Skip to main content

Compute

Compute is the component of Common in charge of providing out-of-band processing. It can run jobs both on-demand and on-schedule.

Public Oath

Fluid Attacks will constantly look for out-of-band computing solutions that balance:

  • Cost
  • Security
  • Scalability
  • Speed
  • Traceability

Such solutions must also be:

  • Cloud based
  • Integrable with the rest of our stack

Architecture

ArchitectureArchitecture
  1. The module is managed as code using Terraform.
  2. Batch jobs use AWS EC2 Spot machines.
  3. Spot machines have Internet access.
  4. Spot machines are of aarch64-linux architecture.
  5. Batch jobs are able to run jobs, but for as long as an EC2 SPOT instance last (so design with idempotency, and retrial mechanisms in mind).
  6. Jobs can be sent to batch in two ways:
    • Using curl, boto3, or any other tool that allows interacting with AWS API.
    • Defining a schedule, which periodically submits a job to a queue.
  7. AWS EventBridge is used to trigger scheduled jobs.
  8. On failure, an email is sent to [email protected]
  9. Batch machines come in two sizes:
    • small with 1 vcpu and 8 GiB memory.
    • large with 2 vcpu and 16 GiB memory.
  10. All runners have internal solid-state drives for maximum performance.
  11. A special compute environment called warp meant for cloning repositories via Cloudflare WARP uses 2 vcpu and 4 GiB memory machines on a x86_64-linux architecture.
  12. Compute environments use subnets on all availability zones within us-east-1 for maximum spot availability

Contributing

Please read the contributing page first.

Last updated on