Local SSD Storage
All of the Instances powering your Services come with blazing fast local SSDs to store your Service code and temporary data.
Local storage is ephemeral
A critical thing to remember is that local storage is ephemeral. This means that all data written on the local filesystem of a running Service might be lost at any moment.
Local data is not saved or migrated when the Instances supporting your Service are rescheduled to another physical server. Instance rescheduling happens during automatic software upgrades which are performed at least on a weekly basis.
To save data, you should rely on a database or object storage solution providing data persistence guarantees.
That being said, local storage is perfect for caches or temporary data that needs high performance.
Encryption at rest
We take security seriously and believe that this should be built-in as a core requirement, not an optional addition.
To prevent data leaks, we encrypt all customer data stored at rest, without any action required from you. All customer data stored on our hypervisors are encrypted using AES256.
Our hypervisor SSDs are also erased when they are decommissioned. Encryption at rest adds another layer of security to prevent data leaks in case of a process failure.
Container image sizes and storage constraints
When building or pulling container images, it is important to understand that the allowed container image size depends on the Instance's local storage size.
All container images produced by the Koyeb build process or downloaded through the deployment process must have an uncompressed size of less than 5GB plus the local SSD storage size. The uncompressed image size is the same value displayed by tools like docker image ls.
This means that if you are deploying on an Instance type that has 20GB of local storage, the uncompressed (on disk) image size must be less than 25GB. If you need to work with large images like this, make sure that you are deploying to an Instance type with adequate local storage.
Keep in mind that there may be other constraints (for example, registry upload or download timeouts) that might also impact maximum container image size.