Bug #7161
Support more than 24 HTTP mirrors
100%
Description
We’re currently blocked from adding more that 29 mirrors in our dl.amnesia.boum.org round-robin DNS pool.
Either https://trac.torproject.org/projects/tor/ticket/11741 is resolved quickly, or we’ll have to find another way to point to, or redirect to, mirrors.
Subtasks
| Feature #8635: Make each mirror provide a unique virtualhost name | Resolved | 100 |
|||
| Feature #8637: Design how to convey the mirror pool's configuration to the dispatcher script | Resolved | 100 |
|||
| Feature #8638: Implement how to convey the mirror pool's configuration to the dispatcher script | Resolved | 100 |
|||
| Feature #8639: Write a mirror pool dispatcher script | Resolved | 100 |
|||
| Feature #8640: Have the mirror pool dispatcher library audited | Resolved | 100 |
|||
| Feature #8642: Enable the mirror pool dispatcher on all website pages that need it | Resolved | 100 |
|||
| Feature #8643: Clean up the remainers of the old mirror pool setup | Resolved | 100 |
|||
| Feature #10284: Design how the IA+DAVE will support the new mirror pool system | Resolved | 100 |
|||
| Feature #10294: Define format for per-mirror hostname | Resolved | 100 |
|||
| Feature #10295: Build a list of fast and reliable HTTP mirrors | Resolved | 100 |
|||
| Feature #11079: Publish a call for more HTTP mirrors | Resolved | 100 |
|||
| Feature #11109: Have DAVE build the ISO URL using our mirrors pool configuration | Resolved | 100 |
|||
| Feature #11122: Update check-mirrors to support the new mirror pool design | Resolved | 100 |
|||
| Feature #11123: Have the Upgrader use the new mirror pool design | Resolved | 100 |
|||
| Feature #11283: Find which of our mirrors should stay in the fallback DNS round-robin pool | Duplicate | 100 |
|||
| Feature #11284: Update the DNS round-robin mirror pool to only include a few fast and reliable HTTP mirrors | Resolved | 100 |
|||
| Bug #11329: Mark all links on the website which should use the mirror pool | Resolved | 100 |
|||
| Feature #11384: Record the current state of our mirror pool in JSON | Resolved | 100 |
|||
| Bug #11482: Add a random sleep time to the rsync cronjob we suggest mirror operators use | Resolved | 100 |
|||
| Feature #11902: Move the new mirror pool design doc to contribute/design | Resolved | 100 |
History
#1 Updated by intrigeri 2014-05-05 11:17:27
The Tor ticket I’ve created is apparently a duplicate of https://trac.torproject.org/projects/tor/ticket/4734, which clearly won’t be resolved quickly. So, we really have to move another way to point to, or redirect to, mirrors.
#2 Updated by Anonymous 2014-05-11 05:26:26
Here are some alternatives I could think of. Some of them might not really be feasible, though:
- Modify the DNS server, so that it only serves 29 randomly selected A records from a possibly much larger pool
- Create an interstitial website which lists all available mirrors, or which automatically selects one of them for an automatic download (SourceForge does that, for example)
- Create A records for a.dl.amnesia.boum.org, b.dl.amnesia.boum.org, … - each of them should have at most 29 A records. The DNS server for dl.amnesia.boum.org (which probably needs to be modified for that) now only needs to serve a random CNAME record to one of these subdomains. dl.amnesia.boum.org might point to a.dl.amnesia.boum.org, and that could point to 29 IP addresses.
- Instead of creating an interstitial website, replace all occurences of links to dl.amnesia.boum.org with [randomcharacter].dl.amnesia.boum.org; imho best implemented using JavaScript and a fallback to dl.amnesia.boum.org
- Create a script which automatically replaces the current A records with 29 new, random ones from a possibly much larger pool, every x minutes/hours/days, using a simple crontab entry. This might be the easiest solution, and I guess that it would actually be quite powerful. Especially for large .iso images, changing the A records every minute will probably actually have a load distributing effect similar to a huge number of A records.
#3 Updated by Sagi 2014-05-12 05:26:31
Just my 2 cents, some questions:
To keep up with increasing demand, does tails intend to:
- spread its download infrastructure as widely as possible (say, bazillion mirrors)
or - up the requirements for the limited set of mirrors
Some considerations:
- The disadvantage of uniformly selecting mirrors is that capacity constraints are not taken into account, which becomes a problem once demand is greater than the smallest of mirrors.
- The disadvantagea of a (large) mirror pool without some form of monitoring is the increasing chance of unmaintained/intermittently failing mirrors getting traffic.
Have you guys taken a look at something like mirrorbrain [1]? I suppose the geo-location functionality is less noticable over Tor, but the ability to assign weights to mirrors and/or specific locations to files might prove useful.
#4 Updated by sajolida 2014-05-12 05:50:32
> Have you guys taken a look at something like mirrorbrain [1]? I suppose the geo-location functionality is less noticable over Tor, but the ability to assign weights to mirrors and/or specific locations to files might prove useful.
>
> [1] http://mirrorbrain.org/
That looks cool.
http://mirrorbrain.org/features/
Unfortunately, it is not available in Debian. But there are unofficially
Debian packages:
http://download.opensuse.org/repositories/Apache:/MirrorBrain/Debian_7.0/
#5 Updated by Sagi 2014-05-12 05:58:00
I guess the disadvantage of such a centralized system is its resilience to interference relative to e.g. DNS-records with high TTL’s. But I guess that’s part of the problem space here. I’m not sure what the relevant trade-offs are for Tails.
#6 Updated by foob 2014-05-12 20:04:44
I opened a thread on tails-dev@ with some additional informations to this ticket: https://mailman.boum.org/pipermail/tails-dev/2014-May/005733.html . If you would like to participate … :)
#7 Updated by intrigeri 2014-05-13 03:01:23
Thanks, foob!
For the record, I believe tails-dev@ will be a way better place to discuss this than a ticket: I expect the discussion to need a few dozen emails, and we’ll definitely want sub-threads, that are not supported in Redmine.
#8 Updated by intrigeri 2014-05-13 05:48:17
- Blueprint set to https://tails.boum.org/blueprint/HTTP_mirror_pool/
#9 Updated by intrigeri 2014-05-13 06:10:17
- % Done changed from 0 to 10
Anyone interested, please add your information (ideally, in an organized way) on the blueprint (either via the web interface, if it works, or as pull requests sent to tails-dev@boum.org), and participate in the discussion on the tails-dev mailing list. Thanks in advance!
#10 Updated by sajolida 2014-07-10 15:05:24
- Target version set to Sustainability_M1
Tails 2.0 if mission critical, otherwise consider it as non-blocker
#11 Updated by Anonymous 2014-08-07 17:50:35
(% Done can be at least 50% now imho)
I created the needed JavaScript code now; all that would be left to be done is telling the mirror owners to do a small configuration change, depending on what solution you prefer. :)
There is also an example website for both solutions linked on the blueprint page.
https://tails.boum.org/blueprint/HTTP_mirror_pool/#index3h1
Best regards,
Tobias Frei
#12 Updated by intrigeri 2014-08-08 21:30:14
Replied on tails-dev@. Let’s keep the discussion there for now :)
#13 Updated by sajolida 2014-08-31 06:37:46
- Category changed from Infrastructure to 214
#14 Updated by sajolida 2014-12-07 19:49:26
- Subject changed from Support 30+ HTTP mirrors to Support more than 24 HTTP mirrors
#15 Updated by BitingBird 2015-01-04 18:53:36
- Category changed from 214 to Infrastructure
#16 Updated by intrigeri 2015-04-06 12:21:25
- blocks #8668 added
#18 Updated by intrigeri 2015-05-28 15:12:05
- Assignee deleted (
None) - Target version changed from Sustainability_M1 to Tails_2.3
- Type of work changed from Research to Code
#19 Updated by intrigeri 2015-08-26 06:03:34
- Deliverable for set to 269
#20 Updated by Anonymous 2015-09-26 15:02:02
We decided to implement a two-way strategy for this feature:
- keep DNS as is, serving 3 highly reliable mirrors only. This will be the fallback for people who do not use JS.
- use Vanilla JS (no frameworks) to modify the link on the download page. This JS will be hosted in a git overlay, so not every contributor can interfere with it. It’ll load a JSON file, probably hosted on another overlay, with a list of mirrors and an assigned weight. weight 0 would mean that the mirror is currently not active. We’ll use JSON and not YAML to avoid 3rd party parsers.
I’ve updated the blueprint with my working prototype.
#21 Updated by anonym 2016-05-08 05:10:23
- Target version changed from Tails_2.3 to Tails_2.4
#22 Updated by intrigeri 2016-05-10 03:26:27
- blocked by deleted (
#8668)
#23 Updated by anonym 2016-06-08 01:34:52
- Target version changed from Tails_2.4 to Tails_2.5
#24 Updated by BitingBird 2016-06-26 08:23:27
- Status changed from Confirmed to In Progress
#25 Updated by intrigeri 2016-07-30 08:27:12
- Target version changed from Tails_2.5 to Tails_2.7
#26 Updated by intrigeri 2016-11-09 15:56:14
- QA Check set to Ready for QA
(The only two remaining subtasks are Ready for QA, so once they pass their review we can close this ticket as resolved! :)
#27 Updated by Anonymous 2016-11-09 15:58:48
- Status changed from In Progress to Resolved
- Assignee deleted (
)
woohoo!
#28 Updated by intrigeri 2018-04-08 16:47:24
- QA Check deleted (
Ready for QA)