stcobbe
stcobbe•13mo ago

Self-hosted support

Hi folks, I know this has been asked multiple times in the past but I wanted to check in on the progress of Convex support for a self-hosted offering. Our decision to use Convex basically comes down to self-hosted support and I'm trying to gauge if you think it'll ship in Q1/Q2 or H1/H2. Thank you!
10 Replies
lee
lee•13mo ago
See this thread: https://discord.com/channels/1019350475847499849/1196302525180170281/1196305197954248734 As in that thread, we would be interested to know whether your motivation for self hosting is latency, cost, or data ownership 🙂
Michal Srb
Michal Srb•13mo ago
The current plan is Q1, we’re actively working on it! (This is a complex project though, so we cannot guarantee this timeline)
stcobbe
stcobbeOP•13mo ago
Thanks @lee and @Michal Srb. Data ownership is the primary reason. We're building a security product with sensitive access to customer systems, so we want to limit the number of data subprocessors we have. Based on the above post, though, it sounds it's not Convex' intention to support our use case. We want to able to support single tenant production deployments hosted exclusively in our cloud.
lee
lee•13mo ago
Good to know. You're correct the current plan will not support that use-case. (cc @james )
Michal Srb
Michal Srb•13mo ago
By "in our cloud" do you mean you'll be owning your own racks in some datacenter, or are you going to use AWS/GCP/Azure or similar? I'm asking because using say AWS and using Convex should not be different from data security perspective.
stcobbe
stcobbeOP•13mo ago
The latter. We're running on GCP. You're right that in both cases Convex is running on a major cloud provider but having more subprocessors complicates the sale for us (and in theory introduces more attack surface)
Michal Srb
Michal Srb•13mo ago
Gotcha. And just out of curiousity, why do you need GCP? (lots of existing code, or some capability Convex doesn't provide?)
stcobbe
stcobbeOP•13mo ago
I think the main consideration is selling the security / compliance of the cloud providers is easier than selling that of Convex (as it's still a relatively new company) rather than functionality
Michal Srb
Michal Srb•13mo ago
Hmm. We're about to gain our SOC2 compliance certification. Then I'd say you can consider using only Convex (so you don't have to sell Convex and GCP).
james
james•12mo ago
Late follow-up sorry. Yes the open source version will run just fine in a local environment but it won't be a scale-out distributed system and we don't recommend it for production use. We're currently in the process of receiving our SOC-2 accreditation and will pursue HIPAA and GDPR soon afterwards. If there's a particular certification that would make life easier for you here we'd love to hear more

Did you find this page helpful?