... And why it is necessary to open a ticket to help us to process your request.
We have updated Linux kernel 3.12 (now 3.12.45) and published a new version (3.18) on our HVM platform. These new versions no longer support AUFS and might force some clients to take corrective measures for their services.
Starting today, every server that is created or rebooted on our HVM platform will automatically use version 3.12.45 of the Linux kernel, unless configured to use version 3.18 or a custom kernel.
Please note that these kernel versions do not include AUFS support. Docker users should take special notice, because AUFS has been the default storage driver for quite some time.
To continue to use Docker with this new kernel version, users must upgrade their docker client and images to use a different storage driver, such as btrfs or overlayfs (available for kernel version 3.18 only).
To use version 3.18, you can execute following Gandi CLI  command:
$ gandi disk update
--kernel "3.18-x86_64 (hvm)"
You can also change the kernel from the web interface by following these instructions .
After the operation is completed, make sure you reboot your server and update your software packages and kernel modules .
Clients wishing to use a custom kernel can access more information on our Wiki page . You can also access more information
about kernel update history on our Changelog 
Our Gandi Site platform will be temporarily unavailable this week starting Tuesday July 21 at 1:00 AM PDT until 5:00 AM PDT (approximately), due to scheduled maintenance and improvements on the platform being made by our partner, BaseKit.
UPDATE: The maintenance has been extended by our partner, who has been unable to tell us when the maintenance should be over. We will keep you informed of all this in this news alert as soon as we have more information.
Additionally, it will not be possible to create a new Gandi Site until early morning Thursday July 23 (we will update this post with the exact time once we have it).
The reason for this downtime is to give us a window to upgrade our Gandi Site tool. Please excuse any inconvenience this may cause. This downtime will allow us to make the necessary changes to provide a more up-to-date and higher-quality site-building platform, that should be as exciting for you as it is for us. Stay tuned ...
Following the launch of Gandi's Asia office in July 2014, Gandi.net is now expanding into the Asian market.
We have hired and trained a local Taiwan customer service team, who immediately got to work and translated the entire Gandi.net web site to Traditional and Simplified Chinese. This team is multi-lingual, and offers support for all our customers, worldwide, from the Taiwan time zone, extending our support hours to 24x6+.
Gandi now has direct timely support and services for our customers in China, Hong Kong, Japan, Singapore, Taiwan and Thailand. Anyone needing localized support services for domain name portfolios from the Asian zone can use Gandi, and pay for the services in New Taiwan Dollars (TWD), in Taiwan and Chinese Yuan (CNY) in China.
We are also expanding our technical footprint, with a mini-pop (a network Point-of-Presence) installed in Tokyo since February of this year. Using anycast technology, this enhancement keeps DNS traffic in Asia, and boosts performance of DNS queries by 30% in the region.
We are adding domains to the new organization too. The TLDs .TW and .CN, which Gandi was only able to offer via an intermediary, are now offered direct to all our customers, thanks to our presence in Asia and our direct accreditation.
You can also find Gandi Asia on Twitter:
As usual, the customer care team is available to your questions, comments and suggestions. You can reach us at firstname.lastname@example.org
A new security vulnerability, CVE-2015-3456, was announced last week. The flaw is found in the QEMU virtualization software, and permits an attacker to gain access to a vulnerable host from a virtual machine located on that host.
Immediately following this announcement, we applied the necessary patches, thus reinforcing the existing security measures we had previously implemented. Over the past week, we have continued to study the vulnerability. As a preventative measure, we have decided that a reboot of certain VMs is required in order to ensure that all possible attack vectors have been mitigated.
This preventive reboot will only affect a small proportion of our customers. We will contact affected customers directly via email to provide instructions on performing the reboot on their own.
We will reboot the VMs of affected customers (who have not rebooted on their own) on Monday, May 25 at 11:59 p.m. PDT (that is: Tuesday, May 26, 2015 at 07:59 UTC).
For more information, see the following resources:
- RedHat's announcement: VENOM: QEMU vulnerability (CVE-2015-3456)
- Ubuntu's announcement: USN-2608-1: QEMU vulnerabilities
If you have questions or encounter any problems regarding this issue, our support team is available to assist you.
We have updated mirrors.gandi.net following today's announcement of the GHOST vulnerability. This newly-discovered flaw is in the popular glibc library, which is used in many Linux distributions and different flavors of Unix. The newly-discovered flaw, which has been present since November 2000, enables an attacker to execute code remotely on a vulnerable system.
We recommend that you upgrade your servers immediately. The following patches have already been made available by the distribution teams:
- Debian: https://security-tracker.debian.org/tracker/CVE-2015-0235
- RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235
- Ubuntu: http://www.ubuntu.com/usn/usn-2485-1/
We will keep this list and our mirrors up-to-date as more affected distributions release their fixes.
If you are a Simple Hosting customer, we recommend that you restart your instance.
Earlier this month we started the process of unifying the SFTP service on Simple Hosting across our three data centers by merging their SFTP keys. Over the next few weeks, we're taking the next step towards a more unified infrastructure with migrations of the SFTP endpoints.
While most customers will not notice any disruption in service, we want to keep you informed of our operations so you can avoid any possible issues.
Here's a schedule:
|Datacenter||Endpoint||Date of migration|
|Baltimore||sftp.dc1.gpaas.net||December 30, 2014|
|Luxembourg||sftp.dc2.gpaas.net||January 5, 2015|
|Paris||sftp.dc0.gpaas.net||January 6, 2015|
What are the possible issues?
Loss of connectivity
It's possible (though unlikely) that a running SFTP connection will lose connectivity during migration. This will happen very rarely, and will not have major consequences. Recovery will consist of simply reconnecting.
DNS / Firewall Issues
Since the IP address of each endpoint will change, DNS propagation problems may arise for some customers.
If you are having trouble connecting to the service immediately following the migration window, this may be the cause. Simply waiting for propagation should resolve it.
Also, if your firewalls or other security systems limit SFTP outbound to specific IP addresses, it will be necessary to adjust the rules on these systems to allow the new addresses (and disallow the old).
Feel free to contact Gandi Support if you encounter any issues.
The year 2015 is coming and it's bringing a slew of changes with it. One of those changes affects the way VAT tax is applied on "electronic services" (such as a domain name) purchased by European residents.
Simply put: people living within the European Union must pay for these electronic services (i.e. "nonmaterial goods", more info on this is linked to further down on the page) no longer with the TVA of the country where the merchant is located (practically speaking, from where the services were purchased), but rather, the VAT of the country of residence (country where the service was consumed). The territorial rules pertaining to purchases made by European organization which have an intra community VAT number (mainly companies) remain unchanged.
Since Gandi sells electronic services, all of our products (except t-shirts) will be affected by this change.
To give you a concrete example, take the VAT rates of a few EU countries:
- France: 20%
- Spain: 16%
- Denmark: 25%
If a French customer buys a domain that costs €10 from a company located in Spain, he or she will pay €12 (€10 + 20% French VAT). A Danish customer buying the same domain from the same Spanish company would pay €12.50 (€10 + 25% Danish VAT). And finally, a Spanish customer would pay €11.60 (€10 + 16% Spanish VAT).
Note that this measure only affects so-called "Telecommunications, broadcasting & other online services", as defined by the VAT Directive. Therefore, actual physical goods sold via "distance selling" (clothing, etc) over the Internet are not affected by this change.
Note also that the sale of electronic services to persons who reside in a non-European Union country will not be subject to European VAT (export), even if these countries are geographically European (ex. Switzerland).
Some examples of electronic services concerned by this are:
- Providing and hosting of websites, remote maintenance of programs and hardware,
- Providing of software and their updates,
- Providing of images, information and texts, and databases,
- Providing of music, films, videogames and online gambling, as well as political, cultural, artistic, sports, scientific, or entertainment programs,
- Providing of online educational services.
This December, we will be making a change to make Simple Hosting easier to use, as well as more manageable.
Currently, there are three separate signatures, one for each datacenter, for the SFTP protocol you use to transfer files to Gandi Simple Hosting instances.
In a few days, we will replace We have replaced these keys so that they are all the same (and thus easier to manage). The new key will have the following signature, whether your instance is hosted in our Paris, Baltimore, or Luxembourg datacenter:
2048 35:e0:5a:a9:54:12:55:6b:ce:41:8c:c1:9e:35:1d:f6 (RSA)
1024 80:c7:a8:05:dc:79:92:f1:9c:b7:61:46:a7:ad:2d:f7 (DSA)
For reference, the outdated key signatures were as follows:
2048 02:15:f6:35:d7:01:3c:58:74:8c:e4:0e:96:61:35:6f (RSA)
1024 36:c2:9c:5c:5b:d0:7e:5b:78:e4:ee:47:ad:aa:1c:8e (DSA)
2048 f8:ed:00:17:1a:88:9f:4d:15:fb:84:46:1e:19:4f:c5 (RSA)
1024 69:84:9b:dd:3b:cd:9a:20:df:60:60:e0:6d:cd:5e:e7 (DSA)
2048 c1:0b:b5:1d:57:cb:00:75:22:a5:6b:d3:bc:73:64:5a (RSA)
1024 7c:ac:f0:23:6b:d6:e8:78:67:4c:72:95:9b:14:61:eb (DSA)
How does this affect me?
In most cases, all you need to do is accept the new key when you log into your instance via SFTP. The client will prompt you the first time you use it to connect after we make the change.
If your client doesn't handle the changed signatures gracefully, you can manually flush the key on the command line (replace dc0 in the command below, if necessary: dc0 = Paris datacenter, dc1 = Baltimore, dc2 = Luxembourg):
$ ssh-keygen -R sftp.dc0.gpaas.net
and then use your sFTP tool and reconnect again and accept the new foreign key.
If you have any questions or concerns about this, let our support team know. We are here to help!
We've developed a new tool to give you better visibility into incidents and the scheduled and unscheduled maintenance that may impact our services.
This tool, which you can access by clicking on the "Service Status" link at the top of each page of our site, is live at https://status.gandi.net, where any unexpected incidents or scheduled maintenance will be reported.
The coders among you can also use the API to query the status of our services from your scripts and monitoring applications. For example, to get the service status in real time, use https://status.gandi.net/api/services. The service catalog is available at https://status.gandi.net/api.
We are available to help you get around any issues you are having using our services. Here's a little primer on how to get our assistance, if you need it:
- First, be sure to check that there are no incidents or ongoing maintenance on the service status page. Maybe your service is affected by an outage, or in maintenance.
- If the status page says everything in fine, your issue may be a problem you can fix by using the administration pages of our site. For instance, your domain may have expired, or a recent change in your DNS zone may be causing a problem. Your hosting might be paused, your credit balance empty, or maybe your email quota was exceeded? All these common issues can be fixed by logging in to your account and taking care of the problem.
If you are unable to identify what is wrong, or to solve it yourself, we are here to help. Contact us using the following methods:
- Chat with us in real time by clicking on the '?' icon on the right-hand side of your account. We are available almost all the time, but if we're busy or unavailable, you can leave a message and we'll respond as soon as we can.
- Open a ticket on our support contact page.
Please be sure to give us the details of your problem so we can help you quickly. We like to get you the right answer as fast as we can.
You will receive an automatic confirmation of your ticket in an email, including a ticket number. A member of the support team will then respond via email. We use the email address listed in your account, by default, so be sure to keep this contact information up to date. Also, sometimes the automated email or even the replies of our agents get filtered as spam. Remember to check your spam folder if you do not receive the automatic confirmation with your ticket number.
We hope you like this new feature. We try our best to be transparent about any problems we encounter, and this is just one of the ways we are trying to prove that to you, our customers.