Are there any known patterns of using
# spicedbm
make it go faster
12/05/2023, 6:32 PMAre there any known patterns of using spicedb with the CDN edge serving protected content?
v
vroldanbet
12/05/2023, 6:48 PMyou mean running SpiceDB at the Edge?
m
make it go faster
12/05/2023, 6:50 PMso CDN's are largely distributed all around the world. How do CDNs which are distributed interact with distriubted mesh of SpiceDB. Is SpiceDB meant to be geographically distributed as well?
make it go faster
12/05/2023, 6:50 PMlike is a spiceDB cluster that would span the world and the CDN edges interact with that cluster?
make it go faster
12/05/2023, 6:51 PMany reference to blogs on running spiceDB at a global scale will be highly appreciated
make it go faster
12/05/2023, 6:52 PMI don't want to introduce another caching layer for permissions between spiceDB and CDN edges
j
Joey
12/05/2023, 7:00 PM> Is SpiceDB meant to be geographically distributed as well?
Joey
12/05/2023, 7:00 PMyes
v
vroldanbet
12/06/2023, 10:47 AMYou'd need to use a datastore that supports strong consistency and geographical distribution. Right now the options SpiceDB supports are Spanner and CockroachDB.
You'll need to find the intersection between regions supported by CockroachDB/Spanner and regions where you will be serving your CDN from, and deploy SpiceDB there. If they are not in the same region, a region close nearby may do it depending on your latency requirements.
If your relationship changes are rather infrequent and the dataset is small enough to fit in memory, you could deploy SpiceDB with the in-memory datastore and put it in read-only mode. Basically you'll store all the relationships and your schema in a YAML file SpiceDB will load from, and when you need to change permissions, you could then deploy a new SpiceDB with the new YAML file. You could also use a
zed2 Views