What are the shared vCPU server plans?
In plans (CX, CPX, CAX) with shared vCPU the compute resources are distributed among all instances on the same physical server. These instances provide a baseline CPU performance and have the option to temporarily burst CPU usage above the baseline level. This allows us to provide these shared plans to you at a much lower price.
What are the dedicated vCPU server plans?
Plans (CCX) with dedicated vCPUs have their CPU resources exclusively. Here one vCPU equals one thread of a physical CPU core. Instances with dedicated vCPUs offer continuous and predictable high CPU performance. We recommend them for systems with high production loads and CPU intensive applications. They run on high-performance hardware and come with a generous allocation of I/O and network power.
All Hetzner Cloud features are available for dedicated vCPU instances. Using the rescale feature on the administration interface Cloud Console, you can also rescale to and from a plan with shared vCPU or up- and downgrade to another plan depending on how many resources you require.
Please note that our System Policies at https://www.hetzner.com/rechtliches/cloud-server/ also apply to our dedicated vCPU instances.
What limits come with the architecture types?
The architecture type of the server is relevant when you:
- Create a new server from a Backup/Snapshot.
- Attach an ISO image to the virtual drive in your server.
- Change the server plan ("Rescale").
In those three cases, it is not possible to work with two different architecture types. If you want to create a new server from a Backup/Snapshot, you have to use a Backup/Snapshot that has the same architecture type as the server. If you want to mount an ISO image, you have to select an ISO image that supports the architecture type of your server. And finally, when you rescale your server, you can only change to a server plan with the same architecture type as your current server plan.
Do all servers have a public network?
No, they do not if you don't want them to! When creating a server, you can choose from three network options. This means that you can decide if you want your server to have no public IP addresses, one public IP address (IPv4 or IPv6) or two public IP addresses (IPv4 and IPv6). When creating a server, you need to select at least one of these three options. If you choose to create a server without public IPs (IPv4, IPv6), the server will have to be in a private network and it will not be connected to the public network. This can be a good choice if you do not need or want an internet connection and if the server's security is important to you.
Option | ||
---|---|---|
Private network | no Primary IP | at least one private IP |
Public network | one Primary IP (IPv4 or IPv6 ) | private IP optional |
Public network | two Primary IPs (IPv4 and IPv6) | private IP optional |
It is possible to assign or remove Primary IPs after a server was created, but the server has to be in the power state "off". Also, to assign a Primary IPv6 after the initial server creation, you need to do a basic manual configuration on the server.
How do IPv6-only cloud servers work?
IPv6-only cloud servers have a public network, but no public IPv4 connectivity.
Restrictions for IPv6-only servers:
-
No public IPv4 connectivity
-
No Load Balancer (public IPv6 address)
Load Balancers only support IPv4 addresses (public and private) as targets. You can use a private IPv4 to add an IPv6-only server as a target. The server only needs to be in the same private network as the Load Balancer.
How do private-network-only cloud servers work?
Servers without public IPs (IPv4, IPv6) have to be in a private network and are not connected to the public network.
Restrictions for servers without Primary IPs:
- No public IPv4 and IPv6 connectivity
- No Floating IPs (IPv4 and IPv6)
- No Firewalls
- No rescue system
Is it possible to remove the Primary IPs of all servers?
Yes, it is possible to remove the public IPs of all servers. This even includes cloud servers that were created before the introduction of Primary IPs.
If you want to change the Primary IPv6 after a server's initial creation, you need to do a basic configuration. For more information, see Primary IP configuration
Why can I not connect to my IPv6-only cloud server?
In terms of IPv6, the cloud server is always assigned a /64 network.
Example: 2001:db8:5678::/64
By default, we assign the first address from this network to the cloud server.
Example: 2001:db8:5678::1
To use the address to connect to your server via SSH, for example, you will have to enter it like this:
ssh root@2001:db8:5678::1
Please replace
2001:db8:5678
with your own IPv6 address.
If this does not work, please check whether your client or your Internet connection is IPv6-capable. This can be done here: https://ipv6-test.com/
If you still have problems logging in, please check the logs of your cloud server. Login is always possible via the Console on your Cloud Console and via a private IP.
If the Primary IPv6 was assigned after the initial server creation, please check the configuration on the server. You can use the Console on your Cloud Console and a private IP to connect to the server.
Can I use Floating IPs instead of Primary IPs?
No, it is not possible to assign Floating IPs to servers that do not already have a Primary IP of the same type (IPv4, IPv6). This is the case because Floating IPs require public IP connectivity, and servers that do not have Primary IPs do not have public connectivity.
- Servers with a Primary IPv4 have public IPv4 connectivity.
- Servers with a Primary IPv6 have public IPv6 connectivity.
Servers without Primary IPv4 and IPv6 do not have public IP connectivity.
How can I get a custom ISO?
Please note that the ISO image has to support the architecture type of your server. Therefore, remember to check which architecture types (
x86
/Arm64
) your ISO image supports before you send us the link.More information about the architecture type
For a server with the architecture type
x86
, you will need an ISO image that supportsx86
. For a server with the architecture typeArm64
, you will need an ISO image that supportsArm64
.ISO image
x86🡘Cloud Server
x86ISO image
Arm64🡘Cloud Server
Arm64
To mount your ISO image, you will have to send us the link for a direct download of the ISO. If you send us an Arm image, please mention this in your ticket too.
Please do not send us the link to the file (e.g. on Google Drive), but a link for a direct download. The link should not require us to select files or do anything manually for a download. If you are using Google Drive, for example, please change your Google Drive link into a link for a direct download. Below, you can find a short explanation on how this can be done.
You can send us the deeplink to the .iso
file via the Cloud Console. In your project overview, simply select "Support" on the upper menu bar and choose "Miscellaneous" as your support request type.
Please also note that we do not support Windows ISOs, or OS that have already reached end-of-life (EOL).
-
Convert Google Drive link into a link for a direct download
Right-click on your ISO file. Select "Share". This will open a new window. At the bottom of the window, in the "Get link" section, you can now select "Change to anyone with the link" and copy the link.
The link should look like this:https://drive.google.com/file/d/<your-file-id>/view?usp=sharing
Copy the unique ID of your ISO file. The unique ID is the part between
d/
and/view
.
Next, in the URL below, replace<your-file-id>
with the unique ID that you just copied.https://drive.google.com/uc?export=download&id=<your-file-id>
Why does my FreeBSD system (pfSense, OPNsense) have a constant 100% load?
If your FreeBSD system constantly has a load of 100%, you should check the following information:
-
Check information about the system:
kenv | grep smbios.planar.product
-
Check the WCPU usage of
rand_harvestq
top -SP
If the output of the first command mentions "Q35", and the WCPU usage of rand_harvestq
is about 100%, you can resolve the issue by following these steps:
-
Reboot your server.
-
During the boot process, switch to the loader prompt.
At the end of the third phase of the boot process, the boot process should pause for about 10 seconds in which you can choose from a few different options. One of those options should be:
3. Escape to loader prompt
In the loader prompt, run the following commands to deactivate
virtio-random
and continue the boot process afterwards:set hint.vtrnd.0.disabled=1 boot
Click here to view an example
Type '?' for a list of commands. 'help' for more detailed help. OK set hint.vtrnd.0.disabled=1 OK boot Loading kernel ...
In the file /boot/device.hints
, you can save this setting permanently:
hint.vtrnd.0.disabled=1
On OPNsense, the file /boot/device.hints
may be modified during updates. Add the setting to the file /boot/loader.conf.local
instead.
How does Rescue work?
The Hetzner Rescue System is a Debian based Linux live environment that allows you administrative access to your server, even if the installed system does not boot anymore. The environment starts using network boot (PXE) and runs in the memory of the server, without touching the drives or your data on them. This makes it possible for you to carry out repairs to the installed system, access the data on the drives, create backups, and to install operating systems. Plus, you can install any other software you need using the Rescue System.
How to use Rescue:
- Check out our getting started to learn how to activate and use Rescue.
- If you rescale your cloud server, you will have to manually resize the partition via Rescue System. The tutorial Resize EXT Partition explains how to do that.
Can I use Cloud-Init when creating servers?
While creating your server, you can inject cloud-init user data. This means you can make your server execute special commands while booting, like creating users or running a shell command.
Example:
#!/bin/bash
touch /tmp/cloudinit_was_here
For more examples see https://help.ubuntu.com/community/CloudInit and https://cloudinit.readthedocs.io/en/latest/topics/examples.html
In order for cloud-init to work, you must use the system images we provide as they include a special cloud-init datasource.
Can I pick my Backup time?
In the past there used to be an option to pick a time yourself, however, we had to deactivate this feature. This allows us to better spread the additional load caused by running Backups throughout the day. It was necessary because many users picked the same time, causing performance repercussions and negatively impacting server performance during certain times of the day.
You can use our Snapshot feature if you want to precisely control when your disk gets saved.
How can I increase the primary disk of my cloud server?
Cloud servers primary disks are bound to their respective plan. In order to increase the primary disk, you have to Rescale
the server.
How can i reset my server to its delivery state?
In order to reset the server to its delivery state, please select the server and then Rebuild
. Next, select and restore the desired OS.
Important note: All saved data will be lost.
How can I reset my root password ?
First select your Project then the Server. In the upper navigation bar click on Rescue
. At the bottom of the page you will find a button called "Reset Root Password".
Is root password authentication disabled on servers that are created with an SSH key?
With most of the older operating systems, you can set a root password, even if you created your server with an SSH key. Newer versions of most operating systems (e.g. Debian 11, Ubuntu 22.04) recognized the vulnerability to brute force attacks that comes with this approach and disabled password authentication for the root user by default.
If you still want to enable password authentication, you can change the settings as explained below, for example:
nano /etc/ssh/sshd_config
-
Root passwort authentication is disabled
PermitRootLogin prohibit-password
-
Root passwort authentication is allowed
PermitRootLogin yes
How can I reinstall a server?
We recommend deleting the server completely and creating a new one instead. This ensures that all settings are new and up to date.
You can keep the public IP address of your old server and use it for the new one. To do this, make sure that your Primary IP does not have “auto delete” enabled, or simply remove the Primary IP from the server before you delete the server. You can then assign the IP to the new server.
How can I access the server I rebuilt?
Assume you have rebuilt your server server1 from a Snapshot called snap1.
Case 1: Server1 was originally created without selecting an SSH key:
After rebuild, a new root password for server1 will be generated and mailed to you. It will be set on first boot using the cloud-init mechanism.
If snap1 contained injected SSH keys, these will also continue to work.
Case 2: Server1 was created with selecting your SSH key key1:
After rebuild, the key key1 will be injected into server1 on first boot using the cloud-init mechanism. You can use key1 to access your server.
If snap1 contained any more keys in its authorized_keys file, you can also still use these to access server1.
In all cases, server1 cannot be accessed using a root password directly after the rebuild, even if one was set in snap1.
Case 1 and Case 2 only apply if you restore a Snapshot that was taken from our officially provided images. If you used the rescue system or other means to install the server snap1 was taken from, it will not be fit for reconfiguration via cloud-init, and its behavior might be different.
Why has the disk partition remained the same after rescaling?
You have to manually resize the partition via Rescue System
after the Rescale
has been completed. Following community article can help further in this case: https://community.hetzner.com/tutorials/resize-ext-partition?title=Resize_Ext_Partition/en
Can I run virtual machines on cloud servers, or rather is nested virtualization possible?
No, this is not possible on cloud server.
While creating a new server, I have selected a Snapshot as source image. How can I access this server?
Assume you have created your server server1 from a Snapshot called snap1.
Case 1: You did not select an SSH key while creating server1:
After server creation, a root password for access will be generated and mailed to you. It will be set using the cloud-init mechanism.
If snap1 contained injected SSH keys, these will also continue to work.
Case 2: You selected SSH key key1 while creating server1:
After server creation, the key key1 will be injected into server1 using the cloud-init mechanism. You can use key1 to access your server.
If snap1 contained any more keys in its authorized_keys file, you can also still use these to access server1.
In all cases server1 cannot be accessed using a root password directly after its creation, even if one was set in snap1.
Case 1 and Case 2 only apply if you use a Snapshot that was taken from our officially provided images. If you used the rescue system or other means to install the server snap1 was taken from, it will not be fit for reconfiguration via cloud-init, and its behavior might be different.
The keyboard mapping in the console window seems to be wrong. How can I fix this?
All of our images come with keyboard mapping set for a US keyboard. If you have something different, you need to configure it yourself within your server.
For example, on Ubuntu you can do so by running
sudo dpkg-reconfigure keyboard-configuration
and selecting the keyboard layout you are using on your local PC. After a reboot, the keyboard mapping in the console will be correct.
How do I protect my server from being deleted by accident?
Servers, Snapshots and Floating IPs can be protected in the Cloud Console and API.
Before you can delete a protected resource, you have to deactivate the deletion protection. This provides an additional safeguard for accidental deletion.
Protected resources are indicated by a lock icon on the server, Snapshot and Floating IP overview page. You can't use the "Rebuild" feature to reinstall a protected server.
How can I change the location of my server?
It is not possible to change the location of an existing server. When you create a new server in the desired location, you can, however, choose to use a Snapshot or Backup of the existing server. The new server will then be a direct copy of the existing server.
-
Use a Snapshot to create a copy of the server
When you select "Add server" on your project overview, you will be able to select a Snapshot during server creation. The server will then contain all the information and data that was saved on that Snapshot.Alternatively, you can also create a new server directly from your Snapshot as shown in the image below.
Make sure that your Snapshot is up to date. Changes that have been made on the server after the Snapshot was created, are not included in the Snapshot.
-
Use a Backup to create a copy of the server
If you have Backups enabled for your server, you can use the latest one to create a new server in the desired location.If the latest Backup is not up to date enough, you can create a new Backup manually. You can then use this Backup to create the new server in the desired location.
How many servers can I create?
Each customer has a default limit for the number of cloud resources that we simultaneously provide. If you would like to increase your limit, you can send a request on your Cloud Console. To create a new request, navigate to your limits overview and select Request change
→ Limit increase
at the top right. Please note that this is only possible if you have been with us for a month and paid your first invoice. Our team will quickly review your request and, if everything is in order, they will increase your limit.
What does it mean if an image is marked as deprecated?
When creating a server, you can select from a list of pre-made operating system images, such as Debian version 11. When the end of the lifecycle of this specific image version comes closer, we will mark it as deprecated.
This means that the image is still available. However, we will remove it in the future.
We will keep images marked as deprecated for at least another 3 months after the deprecation date. After that period, they may become unavailable at any time.
Why can I not send any mails from my server?
Unfortunately, email spammers and scammers like to use cloud hosting providers. And we at Hetzner naturally want to prevent this. That's why we block ports 25 and 465 by default on all cloud servers. This is a very common practice in the cloud hosting industry because it prevents abuse. We want to build trust with our new customers before we unblock these mail ports. Once you have been with us for a month and paid your first invoice, you can create a limit request to unblock these ports for a valid use case. In your request, you can tell us details about your use case. We make decisions on a case-by-case basis.
As an alternative, you can also use port 587 to send emails via external mail delivery services. Port 587 is not blocked and can be used without sending a limit request.
I can not reach my instance / I have two default routes. How can I fix this?
A bug in hc-utils caused NetworkManager to manage the private network interface and therefore installs a wrong default route.
We have published an updated hc-utils package. After the update got installed, the wrong default route should not get installed anymore.
The updated hc-utils is available here:
RHEL / CentOS / Rocky 8: https://packages.hetzner.com/hcloud/rpm/hc-utils-0.0.4-1.el8.noarch.rpm
Fedora 34/35: https://packages.hetzner.com/hcloud/rpm/hc-utils-0.0.4-1.fc34.noarch.rpm
I have added my SSH key to the Cloud Console, why can I not access my existing server via my SSH key?
When creating a new server, you can select an SSH key that will automatically be added to the server. Instead of a password, this key is then used to authenticate on that server. Unfortunately, we cannot add SSH keys to existing servers. On those, you will have to add your SSH key manually. The community article Setting up an SSH key, for example, explains how to do this in step 4.
Why are no hard disks and/or network interfaces recognised when installing my custom BSD distribution (eg. pfsense or OPNsense)?
If you have any difficulties with the installation of a custom BSD distribution (e.g. error message / server stopped working) please create a support request. In your request, give us some details about what went wrong, and our support team will check if they can help so that you can install your custom distribution successfully.
What is the console?
The console that is provided on the Cloud Console is a VNC console. VNC consoles allow you to connect to a server as if you were sitting directly in front of the device with keyboard and mouse. The getting started Using the console explains how to open the console and how to login.
VNC consoles can display a graphical user interface, if the required software is installed on the server (see How to install TigerVNC on Ubuntu). Note, however, that root access is required to login on the console on Cloud Console.