if I manage to run netbird behind a reverse proxy I can also move it there. BTW there are also 1 GB free VPS on azure (for students) and Google Cloud, but you guessed right.

Thanks for sharing your experience, indeed the distribution is relevant here. I am running Arch (BTW) on this VPS which idles at about 300 MB with dockerd and containerd, I am not sure how does exactly compare to Debian on RAM usage (I have a couple of other VPS running debian which seem to use a little bit more RAM but it could be because those images are bastardized by the addition of cloud provider services). In any case my setup is pretty minimal, to get some large benefit there I fear I should use something without systemd :/

The server is clearly overloaded, as soon as I start using some 10% of CPU frequently for some minutes (due to swap operations), the Hypervisor starts to throttle my instance and this of course makes the thing worse with an avalanche effect. When this happens steal time displayed from top can go literally as high as 90%.

If postmarket os works on that device maybe you can go full Linux (alpine), there will be no systemd which might be a problem and I am not even sure about docker compatibility. You can look it up though.

Relays have become a pro feature in the last release. I tested them on netmaker.io SaaS version and they work but it defeats the purpose of selfhosting my VPN manager. You also need to have a good relay, for instance among GCP, Azure, Oracle and Vultr only the latter works because their VPS are not behind a NAT.

Netbird first of all is extremely resource hungry. In some occurrences completely hanged a 1 GB RAM VPS when I was testing. Even without trashing I had issues connecting many of my peers. It has to be said that it was surely my fault in some ways as netbird.io SaaS worked fine.