The following performance and configuration limits apply per HDD volume. The performance of HDD storage is static and independent of its volume size.
Read/write speed, sequential: 200 Mb/s at 1 MB block size
Read/write speed, full random:
Regular: 1,100 IOPS at 4 kB block size
Burst: 2,500 IOPS at 4 kB block size
Minimum Size per Volume: 1 GB
Maximum Size per Volume: 4 TB
Larger volumes can be made available on request. For more information, contact IONOS Cloud Support.
SSD storage volumes are available in two performance classes - SSD Premium and SSD Standard. The performance of SSD storage depends on the volume size. Find the respective performance and configuration limits listed below.
SSD Standard storage performance
Read/write speed, sequential: 0,5 Mb/s pro GB at 1 MB block size
Read speed, full random: 40 IOPS per GB at 4 KB block size
Write speed, full random: 30 IOPS per GB at 4 KB block size
SSD Standard storage limits
Minimum Size per Volume: 1 GB
Maximum Size per Volume: 4 TB
Maximum Read/write speed, sequential: 300 Mb/s per volume at 1 MB block size
Maximum Read speed, full random: 24,000 IOPS at 4 KB block size and min. 2 Cores, 2 GB RAM per volume
Maximum Write speed, full random: 18,000 IOPS at 4 KB block size and min. 2 Cores, 2 GB RAM per volume
Larger volumes can be made available on request. For more information, contact IONOS Cloud Support.
The performance of SSD storage is directly related to the volume size. To get the full benefits of high-speed SSDs, we recommend that you book SSD storage units of at least 100 GB. You can use smaller volumes for your VDC, but performance will be suboptimal, compared to that of the larger units. When storage units are configured in DCD, expected performance is predicted based on the volume size (Inspector > Settings). For storage volumes of more than 600 GB the performance is capped at the maximum as specified in the documentation above.
IONOS is focused on ensuring the uninterrupted and cost-efficient operation of your services. This is why we offer a selection of tested operating systems for immediate use in your virtual cloud instances. To ensure uninterrupted, secure, and stable performance, all operating systems, regardless of their source, should meet the following requirements:
VirtIO drivers are essential for the operation of virtual network cards.
The following are the recommended drivers for the operation of virtual storage:
VirtIO (maximum performance)
IDE (for vStorage, an alternative connection by IDE is available, but it will not deliver the potential performance offered by IONOS).
QXL drivers are required to use the Remote Console.
We guarantee operation for the selected operating system as long as vendor or upstream support is available.
In general, all current Linux distributions and their derivatives are supported.
Microsoft Windows Server versions are also supported as long as vendor support is available.
The older an OS version, the greater the risk of performance and stability losses. It is recommended that you always switch to the current versions well before the manufacturer's support for your old version expires. This will greatly improve your operating system's security and functionality.
When operating software appliances, it is recommended that you use the images that have been specially prepared for the KVM hypervisor.
If you are using special software appliances or operating systems that are not listed here, contact IONOS Cloud Support. We would be happy to explore the possibility of using such systems within the IONOS Enterprise Cloud and advise you on the best possible implementation.
Block Storage is a type of IT architecture in which data is stored as a file system. It provides endless possibilities for storing large amounts of information. It guarantees the safety of resource planning systems and provides instant access to the required amount of data without delay.
IONOS provides you with several ready-made that you can use immediately. You can also use your own images by uploading them via our access. For more information, see . Your IONOS account supports many types of images as well as ISO images from which you can install an operating system or software directly, using an emulated CD-ROM drive.
The virtual storage devices you create in the are provisioned and hosted in one of the IONOS physical data centers. Virtual storage devices are used in the same way as physical devices and can be configured and managed within the server's operating system.
A virtual storage device is equivalent to an iSCSI block device and behaves exactly like direct-attached storage. IONOS block storage is managed independently of servers. It is therefore easily scalable. You can assign a hard disk image to each storage device via DCD (or ). You can use one of the IONOS images, your own image, or a snapshot created with DCD (or API). You have a choice of hard disk drive () and solid-state drive () storage technologies while SSD is available in two different performance classes. For more information about setting up the storage, see .
Up to 24 storage volumes can be connected to a Dedicated Core Server or a Cloud Cube (while the Cloud Cube already has one virtual storage device attached per default). You can use any mix of volume types if necessary.
IONOS Cloud provides HDD and SSD block storage in a double-redundant setup. Each virtual storage volume is replicated four times and stored on distributed physical devices within the selected data center location.
Secure your data, enhance reliability, and set up high-availability scenarios by deploying your Dedicated Core Servers and storage devices across multiple .
Assigning different Availability Zones ensures that redundant modules reside on separate physical resources at IONOS. For example, a server or a storage device assigned to Availability Zone 1 resides on a different resource than a server or storage device assigned to Availability Zone 2.
For HDD and SSD Storage, you have the following Availability Zone options:
Zone 1
Zone 2
Zone 3
A - Auto (default; the system automatically assigns an Availability Zone upon provisioning)
The server Availability Zone can also be changed after provisioning. The storage device's Availability Zone is set on first provisioning and cannot be changed subsequently. However, you can take a and then use it to provide a storage device with a new Availability Zone.
The first time you create a storage unit based on a public image, you must select at least one authentication method. Without authentication, the image on the storage unit cannot be provisioned. The authentication methods available depend on the IONOS operating system image you select.
Authentication methods depend on the operating system.
Passwords: Provisioning a storage device with a Windows image is not possible without specifying a password. It must be between 8 and 50 characters long and may only consist of numbers (0 - 9) and letters (a-z, A - Z). For IONOS Linux images, you can specify a password along with SSH keys, so that you can also log in without the SSH, such as with the Remote Console. The password is set as the root or administrator password with corresponding permissions.
SSH (Secure Shell): To use SSH, you must have an SSH key pair consisting of public and private keys. The private key is installed on the client (the computer you use to access the server), and the public key is installed on the (virtual) instance (the server you wish to access). The IONOS SSH feature requires that you have a valid SSH public/private key pair and that the private key is installed as appropriate for your local operating system.
If you set an invalid or incorrect SSH key, it must be corrected on the side of the virtual machine.
We recommend using both SSH and a password with IONOS Linux images. This will allow you to log in with the . It is not possible to provision a storage unit with a Linux image without specifying a password or an SSH key.
IONOS Linux images
+
+
IONOS Windows images
-
+
This article explains how IONOS ensures the security of your data through encryption at rest and secure deletion practices.
IONOS provides block storage encryption to help secure your data at rest. Encryption at rest refers to protecting data stored on physical storage devices. It ensures that data is encrypted when stored on disk and can only be accessed by authorized users with the correct encryption keys.
Encryption protects sensitive information from unauthorized access. It also reduces the risk of data leakage by ensuring that even if data is stolen, it remains encrypted and unusable without the appropriate keys.
IONOS implements encryption at rest for Block Storage at two levels:
Logical Volume Encryption:
All logical block storage volumes created after the feature's availability are automatically encrypted.
The encryption method used is AES-XTS 256-bit.
Each block storage volume uses a unique encryption key, ensuring that others remain secure even if one volume's security is compromised.
These unique encryption keys are securely stored and remain inaccessible even to the root user, adding an extra layer of security.
Optional Drive-Level Encryption:
This additional encryption is applied when the storage backend uses self-encrypting drives (SEDs).
Currently, SSD Premium and SSD Standard storage options benefit from this feature.
The drives employed by IONOS support AES-XTS 256-bit encryption, which is one of the strongest encryption standards available.
The security of encryption keys is crucial to maintaining the overall security of your data. IONOS implements the following key management practices:
Key Invisibility: Encryption keys are not visible on the storage server, preventing unauthorized access.
Infrastructure-Bound Access: Drives and volumes can only be accessed within the IONOS infrastructure. This means that even if a drive was physically removed from the data center, it would remain inaccessible.
Secure Passphrase Retrieval: The storage server requires a passphrase to access a drive or volume. This passphrase can only be retrieved through a secure process:
The request must be authenticated (proving the identity of the requester).
The request must be authorized (confirming the requester has the right to access).
The request must be encrypted (protecting the passphrase during transmission).
Data Inaccessibility: The volumes and user data remain completely inaccessible without properly unlocking the drives or volumes using the correct passphrase.
Secure deletion ensures that it cannot be restored once data is deleted, even with access to the physical media.
To comprehend the secure deletion process, it's essential to understand the role of logical volume metadata:
Information Repository: Metadata is a storage location for crucial block device information, including volume names, sizes, encryption methods, unique identifiers (UUIDs), and other relevant details.
Block Mapping: Metadata functions as a block map, linking the logical volume to the underlying physical volumes (block devices).
When you initiate the deletion of a Block Storage volume, IONOS takes the following steps:
The volume is immediately flagged for deletion and inaccessible to all systems and users. The deletion can be deferred for up to 48 hours for security reasons.
IONOS guarantees that the metadata of the deleted volume is "zeroed out.":
All metadata information is securely overwritten with zeros.
The process effectively destroys the block mapping between the logical and physical volumes.
Without the block mapping provided by the metadata, retrieving user data for the specific volume becomes impossible. The metadata is a required component of the encryption key. Deleting the metadata effectively destroys the encryption key. With the encryption key destroyed, the encrypted user data can no longer be decrypted, even if it were to be recovered by any means.