Re: Bug#698477: Re: Bug#698477: Do we really need mirror in AWS?

To: James Bromberger <james@rcpt.to>
Cc: debian-cloud@lists.debian.org
Subject: Re: Bug#698477: Re: Bug#698477: Do we really need mirror in AWS?
From: Tim Sattarov <stimur@gmail.com>
Date: Sun, 24 Jul 2016 00:42:01 -0400
Message-id: <[🔎] 76b57fea-d862-e048-6e9d-5f163d554470@gmail.com>
In-reply-to: <ab67de5d-3726-5b3e-de02-84410eaa2837@rcpt.to>
References: <[🔎] 20160720144823.GA17388@bashton004> <[🔎] 20160721004531.GD8742@falafel.plessy.net> <[🔎] 20160721075850.GA12321@xanadu.blop.info> <899c4563-0b14-a161-8c3d-ea72520875bb@rcpt.to> <[🔎] 20160721140729.GC4339@bashton004> <[🔎] b6b5fc7c-c7fa-b0ba-f9d1-3dd75302e5b2@gmail.com> <ab67de5d-3726-5b3e-de02-84410eaa2837@rcpt.to>

On 22/07/16 10:18 AM, James Bromberger wrote:
>
> Tim,
> It's origin is ftp.debian.org. See more details in here:
> http://meetings-archive.debian.net/pub/debian-meetings/2013/debconf13/high/1036_AWS_Debian.ogv
>
> Let me know if there is a better upstream to have as an origin -
> preferably one that sets Cache-Control headers on the HTTP responses to
> keep the various paths fresh in the cache nodes. Current setup passes
> all URLs for /debian/dists/ to an Apache mid-tier that proxies requests
> to the same origin (ftp.us.debian.org) but adds Cache-Control max-age
> headers of various timings (from 60 seconds to 15 minutes). For example,
> the auto-indexes of the folders are fresh, but the individual objects
> with time-stamped names are cached a little longer (they dont change
> once generated).
Unfortunately I can not tell, what mirror would be better as an origin.
So far every mirror I tried didn't have cache-control set.
The alternative would be to keep Debian mirror on S3 and use it as CF
origin. S3 allows setting cache parameters for each file, although it
doesn't generate nice indexes for directories.

Also we can control TTL in the CloudFormation,  by setting MinTTL,
MaxTTL and DefaultTTL
(https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-cachebehavior.html)
and do it per path pattern


> Tim, would you like a login to the account to see the config first-hand?
That would be interesting to see, thank you.
> Attached CloudFormation template (just made - not what is in active
> service).
I'll take a closer look later tomorrow, for now I tried to validate it
and found  small typo :)

--- old.json 2016-07-24 00:15:49.389101428 -0400
+++ new.json     2016-07-24 00:15:02.492767311 -0400
@@ -215,7 +215,7 @@
       ],
       "PriceClass": "PriceClass_All",
       "ViewerCertificate": {
-        "IamCertificateId": { "Ref": "IamCertificateid" },
+        "IamCertificateId": { "Ref": "IamCertificateId" },
         "MinimumProtocolVersion": "TLSv1",
         "SslSupportMethod": "sni-only"
       }


>  James
>

Reply to:

References:
- Bug#698477: Do we really need mirror in AWS?
  - From: Marcin Kulisz <debian@kulisz.net>
- Bug#698477: Do we really need mirror in AWS?
  - From: Charles Plessy <plessy@debian.org>
- Bug#698477: Do we really need mirror in AWS?
  - From: Lucas Nussbaum <lucas@debian.org>
- Bug#698477: Re: Bug#698477: Do we really need mirror in AWS?
  - From: Marcin Kulisz <debian@kulisz.net>
- Re: Bug#698477: Re: Bug#698477: Do we really need mirror in AWS?
  - From: Tim Sattarov <stimur@gmail.com>

Prev by Date: Re: Bug#698477: Do we really need mirror in AWS?
Next by Date: Re: non-standard TCP tunings in EC2 images
Previous by thread: Re: Bug#698477: Do we really need mirror in AWS?
Next by thread: cloudfront backed deb.debian.org
Index(es):
- Date
- Thread