David and All, I wrote that I would look at some options for CDNs a few weeks ago. I have been busier with other things than I expected, but I have indeed learned some things.
CloudFlare ======== Overall CloudFlare looks great. Their web control panel is quite pleasant to use, and as David says, they also have a free tier. Beyond that, they offer their "Pro" level of service at no charge for open source projects that they deem suitable, instead of the usual $20/month. ( https://blog.cloudflare.com/cloudflare-open-source-your-upgrade-is-on-the-house/) Metamath is not a perfect fit for this program, but I could easily imagine it might be accepted. Even the free level might turn out to be very satisfactory, though "Pro" might be of some additional use. I set up a small test site using their free service and studied the options available. Cloudfront would probably be more than adequate just "out of the box" using their free tier. That alone would automatically give Metamath support for HTTPS without any need for anyone associated with Metamath (David!) to manage SSL certificates. In that setup the origin server would serve plain old HTTP, but users would see HTTPS through CloudFlare. Beyond that -- given that the Metamath site is entirely(?) static content (served entirely from text files of HTML) their option to "cache everything" looks like it might be very suitable for Metamath as long as the Cloudflare distributed cache is purged whenever a new copy of the Metamath site is released. Alternatively, their caching can be set to be responsive to "Cache-control" headers sent by the origin web server, but I see that us.metamath.org does not currently send these response headers. Notably, Cloudflare by default does not cache HTML unless this option is turned on, though it will by default cache css, js, images, etc.. Some relevant documentation of all of this is at https://developers.cloudflare.com/cache/best-practices/customize-cache, and https://developers.cloudflare.com/cache/about/cache-control. Netlify has an article at https://www.netlify.com/blog/2017/02/23/better-living-through-caching/ explaining the Cache-control headers they send in responses and why, should anyone be interested. But there may be little or no advantage to this for Metamath if using Cloudflare. I also started a subscription to their load balancing and tried it out. This service costs an additional $5/month regardless of whether using the "Free" or "Pro" plan. It was not overly hard to set up, and allows users on the "Free" plan to set up two origin web servers, with failover if a server goes down. Traffic to the servers can be "steered" by geographic region as well. Health checks can be set up every 60 seconds, and Cloudflare can be set to stop sending traffic to a down server after a single health check failure. Experiment showed that this worked properly, leaving only a window of up to 60 seconds where a bad server might be visible to users. They can also send you email when server health status changes. I did not notice any potential gotchas along the way. AWS CloudFront ============= I investigated a similar setup with Amazon's CloudFront, which also has a "free tier" ( https://aws.amazon.com/cloudfront/pricing/?loc=ft#AWS_Free_Usage_Tier). Cloudfront has plenty of capability, and I think a configuration would not be terribly hard to manage once it is set up; however I found their documentation and instructions for setup distinctly unhelpful overall. Some attempts at friendliness are made in places, but mostly you have to figure it out on your own. Diagnostics were also woeful. CloudFront can support load balancing with the free tier at very low prices. My guess is that it would be less than Cloudflare's $5 per month, but that would not come close to making up for the extra hair-pulling involved. (Their charges are based on usage.) Anything else? =========== I didn't notice any other similar service with a genuine free tier, and it is not clear to me why Cloudflare would not be just fine. David, it might be interesting if you could give a ballpark estimate of the Web service bandwidth per month typically used by us.metamath.org. Any thoughts on this? Best, Cris On Sat, Jul 30, 2022 at 6:31 PM David A. Wheeler <[email protected]> wrote: > > > > On Jul 30, 2022, at 8:31 PM, Cris Perdue <[email protected]> wrote: > > Another advantage that a CDN could have is extra robustness through > multiple "origins". > > A CDN origin is a web server such as us.metamath.org, that the CDN > refers to when it does > > not have the data already cached. Many CDNs these days seem to support > multiple origins, so if the main > > origin, such as us.metamath.org, has problems, the CDN can > automatically fail over to another origin > > server in some manner. The details seem to vary significantly from one > CDN to another. > > > > David, I'd be glad to run down more detailed information on pricing or > options if you desire. > > Sure, more info would be great! I've been looking at Cloudflare, which has > a free tier that I think would be > adequate and it seems to be widely used. But I'm not married to that > particular CDN. Any advice you have would be welcome. > > I like the idea of eventually using multiple origins. We could integrate > our existing mirrors so that > people can *use* a specific URL that is extremely fast & robust through the > use of a CDN and our existing mirrors. I think it needs to be inexpensive, > and > once set up it should just "keep working", but that all seems possible to > me. > > I've used Fastly, which is a good CDN service. However, I don't think we > need its main advantages > and I don't see a useful free tier. I think we should limit costs where > that makes sense. > > I think it would be good to eventually create a non-profit "Metamath > Association' whose > purpose would be to support & encourage the formalization of mathematics. > It'd be paid by > dues, and it would do stuff like pay for DNS registration & website fees. > The idea would be to > enable this to outlast any of us. However, I doubt that it would be flush, > so I think we need to > limit our costs even if that's the eventual plan. Hopefully some people > here would be willing to join :-). > > --- David A. Wheeeler > > -- > You received this message because you are subscribed to the Google Groups > "Metamath" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/metamath/36699FC7-24ED-4075-B838-29A90004EE17%40dwheeler.com > . > -- You received this message because you are subscribed to the Google Groups "Metamath" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/metamath/CAOoe%3DW%2BMtve1VRiPqMQ%3DPppYCYsSbgJRgrFEQ_4ymOVYL3qHdw%40mail.gmail.com.
