configure CDN #52
Comments
|
Sounds good to me. |
|
Okay, looked into this. Neither MaxCDN nor Fastly support apex domains. We would have to use Also, I'm not sure what's going on with pricing for SSL. I'm seeing $39/mo at MaxCDN for custom SSL (right?), but over $100/mo at Fastly for even shared SSL. I don't feel like I have a good handle on what the real costs for SSL are going to be. |
|
@olivierlacan Here are two options:
|
|
I think you can have an apex domain using the amazon cloudfront cdn in Andrew Kuklewicz On Fri, Sep 13, 2013 at 5:46 PM, Chad Whitacre notifications@github.comwrote:
|
|
Good look, @kookster, thanks! :-)
|
O.O |
|
@olivierlacan I'm afraid $600/mo is not in the budget that I can see. What do you think is the best way forward here? |
|
@olivierlacan I've modified option two above to suggest that we could launch now without a CDN, and expect to be able to pay for AWS by the time we really need it. |
|
@olivierlacan Let me know how you'd like to proceed. |
|
I'm pretty sure that is the cost for adding an ssl cert, and has nothing to Andrew Kuklewicz On Fri, Sep 13, 2013 at 10:28 PM, Chad Whitacre notifications@github.comwrote:
|
|
You can read more about it in this blogpost that shows the set-up - these Andrew Kuklewicz On Fri, Sep 13, 2013 at 10:47 PM, Andrew Kuklewicz <
|
|
@kookster Sorry to not be clear: we need SSL. Since Shields PNGs will be used on SSL web pages, we need to make them available on both HTTP and HTTPS to avoid mixed-content issues. If I'm not mistaken, SSL is actually a stricter requirement for us than an apex domain. |
|
@whit537 It seems like a good idea to be thrifty if we can save $500 by using I'll defer to @nbibler (hoping he has time to chime in) since he's a lot more savvy when it comes to SSL than I am. Launching without a CDN might be feasible though. I don't mind baby steps. :-) |
|
@olivierlacan It sounds like your ideal would be to use http://shields.io/ for everything public-facing. Yes? |
|
Yessir. On Sun, Sep 15, 2013 at 11:14 PM, Chad Whitacre notifications@github.com
|
In that case, I propose that we launch with our current Heroku setup, and move to Amazon when we're further down the road (more traffic, more money). If this is agreeable, then here's what I think we want to do:
Sound good, @olivierlacan? |
|
@olivierlacan Actually, it'll be a different CNAME due to SSL at Heroku. Let me know if you want to proceed with this plan and I'll get you the right CNAME. |
|
For the time being, I would suggest using Heroku's SSL Endpoint ($20/mo) and a decent SSL certificate (GeoTrust QuickSSL Premium, for example.. one time per year, ~$100) and just running everything directly from Heroku under badges.shields.io or secure.shields.io or something. That still gives you the flexibility of moving to a CDN in the future by just moving the CNAME to the CDN hosts and migrating the certificate in the future. |
|
@whit537 I'm good to go, let me know which CNAME I should point to. |
|
Thanks for weighing in, @nbibler. We're verified with StartSSL, so we can get unlimited certs (they charge for verification, not for certs). I think we should still be alright to launch with |
|
Sounds fine. My only concern is that you want to use whatever domain now that you anticipate using in the future. Because it's trivial to update the DNS for a CNAME, its far more difficult to have all the services and providers update their URL references in the future. Dedicating a subdomain to the "API"-built images sounds like a good idea to me to do early. |
|
@nbibler Good call. If we decide in the future that we need to separate our marketing pages from the PNG API, we could always move the marketing pages to a subdomain like @olivierlacan has the final decision on this one, IMO. |
|
Is it more semantically natural to have ...
Or what? |
|
It might not just be marketing pages, too. I suppose in the future we'll want to have traffic reports, etc., eh @olivierlacan? |
|
I presume at some point you'll want to track and report which badges are being requested, at what request rate, at what file size, etc. It would be useful to know what services are using this and what kind of load they put on your system. If this ever moved to a pay-per-use model, you'll need to track that anyway and probably want to have a concept of what a reasonable usage is. |
|
@nbibler Yup, I'm with you. :-) |
|
My thinking at this point is that we should keep the PNG API and the marketing/admin pages separate.
@olivierlacan Do you see value in splitting our URLs or do you still want to use |
|
👍 for @whit537. I would split them, they've got two different purposes and it allows you to do more interesting things on the |
|
If we wanted to save |
|
You could act-as-if and just call it |
|
@olivierlacan Okay! So let's go with:
I'm going to proceed on that basis unless you indicate otherwise, @olivierlacan. Thanks for weighing in! :-) |
|
Any of them sound fine to me. I'm certainly a fan of not using the top-level for it... so whatever subdomain you guys decide on will give you the most flexibility, I think. |
|
Yay for decisions! 💃 |
Based on #52, I forked this repo to img.shields.io. This commit prunes the things we don't need anymore on shields.io.
|
Okay! I've forked an img.shields.io repo, leaving this one as a static Heroku site for now using the PHP hack, with an index.html file as the homepage. |
|
I've deployed both to Heroku, so we're ready for a DNS change, @olivierlacan!
|
|
I guess I need to configure SSL on img.shields.io. I've reticketed that as #66. |
|
|
|
|
|
Is the new server not running yet? |
|
Looks like this works: http://img-shields-io.herokuapp.com/gittip/activeadmin.png |
|
|
|
? But img.shields.io still isn't working |
|
@daxter Fixed, sorry. Needed to add the domain to the app in Heroku. I think we're live! 💃 |
|
@olivierlacan Let's drop origin.shields.io. We can add it again in the future if we need it. |
|
Yep, it's working for me. 🐼 |
|
Sweet! 🍡 |
|
@whit537 Getting this on HTTPS: Normal? |
|
@olivierlacan Yeah, I haven't configured SSL yet. I reticketed that as #66. |
I have an account at MaxCDN that I'm planning to use for this, if there are no objections.
The text was updated successfully, but these errors were encountered: