Amazon Lightsail vs DigitalOcean: Why Amazon Needs to Offer Something Better

In the first part of this series, Amazon Lightsail: how to set up your first instance, we introduced Amazon Lightsail, a low-cost virtual private server (VPS) platform from Amazon Web Services. As we saw in that post, it’s easy to create a small infrastructure with Lightsail.

With the launch of this platform, Amazon is trying to get a slice of the lucrative VPS market. The market has matured over the last few years and a number of players have a head start. Vendors like DigitalOcean or Linode have a large customer base and count some big names—Atlassian, Creative Commons, and RedHat to name a few—as customers. This high level of trust is the result of the continuous expansion of data centers, the reliability of service, and the value that customers get for their investment.
In this post, we’ll take a look at how Amazon Lightsail compares to an established competitor and widely popular VPS provider, DigitalOcean. Competing against these niche players means that Amazon will not only have to quickly include some of the features users now take for granted, but it will also have to differentiate itself with extra features that others are still lacking. In our opinion, the competition is just getting started.

Amazon Lightsail vs. DigitalOcean for VPS

Our comparison will focus on the following areas:

Data Center Locations

Amazon is always expanding its regions, which means that Lightsail would also be available in new regions over time.  This will give users in different parts of the world greater network proximity to their servers. At the time of this post, AWS has the following regions, in addition to another region in China:
AWS Regions
However, Lightsail is available only in the us-east-1 region.
Amazon Lightsail Region
DigitalOcean has data centers in the following countries:

DigitalOcean Data Center Regions

Instance Sizes and Types

Amazon EC2 has a large number of instance types, ranging from micro instances with less than a GB of memory to large, disk or memory optimized servers. Each of these instance types can be further enhanced with extra storage volumes with provisioned IOPs.

Lightsail has a much simpler instance model with only five types of servers.

Amazon Lightsail Instance Types
This is expected because its target audience is developers or start-ups who don’t want to spend a lot of time comparing a lot of price-performance ratios.

DigitalOcean has nine instance types for its “standard” instances.

DigitalOcean Standard Instance Types
And a few more in its “high memory” category:

DigitalOcean High Memory Instance Types
As we can see, the high-end instances are suitable for large scale data processing and storage. This again proves that the company is targeting not only individuals or start-ups but also corporate clients who are willing to pay extra money for their workloads.

Pricing

Referencing the images above, we can see that the pricing for Amazon Lightsail instances is very similar to that of DigitalOcean Droplets for the same server specs.

Base OS Images

As of March 2017, Amazon Lightsail comes bundled with only two operating systems: Ubuntu 16.04 LTS (Long Term Support) or Amazon Linux 2016.09.01:
AWS_Lightsail_OS_Image
DigitalOcean offers a number of open source Nix based operating system images, each with different versions.

DigitalOcean Base OS Images

Application Images

VPS providers also offer something called “application images.” These are generic installations of applications bundled with a base operating system. With application images, users don’t need to install applications after creating a server, and this significantly saves time. Some popular application packs are LAMP stack, Gitlab, or Node.js, which are baked in with operating systems like CentOS or Ubuntu.

Amazon Lightsail currently has a limited, but good collection of instance images.
Amazon Lightsail Application Images
DigitalOcean has a larger collection of “One-click apps” too:

DigitalOcean One-click Apps

User Data Scripts

User data scripts are special pre-written code blocks that run when a VPS instance is created. A common use case for user data is automating installation of applications, users or configuration files. For example, a server can be made to install a particular version of Java as it comes up. The developer would write a script to do this and put it in the user data section when creating the server. This saves time in two ways: when rolling out a number of instances, administrators don’t have to manually install applications or change configuration in each instance, and secondly, each instance will have a uniform installation, eliminating any chance of manual error. User data has been available for Amazon EC2 instances for a long time and is widely adopted for system automation.

Amazon Lightsail calls it “Launch Script” and DigitalOcean calls it “User data”, but they are essentially the same.

Amazon Lightsail User Data DigitalOcean User Data

SSH Access

Both Amazon Lightsail and DigitalOcean allow users SSH access from a web console. Most practical uses cases though require SSH access from OS shell prompt or a tool like PuTTy. Authentication can be done either with username and password or preferably with more secure SSH keys.

Amazon Lightsail allows SSH key access only, which is good for security. Users can create a new SSH key, upload their own public key or use an existing key when creating an instance.

Generating New AWS Lightsail SSH Key
Uploading Existing SSH Key to Amazon Lightsail
Managing SSH Keys from Amazon Lightsail Console
DigitalOcean offers both key-based and password-based authentication. The choice of SSH key is optional. If no SSH key is chosen or created, the user is sent an e-mail with a temporary password for the root account. Upon the first login, the user needs to change that password. The image below shows how new SSH keys can be created in DigitalOcean.

Adding New SSH Key in DigitalOcean
Manage SSH Key in DigitalOcean

Note that unlike Lightsail, DigitalOcean does not offer a key generation facility.

Adding Extra Volumes

Sometimes the data in a server will outgrow its original capacity. When disk space runs out and data cannot be deleted or archived, extra disk space needs to be added. Typically this involves creating one or more additional disk volumes and attaching to the instance.

For Amazon EC2, this is possible with Elastic Block Storage (EBS). Amazon Lightsail is yet to add this feature. DigitalOcean on another hand has only recently added it for users.

Creating DigitalOcean Block Storage Volume
DigitalOcean volumes can be attached during instance creation as well, but that facility is available in only selected regions.

Resizing Instances

Adding extra storage is one way to expand a server. Sometimes the instance may need extra computing power too. This can be done by adding more CPU and RAM to the server. Although this is fairly simple in EC2, we could not find a way to resize a Lightsail instance once it was created.

Again DigitalOcean wins in this area. It allows users to up-size the instance either with CPU and RAM only or with CPU, RAM, and disk. The first option allows the instance to be downsized again.

DigitalOcean offers Instance Resize Option

Data Protection

VPS snapshots are like “point in time” copies of the server instance. This is necessary for protection against data loss, data corruption, or simply creating a separate image from an existing instance. Creating a snapshot for an existing instance is a simple process in Lightsail:

Amazon Lightsail Instance Snapshot
If the instance is deleted for some reason, it can be recovered from a snapshot, if one exists.

Amazon Lightsail Snapshot List
However, there is no simple way to automate the snapshots process. Of course, this can be automated with a bit of scripting and scheduling a job from another server, but we could not find the feature as a native option.
DigitalOcean also offers snapshots:

DigitalOcean Snapshots
However, there is also a scheduled backup option which can snapshot an instance once every week.

DigitalOcean Scheduled Backups

Performance Monitoring and Alerting

Performance monitor dashboards are present in both Amazon Lightsail and DigitalOcean.

With Lightsail, the performance counters are similar to what’s available for EC2 in CloudWatch: CPUUtilization, NetworkIn, NetworkOut, StatusCheckFailed, StatusCheckFailed_Instance and StatusCheckFailed_System. The metrics can be viewed over a period of two weeks. However, unlike CloudWatch for EC2, it’s not possible to create an alert on a metric.

DigitalOcean has a graph option for its Droplets: this would show the Droplet’s public network usage, CPU usage, and disk IO rate. In recent times it also added a feature where users can opt to capture more metrics. For existing Droplets, users can install a script, and for new Droplets, they can enable a monitoring option. With the monitoring agent installed, three more metrics are added: memory, disk usage and top processes sorted by CPU or memory.
DigitalOcean Droplet Metrics
Furthermore, it’s also possible to create alerts based on any of these metrics. The alerts can be sent to an e-mail address or a Slack channel.

DigitalOcean Monitoring Alert

Networking Features

Static IP

Amazon Lightsail and DigitalOcean both allow users to attach “static IPs” to their server instances. A static IP is just like a public IP because it’s accessible from the Internet. However, as the name suggests, static IPs don’t change with instance reboots. Without a static IP, an instance will get a new public IP every time it’s rebooted. When a static IP is attached to an instance, that IP remains assigned to the instance through system reboots. This is useful for internet facing applications like web or proxy servers.

In Amazon Lightsail, a static IP address can be assigned to an instance or kept as a standalone resource. Also, the IP can be re-assigned to another instance when necessary.

Creating AWS Lightsail Static IP
DigitalOcean has a slightly different approach. Here, the public IP assigned to the instance doesn’t change even after the system goes through a power cycle (hard rebooted) or power off / power on. It also offers something called “Floating IP” which is essentially the same as static IP. A floating IP can be assigned to an instance and if necessary, detached and reattached to another instance. This allows Internet traffic to be redirected to different machines when necessary. The image below shows how floating IPs are managed.

Assigning DigitalOcean Floating IPs to Instances Private Networking

An Amazon Lightsail instance comes with a private IP address by default.

Amazon Lightsail Instance Public & Private IP
For DigitalOcean, this has to be enabled when the Droplet is created.

Enabling DigitalOcean Droplet Networking Features
IPv6

We could not find any option for enabling IP v6 for Lightsail instances. As shown above, this is possible with DigitalOcean instances.

DNS

Amazon Lightsail enables users to create multiple DNS zones (up to three DNZ zones are free). This is a great feature and very simple to set up. Users who have already registered domain names can create DNS zones for multiple sub-domains and map them to static IP addresses. Those static IPs can, in turn, be assigned to Lightsail instances. The image below shows how we are creating a DNS zone for our test website.
Creating a DNS Zone in Amazon Lightsail
Creating a DNS Zone in Amazon Lightsail
Once
Creating a DNS Zone in Amazon Lightsail
Lightsail provides its own DNS name servers for users to configure their domain records. Users can also register their domain names with Amazon Route 53 without having to use another third-party domain name registrar.

A similar facility exists in DigitalOcean, except it allows users to create reverse domain lookup with PTR records.

Adding Domain Names in DigitalOcean
Creating PTR Records in DigitalOcean

Firewall Rules

This is an area where Amazon Lightsail fares better than DigitalOcean. With EC2 instances, AWS offers a firewall feature called “security groups”. Security groups can control the flow of traffic for certain ports from one or more IP addresses or ranges of addresses. In Lightsail, the security group feature is present in a rudimentary form.

Amazon Lightsail Firewall Rules
There is no finer grain control though: there is no way to restrict traffic from one or more IP addresses.
DigitalOcean Droplets do not have this feature. Any firewall rules have to be configured from within the instance itself.

Other Security Features

Both Amazon Web Service and DigitalOcean console offer two-factor authentication. With Amazon, it’s possible to enable CloudTrail logs which can track every API action run against resources like EC2. Lightsail has a rudimentary form of this audit trail (“Instance history”), and so does DigitalOcean (“Security history”).

Access to Outside Service Endpoints

This is an area where Amazon Lightsail clearly wins. It’s possible for Lightsail instances to access existing AWS resources and services. This is possible when VPC peering for Lightsail is enabled. Lightsail instances run within a VPC which is not available from the regular VPC screen of AWS console. Unless VPCs are “peered”, they are separate networks and resources in one VPC cannot see resources in another. Peering makes it possible. It is possible to configure VPC peering for the “shadow VPC” Lightsail uses. This is configured from the advanced features screen.
Amazon Lightsail VPC Peering
With VPC peering enabled, Lightsail’s capabilities can be extended beyond a simple computing platform, something DigitalOcean cannot provide.

Load Balancers

Load balancers are a great way to distribute incoming network traffic to more than one computing node. This can help the infrastructure become more resilient against failures or distribute read and write traffic evenly across the servers. When application traffic reaches a load balancer, it can send it to a node in the group either in round-robin fashion or based on a specific algorithm. Any node not responding to traffic from the load balancer will be marked as “Out Of Service” after a number of attempts.

Although it would help developers test their applications for real-life use cases, Amazon Lightsail is yet to provide this feature.

DigitalOcean has recently added it to their offering, but it’s not cheap, it costs $20 per month.
Adding DigitalOcean Load Balancer
DigitalOcean Load Balancer Forwarding Rules
DigitalOcean Load Balancer Advanced Settings

Billing Alert

AWS Billing Alert is a great way for customers to keep track of their cloud infrastructure spending. With billing alerts, AWS will send an automatic notification to a customer when its monthly AWS spending goes over a set limit. Typically the alert is set up to send an e-mail. Billing alert is a feature of CloudWatch metrics and it can be used for Lightsail usage:

AWS Billing Alert for Lightsail
AWS Billing Alert for Lightsail
DigitalOcean has a similar feature for billing alerts.
DigitalOcean Billing AlertUnlike AWS though, DigitalOcean would send the notification to an e-mail address only. With AWS, the alert can be sent to an SNS topic which can have a number of subscribing endpoints like e-mail, SMS, application or HTTP.

API

Both Lightsail and DigitalOcean have extensive API support for programmatic access and administration of their infrastructure. Both vendors make the documentation well accessible from their public websites.

Lightsail APIs are easily accessible from the AWS command line interface (CLI).  There are also software development kits (SDK) available for a number of programming languages like Java, Python, Ruby, PHP, C#, Go, JavaScript, Node.js and C++.
DigitalOcean APIs are fairly extensive as well and their documentation shows how they can be invoked with HTTP payloads. Language support includes Ruby and Go. Unlike AWS, DigitalOcean does not come with any CLI which can be automated with bash or PowerShell.

Third party tools like Terraform from HashiCorp also have a limited number of resources available for both Lightsail and DigitalOcean provider.

Documentation and Support

Online documentation for both Amazon Lightsail and DigitalOcean is easy-to-follow and can help a user get up and running in no time. Technical support request for Lightsail can be accessed from the AWS console. A similar link exists for DigitalOcean users in its web site.

DigitalOcean also offers a vast array of very useful tutorials. These tutorials can help users set up and run many different workloads on the DigitalOcean platform.

Conclusion

From our test comparison, we found DigitalOcean leading Amazon Lightsail in quite a few important areas. So does this mean developers and start-ups should shun Lightsail for now? We would say no. It depends on individual use cases and whether your organization is already an Amazon customer. Lightsail’s integration with other AWS services provides it an obvious advantage. Also, since the price tag for similar instances is very much similar, you may want to work with Lightsail unless your application requires some of the features it’s lacking… Typical uses cases can include:

  • Small, disposable servers for Proof of Concept (PoC) of larger projects
  • Development and tests servers for small teams
  • Departmental servers for non-IT business units who don’t want to spend money on high-end resources
  • Personal-use servers for storing video, audio, and other digital assets

Also, with AWS making a move into the VPS market, it’s only a matter of time before other players like Microsoft or Google start to include it in their arsenal. As the competition starts to gain momentum, more advanced features are sure to follow. Needless to say, established VPS providers wouldn’t be sitting idle either, they would be adding new features to keep their competitive advantage. With this in mind, we think Amazon needs to add some extra niche capabilities to its VPS platform to make it a more viable competitor.

Avatar

Written by

Sadequl Hussain

Sadequl Hussain is an IT pro based in Sydney, Australia. He comes from a strong database administration backround and has more than 15 years of experience in development, database management, training, and technical writing. Sadequl also holds a number of vendor certifications, including one from AWS. He loves working with cloud technologies, NoSQL / Big Data databases, automation toolsets, open source technologies and Windows / Linux system administration. When he is not doing any of these, Sadequl loves to spend time with his young family.


Related Posts

Avatar
Sudhi Seshachala
— October 9, 2019

Top 13 Amazon Virtual Private Cloud (VPC) Best Practices

Amazon Virtual Private Cloud (VPC) brings a host of advantages to the table, including static private IP addresses, Elastic Network Interfaces, secure bastion host setup, DHCP options, Advanced Network Access Control, predictable internal IP ranges, VPN connectivity, movement of interna...

Read more
  • AWS
  • best practices
  • VPC
Avatar
Stuart Scott
— October 2, 2019

Big Changes to the AWS Certification Exams

With AWS re:Invent 2019 just around the corner, we can expect some early announcements to trickle through with upcoming features and services. However, AWS has just announced some big changes to their certification exams. So what’s changing and what’s new? There is a brand NEW ...

Read more
  • AWS
  • Certifications
Alisha Reyes
Alisha Reyes
— October 1, 2019

New on Cloud Academy: ITIL® 4, Microsoft 365 Tenant, Jenkins, TOGAF® 9.1, and more

At Cloud Academy, we're always striving to make improvements to our training platform. Based on your feedback, we released some new features to help make it easier for you to continue studying. These new features allow you to: Remove content from “Continue Studying” section Disc...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
  • ITIL® 4
  • Jenkins
  • Microsoft 365 Tenant
  • New content
  • Product Feature
  • Python programming
  • TOGAF® 9.1
Avatar
Stuart Scott
— September 27, 2019

AWS Security Groups: Instance Level Security

Instance security requires that you fully understand AWS security groups, along with patching responsibility, key pairs, and various tenancy options. As a precursor to this post, you should have a thorough understanding of the AWS Shared Responsibility Model before moving onto discussi...

Read more
  • AWS
  • instance security
  • Security
  • security groups
Avatar
Jeremy Cook
— September 17, 2019

Cloud Migration Risks & Benefits

If you’re like most businesses, you already have at least one workload running in the cloud. However, that doesn’t mean that cloud migration is right for everyone. While cloud environments are generally scalable, reliable, and highly available, those won’t be the only considerations dri...

Read more
  • AWS
  • Azure
  • Cloud Migration
Joe Nemer
Joe Nemer
— September 12, 2019

Real-Time Application Monitoring with Amazon Kinesis

Amazon Kinesis is a real-time data streaming service that makes it easy to collect, process, and analyze data so you can get quick insights and react as fast as possible to new information.  With Amazon Kinesis you can ingest real-time data such as application logs, website clickstre...

Read more
  • amazon kinesis
  • AWS
  • Stream Analytics
  • Streaming data
Joe Nemer
Joe Nemer
— September 6, 2019

Google Cloud Functions vs. AWS Lambda: The Fight for Serverless Cloud Domination

Serverless computing: What is it and why is it important? A quick background The general concept of serverless computing was introduced to the market by Amazon Web Services (AWS) around 2014 with the release of AWS Lambda. As we know, cloud computing has made it possible for users to ...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
Joe Nemer
Joe Nemer
— September 3, 2019

Google Vision vs. Amazon Rekognition: A Vendor-Neutral Comparison

Google Cloud Vision and Amazon Rekognition offer a broad spectrum of solutions, some of which are comparable in terms of functional details, quality, performance, and costs. This post is a fact-based comparative analysis on Google Vision vs. Amazon Rekognition and will focus on the tech...

Read more
  • Amazon Rekognition
  • AWS
  • Google Cloud Platform
  • Google Vision
Alisha Reyes
Alisha Reyes
— August 30, 2019

New on Cloud Academy: CISSP, AWS, Azure, & DevOps Labs, Python for Beginners, and more…

As Hurricane Dorian intensifies, it looks like Floridians across the entire state might have to hunker down for another big one. If you've gone through a hurricane, you know that preparing for one is no joke. You'll need a survival kit with plenty of water, flashlights, batteries, and n...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
  • New content
  • Product Feature
  • Python programming
Joe Nemer
Joe Nemer
— August 27, 2019

Amazon Route 53: Why You Should Consider DNS Migration

What Amazon Route 53 brings to the DNS table Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service offered by AWS. It is named by the TCP or UDP port 53, which is where DNS server requests are addressed. Like any DNS service, Route 53 handles domain regist...

Read more
  • Amazon
  • AWS
  • Cloud Migration
  • DNS
  • Route 53
Alisha Reyes
Alisha Reyes
— August 22, 2019

How to Unlock Complimentary Access to Cloud Academy

Are you looking to get trained or certified on AWS, Azure, Google Cloud Platform, DevOps, Cloud Security, Python, Java, or another technical skill? Then you'll want to mark your calendars for August 23, 2019. Starting Friday at 12:00 a.m. PDT (3:00 a.m. EDT), Cloud Academy is offering c...

Read more
  • AWS
  • Azure
  • cloud academy content
  • complimentary access
  • GCP
  • on the house
Avatar
Michael Sheehy
— August 19, 2019

What Exactly Is a Cloud Architect and How Do You Become One?

One of the buzzwords surrounding the cloud that I'm sure you've heard is "Cloud Architect." In this article, I will outline my understanding of what a cloud architect does and I'll analyze the skills and certifications necessary to become one. I will also list some of the types of jobs ...

Read more
  • AWS
  • Cloud Computing