Serving files securely to web clients via mogile

Mark Smith smitty at gmail.com
Thu Nov 8 13:14:22 UTC 2007


> I want to use mogile to serve files to remote clients via http. Ideally
> the files should be accessed directly from the storage nodes by the
> clients. Mogile seems good for this since all file access is via http,
> and it works nicely with robust http servers (like lighty).
>
> Problem is that I don't want the remote clients to see the actual
> MogileFS file path when accessing the files and I want some security not
> letting any client access any file. So instead of providing the client
> with something like "http://myserver.com/dev1/0/000/000/000000001.fid",
> I want the client to access some name I generate (for example with
> lighty's mod_secdownload).
>
> Question is how would I go about configuring the storage nodes to do
> this? Is there any such built in functionality in MogileFS?

That's not how MogileFS is traditionally used in a web environment.
The idea is that you run your MogileFS network internally and then
expose to the user something else that uses the MogileFS trackers to
translate your-names to internal-names.  The storage nodes are then
never exposed to the end users.

This setup gives you the advantage of controlling paths caching in
your application (you know best when certain items should expire, if
ever) as well as the flexibility to properly handle fallback in the
case of unavailable storage nodes.  It's also safer, you don't have to
plan your storage nodes to have separate upload and download
processes.

Anyway ... apparently we don't have "best practices" setup information
on the site or wiki... that's lame.  Well, typically MogileFS is
combined with Perlbal as the latter does most of the heavy lifting for
using MogileFS.  You still need your application servers to do a paths
lookup and decide on caching policies (if you want to enable path
caching), but you don't need to do any file serving there, Perlbal
will do it from the storage nodes.

I have a strong feeling that this is just going to be more confusing
than it was helpful, and I know our documentation is horrendous for
beginners, so please reply (to the list!) with questions and we'll get
you going.  :)


-- 
Mark Smith / xb95
smitty at gmail.com


More information about the mogilefs mailing list