+1 for proxy. Keep the civetweb lean and mean and if people need "extras" let the proxy handle this. Proxies are easy to set-up and a simple example could be included in the documentation. On Thu, Feb 26, 2015 at 11:43 AM, Wido den Hollander <wido@xxxxxxxx> wrote: > > >> Op 26 feb. 2015 om 18:22 heeft Sage Weil <sweil@xxxxxxxxxx> het volgende geschreven: >> >>> On Thu, 26 Feb 2015, Wido den Hollander wrote: >>>> On 25-02-15 20:31, Sage Weil wrote: >>>> Hey, >>>> >>>> We are considering switching to civetweb (the embedded/standalone rgw web >>>> server) as the primary supported RGW frontend instead of the current >>>> apache + mod-fastcgi or mod-proxy-fcgi approach. "Supported" here means >>>> both the primary platform the upstream development focuses on and what the >>>> downstream Red Hat product will officially support. >>>> >>>> How many people are using RGW standalone using the embedded civetweb >>>> server instead of apache? In production? At what scale? What >>>> version(s) (civetweb first appeared in firefly and we've backported most >>>> fixes). >>>> >>>> Have you seen any problems? Any other feedback? The hope is to (vastly) >>>> simplify deployment. >>> >>> It seems like Civetweb listens on 0.0.0.0 by default and that doesn't seem >>> safe to me. >> >> Can you clarify? Is that because people may inadvertantly run this on a >> public host and not realize that the host is answering requests? >> > > Yes, mainly. I think we should encourage users to run Apache, Nginx or Varnish as a proxy/filter in front. > > I'd just suggest to bind on localhost by default and let the user choose otherwise. > >> If we move to a world where this is the default/preferred route, this >> seems like a good thing.. if they don't want to respond on an address they >> can specify which IP to bind to? >> > > Most services listen on localhost unless specified otherwise. > >>> In most deployments you'll put Apache, Nginx or Varnish in front of RGW to do >>> the proper HTTP handling. >>> >>> I'd say that Civetweb should listen on 127.0.0.1:7480/[::1]:7480 by default. >>> >>> And make sure it listens on IPv6 by default :-) >> >> Yeah, +1 on IPv6:) >> >> sage >> >> >>> >>> Wido >>> >>>> Thanks! >>>> sage >>>> -- >>>> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in >>>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>>> More majordomo info at http://vger.kernel.org/majordomo-info.html >>> -- >>> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in >>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>> More majordomo info at http://vger.kernel.org/majordomo-info.html >>> >>> > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |