This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2019-06-14
Channels
- # announcements (2)
- # aws (12)
- # aws-lambda (5)
- # beginners (42)
- # calva (56)
- # cider (16)
- # clj-kondo (1)
- # cljs-dev (45)
- # cljsjs (1)
- # cljsrn (25)
- # clojure (171)
- # clojure-europe (3)
- # clojure-italy (16)
- # clojure-losangeles (2)
- # clojure-nl (49)
- # clojure-spec (2)
- # clojure-sweden (3)
- # clojure-uk (11)
- # clojurescript (84)
- # component (11)
- # core-async (12)
- # core-logic (2)
- # cursive (8)
- # datomic (41)
- # events (2)
- # fulcro (48)
- # graalvm (1)
- # graphql (1)
- # hoplon (12)
- # jackdaw (1)
- # jobs (1)
- # jobs-discuss (45)
- # joker (5)
- # keechma (10)
- # nyc (3)
- # off-topic (14)
- # pathom (16)
- # qa (1)
- # re-frame (22)
- # reagent (12)
- # reitit (4)
- # remote-jobs (1)
- # shadow-cljs (40)
- # spacemacs (3)
- # timbre (3)
- # tools-deps (29)
Hiya, we're using Datomic Cloud and need to open it to the internet. What's the easiest way to do this in a production topology? We have a solo topology where we add ingress rules to the node security group, but in production there's an internal NLB that presumably routes requests to the nodes; if we swap that out for an internet-facing NLB then CloudFormation will probably kill it?
@conan api gateway. In solo, use apigw lambda proxy, in production use the new http-direct integration with api-gateway.
actually one question: what exactly would we connect the api gateway to? is it the contents of the node security group (i think that's where the peers are, which is what we need for db access)?
I think the larger architectural problem is that you’re running your application in heroku and trying to access your database in a different datacenter. Independent of datomic cloud, this is likely going to result in slower performance than you like because you’ll need to be streaming data out over the open internet. Is there a reason you chose to use datomic cloud but not elastic beanstalk instead of heroku?
If I understand correctly HTTP Direct is only relevant for Ions, right? i.e. it’s not for providing access to client applications in general
Thanks 🙂
Don’t expose your database over the internet directly, you want api gateway to handle security, throttling, etc.
clients with static IP or not, the traffic flowing over the NLB does not have TLS @conan
the socks tunnel we use is encrypted, so long as we can terminate that somewhere in AWS we're fine
yeah but we don't want to be running all our db traffic over a low-availability bastion server
as in, it's a single ec2 instance. there doesn't seem to be much point running a high-availability production topology instance of datomic cloud if we run all the traffic over a single point of failure like the bastion
(i haven't spent much time thinking about it, the docs very much present the bastion as a dev tool rather than a production resource)
Hey Folks, can you tell me which time
attribute is used by datomic.api/since
to return a given version of a database?
https://docs.datomic.com/on-prem/clojure/index.html#datomic.api/since
yeah, but in case t form time i guess is used, which time value does it check internal to know the database version which fulfill the requirement?
every transaction has a datom [tx :db/txInstant instant]
. Tx is the transaction's entity id; t is just that id with partition bits stripped off (use d/tx->t and d/t->tx to convert between them). instant is a java.util.Date corresponding to whatever the transaction time is