Discussion:
[Sks-devel] sks.ustclug.org move to pgp.ustc.edu.cn
Shengjing Zhu
2018-04-22 08:24:13 UTC
Permalink
Hi all,

I have moved sks.ustclug.org to a new home, with new domain pgp.ustc.edu.cn.

Previously the server is maintained by a student association,
***@USTC(aka Linux User Group, University of Science and Technology of China).
Now the server moved to the university information center.

The new server has following IP:

pgp.ustc.edu.cn 600 IN A 202.38.95.91
pgp.ustc.edu.cn 600 IN AAAA 2001:da8:d800:95::91

If you have peered with sks.ustclug.org before, please update your membership
file to:

pgp.ustc.edu.cn 11370 # Shengjing Zhu <***@gmail.com> 0xCF0E265B7DFBB2F2

I'll send a separate email to my peers in next few days.

If you want to establish a new peer membership with me, please let me know!.

Thanks,
Shengjing Zhu
Shengjing Zhu
2018-04-24 04:05:07 UTC
Permalink
FWIW, since sks.ustclug.org(Aug 2016), I run sks inside a docker
container, I'm pretty sure the service runs well :)

When move to pgp.ustc.edu.cn, I have a dedicated server. But I still run
sks in docker, with host network.

The new Dockerfile can be found at
https://github.com/zhsj/dockerfile/tree/master/sks-full
It bundles a web server Caddy, so the deployment is much easier :)


And, I designed a new web page, if you interested, just look at
https://pgp.ustc.edu.cn/
Shengjing Zhu
2018-04-24 09:57:43 UTC
Permalink
Hi,
I hope you dont mind that I get back on the Docker thing, but I started
to think about autoscaling SKS keyservers around the world.
The main problem I came up with was the storage of the keydatabase - I
think its a normal BerkeleyDB? and it is not possible to share it
between multiple clients, so every instance needs its own database.
Yes, it's a normal BerkeleyDB.
Do you just keep the keyserver as a docker file and download and import
the dump manually or do you store the dump somewhere (and update it
every few hours) so the provisioning of a new machine does not take
longer than a few seconds.
Sad to say I don't scale the service, I just ran a single container,
previously in a docker cluster, but it's only one instance.

When I migrated sks this time, from one datacenter to another, I just
stop old container, sync the KDB dir to new server, rebuild PTree, and start
the new container.

I think the PTree can be directly syned too, but I didn't try.

So back to the problem, when you provision new machine, you don't need
to dump/build, just sync the DB dir. Because we use the same container,
same DB version, same libraries, even same DB path(inside container).
I don't think there's risk to skip the dump/build process.

BTW, we're off the list, I hope you don't mind I bring it back to the
list :)

BR,
Shengjing

Loading...