[HN Gopher] Show HN: Jonline, AGPLv3 Social Network Built with R...
___________________________________________________________________
Show HN: Jonline, AGPLv3 Social Network Built with Rust, Flutter,
React, gRPC
I have two instances that I'd love to see HN hug to death at
https://jonline.io (to which I manually deploy) and
https://getj.online (which is deployed to for any commit to main on
GitHub). They're both running (side by side, in their own
namespaces) on a bare minimum 2GB/50GB DigitalOcean droplet using
DOKS (DigitalOcean Kubernetes). The configurations are in:
https://github.com/JonLatane/jonline/tree/main/deploys/k8s So far
this is a solo endeavor, but with my recent CI integrations and
consolidations of things within the codebase, it's pretty much
ready for anyone who wants to contribute to do so. I've labeled
some "good first issues" if anyone is interested in contributing:
https://github.com/JonLatane/jonline/issues A few more tech
details are available within the app itself, at
https://jonline.io/about_jonline or
https://getj.online/about_jonline. Edit: Hug of death is in full
effect! I think it's the CPU required for all the TLS stuff being
done. I can't even `kubectl logs` to get more information. I
should really be limiting the resources of my containers, etc. as
I'm obviously running way beyond what my rinky-dink single server
is really meant for. If you're interested, let me know!
CPU/Load/Memory graphs in case y'all are curious (yes, I know I'm
already using most of that poor server's memory!):
https://imgur.com/7xGpvRI
Author : pseudocomposer
Score : 45 points
Date : 2023-06-14 18:08 UTC (4 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| [deleted]
| MrStonedOne wrote:
| [dead]
| dcow wrote:
| Apparently "dogshit easy to deploy to your K8s cluster" but not
| as easy to scale. XD
| [deleted]
| pseudocomposer wrote:
| It's pretty easy to scale, but scaling nearly anything costs
| more money than I have to spend on a hobby project :) I'm
| paying about $25/mo out-of-pocket to run both those domains. It
| would probably have lasted a good bit longer with external
| Postgres and S3/MinIO services, more instances, and/or a
| beefier server behind them. But all those things cost money :)
| Bear in mind, this is basically the cheapest "run your own
| server" price point I could find.
|
| Looks like the CPU load of all the TLS/HTTPS stuff is what's
| doing it in now.
| ramesh31 wrote:
| >Looks like the CPU load of all the TLS/HTTPS stuff is what's
| doing it in now.
|
| Your landing page should be serving static cached HTML from
| S3/Cloudflare (or Varnish, even). There's no reason your app
| server should be handling that load at all.
| pseudocomposer wrote:
| Excellent suggestion! I've typically done this in the past;
| however, targeting Kubernetes deployments, having a single
| point of ingress has been a major factor of keeping costs
| down. But no doubt, multi-ingress would speed things up.
| There's also a whole Media subsection of the app that uses
| an internal S3 instance, which would obviously be more
| efficiently served from its own ingress/egress.
|
| If you have some ideas for how I could handle automatically
| rolling out updated HTML/JS to such a CDN from the K8s
| cluster, I'd definitely be interested. PRs/code would be
| best, but even just walking me through any good solutions
| you know would be immense :)
| ramesh31 wrote:
| Take a look at Cloudflare:
| https://developers.cloudflare.com/cache/
|
| It's completely agnostic to your setup. Just point your
| domain to their nameservers, define the routes you want
| cached, and that's it.
|
| There's also an API where you can do your invalidations
| on deploy:
| https://developers.cloudflare.com/workers/learning/how-
| the-c...
| pseudocomposer wrote:
| Yes, I use Cloudflare for the website for
| https://beatscratch.io. However, I want to have a TLS-
| secured gRPC server also available on the same domain,
| which means using Cert-Manager, which is definitely
| easier if your DNS provider also does your Kubernetes
| service. I've been hopeful that I can keep all the things
| behind a single ingress and ideally served from a single
| Rust binary, but I'd love to see folks submit better
| solutions :)
| ramesh31 wrote:
| >However, I want to have a TLS-secured gRPC server also
| available on the same domain
|
| Now this is getting into opinion, but I don't believe
| gRPC was ever intended to talk to browsers. And with TLS
| termination in the mix, are you really even saving
| anything versus just translating to HTTP(S) and Gzipping
| for the clients?
|
| A typical setup is Backend -> protobuff grpc -> GQL/Auth
| server -> HTTPS -> client
|
| With the backend and GQL server in a VPC, so no need for
| TLS.
| pseudocomposer wrote:
| Yeah, I'm just eliminating the GQL server as it's a bit
| redundant :)
|
| I'd argue that for what I want to do (single ingress
| everything), gRPC's various language-specific frameworks
| handle TLS _better_ than most (obviously not all) HTTP
| frameworks. Most HTTP frameworks just expect you to put
| them unsecured behind a separate ingress to do the TLS.
|
| For instance, as we can see with my own deploy here,
| Tonic (the Rust gRPC server) has handled TLS much better
| than Rocket (the Rust HTTP server).
| david2ndaccount wrote:
| Neither link works: Secure Connection Failed
| An error occurred during a connection to jonline.io.
| PR_END_OF_FILE_ERROR Error code:
| PR_END_OF_FILE_ERROR The page you are trying to
| view cannot be shown because the authenticity of the received
| data could not be verified. Please contact the website
| owners to inform them of this problem.
| pseudocomposer wrote:
| Yup, the SSL stuff, along with the actual DB, file, and other
| stuff, has brought that poor server to its knees :'(
| devsegal wrote:
| The "Hacker News Hug of Death" is now 1 concurrent user at a
| time.
|
| What a time to be alive :)
| discreteevent wrote:
| Does this use grpc-web for the front end?
| [deleted]
| pseudocomposer wrote:
| It does! It's done in the BE here:
| https://github.com/JonLatane/jonline/blob/6cd6c24ee3ceb09ef3...
|
| Negotiation of what transport type to use is done (at the Dart
| linking level) in Flutter here:
| https://github.com/JonLatane/jonline/blob/6cd6c24ee3ceb09ef3...
|
| And it's done in React here:
| https://github.com/JonLatane/jonline/blob/6cd6c24ee3ceb09ef3...
| wharfjumper wrote:
| Be careful what you wish for!
|
| Dead for me
| [deleted]
| adalu wrote:
| [dead]
| awinter-py wrote:
| clearly the right language for a social network is to start in
| RoR and then spend a decade porting to Scala
___________________________________________________________________
(page generated 2023-06-14 23:01 UTC)