The "Green Dashboard" Lie
It’s 19:00 on a Friday. You are at a pub in Grünerløkka. Your phone buzzes. It’s the CEO. "The checkout is broken," he texts. You check Nagios. All checks are green. You check Zabbix. CPU load is nominal. RAM is fine. Disk space is at 40%. According to your monitoring, the infrastructure is perfect.
But the checkout is broken.
This is the failure of traditional monitoring. It asks: "Is the server up?" It rarely asks: "Is the server doing what it's supposed to do efficiently?" In the DevOps circles I run in, we are starting to call this new depth of analysis Observability. It is not just about collecting metrics; it is about debugging your infrastructure in production without pushing new code.
Monitoring vs. Observability: The 2017 Shift
Let’s be precise. Monitoring is for the known unknowns. You know disk space will run out, so you set a threshold at 90%. You know MySQL might crash, so you check the process state.
Observability is for the unknown unknowns. Why did latency to the Bergen node spike by 300ms only for users on Telenor mobile IPs? Why does the database lock up only when the inventory sync script runs concurrently with the newsletter blast?
To answer these, htop is not enough. You need structured data.
The Stack: Moving Beyond Simple Graphs
In 2017, the "LAMP" stack isn't just Linux-Apache-MySQL-PHP anymore. For operations, we are looking at the ELK Stack (Elasticsearch, Logstash, Kibana) combined with Prometheus for time-series data. If you are still parsing raw text logs with grep in production, you are wasting hours on root cause analysis.
1. Structured Logging with Nginx
Stop using the default Nginx log format. It is useless for machine parsing. Configure Nginx to output JSON. This allows you to feed logs directly into Logstash or Fluentd and query them in Kibana later.
Here is the configuration I drop into /etc/nginx/nginx.conf on every CoolVDS instance I provision:
http {
log_format json_analytics escape=json '{ "time_local": "$time_local", '
'"remote_addr": "$remote_addr", '
'"remote_user": "$remote_user", '
'"request": "$request", '
'"status": "$status", '
'"body_bytes_sent": "$body_bytes_sent", '
'"request_time": "$request_time", '
'"upstream_response_time": "$upstream_response_time", '
'"http_referrer": "$http_referrer", '
'"http_user_agent": "$http_user_agent" }';
access_log /var/log/nginx/access_json.log json_analytics;
}Why this matters: The $upstream_response_time variable is the smoking gun. If your request time is high but upstream (PHP-FPM) time is low, the lag is in the network or the web server itself. If upstream time is high, your PHP code or database is choking.
2. The Silent Killer: CPU Steal and I/O Wait
You cannot discuss observability in a virtualized environment without talking about Steal Time. This is the metric that cheap VPS providers hide from you.
Run this command:
vmstat 1 5Look at the st column on the far right. If that number is consistently above 0, your noisy neighbor on the physical host is stealing your CPU cycles. You can tune your MySQL innodb_buffer_pool_size until you are blue in the face, but if the hypervisor is starved, your database will lag.
Pro Tip: This is why we architect CoolVDS on KVM with strict resource guarantees. We don't oversell cores. If you see high steal time on our infrastructure, I want you to open a ticket immediately because something is physically broken. On other hosts, high steal time is just their business model.
Data Privacy: The Norwegian Context
We are approaching a new era of regulation. The GDPR is looming on the horizon for 2018, and the Privacy Shield framework is currently governing our data transfers. When you implement observability (like the ELK stack mentioned above), you are ingesting IP addresses and User Agents. This is PII (Personally Identifiable Information).
If you host your ELK stack on a US cloud provider, you are adding layers of legal complexity regarding data export. Keeping your observability stack on VPS Norway infrastructure, physically located in Oslo, simplifies compliance with the Datatilsynet (Norwegian Data Protection Authority). Latency is also a factor; shipping logs from a server in Oslo to a collector in Virginia adds latency and consumes bandwidth. Keep your traffic local.
Implementing Prometheus for Service Discovery
Nagios requires you to manually add every host. In a modern setup, potentially using Docker (which is stabilizing rapidly), services come and go. Prometheus pulls metrics rather than waiting for them. It fits the "cattle, not pets" philosophy.
Here is a basic prometheus.yml scrape config for a Node exporter running on a local CoolVDS instance:
scrape_configs:
- job_name: 'node_exporter'
scrape_interval: 5s
static_configs:
- targets: ['localhost:9100']Combine this with the Node Exporter to visualize disk I/O. If you are paying for NVMe storage, you should verify you are getting the IOPS you were promised.
Verifying NVMe Performance
Don't trust the marketing label. Verify it. Use fio to test your disk performance during off-peak hours:
fio --randrepeat=1 --ioengine=libaio --direct=1 --gtod_reduce=1 --name=test --filename=test --bs=4k --iodepth=64 --size=4G --readwrite=randwrite --ramp_time=4On a standard HDD VPS, you might see 300-400 IOPS. On CoolVDS NVMe instances, we typically see numbers that make database administrators weep with joy. High IOPS means your database locks clear faster, your backups finish sooner, and your site feels "snappy."
Conclusion: You Can't Fix What You Can't See
Transitioning from simple monitoring to observability takes work. You have to set up ELK, configure Prometheus, and write better logs. But the cost of not doing it is higher. It’s the cost of downtime where you don't know the cause. It's the cost of losing customers because the checkout takes 8 seconds instead of 2.
You need a foundation that supports this deep diving. You need root access, a kernel you can tune, and storage that doesn't bottleneck your logging pipeline.
Ready to see what's actually happening inside your application? Deploy a KVM-based instance on CoolVDS today. With our low-latency connection to NIX, your packets stay close to home.