The concept
Oxmix.net is a web platform operating under the Netip brand, which provides tools for monitoring and managing various performance metrics of servers and networks. The concept of Node Management involves comprehensive monitoring and analysis of key characteristics of computing resources, such as network, disk subsystem, central processing unit (CPU), random access memory (RAM), and graphics processing unit (GPU).
Key features include:
Resource Management: Monitoring the status and load of CPUs, memory, network, disks, and graphics processors on servers or VPS.
Analytics and Alerts: Built-in tools for data analysis, historical metrics, and sending alerts when load thresholds or other critical metrics are exceeded.
Shared Private Network (SPN): Creating and managing a private network (VPN) with shared nodes and employees, including DNS and subnet access management.
Providing tools for configuring VPNs and proxy servers with account management through an account manager.
Planning and Management: The ability to schedule and allocate resources based on current and forecasted loads.
The Netip platform is aimed at system administrators and IT engineers, designed for comprehensive management and monitoring of infrastructure, providing administrators with tools to ensure the stable and secure operation of servers and networks.
How it works
The Nodes Management system consists of components with different functions:
- netip.core - core component for authentication, collection of essential metrics from the parent system and runs performance tests
- netip.network - component responsible for collecting network metrics, managing firewalls, virtual private networks, proxies, and the Domain Name System (DNS)
- netip.device - component that collects metrics about disk devices and file systems (without access to mounting and files)
Components are run in isolation using Docker Engine 20.0 and above.
Supports AMD64, ARM64 architectures, and Linux kernels ≥ 5.6 (Debian ≥ 11, Ubuntu ≥ 20, etc.)
Components connect to the internal Netip system, undergo authorization, maintain a constant connection, and receive commands. Each component has its own container limitations, does not have full access to the parent system, and can be manually restricted.
All components are designed to minimize impact on your system and avoid additional load.
What is inside
Each container (component) is based on the alpine image. Inside the containers, there are scripts and programs that connect to the external Netip API.
To view the container logs, run the command:
docker logs -f netip.networkTo access the container, run the command:
docker exec -it netip.core ashSource code
The latest versions of the components and their source code are published on GitHub and are available for analysis or manual assembly.
Additionally, they are built using
GitHub Actionsand then published toGitHub Packages
- Core Component repository
- Network Component repository
- Device Component repository
Accesses
Note
We aim to provide maximum access to information from your services while minimizing interference with your files and resources.
You can always disable components that do not meet your preferences and review the launch parameters in the source code for each component to understand the permissions granted to each.
netip.core component
| Param | Description |
|---|---|
--uts host | Retrieving the system hostname |
--pid host | Determining the state of system processes (zombie, status) |
-v /var/run/utmp:/var/run/utmp:ro | Notifications of system logins with the :ro (read-only) flag |
netip.network component
| Param | Description |
|---|---|
--network host | Collection of network interface metrics, performance due to seamless |
--cap-add NET_ADMIN | Managing firewall rules and routes |
netip.device component
| Param | Description |
|---|---|
--cap-add SYS_RAWIO | Reading device metrics without access to mounting |
--device /dev/sda | Accessing the device to read metrics |
-v /my-volume/.netip-device:/_external/my-volume/.netip-device:ro | For reading metrics on remaining space, the component does not have access to the data as it is mounted at a deeper level and runs with the :ro (read-only) flag |
--gpus all | Reading metrics from graphical devices |
Warning!
You can disable the parameters, but in doing so, the amount of monitoring data may decrease, or some functionality may become unavailable.