In the first part of this series, Amazon Lightsail: how to set up your first instance, we introduced Amazon Lightsail, a low-cost virtual private server (VPS) platform from Amazon Web Services. As we saw in that post, it’s easy to create a small infrastructure with Lightsail.
With the launch of this platform, Amazon is trying to get a slice of the lucrative VPS market. The market has matured over the last few years and a number of players have a head start. Vendors like DigitalOcean or Linode have a large customer base and count some big names—Atlassian, Creative Commons, and RedHat to name a few—as customers. This high level of trust is the result of the continuous expansion of data centers, the reliability of service, and the value that customers get for their investment.
In this post, we’ll take a look at how Amazon Lightsail compares to an established competitor and widely popular VPS provider, DigitalOcean. Competing against these niche players means that Amazon will not only have to quickly include some of the features users now take for granted, but it will also have to differentiate itself with extra features that others are still lacking. In our opinion, the competition is just getting started.
Amazon Lightsail vs. DigitalOcean for VPS
Our comparison will focus on the following areas:
Data Center Locations
Amazon is always expanding its regions, which means that Lightsail would also be available in new regions over time. This will give users in different parts of the world greater network proximity to their servers. At the time of this post, AWS has the following regions, in addition to another region in China:
However, Lightsail is available only in the us-east-1 region.
DigitalOcean has data centers in the following countries:
Instance Sizes and Types
Amazon EC2 has a large number of instance types, ranging from micro instances with less than a GB of memory to large, disk or memory optimized servers. Each of these instance types can be further enhanced with extra storage volumes with provisioned IOPs.
Lightsail has a much simpler instance model with only five types of servers.
This is expected because its target audience is developers or start-ups who don’t want to spend a lot of time comparing a lot of price-performance ratios.
DigitalOcean has nine instance types for its “standard” instances.
And a few more in its “high memory” category:
As we can see, the high-end instances are suitable for large scale data processing and storage. This again proves that the company is targeting not only individuals or start-ups but also corporate clients who are willing to pay extra money for their workloads.
Referencing the images above, we can see that the pricing for Amazon Lightsail instances is very similar to that of DigitalOcean Droplets for the same server specs.
Base OS Images
As of March 2017, Amazon Lightsail comes bundled with only two operating systems: Ubuntu 16.04 LTS (Long Term Support) or Amazon Linux 2016.09.01:
DigitalOcean offers a number of open source Nix based operating system images, each with different versions.
VPS providers also offer something called “application images.” These are generic installations of applications bundled with a base operating system. With application images, users don’t need to install applications after creating a server, and this significantly saves time. Some popular application packs are LAMP stack, Gitlab, or Node.js, which are baked in with operating systems like CentOS or Ubuntu.
Amazon Lightsail currently has a limited, but good collection of instance images.
DigitalOcean has a larger collection of “One-click apps” too:
User Data Scripts
User data scripts are special pre-written code blocks that run when a VPS instance is created. A common use case for user data is automating installation of applications, users or configuration files. For example, a server can be made to install a particular version of Java as it comes up. The developer would write a script to do this and put it in the user data section when creating the server. This saves time in two ways: when rolling out a number of instances, administrators don’t have to manually install applications or change configuration in each instance, and secondly, each instance will have a uniform installation, eliminating any chance of manual error. User data has been available for Amazon EC2 instances for a long time and is widely adopted for system automation.
Amazon Lightsail calls it “Launch Script” and DigitalOcean calls it “User data”, but they are essentially the same.
Both Amazon Lightsail and DigitalOcean allow users SSH access from a web console. Most practical uses cases though require SSH access from OS shell prompt or a tool like PuTTy. Authentication can be done either with username and password or preferably with more secure SSH keys.
Amazon Lightsail allows SSH key access only, which is good for security. Users can create a new SSH key, upload their own public key or use an existing key when creating an instance.
DigitalOcean offers both key-based and password-based authentication. The choice of SSH key is optional. If no SSH key is chosen or created, the user is sent an e-mail with a temporary password for the root account. Upon the first login, the user needs to change that password. The image below shows how new SSH keys can be created in DigitalOcean.
Note that unlike Lightsail, DigitalOcean does not offer a key generation facility.
Adding Extra Volumes
Sometimes the data in a server will outgrow its original capacity. When disk space runs out and data cannot be deleted or archived, extra disk space needs to be added. Typically this involves creating one or more additional disk volumes and attaching to the instance.
For Amazon EC2, this is possible with Elastic Block Storage (EBS). Amazon Lightsail is yet to add this feature. DigitalOcean on another hand has only recently added it for users.
DigitalOcean volumes can be attached during instance creation as well, but that facility is available in only selected regions.
Adding extra storage is one way to expand a server. Sometimes the instance may need extra computing power too. This can be done by adding more CPU and RAM to the server. Although this is fairly simple in EC2, we could not find a way to resize a Lightsail instance once it was created.
Again DigitalOcean wins in this area. It allows users to up-size the instance either with CPU and RAM only or with CPU, RAM, and disk. The first option allows the instance to be downsized again.
VPS snapshots are like “point in time” copies of the server instance. This is necessary for protection against data loss, data corruption, or simply creating a separate image from an existing instance. Creating a snapshot for an existing instance is a simple process in Lightsail:
If the instance is deleted for some reason, it can be recovered from a snapshot, if one exists.
However, there is no simple way to automate the snapshots process. Of course, this can be automated with a bit of scripting and scheduling a job from another server, but we could not find the feature as a native option.
DigitalOcean also offers snapshots:
However, there is also a scheduled backup option which can snapshot an instance once every week.
Performance Monitoring and Alerting
Performance monitor dashboards are present in both Amazon Lightsail and DigitalOcean.
With Lightsail, the performance counters are similar to what’s available for EC2 in CloudWatch: CPUUtilization, NetworkIn, NetworkOut, StatusCheckFailed, StatusCheckFailed_Instance and StatusCheckFailed_System. The metrics can be viewed over a period of two weeks. However, unlike CloudWatch for EC2, it’s not possible to create an alert on a metric.
DigitalOcean has a graph option for its Droplets: this would show the Droplet’s public network usage, CPU usage, and disk IO rate. In recent times it also added a feature where users can opt to capture more metrics. For existing Droplets, users can install a script, and for new Droplets, they can enable a monitoring option. With the monitoring agent installed, three more metrics are added: memory, disk usage and top processes sorted by CPU or memory.
Furthermore, it’s also possible to create alerts based on any of these metrics. The alerts can be sent to an e-mail address or a Slack channel.
Amazon Lightsail and DigitalOcean both allow users to attach “static IPs” to their server instances. A static IP is just like a public IP because it’s accessible from the Internet. However, as the name suggests, static IPs don’t change with instance reboots. Without a static IP, an instance will get a new public IP every time it’s rebooted. When a static IP is attached to an instance, that IP remains assigned to the instance through system reboots. This is useful for internet facing applications like web or proxy servers.
In Amazon Lightsail, a static IP address can be assigned to an instance or kept as a standalone resource. Also, the IP can be re-assigned to another instance when necessary.
DigitalOcean has a slightly different approach. Here, the public IP assigned to the instance doesn’t change even after the system goes through a power cycle (hard rebooted) or power off / power on. It also offers something called “Floating IP” which is essentially the same as static IP. A floating IP can be assigned to an instance and if necessary, detached and reattached to another instance. This allows Internet traffic to be redirected to different machines when necessary. The image below shows how floating IPs are managed.
An Amazon Lightsail instance comes with a private IP address by default.
For DigitalOcean, this has to be enabled when the Droplet is created.
We could not find any option for enabling IP v6 for Lightsail instances. As shown above, this is possible with DigitalOcean instances.
Amazon Lightsail enables users to create multiple DNS zones (up to three DNZ zones are free). This is a great feature and very simple to set up. Users who have already registered domain names can create DNS zones for multiple sub-domains and map them to static IP addresses. Those static IPs can, in turn, be assigned to Lightsail instances. The image below shows how we are creating a DNS zone for our test website.
Lightsail provides its own DNS name servers for users to configure their domain records. Users can also register their domain names with Amazon Route 53 without having to use another third-party domain name registrar.
A similar facility exists in DigitalOcean, except it allows users to create reverse domain lookup with PTR records.
This is an area where Amazon Lightsail fares better than DigitalOcean. With EC2 instances, AWS offers a firewall feature called “security groups”. Security groups can control the flow of traffic for certain ports from one or more IP addresses or ranges of addresses. In Lightsail, the security group feature is present in a rudimentary form.
There is no finer grain control though: there is no way to restrict traffic from one or more IP addresses.
DigitalOcean Droplets do not have this feature. Any firewall rules have to be configured from within the instance itself.
Other Security Features
Both Amazon Web Service and DigitalOcean console offer two-factor authentication. With Amazon, it’s possible to enable CloudTrail logs which can track every API action run against resources like EC2. Lightsail has a rudimentary form of this audit trail (“Instance history”), and so does DigitalOcean (“Security history”).
Access to Outside Service Endpoints
This is an area where Amazon Lightsail clearly wins. It’s possible for Lightsail instances to access existing AWS resources and services. This is possible when VPC peering for Lightsail is enabled. Lightsail instances run within a VPC which is not available from the regular VPC screen of AWS console. Unless VPCs are “peered”, they are separate networks and resources in one VPC cannot see resources in another. Peering makes it possible. It is possible to configure VPC peering for the “shadow VPC” Lightsail uses. This is configured from the advanced features screen.
With VPC peering enabled, Lightsail’s capabilities can be extended beyond a simple computing platform, something DigitalOcean cannot provide.
Load balancers are a great way to distribute incoming network traffic to more than one computing node. This can help the infrastructure become more resilient against failures or distribute read and write traffic evenly across the servers. When application traffic reaches a load balancer, it can send it to a node in the group either in round-robin fashion or based on a specific algorithm. Any node not responding to traffic from the load balancer will be marked as “Out Of Service” after a number of attempts.
Although it would help developers test their applications for real-life use cases, Amazon Lightsail is yet to provide this feature.
DigitalOcean has recently added it to their offering, but it’s not cheap, it costs $20 per month.
AWS Billing Alert is a great way for customers to keep track of their cloud infrastructure spending. With billing alerts, AWS will send an automatic notification to a customer when its monthly AWS spending goes over a set limit. Typically the alert is set up to send an e-mail. Billing alert is a feature of CloudWatch metrics and it can be used for Lightsail usage:
DigitalOcean has a similar feature for billing alerts.
Unlike AWS though, DigitalOcean would send the notification to an e-mail address only. With AWS, the alert can be sent to an SNS topic which can have a number of subscribing endpoints like e-mail, SMS, application or HTTP.
Both Lightsail and DigitalOcean have extensive API support for programmatic access and administration of their infrastructure. Both vendors make the documentation well accessible from their public websites.
DigitalOcean APIs are fairly extensive as well and their documentation shows how they can be invoked with HTTP payloads. Language support includes Ruby and Go. Unlike AWS, DigitalOcean does not come with any CLI which can be automated with bash or PowerShell.
Third party tools like Terraform from HashiCorp also have a limited number of resources available for both Lightsail and DigitalOcean provider.
Documentation and Support
Online documentation for both Amazon Lightsail and DigitalOcean is easy-to-follow and can help a user get up and running in no time. Technical support request for Lightsail can be accessed from the AWS console. A similar link exists for DigitalOcean users in its web site.
DigitalOcean also offers a vast array of very useful tutorials. These tutorials can help users set up and run many different workloads on the DigitalOcean platform.
From our test comparison, we found DigitalOcean leading Amazon Lightsail in quite a few important areas. So does this mean developers and start-ups should shun Lightsail for now? We would say no. It depends on individual use cases and whether your organization is already an Amazon customer. Lightsail’s integration with other AWS services provides it an obvious advantage. Also, since the price tag for similar instances is very much similar, you may want to work with Lightsail unless your application requires some of the features it’s lacking… Typical uses cases can include:
- Small, disposable servers for Proof of Concept (PoC) of larger projects
- Development and tests servers for small teams
- Departmental servers for non-IT business units who don’t want to spend money on high-end resources
- Personal-use servers for storing video, audio, and other digital assets
Also, with AWS making a move into the VPS market, it’s only a matter of time before other players like Microsoft or Google start to include it in their arsenal. As the competition starts to gain momentum, more advanced features are sure to follow. Needless to say, established VPS providers wouldn’t be sitting idle either, they would be adding new features to keep their competitive advantage. With this in mind, we think Amazon needs to add some extra niche capabilities to its VPS platform to make it a more viable competitor.
New Content: Platforms, Programming, and DevOps – Something for Everyone
This month our team of expert certification specialists released three new or updated learning paths, 16 courses, 13 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon....
Mastering AWS Organizations Service Control Policies
Service Control Policies (SCPs) are IAM-like policies to manage permissions in AWS Organizations. SCPs restrict the actions allowed for accounts within the organization making each one of them compliant with your guidelines. SCPs are not meant to grant permissions; you should consider ...
New Content: Focus on DevOps and Programming Content this Month
This month our team of expert certification specialists released 12 new or updated learning paths, 15 courses, 25 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon. Ja...
New Content: Get Ready for the CISM Cert Exam & Learn About Alibaba, Plus All the AWS, GCP, and Azure Courses You Know You Can Count On
This month our team of intrepid certification specialists released five learning paths, seven courses, 19 hands-on labs, and three lab challenges! One particularly interesting new learning path is Certified Information Security Manager (CISM) Foundations. After completing this learn...
Which Certifications Should I Get?
The old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and companies. With all that in mind, the s...
The 12 AWS Certifications: Which is Right for You and Your Team?
As companies increasingly shift workloads to the public cloud, cloud computing has moved from a nice-to-have to a core competency in the enterprise. This shift requires a new set of skills to design, deploy, and manage applications in cloud computing. As the market leader and most ma...
AWS Certified Solutions Architect Associate: A Study Guide
Want to take a really impactful step in your technical career? Explore the AWS Solutions Architect Associate certificate. Its new version (SAA-C02) was released on March 23, 2020. The AWS Solutions Architect - Associate Certification (or Sol Arch Associate for short) offers some ...
New Content: AWS Terraform, Java Programming Lab Challenges, Azure DP-900 & DP-300 Certification Exam Prep, Plus Plenty More Amazon, Google, Microsoft, and Big Data Courses
This month our Content Team continues building the catalog of courses for everyone learning about AWS, GCP, and Microsoft Azure. In addition, this month’s updates include several Java programming lab challenges and a couple of courses on big data. In total, we released five new learning...
Where Should You Be Focusing Your AWS Security Efforts?
Another day, another re:Invent session! This time I listened to Stephen Schmidt’s session, “AWS Security: Where we've been, where we're going.” Amongst covering the highlights of AWS security during 2020, a number of newly added AWS features/services were discussed, including: AWS Audit...
AWS re:Invent: 2020 Keynote Top Highlights and More
We’ve gotten through the first five days of the special all-virtual 2020 edition of AWS re:Invent. It’s always a really exciting time for practitioners in the field to see what features and services AWS has cooked up for the year ahead. This year’s conference is a marathon and not a...
WARNING: Great Cloud Content Ahead
At Cloud Academy, content is at the heart of what we do. We work with the world’s leading cloud and operations teams to develop video courses and learning paths that accelerate teams and drive digital transformation. First and foremost, we listen to our customers’ needs and we stay ahea...
Excelling in AWS, Azure, and Beyond – How Danut Prisacaru Prepares for the Future
Meet Danut Prisacaru. Danut has been a Software Architect for the past 10 years and has been involved in Software Engineering for 30 years. He’s passionate about software and learning, and jokes that coding is basically the only thing he can do well (!). We think his enthusiasm shines t...