[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Possibly moving Debian services to a CDN

]] anarcat 

> On 2013-11-14 10:37:21, Tollef Fog Heen wrote:

> > Yes.  If you're just anycasting an IP, you'll get pretty poor
> > performance.
> Can you expand on that?

BGP anycast will just get you the closest one in term of metrics.  This
is probably the fewest number of cheapest hops.  There's no guarantee
those hops are going to be the shortest or fastest.

> > You need monitoring to make sure the mirror is up to date
> > and something that automatically updates DNS when it isn't, and puts it
> > back in when it is.
> That is a problem we're having already, and that we'll probably have
> with commercial CDNs, or at least that we'll have to resolve so get a
> consistent state across the mirrors.

Yes, and we're doing a terrible job at it.  It's a manual job right now,
and there's essentially a single person doing that job.  I'm not trying
to pick on him, since he's doing as well as he can, but it's the wrong
way to go about solving the problem.  CDNs have infrastructure for
distributing purges, so we'd just go «nuke all your Release and Packages
files» and assuming the CDN isn't too bad, they'd be gone a few hundred
milliseconds later.

> > If you're going to do anycast, you'll need to have BGP announcements
> > sent from a diverse set of places.
> This seems like something we have, with the variety of mirrors out
> there. :)

We don't.  Debian doesn't run its own AS, we don't have peering
agreements and we don't announce anything anywhere.  We don't have any
interest in doing so either.  It's not what we think is fun, nor what
we're good at.

> I guess what I am saying is that doing incremental improvements over the
> mirror infrastructure should be considered. I am worried that migrating
> to a commercial CDN will be detrimental to the current infrastructure,
> which are based on a spirit of free access and open knowledge, something
> commercial CDNs seem to be alien to...

We've waited for somebody to step up and actually do that.  Nobody is
doing it.  Lots of proof-of-concept services out there, but nothing
that's solid, tested and production ready.  How long would you like us
to keep the current state before we actually do something about it?

Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Reply to: