Current situation : mirror.stream.centos.org (and rsync.stream.centos.org) role is actually deployed on sponsored infra, which is common with mirror.centos.org.

This "free" infra is mostly coming from sponsors listed under https://www.centos.org/sponsors but with limited resources (especially at the hard disk/storage space level)

When we started the mirror.stream.centos.org, we used the same pool but with time passing by, and CentOS Stream 9 mirror content getting bigger and bigger (all binary rpm, all source rpm and debuginfo packages, including now additional s390x architecture) and we had to remove more and more sponsored nodes from our mirror.stream.centos.org pool

Current situation :

== Statistics ==
Number of [mirror] nodes : 87 
Number of [mirror_stream] nodes : 32 
Number of [rsync_stream] nodes : 26 
 

And so it's now also overloading the existing/remaining sponsored nodes that carry both centos linux 7 / Stream 8 and Stream 9 content.

Proposal (and so request for comments) :

• make http://mirror.stream.centos.org a cloudfront setup (AWS CDN)
• use AWS ACM to have TLS cert on cloudfront for https support (redirect)
• deploy some EC2 nodes acting as Origin nodes for cloudfront but also as nodes in the rsync.stream.centos.org pool (the service/hostname that third-party mirrors are using to fetch/sync content and so be listed as official mirror on https://admin.fedoraproject.org/mirrormanager/mirrors/CentOS

We already know all these concepts and we have ansible roles to cover these changes.

Benefit : mirror.centos.org (aka "msync" pool) isn't overloaded and Stream 8 and Stream 9 content are distributed faster to end users, as using two different paths.