Switch to GCS for user objects

idvoretskyi / horizon-cloud

An operations service to deploy, manage, and scale Horizon apps

0 stars 0 forks source link

Switch to GCS for user objects #72

Closed encryptio closed 8 years ago

encryptio commented 8 years ago

Replace rsync and ssh calls with HTTP(S) calls to Google Cloud Storage and the hzc-api.

This removes the need for a (persistent) user volume for their data, simplifying #41 to a single number. It simplifies running multiple horizon instances (because they no longer have a persistent volume.)

It does open a question of how to trigger updates for user objects (and atomically), but that's a simpler issue to solve.

encryptio commented 8 years ago

Another major improvement with this: we'll have no server-side user-given code for the beta, meaning nearly all the security bugs we currently have are moot (and can be solved later.) It might be worth doing the switch just for that benefit.

encryptio commented 8 years ago

Discussed this with @mlucy and decided to see how hard it is to go all the way to a CDN pointing at GCS and horizon (switching based on path and host.) It'd be retooling the entire HTTP stack at once, but it's far more scalable.

encryptio commented 8 years ago

Done.