Sorry, I need to clarify one point of my original post. When I talk about no ACLs, I didn't mean that there were no restrictions at all; I meant no special ACLs such that "this host gets the mirror content modified in this way; that host gets it modified that way...". Either fully open, or just a allow/deny based on public mirrors that have registered with the centos mirrors team. In my opinion, I don't see a reason for non-public mirrors to ever talk to msync. There are enough of the "tier 2" mirrors (non-msync mirrors) that allow rsync, etc. that people should pull from them. Many of them even have considerably more bandwidth than the msync ones do (I regularly serve 40MB/s, and have gone as high as 60MB/s, and could probably do more...). Many of these public mirrors also run rsync, as I now do, so its easy to pull from them. For a couple years, I ran a private/local-only mirror, and I always just rsync'ed against a tier 2 mirror (such as osuosl.org). --Jim On Wed, May 19, 2010 at 10:26 AM, Karanbir Singh <mail-lists at karan.org> wrote: > Hi, > > On 05/19/2010 05:15 PM, Jim Kusznir wrote: >> Presently, it is my understanding that there are two different repos >> maintained: ones with dvd images, and ones without. > > The reasons for this split are mostly due to issues that have been a > major factor in msync setup in the past, many of the issues are no > longer relevant. We have been talking about refactoring the entire setup > and over the next few weeks will start the process of. > > > In fact, >> I'd almost expect future major releases of CentOS (6+) to distribute >> DVD isos instead of the CD disk 1 of xx isos. > > At the present moment, this is speculative, I dont think we should > predecide how centos-6 or even > 5.5 are going to shape up, but we > should make sure that we keep the doors open for any major change that > comes in - or hasto be brought in. > >> So, I propose that the dvd-less mirror system is eliminated (all msync >> mirrors carry DVDs). No special ACLs either... > > I dont think ACL's should go at all. I think we need to have a good > system in place, that makes it possible for large ublic mirrors to not > need to contest with smaller localised private mirrors in order to get > the tree out there, as soon as we are able to = and do that in a stable, > sane manner. > > One of the options that is on the cards is to reduce the number of > machines we have in msync down to maybe 8 - 10, and have them serve up a > public rsync targets, while we move a bulk ( 20 to 25 odd ) of the > msync machines into a private push only network, so in order to recieve > the tree from these machines, admins would need to host a key and > allow rsync from specific IP's. The exact details of how that might > work, or even IF we want to consider that, need to be worked out - but > its one of the options to consider. > > One thing that we all need to keep in mind is that the .centos.org > network of machines is hosted almost exclusively out of donor machines, > running in DC's run by hosting companies and we rarely ever get more > than 60 - 70mbps out of a single machine. There are a few exceptions, > but only a 'few'. So we ideally want to focus on pushing to public > mirrors with as much b/w as we can - and have the user-end of the > spectrum pull from these public mirrors. And I dont see how to achieve > something like that without ACL's in place. > > - KB > > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror at centos.org > http://lists.centos.org/mailman/listinfo/centos-mirror >