Upgrade to Pro — share decks privately, control downloads, hide ads and more …

CDN: Caching and edge computing on AWS

CDN: Caching and edge computing on AWS

Explaining the basis of CDNs and Cloudfront on AWS

Cc95ef8bf38403916f40854c4ede4853?s=128

Pierre GOUDJO

December 30, 2021
Tweet

More Decks by Pierre GOUDJO

Other Decks in Technology

Transcript

  1. CDN Pierre GOUDJO Caching and Edge Computing

  2. None
  3. None
  4. None
  5. None
  6. None
  7. Compression

  8. TLS Termination Compression

  9. TLS Termination Application Firewall Compression

  10. TLS Termination Application Firewall Load Balancing Compression

  11. TLS Termination Application Firewall Load Balancing Caching Compression

  12. None
  13. HTTP Cache goals

  14. ACCELERATE REQUESTS FROM THE INTERNET

  15. REDUCING PEAK SERVER LOAD

  16. REDUCING NUMBER OF NEEDED APPLICATION NODES

  17. None
  18. None
  19. None
  20. None
  21. Server decides how intermediaries cache the resources

  22. • Cache-Control • Etag • Last-Modi fi ed HTTP Headers

  23. • public: the response may be stored by any cache.

    • private: the response may be stored only by a browser's cache • no-cache: the stored response MUST always go through validation with the origin server fi rst before using it • no-store: the response may not be stored in any cache. • no-transform: an intermediate cache or proxy cannot edit the response body • must-revalidate: indicates that once a resource becomes stale, caches must not use their stale copy without successful validation on the origin server. Cache-Control
  24. • max-age=<seconds>: the maximum amount of time a resource is

    considered fresh • max-stale[=<seconds>]: indicates the client will accept a stale response. • min-fresh=<seconds>: indicates the client wants a response that will still be fresh for at least the speci fi ed number of seconds. • stale-while- revalidate=<seconds>: indicates the client will accept a stale response, while asynchronously checking in the background for a fresh one • stale-if-error=<seconds>: indicates the client will accept a stale response if the check for a fresh one fails. Cache-Control
  25. ETag

  26. Last-Modified: <day-name>, <day> <month> <year> <hour>:<minute>:<second> GMT If-Modified-Since: <day-name>, <day>

    <month> <year> <hour>:<minute>:<second> GMT Last-Modified
  27. None
  28. Caching is good, but it’s only one part of the

    story
  29. SERVERS FAILURE

  30. None
  31. None
  32. None
  33. HIGH TRAFFIC

  34. None
  35. SPEED OF LIGHT: THE HARD LIMIT

  36. None
  37. None
  38. https://www.cloud fl are.com/en-gb/network/

  39. You don’t want to build that yourself 😂

  40. None
  41. None
  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None
  49. None
  50. Common CDN Offerings • Nearest cache node “routing”: DNS or

    Anycast • DDoS protection • HTTPS/SSL/TLS encryption and termination • Access Control, geo-restriction • IPv6
  51. Drawbacks • No control over cache eviction • Additional point

    of failure • Privacy and security challenges
  52. None
  53. © Amazon web Services

  54. Multi-level caching

  55. © Amazon web Services

  56. NO REGIONAL LOCATIONS SOMETIMES © Amazon web Services

  57. © Amazon web Services

  58. How Cloudfront identifies the cached content?

  59. The cache key 
 🔑

  60. GET /content/stories/example-story.html?ref=0123abc&split-pages=false HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 Gecko/20100101 Firefox/68.0 Accept:

    text/html,*/* Accept-Language: en-US,en Cookie: session_id=01234abcd Referer: https://news.example.com/
  61. GET /content/stories/example-story.html?ref=0123abc&split-pages=false HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 Gecko/20100101 Firefox/68.0 Accept:

    text/html,*/* Accept-Language: en-US,en Cookie: session_id=01234abcd Referer: https://news.example.com/
  62. GET /content/stories/example-story.html?ref=0123abc&split-pages=false HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  63. GET /content/stories/example-story.html?ref=0123abc&split-pages=false HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/ A cache hit
  64. GET /content/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  65. GET /content/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/ A cache hit again 🙂
  66. Fortunately the cache key components can be tweaked with a

    cache policy
  67. Cache policy • Query String • Cookies • Request headers

  68. Cache policy • Query String • Cookies • Request headers

    You can choose as m uch as 10 for each type
  69. GET /content/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  70. GET /content/stories/example-story.html?ref=xyz987&split-pages=false HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  71. GET /content/stories/example-story.html?ref=xyz987&split-pages=false HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/ A cache hit
  72. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  73. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/ A cache miss ☹
  74. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry Referer: https://news.example.com/
  75. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz1234; yummy_cookie=choco; tasty_cookie=strawberry Referer: https://news.example.com/
  76. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz1234; yummy_cookie=choco; tasty_cookie=strawberry Referer: https://news.example.com/ A cache miss ☹
  77. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=vanilla; tasty_cookie=strawberry Referer: https://news.example.com/
  78. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=vanilla; tasty_cookie=strawberry Referer: https://news.example.com/ A cache hit 🎉
  79. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry Referer: https://news.example.com/
  80. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry Referer: https://site2.example.com/
  81. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry Referer: https://site2.example.com/ A cache miss ☹
  82. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry referer: https://news.example.com/
  83. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry referer: https://news.example.com/ A cache hit 🎉 because Cloudfront doesn’t consider the case of the header name
  84. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry referer: HTTPS://NEWS.EXAMPLE.COM/
  85. GET /content/stories/example-story.html?ref=xyz1234&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876; yummy_cookie=choco; tasty_cookie=strawberry referer: HTTPS://NEWS.EXAMPLE.COM/ A cache miss ☹ because Cloudfront does consider the case of the header value
  86. Cache key selection is a software architecture decision

  87. GET /content/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr-FR,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  88. GET /content/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/
  89. GET /content/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/ A cache miss ☹ because fr-FR and fr are not the same thing even though they both mean the user language is French
  90. GET /content/fr/stories/example-story.html?ref=xyz987&split-pages=true HTTP/1.1 Host: d111111abcdef8.cloudfront.net User-Agent: Mozilla/5.0 AppleWebKit/537.36 Chrome/83.0.4103.116 Accept:

    text/html,*/* Accept-Language: fr,en Cookie: session_id=wxyz9876 Referer: https://news.example.com/ One of many possible solutions
  91. None
  92. Sometimes bare CDN functionalities are not enough

  93. Examples • Real-time image manipulation • Website security and checking

    • Bot mitigation at the edge • User prioritisation • …
  94. Some add some of these functionalities to their catalogue

  95. But can’t cover all users custom needs

  96. Enter Edge-computing

  97. None
  98. None
  99. None
  100. None
  101. None
  102. None
  103. None
  104. None
  105. None
  106. 1ms 5s - 30 s 2MB 128 - 3008 MB

  107. None
  108. None
  109. Demo Cloudfront Functions

  110. Cloudflare architecture

  111. Cloudflare architecture

  112. None
  113. Demo Cloudflare Workers

  114. None
  115. None