Re: Rethinking fedora websites deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 28, 2022 at 02:24:14PM +0100, darknao wrote:
> 
> 
> On 2022-11-28 01:32, Kevin Fenzi wrote:
> > Some more I have thought on:
> > 
> > E) a twist on A. We build and serve in openshift, but we stick
> > cloudfront in front of it. This would solve the speed problems, but
> > still would have the openshift down issue.
> 
> I'm not familiar with Cloudfront, so I can't really comment on that one.
> 
> > F) (this is a fun one :) How about looking into FCOS or RHEL for edge?
> > In this model we would install ostree based vm's in the places we have
> > proxies now and we would build the web content as a ostree ref and pull
> > it from our registry (or quay.io). I think this would be fun, but
> > probibly overkill/too much effort for just static content, but I thought
> > I would throw it out there.
> 
> That does sounds a bit overkill yes :) I'm not expert on the subject, but I
> believe applying a new ostree ref requires a reboot to use it, right?

yep.

> I was considering something similar in the past: Build the websites into a
> container image, then pull & extract the content on the proxies.
> One downside to that is every build creates a new image (or at least a new
> layer), that proxies will have to pull every time.
> With rsync (or s3 sync) we only download what actually changes and save
> bandwidth in the long run.

Yeah, and if we run in a pod or a ostree setup, we have to duplicate the
proxy stack (ie, httpd, varnish, etc), where as if we just copy the
content we can leverage the existing software stack.
> 
> > I like B... but possibly could be talked into C.
> > 
> > The thing I don't like about C is that it has less visibility, if there
> > was a problem, it would require someone from websites to fix, rather
> > than possibly being something that anyone with access to openshift could
> > fix.
> 
> That's a valid point.
> 
> I think I'll go with B as a starting point. We could always build from there
> at a later time, as we see fit.

Yeah, thats sounds good. We can always adjust, and B will still be a
nice improvement, especially if we get it to sync on message (although
we should be sure to have some manual way to force a 'sync now' too).

kevin

Attachment: signature.asc
Description: PGP signature

_______________________________________________
infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux