I'll keep this channel posted when we're able to start adding again 🙂

Thanks for update. Is there anybody I can bribe? 😉

Haha no, though we can't wait to get you access

Question for everyone: If you could use Durable Objects, would GDPR compliance matter to you? Is it important you know where your Durable Object lives?

GDPR is always a requirement, at the moment we can enforce through the script several mechanics. My experience with data is that you only need to know the minimum data required for your business model. E.g. : irrelevant data: DoB, gender Relevant data: older than 13. It is critical that Cloudflare staff can read scripts, but cannot read KV and DObj, as they contain user data. Considering that data is encrypted at storage, you can always stop a worker executing at an undesired jurisdiction. We return to the routing team problem, EU users should always be routed to EU PoPs, US -> US PoPs or within treaty jurisdiction like Privacy Shield, or Schengen Area.

It would certainly be great to have GDPR compliance using Durable Objects. Argentinian laws related to the protection of personal information (Ley 25326) expects every business that has a database containing PI/PII to be registered on an official registry and only transfer data of this nature from/to a small set of countries. Without knowing where Durable Objects live you'd have to request an exception and explain why you consider that the information is 'safe', leaving it up to the government to decide if they agree or not while adding considerable time to the process. Being able to select where to store and process data with Workers would prevent this. In short, yup, I believe that GDRP compliance would help smooth compliance processes.

GDPR is a requirement, always. We stay as far away from storing PII data as possible. Currently, we're not storing any. > EU users should always be routed to EU PoPs, US -> US PoPs or within treaty jurisdiction like Privacy Shield, or Schengen Area. +1 for this

Hey folks! I'm working on a real-time game using Durable Objects, and I'd like to know whether DOs are subject to the normal 50ms Worker CPU time limits, or other limits I'd need to know about. Specifically, each DO instance represents the state for a single game session, with 2-6 clients connecting to it via a websocket, not dissimilar to the edge-chat-demo sample application. Each game session can last potentially for hours with rapid message passing among players, so it seems that even with relatively low-CPU workload you'd hit the standard limits eventually. I guess my question is, in what scenarios are Durable Objects evicted from memory? And if they are, are there any recommendations on how to handle long-running use cases like game sessions or collaborative editing, both of which were mentioned in the announcement blog post?

Feel free to

@

me on reply, I may not be active on Discord during US working hours.

@User ^

Hey @User, Yep, Durable Objects are subject to the normal CPU limits. If you're on Unbound, those limits are raised, and that's the way to get around being evicted. You also can be evicted if you exceed memory limits or in the unlikely event that the metal you're running on dies or is taken offline. The Durable Object will then come back up on another machine on the next request, but you'll lose your in-memory state. You should always durably store anything you cannot lose, either in durable storage or via an external database/API.

Is there a limit to the amount of keys a DO can store?

This looks interesting, @User!

nope, just the limit on the total amount of storage used by the namespace as a whole

is that limit described somewhere? I can't find it

What about allowing us to scope to continents, and individual POP IANA codes

For example data can only be processed in IAD

You'll def want RU and CN for your enterprise customers

Russia requires platforms to keep data stored within the country

In the email I was told 300MiB total storage, for the private beta at least.

Single IANA codes would be a nightmare when that specific POP is down for some reason. That is also the reasoning for having at least 2 POPs in each of the big countries at least.

For people who are concerned allow them to provide a comma separated list

For example the Russia rules are more strict so while redundancy is nice it’s not necessarily an option unless you have two POPs in Russia

I guess the best of both worlds would be a per country specificity. Not all POPs would be accessible all the time, so if you miss one or another becomes available you'll some on that.

I mean this is the nature of compliance, for the majority of use cases you do not need to limit to a specific jurisdiction

Increased regulations make it more complicated to provide a public service

You’ll have tradeoffs in terms of availability

For sure, but with country specific filters you wouldn’t have compliance issues, but get the benefit of new POPs that come online.

I guess it wouldn’t be a free for everyone feature, but for at least Enterprise it would make sense.