Scale ATProto handle resolution #744
Comments
snarfed
changed the title
|
Upcoming option: https://dns.kitchen/ , all you can eat zones/records, $5/mo. |
|
@neatnik mentioned https://desec.io/ too. |
|
Maybe obsoleted by #830 🤞 |
|
...nope, turns out #830 probably won't work after all, so this issue definitely still applies. |
|
The 10k limit in Google Cloud DNS is a quota, |
|
Tried requesting a quota bump. 🤞 |
|
In unrelated very good news, @bnewbold built us a whole new microservice to solve this! bluesky-social/atproto#1697 (comment) . Extremely generous of him. Thank you Bryan!!! |
|
More good news, I asked for a GCP DNS quota bump to 50k and got it. Woo! |
|
We're currently at 6500 DNS records, with the limit still at 50k. We'll (hopefully) still need to figure this out eventually, but it seems like we have plenty of time. |
We need to serve ATProto handle resolution for all users bridged into ATProto (background: #381). They support both DNS and HTTPS methods, but our ATProto handles are multi-level, eg
@user@mastodon.socialbecomesuser.mastodon.social.ap.brid.gy, and you can't make multi-level wildcard SSL certs, so HTTPS won't work, so DNS it is.We're currently using Google Cloud DNS. It serves the entire
brid.gyDNS zone, and we create_atprotorecords for handle resolution manually. The catch is that GCP DNS has a hard limit of 10k records per zone, which we'll likely outgrow. Grr.We could make a zone per sub-subdomain, eg per fediverse instance, so
mastodon.social.ap.brid.gywould become its own zone, but GCP DNS also has a hard limit of 10k zones total.So, we eventually need to switch to a different programmatic DNS service or run our own DNS server. Whee.
The text was updated successfully, but these errors were encountered: