338
Lemmy.world is down because of a DDOS attack
(lemmy-world.statuspage.io)
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
This is a shame. Hosting a high visibility server is no joke, and I don't envy the admins and the very difficult work they do. It's simultaneously an argument for and against decentralization. For - a single instance can get knocked out without talking out the whole fediverse. Against - it seems as though high visibility communities are potentially fairly easy to target and take down.
I think that decentralization wins out here in the end, but it does feel like there may be a need for some sort of fallback mechanism to be in place at an instance/community level. I suspect this might evolve somehow over time. It would require some way to expand trust between instances and or portability of communities (which could be fraught with user trust/data integrity issues).
If things don't evolve it could grow into a whack-a-mole game for bad actors, or there might need to be more investment into server infrastructure (which could work against decentralization if only because of economies of scale).
Or maybe there's no issue after all? I'm just imagining potential implications of a scaling fediverse - it's fascinating and exciting stuff!
Thoughts?
You don't need to necessarily centralize to defend against DDos or similar attacks. You can add things like Cloudflare for DDos mitigations, CDN and maybe something like Kubernetes for horizontal scaling of servers (spin up more servers to handle extended load) transparently behind the scenes. This can also get you the benefits of low geographical latency, so a load-balancer fetches you data from the closest replica of a database geographically, etc.
Of course, all this adds up in terms of cost, but I think this might be worth it for the largest instances. I suppose that can still be considered centralization.
If we wanted to encourage small many small instances instead, perhaps there could be a transparent load-balancer layer for the fediverse that instances could sign up for, that is managed by a devops group. Alternatively, lemmy could have built-in load-balancing, caching, etc. as part of its codebase that instance operators can set up with their own accounts at Cloudflare, etc.
Agreed. Ultimately, that's the point. There are solutions (with ongoing vigilance required) but it comes with an ongoing cost, be it server infrastructure or human resources).
I think the federated load balancer might be interesting but I expect there are many pitfalls that need to be considered and addressed wrt security, trust and integrity of data.
Anyway, it's amazing to see this all grow and evolve.
Definitely, very exciting times!