Hi, @Megala : I think having too many folders (lets say if there are 100's of apps) won't be a good idea. So I'm +1 with the option 2.
As Nuwan has mentioned we need to think of serving this on HA mode. So if we are to go with filesystem based approach we might need to have NFS in-between IoT nodes when the IoT is running on HA mode. Thanks, Harshan Liyanage EMM/IoT TG Mobile: *+94765672894* Email: hars...@wso2.com Blog : http://harshanliyanage.blogspot.com/ Medium : https://medium.com/@harshan.dll *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. On Wed, Aug 16, 2017 at 5:01 PM, Nuwan Dias <nuw...@wso2.com> wrote: > When you have two nodes of the IoT server running for HA, and if a given > image/file is stored on the file system of one server, how do you make that > image/file available for a request that's served via the other server? > > On Wed, Aug 16, 2017 at 4:54 PM, Megala Uthayakumar <meg...@wso2.com> > wrote: > >> Hi All, >> >> Currently we are working on writing a mobile application store for IOT >> server. For that we have decided to save the images and binary files >> related with applications in the file system(This decision was taken >> considering the file size). File location will be derived from a >> configuration. While implementing this, we have come-up with the following >> suggestions for saving files as per the meeting we had internally. >> >> *Option 1* >> For each application we will have a folder with the name as the generated >> ID for the application from the database. Each will hold all the relevant >> artifacts such as icon, screen-shots and binary files. >> In this case, there were 2 suggestions >> >> 1. For each app, the icon and screen-shots will be saved with the >> same name. Ex - For icons the image file name will be 'icon' and like-wise >> for others as well. So in this case, we do not need to save image names in >> the database. >> 2. Need to dynamically generate some random names. >> >> If we consider first approach, if we use the same name for all the >> application, there is possible chance an attacker may get all the image >> files if the name is known to them. AFAIU this can happen even if we do >> not use the 1st approach and use the second approach in which we use random >> names, as this can happen only if the root path for saving the artifacts >> are compromised and without the name also attacker can do a "listFiles" >> request and get all the data. >> >> *Option 2* >> For binary files and image files we will have separate location and each >> respective files will be saved in these location separately by generating a >> unique name. This may be helpful if we can cache the images and improve the >> performance, but this may not be possible in real production scenarios >> depending on the size of the images. >> >> What would be the most preferable option? Comments and suggestions on >> this regard is highly appreciated. >> >> Thanks. >> >> Regards, >> Megala >> >> -- >> Megala Uthayakumar >> >> Software Engineer >> Mobile : 0779967122 >> >> -- >> You received this message because you are subscribed to the Google Groups >> "WSO2 IoT Team Group" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to iot-group+unsubscr...@wso2.com. >> For more options, visit https://groups.google.com/a/wso2.com/d/optout. >> > > > > -- > Nuwan Dias > > Software Architect - WSO2, Inc. http://wso2.com > email : nuw...@wso2.com > Phone : +94 777 775 729 <+94%2077%20777%205729> > > -- > You received this message because you are subscribed to the Google Groups > "WSO2 IoT Team Group" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to iot-group+unsubscr...@wso2.com. > For more options, visit https://groups.google.com/a/wso2.com/d/optout. >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
