Hi James,
On 08/02/14 at 13:48 +0800, James Bromberger wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/02/2014 11:46 AM, Luca Filipozzi wrote:
Have you been trying to reach out to other CDN providers about supporting
Debian? I know of
discussions with Amazon CloudFront,
On Sat, Feb 08, 2014 at 07:53:56PM +0800, James Bromberger wrote:
On 8/02/2014 4:41 PM, Lucas Nussbaum wrote:
[..]
Sure, the hypothetical scenario which I'm worried about is:
- there's only one CDN provider willing to support Debian, and able to
meet our technical requirements
- we
On Sat, 08 Feb 2014, Simon Paillard wrote:
I don't think Debian should shut down the mirror network; at least on a
national level. For example, right now I am configuring Debian AMIs
within China, and the only mirror I can access from there is
ftp.cn.debian.org.
I don't want the
On Sat, Feb 08, 2014 at 02:16:07PM +0100, Peter Palfrader wrote:
On Sat, 08 Feb 2014, Simon Paillard wrote:
I don't think Debian should shut down the mirror network; at least on a
national level. For example, right now I am configuring Debian AMIs
within China, and the only mirror I
On Sat, 08 Feb 2014, Simon Paillard wrote:
In the end it matters little how we achieve these goals, but we should
work towards them.
We disagree on this, but in my opinion, we already achieve this with http.d.n
(except it's not DSA-sponsored and as consequence not official).
http.d.n is
]] Lucas Nussbaum
Thanks a lot for this status update. I'm very much in favor of exploring
ways to make the Debian infrastructure easier to manage, and using
a CDN sounds like a great way to do so. It's great that things worked
out with Fastly (any plans for a more public announcement?).
On 30/01/14 at 13:53 +0100, Tollef Fog Heen wrote:
]] Tollef Fog Heen
Hi all,
- the various bits and bobs that are currently hosted on
static.debian.org
I thought it's time for a small update about this. As of about an hour
ago, planet and metadata.ftp-master are now served from
On Fri, Feb 07, 2014 at 02:08:26PM +0100, Lucas Nussbaum wrote:
On 30/01/14 at 13:53 +0100, Tollef Fog Heen wrote:
]] Tollef Fog Heen
Hi all,
- the various bits and bobs that are currently hosted on
static.debian.org
I thought it's time for a small update about this. As of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/02/2014 11:46 AM, Luca Filipozzi wrote:
Have you been trying to reach out to other CDN providers about supporting
Debian? I know of
discussions with Amazon CloudFront, but I remember some technical
blockers? Could the DPL be of some help to
]] Florian Weimer
* Tollef Fog Heen:
There's not really anything to be fixed, since you shouldn't be using
HTTPS for that host yet.
Can't they serve it off an IP address that doesn't answer on 443/TCP,
to avoid confusion?
It would be technically possible to do so, but the network's
* Tollef Fog Heen:
There's not really anything to be fixed, since you shouldn't be using
HTTPS for that host yet.
Can't they serve it off an IP address that doesn't answer on 443/TCP,
to avoid confusion?
--
To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org
with a subject of
Craig Small schrieb:
Interesting way they've stapled all the names together on the
certificate too.
I didn't know you could do that,
See http://en.wikipedia.org/wiki/SubjectAltName.
Regards,
-thh
--
To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org
with a subject of
]] Tollef Fog Heen
Hi all,
- the various bits and bobs that are currently hosted on
static.debian.org
I thought it's time for a small update about this. As of about an hour
ago, planet and metadata.ftp-master are now served from the Fastly CDN,
and it all seems to be working quite
Tollef Fog Heen writes (Re: Possibly moving Debian services to a CDN):
As for the privacy concerns raised in the thread, I've had quite a lot
of discussions with Fastly about how they operate wrt privacy. They
don't store request-related logs (only billing information), so there
are no URLs
]] Craig Small
On Thu, Jan 30, 2014 at 01:53:55PM +0100, Tollef Fog Heen wrote:
I thought it's time for a small update about this. As of about an hour
ago, planet and metadata.ftp-master are now served from the Fastly CDN,
and it all seems to be working quite smoothly.
]] anarcat
I would also point out that none of the CDNs *publish* the software they
develop as free software. They may *use* free software, but they built
their business on proprietary software on top of our hard work.
Maybe not all of their software, but a blanket statement like that is
On 2013-11-20 16:43:35, Tollef Fog Heen wrote:
]] anarcat
On 2013-11-14 10:37:21, Tollef Fog Heen wrote:
Yes. If you're just anycasting an IP, you'll get pretty poor
performance.
Can you expand on that?
BGP anycast will just get you the closest one in term of metrics. This
is
]] anarcat
On 2013-11-20 16:43:35, Tollef Fog Heen wrote:
]] anarcat
On 2013-11-14 10:37:21, Tollef Fog Heen wrote:
Yes. If you're just anycasting an IP, you'll get pretty poor
performance.
Can you expand on that?
BGP anycast will just get you the closest one in term of
On 2013-11-20 14:49:34, Thijs Kinkhorst wrote:
On Wed, November 20, 2013 19:03, anarcat wrote
I see your point, although I think there is a few orders of magnitudes
between adding improvements to the current mirror infrastructures versus
soldering PCBs...
Debian's core activity is building
On 2013-11-14 10:37:21, Tollef Fog Heen wrote:
]] anarcat
On 2013-11-14 05:20:12, Tollef Fog Heen wrote:
]] anarcat
I'm not aware of any open source 40GE PHYs for instance? Most of what
I've seen done is around SDN, which is all nice and good, but doesn't
actually make the PHY and MAC
On Wed, November 20, 2013 19:03, anarcat wrote
And saying that because there's proprietary firmware in your BIOS it's
okay to offload all of Debian's infrastructure to a non-free CDN is
okay
seems to me to be a slippery slope.
Nobody has talked about moving all of Debian's infrastructure.
]] anarcat
On 2013-11-14 10:37:21, Tollef Fog Heen wrote:
Yes. If you're just anycasting an IP, you'll get pretty poor
performance.
Can you expand on that?
BGP anycast will just get you the closest one in term of metrics. This
is probably the fewest number of cheapest hops. There's
]] anarcat
All the tools currently running the Debian mirror architecture. Some
mirrors may run an FTP mirror on a non-free software, but they don't
*have* to, and we unfortunately can't control that.
No, they can't. You can't route a packet through the public internet
without it hitting
On 2013-11-14 05:20:12, Tollef Fog Heen wrote:
]] anarcat
All the tools currently running the Debian mirror architecture. Some
mirrors may run an FTP mirror on a non-free software, but they don't
*have* to, and we unfortunately can't control that.
No, they can't. You can't route a packet
]] anarcat
On 2013-11-14 05:20:12, Tollef Fog Heen wrote:
]] anarcat
All the tools currently running the Debian mirror architecture. Some
mirrors may run an FTP mirror on a non-free software, but they don't
*have* to, and we unfortunately can't control that.
No, they can't. You
On 2013-10-29 06:19:14, Tollef Fog Heen wrote:
]] Stefano Zacchiroli
For the specific case of CDN offerings to the Debian Project, the
point---well, my point, I respect the fact that others disagree it's a
problem---is whether we're going to force our user to receive the Free
Software we're
On 29/10/13 at 10:54 +0100, Stefano Zacchiroli wrote:
Just a minor nitpick on the point below; for the more general discussion
I stand behind the opinion I've previously posted in this thread.
On Sun, Oct 20, 2013 at 04:00:42PM +0200, Lucas Nussbaum wrote:
After all, if we could use and
Just a minor nitpick on the point below; for the more general discussion
I stand behind the opinion I've previously posted in this thread.
On Sun, Oct 20, 2013 at 04:00:42PM +0200, Lucas Nussbaum wrote:
After all, if we could use and point to 3-4 CDNs that are advocating
Free Software, isn't it
]] Stefano Zacchiroli
For the specific case of CDN offerings to the Debian Project, the
point---well, my point, I respect the fact that others disagree it's a
problem---is whether we're going to force our user to receive the Free
Software we're distributing via infrastructures built using
On Tue, Oct 29, 2013 at 11:19:14AM +0100, Tollef Fog Heen wrote:
You seem to be under the impression that CDN implies non-free software.
Oh, no, not at all. I'm just saying that we should judge CDN offerings
on the basis of the kind of software they're build upon, and not on the
basis of how
]] Stefano Zacchiroli
On Tue, Oct 29, 2013 at 11:19:14AM +0100, Tollef Fog Heen wrote:
You seem to be under the impression that CDN implies non-free software.
Oh, no, not at all. I'm just saying that we should judge CDN offerings
on the basis of the kind of software they're build upon,
On Tue, Oct 29, 2013 at 02:22:36PM +0100, Tollef Fog Heen wrote:
I don't believe we ask mirror operators what OS their mirror runs on or
whether it's free software today. While I'd like both them and a CDN to
use free software, this doesn't look like it'll change anything from
current
This one time, at band camp, Simon Paillard said:
Hi,
On Sat, Oct 19, 2013 at 11:07:05PM +0200, Martin Zobel-Helas wrote:
On Wed Oct 16, 2013 at 21:01:08 +0200, Simon Paillard wrote:
On Wed, Oct 16, 2013 at 07:54:04PM +0100, Stephen Gran wrote:
This one time, at band camp, Simon
On Sun, Oct 20, 2013 at 09:53:35AM +0100, Stephen Gran wrote:
This one time, at band camp, Simon Paillard said:
On Sat, Oct 19, 2013 at 11:07:05PM +0200, Martin Zobel-Helas wrote:
On Wed Oct 16, 2013 at 21:01:08 +0200, Simon Paillard wrote:
On Wed, Oct 16, 2013 at 07:54:04PM +0100,
* Simon Paillard:
* My own experience is different, http.d.n redirects to ftp2.fr, which i got
10,2Mo/s, while cloudfront.d.n (Amazon) gives 5Mo/s.
This matches my experience. One of the CDNs we use at work does not
seem to pre-replicate content world-wide (which is not too surprising,
I
Stephen Gran wrote:
This one time, at band camp, Raphael Geissert said:
They do require a bit more work as they can not be added to the mirrors
master list - they are dumb caching proxies that can not guarantee the
consistency of the view of the archive they provide. Here's where I
disagree
On 13/10/13 at 08:44 +0200, Tollef Fog Heen wrote:
We appreciate feedback while we continue our investigation of CDNs.
Hi,
I'm trying to summarize the discussion so far and add my own
understanding/thoughts, in a set of Q A.
Q: What problem are we trying to solve? What's the current status?
On 20/10/2013 5:55 PM, Raphael Geissert wrote:
Stephen Gran wrote:
That's mostly because we're not actually 'using' them now - we're just
allowing them to cache. Most CDNs have a decache mechanism of some sort
or other that we could use on mirror pulses, or we could tune the cache
headers to
This one time, at band camp, Ian Jackson said:
I don't see a clear explanation of what the motivation is to switch to
a commercial CDN. Can you clarify ? That will help us understand
what we would be giving up if we decline to make this change.
There are probably several having to do with
Stephen Gran wrote:
We have had one
report that someone gets better throughput off of their existing mirror
than they do from one of the CDNs offering their support. If we get
better coverage for a small number of users and worse coverage for most
of our existing users, that's clearly not a
This one time, at band camp, Raphael Geissert said:
They do require a bit more work as they can not be added to the mirrors
master list - they are dumb caching proxies that can not guarantee the
consistency of the view of the archive they provide. Here's where I disagree
with Russ as a
Hi,
On Wed Oct 16, 2013 at 21:01:08 +0200, Simon Paillard wrote:
Hi,
On Wed, Oct 16, 2013 at 07:54:04PM +0100, Stephen Gran wrote:
This one time, at band camp, Simon Paillard said:
We already have a network of almost 400 packages mirrors around the world.
Using http.d.n, provides the
Hi,
On Sat, Oct 19, 2013 at 11:07:05PM +0200, Martin Zobel-Helas wrote:
On Wed Oct 16, 2013 at 21:01:08 +0200, Simon Paillard wrote:
On Wed, Oct 16, 2013 at 07:54:04PM +0100, Stephen Gran wrote:
This one time, at band camp, Simon Paillard said:
[..]
* Our (mirrors@d.o) is to have http.d.n
Tollef Fog Heen writes (Re: Possibly moving Debian services to a CDN):
I'm fundamentally of the opinion that if the NSA or a similar
organisation wants to track you and is willing to expend that effort on
tracking you in particular, there is just about nothing you can do about
Am 15.10.2013 um 15:51 schrieb Tollef Fog Heen tfh...@err.no:
I'm fundamentally of the opinion that if the NSA or a similar
organisation wants to track you and is willing to expend that effort on
tracking you in particular, there is just about nothing you can do about
it. As you note, we
Am 18.10.2013 um 16:31 schrieb Ian Jackson ijack...@chiark.greenend.org.uk:
Tollef Fog Heen writes (Re: Possibly moving Debian services to a CDN):
I'm fundamentally of the opinion that if the NSA or a similar
organisation wants to track you and is willing to expend that effort on
tracking you
On Sun, Oct 13, 2013 at 08:44:56AM +0200, Tollef Fog Heen wrote:
We appreciate feedback while we continue our investigation of CDNs.
Hi Tollef, thanks for bringing this discussion to -project.
I'm myself against switching to a CDN, but it might be due to a lack of
information on my part, so I'd
On Wed, October 16, 2013 15:01, Stefano Zacchiroli wrote:
I do realize that most of the value of a CDN is not in its software
parts. But I'm under the impression there is still quite a bit of
software behind commercial CDN offerings. So my question is: would the
CDN providers we're going to
On Wed, Oct 16, 2013 at 03:40:48PM +0200, Thijs Kinkhorst wrote:
It is of course a good target to strive for, but putting such a demand on
a service is probably not fair, because our current distribution system
also does not run on 100% Free Software. We do not know what software our
mirrors
Hi,
(cc debian-mirr...@lists.debian.org, the list where such discussions can happen)
On Sun, Oct 13, 2013 at 09:00:04PM -0700, Russ Allbery wrote:
Joey Hess jo...@debian.org writes:
But apparently not one solved by free software included in Debian.
Perhaps it's worth avoiding using it if
This one time, at band camp, Simon Paillard said:
Hi,
We already have a network of almost 400 packages mirrors around the world.
Using http.d.n, provides the CDN layer (not as much as optimal as anycast), so
we don't need to sort ourselves peering issues etc.
The mirrors do a very good job
Hi,
On Wed, Oct 16, 2013 at 07:54:04PM +0100, Stephen Gran wrote:
This one time, at band camp, Simon Paillard said:
We already have a network of almost 400 packages mirrors around the world.
Using http.d.n, provides the CDN layer (not as much as optimal as anycast),
so
we don't need to
]] Nikolaus Rath
- You can use an IP anonymizing service such as Tor.
Are you suggesting to download debian packages over tor? Last time I
used it, I got about 25 kB/s of bandwidth. But even if that has changed,
I'm pretty sure the tor network isn't intended for bulk transfer of the
]] Ingo Jürgensmann
Am 14.10.2013 um 07:29 schrieb Tollef Fog Heen tfh...@err.no:
- I would like us to have agreements with any donors that they're not
allowed to use the information for anything but operational issues. We
can't tell them not to log (because that's really hard on a
This one time, at band camp, Joey Hess said:
Ultimately, we are of the opinion that the content delivery problem is a
solved one
But apparently not one solved by free software included in Debian.
Perhaps it's worth avoiding using it if that will help encourage the
development of libre
Am 14.10.2013 um 07:29 schrieb Tollef Fog Heen tfh...@err.no:
1) Privacy concerns: Debian would deliver much more data to business
companies than necessary. Keep in mind that personalized data is one
of the most valuable things to data miners. Currently I choose one
mirror site to pull my
Tollef Fog Heen tfh...@err.no writes:
...
Nobody has suggested removing the mirror network. What's being
discussed is using a CDN for some .d.o services.
That was certainly not clear from your original post.
I certainly read you as suggesting that some services could be moved to
third-party
]] Philip Hands
Tollef Fog Heen tfh...@err.no writes:
...
Nobody has suggested removing the mirror network. What's being
discussed is using a CDN for some .d.o services.
That was certainly not clear from your original post.
I certainly read you as suggesting that some services
On Mon, 14 Oct 2013, Paul Wise wrote:
On Mon, Oct 14, 2013 at 2:16 AM, Joey Hess wrote:
But apparently not one solved by free software included in Debian.
Perhaps it's worth avoiding using it if that will help encourage the
development of libre alternatives.
I guess the hardest part of
Tollef Fog Heen tfh...@err.no writes:
1) Privacy concerns: Debian would deliver much more data to business
companies than necessary. Keep in mind that personalized data is one
of the most valuable things to data miners. Currently I choose one
mirror site to pull my packages from. I can freely
On Mon, Oct 14, 2013 at 1:36 AM, Tollef Fog Heen tfh...@err.no wrote:
]] Paul Wise
About the archive mirrors, some reworded thoughts from the DPL IRC
channel when this came up a few days ago:
pabs [...] I think the current state of affairs is fine;
I don't believe you're one of the person
Dear Project,
The System Administration Team (DSA) are considering moving some of the
static hosting that Debian currently provides from our infrastructure to
one or more CDNs. We have received feedback indicating that a broader
discussion is desired.
Debian has, for over a decade, operated its
Tollef Fog Heen:
The System Administration Team (DSA) are considering moving some of the
static hosting that Debian currently provides from our infrastructure to
one or more CDNs. We have received feedback indicating that a broader
discussion is desired.
Debian has, for over a decade,
On Sun, Oct 13, 2013 at 08:44:56AM +0200, Tollef Fog Heen wrote:
Dear Project,
The System Administration Team (DSA) are considering moving some of the
static hosting that Debian currently provides from our infrastructure to
one or more CDNs. We have received feedback indicating that a
Interesting idea.
If the Debian website is served to users directly from non-free
software, and so is the archive, I have to wonder what would be the
FSF's reaction to this. It seems to have some potential to burn bridges
that I'd otherwise hope would get mended.
Ultimately, we are of the
Am 13.10.2013 um 08:44 schrieb Tollef Fog Heen tfh...@err.no:
The System Administration Team (DSA) are considering moving some of the
static hosting that Debian currently provides from our infrastructure to
one or more CDNs. We have received feedback indicating that a broader
discussion is
About the archive mirrors, some reworded thoughts from the DPL IRC
channel when this came up a few days ago:
pabs I would suggest forwarding/bouncing this mail to the
debian-mirrors list. I think the current state of affairs is fine;
some CDNs in use (cloudfront.d.n), some normal mirrors,
On Mon, Oct 14, 2013 at 2:16 AM, Joey Hess wrote:
But apparently not one solved by free software included in Debian.
Perhaps it's worth avoiding using it if that will help encourage the
development of libre alternatives.
I guess the hardest part of the problem is logistics to get machines
and
Joey Hess jo...@debian.org writes:
Ultimately, we are of the opinion that the content delivery problem is a
solved one
But apparently not one solved by free software included in Debian.
Perhaps it's worth avoiding using it if that will help encourage the
development of libre alternatives.
]] Russ Allbery
Joey Hess jo...@debian.org writes:
Ultimately, we are of the opinion that the content delivery problem is a
solved one
But apparently not one solved by free software included in Debian.
Perhaps it's worth avoiding using it if that will help encourage the
]] Ingo Jürgensmann
1) Privacy concerns: Debian would deliver much more data to business
companies than necessary. Keep in mind that personalized data is one
of the most valuable things to data miners. Currently I choose one
mirror site to pull my packages from. I can freely choose that
]] Paul Wise
About the archive mirrors, some reworded thoughts from the DPL IRC
channel when this came up a few days ago:
pabs [...] I think the current state of affairs is fine;
I don't believe you're one of the person who is doing the legwork in
maintaining any of the CDNs we're
]] Andrew M.A. Cater
On Sun, Oct 13, 2013 at 08:44:56AM +0200, Tollef Fog Heen wrote:
Dear Project,
The System Administration Team (DSA) are considering moving some of the
static hosting that Debian currently provides from our infrastructure to
one or more CDNs. We have received
73 matches
Mail list logo