Hey #journalists if you're going to use an open source project as an example of a hack, can you at least let them know in advance you're about to do something reckless so they can prepare?
Não uso muito streaming, mas no início da pandemia, dando suporte às aulas/eventos remotos percebi que nitidamente as soluções Google funcionam mais fluidas.
Não só em relação às soluções on-premisse (Jitsi, ConferênciaWeb, BigBlueButton), mas também em comparação com Zoom, Teams, Skype.
O que Google tem diferente que explicaria isso?
Redes de entrega de conteúdo mais próximas?
Parcerias com provedores de internet, tipo aquilo que o Netflix faz (uma espécie de cache local)?
Algum privilégio nas infraestruturas de transporte de dados?
For a very small instance with only a couple of concurrent users a CDN might not make much difference. But if you take a look at your web server logs you’ll quickly notice that every post / like / vote triggers a storm of requests from other instances to yours, looking up lots of different things. It’s easy to imagine how quickly this would overwhelm an instance once it gets even a little busy.
One of the first web performance tools people reach for is to use a CDN, like Cloudflare. But how much difference will it make? In this video I show you my web server logs before and after and compare them.
The short answer is – before CDN: 720 requests. After CDN: 100 requests.
Usually just turning on a CDN with default settings will not help very much, you’ll need to configure some caching rules or settings. By watching your server logs for a while you’ll get a sense for what needs to be cached but check out mine for a starting point:
Beware of caching by URI Path because often fediverse software will return different data depending on the Accept header that the requester sets. For example, on PieFed and Lemmy instances a request by a web browser to /post/123 will return HTML to show the post to someone. But when that same URL is requested with the Accept: application/ld+json header set, the response will be an ActivityPub representation of the post! You don’t want people getting activitypub data in their browser and you don’t want to be serving HTML to other instances. Once you spot a URL you want to cache, use a tool like Postman to set the Accept header and make a fake ActivityPub request to your instance and see if you get back HTML or JSON.
Another problem that can happen is that often a response will vary depending on whether the viewer is logged in, or who is logged in. If you can figure out how to configure the CDN to pay attention to cookies or whatever headers are used for Authentication by your platform then you might be able to cache things like /post/*… I couldn’t.
The things I’ve chosen to cache by URI Path above are ones that I know don’t vary by HTTP header or by authentication.
Although we can’t use URI Path a lot of the time, we can cache ActivityPub requests by detecting the Accept: allocation/ld+json header:
https://join.piefed.social/wp-content/uploads/2024/02/caching_activity2-1024x811.pngThis will cache all ActivityPub requests, regardless of URL. People browsing the same URLs as those used by ActivityPub will be unaffected as their requests won’t have the special HTTP header. I used a short TTL to avoid serving stale data when someone quickly edits a post straight after creating it.
There seems to be a deep vein of optimization here which I’ve only just started to dig into. These changes have made a huge difference already and for now my instance is under very little load so I’ll leave it there for now…
🪡 🧵 Would you like to learn a new skill while doing something good for the environment? The éco-quartier Côte-des-Neiges and the FabLab at the Bibliothèque Interculturelle are joining forces to give you the chance to learn how to use digital sewing machines! 🪡 🧵
Hands up if you caused a global outage today...
Just me?
Sorry!
I was making a change to our "outside the UK" CDN config today for www.bbc.co.uk & www.bbc.com & the change included 2 bugs which pre-testing didn't spot:
#Discord will switch to temporary file links to block #malware delivery
Discord's #CDN is regularly abused by threat actors to host and drop malware such as information stealers. Discord has always struggled with mitigating this.
The hope is that temporary file links will make it that much harder for threat actors to host malware using Discord's CDN... but we will see. Supposed to roll-out by end of the year.
Dear friends of #BSDCafe and #Fediverse, pgbouncer is now up and running. You probably won't notice any changes as we didn't have performance issues related to the database, but this is a more suitable and efficient approach.
In recent days, I duplicated the jail containing Mastodon (the operational one) to support sidekiq and serve as a backup for the rest. For this reason, you shouldn't have noticed any disruptions because while I was making changes to the primary jail, BSD Cafe was still operational using the secondary one (on another host).
I'm seriously considering conducting an experiment and replicating this jail (along with the reverse proxy) on a different continent to speed up user access in that location. Currently, everything is in Europe (Helsinki), so I might replicate somewhere in the Americas.
I'm not sure if this would yield tangible benefits since the database, Redis, etc., would remain in Europe. Multimedia files are already on a CDN, so they are georeplicated.
It looks like the CDN files.mastodon.online for #MastodonOnline is currently broken and redirecting everything to https://(null)/ from files.mastodon.online.
If you're wondering why some pictures and media aren't loading right now, this is why.
When I first joined Twitter a lifetime ago, I only followed people in my own community.
Not sure when or how that changed, but along the way my idea of community changed and I'm glad and grateful that it did.
An interesting journey that I've appreciated immensely.
That said, with the demise of angrybirdsite, I'd like to find a few more #yyc#ab#cdn friends again.
A little help would be appreciated. 😊
As folks might know, I #MastoAdmin the #FediverseAU#Mastodon instance, which is a closed (must be approved) instance only for university and research group accounts in Australia / Oceania - because they're typically brand accounts and don't have a natural home in AU.
Yesterday I upgraded the storage for this Mastodon instance, and placed it on a #DigitalOcean#CDN.
If you're interested in this sort of thing, you can see the change plan here - because documentation is both helpful in the moment, and a good reference for others.
All I want is a CDN that's also private in a way that I don't need to include any US entities on the list of sub processors. I guess bunny.net is not on the list 🔓