New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I got this problem too.
its open source code so you be able to check the code for any backdoors. Personally will not trust any news on BBC TV as they are full of lies!
Man you're awesome. Testing it and work perfectly.
do the entire fleet of vps I have require same Ubuntu 20.4 64-bit? Or can work with different versions?
RHEL based will work too. I have checked the code.
Interesting. Will it work for NAT VPS?
BBC ?
What is the name of the self hosted CDN package you are using?
Looking at the script, this seems like the relatively simple part of setting up a caching proxy server, for which there are already lots of tutorals online. I'm actually more interested in how you implement the harder things in this set-up, specifically:
If you have multiple machines, any of which could serve your web traffic, how do you handle letsencrypt certificate renewal when you don't know which one will end up receiving the verification check. You could have a reverse proxy on each machine that knows to forward to the machine currently renewing, but how to set that up is the interesting thing, as the default certbot manages all this stuff for you by patching apache/nginx configuration for you, but only works on a single machine. I can see multiple options, e.g. use DNS, have one server create the cert and ssh it around, a complicated proxy forwarding system, but nowhere that actually recommends a best practice.
How to set up GeoDNS to go to the best of your local caches. Ideally, we'd be able to implement this ourselves for free, but searching for GeoDNS only turns up commercial services. In theory, this is hard, as a lot of people will be using Google's DNS, so presumably individual nodes should also be figuring out where customers are coming from and redirecting them to their best server. Or do you just round-robin DNS records and hope for the best?
They can be different OS, no need to be the same, as long as they can run this script.
As long as you have Port 80/443 access then it should work. One thing to take into consideration: NAT VPS usually comes with very throttled CPU, which might not be enough to finish the compilation step.
Apache Trafficserver.
Thanks for the suggestions. For the first part, the script has an option to backup all configuration on one node and restore it on another node, so you can set up Let's Encrypt on one node, backup everything and restore on other nodes, and the certificates will now work on all nodes.
For the second part about the GeoDNS, I'll have to think about how to implement this.
Looks like you did not type in the CA chain certs file. If you don't have the CA chain, then the chain should already be included in the certificate file, the you'll need to type "Y" instead of "N" for the third question.
Do you have docker support in mind?
For self-hosted, PowerDNS can do GeoIP via Lua records (don't use the legacy YAML syntax). It can pick the one closest to the user that's up (so if a server is down, it won't return that server's IP).
Round Robin is not ideal for CDN nodes as users may get a node that's very far from them.
An alternative that doesn't need any fancy DNS configuration is to use separate subdomains (eg. us.example.com, uk.example.com) and update your app to render all static file URLs with the right subdomain. This means you can't use the CDN for the initial load though, but this is the more common use case for CDNs anyways (as the home page is often dynamic).
Two options I can think of:
Yeah that I have made a mistake too.
sorry i am a little green,
my cdn cache server has 150gb storage, 130gb is used for cache, origin server is using 700GB (soon to be using 1.5 TB) of files,
so how is cdn handing that, is old request cache dropped as new request come in?
It likely will kill existing cached files to make space for the new requested ones.
Which will likely drag the performance down, due to low local disk space.
I would suggest at least half of that on the CDN Server.