Evaluate other CDNs #3026
Comments
paulmelnikow
added
the
operations
ghost
mentioned this issue
|
KeyCDN offers opensource sponsoring https://www.keycdn.com/open-source-cdn |
ghost
mentioned this issue
|
Perhaps tangentially related... Food for thought from FOSDEM https://blog.powerdns.com/2019/02/07/the-big-dns-privacy-debate-at-fosdem/ |
|
@techknowlogick Have you used KeyCDN? |
|
I haven't used them, but I some open source project I use are sponsored by them. Fastly (another CDN I don't have direct experience with, although some open source projects I use are also sponsored by them) does sponsor projects as well https://www.fastly.com/open-source |
|
This probably goes without saying, but I assume we'd want a CDN provider that maintains the DOS features we want/need just minus tracking cookies 😉 |
|
Just want to reiterate that the Shields application can be self-hosted really easily, guide on self hosting can be found here I do this myself at my day job (via Docker) so we can connect to private projects/services, but if anyone has any pressing needs/concerns around the CloudFlare cookie that comes with the Shields.io service at the moment, then running a self-hosted instance of the Shields application is definitely an option we'd recommend. You'd have access to all the same capabilities/badges, but there'd be no CDN/CloudFlare cookie It should run just fine, even on a small server (you could probably even run it on an f1-micro VM in GCP which Google offers for free in perpetuity😄 ) |
|
@calebcartwright could you open your CI and docker images? if not, that's okay too. |
|
@JHabdas - Sorry unfortunately I can't make that visible (it all resides on a private corporate network). I think one day we'll try to get around to publishing the Shields image out on Dockerhub, but for now folks will have to first build the docker image themselves. If you (or anyone else) run into any errors/issues, have any questions, etc. while trying to build the image and/or run the container let us know! Just open a new issue with the relevant info and we'll be happy to help. |
ghost
mentioned this issue
Server shields.io does not have a privacy policy. This CDN issue is not clear to me: badges/shields#3026
This comment has been minimized.
This comment has been minimized.
|
Cloudflare could disable cookie, for example, jsDelivr has Cloudflare disabled cookie for their domain |
|
It looks like Enterprise customers can do that. I think we could get a free enterprise plan as an OSS project (though currently we're on the free plan). Also worth considering, from https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies:
|
|
I think until cloudflare cookie is removed the "no tracking" promise should be removed from the homepage. |
|
I am going to close this issue because the main reason we opened it was because of the |
The badge server used Cloudflare as an SSL gateway from May 2015 (#459) to August 2018, at which time Cloudflare was configured to provide downstream caching as well (#1880). The cache carries about 40% of the production traffic.
Previously Cloudflare had also sat in front of shields.io (the website), but that is no longer the case (#608 (comment)).
To support the anti-DOS behavior it provides, Cloudflare sets a cfduid cookie on every badge request. They provide no way of turning this off. (See #2986)
It would be helpful to know about other CDN providers, and whether or not they have tracking cookies which can be turned off.
The text was updated successfully, but these errors were encountered: