Most “I got hacked” (or “why is this box getting hammered?”) stories I’ve seen start with the same default: every server gets a public IP.
I’ve been working on Krova — cloud compute that flips that default.
The 4 ideas (quick)
1) No public IP per server by default
A Krova “Cube” (server) lives on a private NAT’d network. There isn’t a public IP sitting out there waiting to get scanned.
2) No shared kernel
Each Cube runs as a Firecracker microVM with its own kernel - not shared-kernel containers.
3) Snapshots + restore/rollback
Built-in snapshots so “snapshot before upgrade → rollback if needed” is a normal workflow.
4) 1:1 RAM + disk (no overselling)
If you provision 4GB RAM + 40GB disk, that’s reserved 1:1 on the host (no thin-provisioning surprises).
What “using it” looks like
1) Create a Cube (pick vCPU/RAM/disk) and SSH in as root.
2) Deploy normally (systemd, Docker, packages -
3) Expose only what you need:
- attach
api.yourdomain.com→ port8080(HTTPS) - open SSH (or Postgres) via a TCP mapping, allowlisted to your IP/VPN 4) Snapshot before risky changes. Restore if it breaks.
If you’re curious, the site is here:
https://krova.cloud/
I’d love feedback from folks who run infra:
- Is “no public IP by default” a win, or does it break too many real-world workflows?
- What would you want to see from snapshots/backups before trusting a newer provider?
