marmot
Ory Kratos
marmot | Ory Kratos | |
---|---|---|
33 | 41 | |
1,628 | 10,564 | |
- | 0.8% | |
8.6 | 9.6 | |
3 months ago | 6 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
marmot
-
Distributed SQLite: Paradigm shift or hype?
If you're willing to accept eventual consistency (a big ask, but acceptable in some scenarios) then there are options like marmot [1] that replicate cdc over nats.
[1]: https://github.com/maxpert/marmot
- Marmot: Multi-writer distributed SQLite based on NATS
- Why you should probably be using SQLite
-
The Raft Consensus Algorithm
I've written a whole SQLite replication system that works on top of RAFT ( https://github.com/maxpert/marmot ). Best part is RAFT has a well understood and strong library ecosystem as well. I started of with libraries and when I noticed I am reimplementing distributed streams, I just took off the shelf implementation (https://docs.nats.io/nats-concepts/jetstream) and embedded it in system. I love the simplicity and reasoning that comes with RAFT. However I am playing with epaxos these days (https://www.cs.cmu.edu/~dga/papers/epaxos-sosp2013.pdf), because then I can truly decentralize the implementation for truly masterless implementation. Right now I've added sharding mechanism on various streams so that in high load cases masters can be distributed across nodes too.
-
SQLedge: Replicate Postgres to SQLite on the Edge
Very interesting! I have question ( out of my experience in https://github.com/maxpert/marmot ) how do get around the boot time, specially when a change log of table is pretty large in Postgres? I've implemented snapshotting mechanism in Marmot as part of quickly getting up to speed. At some level I wonder if we can just feed this PG replication log into NATS cluster and Marmot can just replicate it across the board.
-
Show HN: Blueprint for a distributed multi-region IAM with Go and CockroachDB
One of the reasons I started writing Marmot (https://maxpert.github.io/marmot/) was for replicating bunch of tables across regions that were read heavy. I even used it for cache replication (because who cares if it’s a cache miss, but a hit will save me time and money). It’s hard to make such blue prints in early days of product, and by the time you hit a true growth almost everyone builds a custom solution for multi-region IAM.
-
Stalwart All-in-One Mail Server (IMAP, JMAP, SMTP)
Amazing I was just looking for a good mail server to configure for my demo. Which reminds me since you folks have mentioned LiteStream, have you tried Marmot (https://github.com/maxpert/marmot); I recently configured Isso with Marmot to scale it out horizontally (https://maxpert.github.io/marmot/demo). I am super curious what kind of write workload on a sub thousand people organization will have and if Marmot can help scale it horizontally without Foundation DB. I always find the the convenience of SQLite amazing.
- Marmot: A distributed SQLite replicator built on top of NATS
-
LiteFS Cloud: Distributed SQLite with Managed Backups
Great that you brought it up. I will fill in the perspective of what I am doing for solving this in Marmot (https://github.com/maxpert/marmot). Today Marmot already records changes via installing triggers to record changes of a table, hence all the offline changes (while Marmot is not running) are never lost. Today when Marmot comes up after a long offline (depending upon max_log_size configuration), it realizes that and tries to catch up changes via restoring a snapshot and then applying rest of logs from NATS (JetStream) change logs. I am working on change that will be publishing those change logs to NATS before it restores snapshots, and once it reapplies those changes after restoring snapshot everyone will have your changes + your DB will be up to date. Now in this case one of the things that bothers people is the fact that if two nodes coming up with conflicting rows the last writer wins.
For that I am also exploring on SQLite-Y-CRDT (https://github.com/maxpert/sqlite-y-crdt) which can help me treat each row as document, and then try to merge them. I personally think CRDT gets harder to reason sometimes, and might not be explainable to an entry level developers. Usually when something is hard to reason and explain, I prefer sticking to simplicity. People IMO will be much more comfortable knowing they can't use auto incrementing IDs for particular tables (because two independent nodes can increment counter to same values) vs here is a magical way to merge that will mess up your data.
Ory Kratos
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
-
Show HN: Obligator – An OpenID Connect server for self-hosters
I was expecting hydra / kratos to show up as an alternative.. but did not see any. Does any have any experience, good or bad about it?
https://github.com/ory/kratos
-
Show HN: Blueprint for a distributed multi-region IAM with Go and CockroachDB
I think it would be fair to say that kratos was not the priority in 2022 in terms of code you can see not much was commited (https://github.com/ory/kratos/graphs/code-frequency) so I might have had a bad first impression.
A few issues on kratos that I consider relatively important are still missing / nobody from Ory is giving their input so it's hard to make progress and I would not take my time to contribute if I dont know if the owner are going to merge it.
An example that comes to mind is the OAuth email auto-verification or the search of users that is still super basic (we only recently got the filter of identifiers).
- Ory Kratos v1.0 with passkeys, MFA and multi-region
- Show HN: Open-source IAM Ory Kratos v1.0 with Passkeys, MFA and multi-region
-
What auth do you use? Why?
IMO it's almost always good to offer some OIDC social login, just depends what provider your users use.
- https://github.com/ory/kratos
-
Show HN: Open-source Auth0 alternative Ory Kratos v0.13 released – nearing v1.0
Check out the milestone on github: https://github.com/ory/kratos/milestone/15
not sure if that is everything.
-
State of OpenID Connect Providers
An open source solution pre-built from professionals like Ory Kratos or Keycloak saves you a lot of time and pain.
https://github.com/ory/kratos
- Create a Identity with ory console, CORS issue
What are some alternatives?
pocketbase - Open Source realtime backend in 1 file
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
cr-sqlite - Convergent, Replicated SQLite. Multi-writer and CRDT support for SQLite
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito
litefs - FUSE-based file system for replicating SQLite databases across a cluster of machines
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
wordpress-playground - Run WordPress in the browser via WebAssembly PHP
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
mssql-changefeed
Ory Keto - Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.
rqlite - The lightweight, distributed relational database built on SQLite.
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.