-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prepare the Worker for Production Adoption #74
Comments
So @targos afaik there's now the question why a new release did not trigger the GitHub Action, right? And there's also the issue that when the promotion script runs... the R2 uploads start to fail due to the CPU/Memory being used a lot... Or maybe because the network traffic on that moment is huge (due to the cache being invalidate on Cloudflare?) I feel that once we switch the traffic to R2 we wouldn't have this issue with uploading to R2 anymore, no? |
cc @MattIPv4 your input here would be nice. Is there a way we can make the droplet have a 2nd network interface? So that since the first one is congestioned the 2nd one can be used just for DO <> CF comms? |
(That would be great, because if we have a 2nd network interface with another public IP we can assign a domain there like (direct-cf.nodejs.org) and that can be also the domain that CF uses for caching things (?) idk if that would even make a difference. |
I'm not sure if it'd give you a second interface, but a Droplet can definitely have two public IPs -- the default anchor address of the Droplet itself, and then a reserved IP as well. https://docs.digitalocean.com/products/networking/reserved-ips/ |
That being said, I'm not sure how having a second IP/hostname will achieve anything? As soon as that hostname becomes publicly known, folks will start abusing it just like they do the current one... Maybe I've missed a discussion somewhere, but why isn't all HTTP traffic on the Droplet just restricted to Cloudflare only? There shouldn't be anything that needs direct access rather than being proxied through Cloudflare with some level of caching, or the ability for us to lock down access there (we could still have a hostname with little caching if needed, but have full access control in Cloudflare). |
I'm not sure it's related to people accessing the server directly. When there's a new release, we just have a lot of load coming from Cloudflare servers. |
I think we've merged the last bug-fixes on our side. Now we only need to ensure the sync script is working correctly and the links job is being triggered correctly. @MoLow any update on that front? |
https://github.com/nodejs/release-cloudflare-worker/actions/runs/7475122417 - seems to be working |
Wdym? That action was triggered because of a commit to main on cloudflare worker 🤔 |
No, that run was manually triggered by the bot, against the latest commit in main |
There are still a few loose ends we should fix before releasing our Worker fully on production, this issue tracks all pending work:
.txt.asc
files are downloaded instead of displayed in browser #69Staged Tests
Current Rollout
The items checked, mean that are now being served through Cloudflare Workers and our R2 (S3) bucket instead of our DigitalOcean Server + Cloudflare Load Balancer
/docs
/api
/download
/metrics
/dist
Only after all these are ack'd and confirmed we should switch traffic back to the Worker for /download and /dist
The text was updated successfully, but these errors were encountered: