
Jump to: navigation, search


1,669 bytes removed, 22:06, 11 April 2012
= Goals =
So here's the challenge we facetldr: having a centralized login service. Current login for sync looks like this:
# provide username and password# we log into ldap with that username and password and grab your sync node# we check the sync node against the url you've accessed, and use that to configure where your data is storedSee: http://docsThis solution works great for centralized loginservices. It's fast, has a minimum number of steps, and caches the data centrallymozilla. The system that does node-assignment is lightweight, since the client and server both cache the result, and has support for multiple applications with the com/nodetoken/<app> API protocolindexHowever, this breaks horribly when we don't have centralized login. And adding support for browserid to the SyncStorage protocol means that we're now there. We're going to get valid requests from users who don't have an account in LDAP. We won't even know, when they make a first request, if the nodehtml#goal-assignment server has ever heard of them. So, we have a bunch of requirements for -the system. Not all of them are must-haves, but they're all things we need to think about trading off in whatever system gets designed: * need to support multiple services (not necessarily centrally)* need to be able to assign users to different machines as a service scales out, or somehow distribute them* need to consistently send a user back to the same server once they've been assigned* need to give operations some level of control over how users are allocated* need to provide some recourse if a particular node dies* need to handle exhaustion attacks. For example, I could set up an primary that just auto-approved any username, then loop through users until all nodes were full.* need support for future developments like bucketed assignment* Needs to be a system that scales infinitely.
= APIS =

Navigation menu