[volunteergrid2-l] Making our web-facing gateways NOT a rope around our necks
Shawn Willden
shawn at willden.org
Tue Feb 8 07:52:35 PST 2011
On Tue, Feb 8, 2011 at 8:28 AM, Billy Earney <billy.earney at gmail.com> wrote:
> Where can I read more about these capabilities and how to set them up.
>
A capability isn't something you "set up". It's more like a URL or a
pointer that gives you access to something. In this case it gives you some
authority over a distributed file or directory -- the authority may be
read/write/very, read/verify or verify-only. For Tahoe directories,
capabilities (caps for short) provide the same level of authority
transitively to the entire directory tree rooted at that directory. So if
someone gives you the read/write/verify cap for a directory, you get
read/write/verify capability for all of the directories and files "below" it
(though some may not be mutable, so you can't write them).
Any time you place a file or a directory in Tahoe, a corresponding set of
caps comes into existence. I'm sure there must be documentation that
explains the concept and its instantiation in Tahoe, but I can't find it.
As an example, here's the read/write/verify cap for a directory in our grid:
URI:DIR2:cpt6lbpnwecztgw5hsy4ak6b4y:f5tcc7bscayxv65urdm6e7bnlltwoquibd46ssnpkdxjpxfiwxoq/
And here's the read/verify cap for an immutabe file in that directory (which
you could also get through the directory):
URI:CHK:z7v7spbmq6sv7jnia3aqtmhsxq:gnntxisx6tosspaphxajethcdkgzdruo4egbetbr7vxi3weptruq:6:15:1052988
To use these caps, take any gateway node's hostname and port number and put
them together with the cap like so:
http://<hostname>:<port>/uri/<cap>
You can use your gateway to get at my directory and file that way.
Supposing we had a read-only public gateway, you could give a URL of that
form to anyone and they could get to files and directories you choose to
share. Even cooler, if we implemented Jody's suggestion of some sort of
round-robin load-balancer, you could give a URL like:
http://<vg2loadbalancer>/uri/<cap>
to someone and they could use it to get files, with the actual retrieval
being done by different nodes in the grid in turn, to prevent any of them
from being too heavily loaded. Alternatively, we could set up a public
gateway on one machine that has lots of bandwidth and processor and then we
could just use that for sharing with the general public.
--
Shawn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/cgi-bin/mailman/private/volunteergrid2-l/attachments/20110208/5efd379c/attachment-0001.html>
More information about the volunteergrid2-l
mailing list