AWS Black Belt Techシリーズ Amazon CloudFront
-
Upload
amazon-web-services-japan -
Category
Technology
-
view
9.688 -
download
0
Transcript of AWS Black Belt Techシリーズ Amazon CloudFront
-
Amazon CloudFrontAWS Black Belt Tech Webinar 2014 () 2014.12.17
-
Agenda
1. Contents Delivery Network2. 3. 4. 5. & 6. Pricing7.
-
Contents Delivery Network
-
Contents Delivery Network
Amazon CloudFront
CDN
-
Contents Delivery Network
Amazon CloudFront
Internet
DB
CloudFront DNS
Edge Location
IP(xxx.cloudfront.net)
Edge
Edge
DNS
EDNS-Client-Subnet
-
Europe Amsterdam, Netherlands(2) Dublin, Ireland Frankfurt, Germany (3) London, England (3) Madrid, Spain Marseille, France Milan, Italia Paris, France (2) Stockholm, Sweden Warsaw, Poland
Asia Chennai, India Hong Kong, China(2) Mumbai, India Manila, Philippines Osaka, Japan Seoul, Korea Singapore (2) Taipei, Taiwan Tokyo, Japan(2)
South America Sao Paulo, Brazil Rio de Janeiro, Brazil
North America Atlanta, GA Ashburn, VA (3) Dallas, TX (2) Hayward, CA Jacksonville, FL Los Angeles, CA(2) Miami, FL New York, NY (3) Newark, NJ Palo Alto, CA San Jose, CA Seattle, WA South Bend, IN St. Louis, MO 201412
52 Edge Locations
Australia Melbourne, Australia Sydney, Australia
http://aws.amazon.com/jp/cloudfront/details/
-
Amazon CloudFront
(52) 201412
()
()
()
(GUI15)
-
CDN
CloudFront Edge
Edge Capacity
CloudFront Edge
Edge Capacity
-
CDN
CloudFront Edge
Edge Capacity
CDN
DNS(Route53)
-
CloudFront Distribution
Distribution AWS Management ConsoleAPI WebRTMP Distribution 1Gbps1,000RPS
xxxx.cloudfront.netDistribution
CNAME CNAME (: *.example.com) Route53Zone Apex (: example.com)
-
CloudFront Edge
PROXY
CACHE
Web Distribution
/HTTP HTTP / HTTPS
GET, HEAD, OPTION() (Cache) PUT, POST, DELETE, OPTION, PATCH (Proxy)
Internet Range GET
GET, HEAD, (OPTION)
PUT, POST, DELETE, OPTION, PATCH PUT, POST, DELETE, OPTION, PATCH
GET, HEAD, (OPTION)
-
GET / HEAD / OPTION() 20GB
Cache Control24 (Web)
Header (None / Whitelist / All) Cookie (None / Whitelist /All) Query Strings (No / Yes)
URL
-
HTTPCloudFrontMinimum TTL
CloudFront Minimum TTL
Minimum TTL = 0() Minimum TTL >0
HTTP
Cache-Control max-age
max-age
max-ageMinimum TTL
Cache-Control 24 24Minimum TTL
Cache-Control max-ages-maxage
s-maxagemax-age
s-maxageMinimum TTLmax-age
Expires Expires ExpiresMinimum TTL
Cache-Control no-cache, no-store Minimum TTL
HTML MetaHTTP Cache-ControlProgmaCloudFrontS3MetadataHTTP
-
Invalidation() 3Invalidation 1Invalidation1,000 AWS Management ConsoleAPI Invalidation10-15
AWS Management ConsoleInvalidation
AWS SDK / CLI / API
-
Header, Cookie, Query Strings()
URL(Behavior)
Whitelist
-
Header Header
CloudFront CloudFront
Type Header
CloudFront-Forwarded-Proto HTTPHTTPS
CloudFront-Is-Mobile-ViewerCloudFront-Is-Tablet-ViewerCloudFront-Is-Desktop-Viewer
User-AgentTrue/False
CloudFront-Viewer-Country IP (ISO-3166-1 alpha-2)
-
Cookie Cookie CloudFrontCookie Cookie
Cookie Cookie
-
Behaviors
Behaviors Path Pattern 0 1)/*.jpg, /image/*, /image/a*.jpg, /a??.jpg
img/*
api/item*
*
Behavior Cache TTL()http://www.aws.com/
Cache-control: no-cache, no-store
img/item01.jpg
api/item?id=10index.jsp
Custom TTL
30 Days
Custom TTL
10 min
Use Origin
S3
-
CloudFront
S3
400,403,404,405,414,500,501,502,503,504 5(300)
CloudFront
-
Amazon S3Web4XX
XXS3(4XX)
5XX(4XX)
4XX
CloudFront
S3
Custom
Error Page
Custom Error Page
Custom Error Page
4XXCloudFront
XXCloudFront
-
HTTPS ( / HTTPS SSL ( / / SNI) GEO (Whitelist / Blacklist) URL () CloudTrail
-
SSL
cloudfront.netSSL
SSL X.509 PEM2048bit CloudFrontSSL
Domain Validated, Extend Validated, Wildcard, Subject Alternative Name
SNI(Server Name Indication)SSL CloudFrontSSLSSL
SNI
Windows XPIE, Android 2.2, 1.7Java
-
SSL
1. IAM CLI2. CloudFrontDistribution
3. CNAME4. SNI5. CNAMEDistributionDomain
DNS
-
GEO
BlacklistWhitelist Distribution 403
CloudFront Edge
GEO Restriction
-
URL
URL
Behavior
(Canned Policy)
(Custom Policy) IP
CloudFront Edge
URL
URL
URL
CloudFrontPrivate Key
-
URL
URL WebRTMP
Web TCP
RTMP 403 URL
Query Strings Canned Policy: http://xxxx.cloudfront.net/le.jpg?Expires=XXX&Signature=XXX&Key-Pair-Id=XXX Custom Policy: http://xxxx.cloudfront.net/le.jpg?Policy=XXX&Signature=XXX&Key-Pair-Id=XXX
CloudFrontSignature (Perl / PHP / C# + .NET Framework / Java)
http://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/PrivateCFSignatureCodeAndExamples.html
-
URL
Amazon S3Origin Access Identity(OAI)
S3BucketCloudFront
CloudFrontIP CloudFrontIPURL
https://ip-ranges.amazonaws.com/ip-ranges.json JSON
ServiceCLOUDFRONT
CloudFront Edge
S3
OAI
IP
-
CloudFront
Amazon S3 HTTP()
-
Amazon S3 RTMP (Flash Media Server)
DistributionRTMP RTMP, RTMPE, RTMPT, RTMPET
Smooth Streaming DistributionWebSmooth Streaming
HLS (Http Live Streaming) DistributionWeb
RTMPSmooth StreamingS3 (FLV, MP4, iSMV, HLS)
CloudFront EdgeS3
RTMP/RTMPE/RTMPT/RTMPETFlash Player /
Silverlight Player HTTP/HTTPS
-
HTTP AWS CloudFormation
CloudFront EdgeEC2
Flash Player / Silverlight Player
HTTP/HTTPS
AWS CloudFormation
Template
LIVE
-
CloudFormationCloudFrontAdobe Media ServerHTTP http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/
LiveStreamingAdobeMediaServer5.0.html
CloudFrontIIS Media Service Smooth Streaming http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/
IISLiveSmoothStreaming4.1.html
CloudFrontWowzaHTTP http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/live-streaming-
wowza.html
-
&
-
CloudFront Reports & Analytics
Cache Statistics
Monitoring and Alarming
Popular Objects
Top Referrers
Usage
Viewers
Cache Statistics / Popular Objects /Top Referrers / Usage / ViewersAWS Management Console
-
CloudFront Reports & Analytics
Cache Statistics / Popular Objects / Usage /Top Referrers / Viewers CloudFront
60 1 3Delay
DistributionDistribution
Monitoring and Alarming
Cloudwatch
35Delay
-
CloudFront Reports & Analytics
Cache Statistics Total Request
Percentage of Viewer Requests by Result Type
CacheHit/Miss/Error Bytes Transferred to Viewers
Miss Hit
HTTP Status Codes 2XX, 3XX, 4XX, 5XX
Percentage of GET Requests that Didnt Finish Downloading GET
-
CloudFront Reports & Analytics
Usage Number of HTTP Requests
HTTP Number of HTTPS Requests
HTTPS Data Transferred over HTTP
HTTP Data Transferred over HTTPS
HTTP Data Transferred from CloudFront Edge Location to Your Users
CloudFront Edge Data Transferred from CloudFront to Your Origin
CloudFront Edge
-
CloudFront Reports & Analytics
Popular Objects DistributionTop 50
Object Requests Hits, Hit %, Misses Total Bytes, Bytes From Misses, Incomplete Download, Response Code
-
CloudFront Reports & Analytics
Top Referrers DistributionTop 25
Referrers Request Count Request %
-
CloudFront Reports & Analytics
Viewers Distribution
Browsers
Operating Systems
OS OS
OS Locations
Location
Location (Request Count/Request%/Bytes)
-
CloudFront Reports & Analytics
Monitoring and Alarming Cloudwatch CloudFrontCloudwatchVirginia
4xxErrorRate, 5xxErrorRate, TotalErrorRate BytesDownloaded, BytesUploaded Requests
-
Access Log
CloudFront S3 Bucket
Bucket
date (UTC)
time (UTC)
x-edge-location ID
sc-bytes Byte()
c-ip IP
cs-method HTTPMethod
cs-uri-stem URI
sc-status
cs(Referer)
cs(User-Agent)
cs-uri-query Query Strings
cs(Cookie) Cookie
x-edge-result-type HitRefreshHitExpireMissLimitExceeded: CloudFrontCapacityExceeeded: Error
x-edge-request-id CloudFrontID
x-host-header Host Header
cs-protocol (http / https)
cs-bytes Byte()
time-taken CloudFrontLastByte
-
Access Log
S3 Bucket 1S3
Kinesis 1
CloudFront Edge
Kinesis
S3 Bucket
-
CloudFront &
CloudFront
S3
Management Console
Cache StatisticsPopular ObjectsTop ReferrersUsageViewers
Cloudwatch Monitoring and Alarming/
Access Log
Redshift
EMR
-
& TIPS
-
Amazon CloudFront
Web
Web
CloudFront
S3
CMS
Web
CloudFront
HeaderClientPOST
Web(mod_rewrite)CloudFront
CMS
-
Amazon CloudFront
Web
Web
CloudFront
S3
S3
CMS
AWS CLI / SDK
-
Amazon CloudFront
CloudFront
S3
Elastic Transcoder
Flash (RTMP/RTMPE/RTMPT/RTMPET)
HTTP Live Streaming (HLS)
Smooth Streaming
-
Amazon CloudFront
CloudFront
HTTP
Flash (RTMP/RTMPE/RTMPT/RTMPET)
HTTP Live Streaming (HLS)
Smooth Streaming
AWS Cloud Forma2on
Template
LiveEncoder
LIVE Internet
EC2
-
DNS
Route 53DNS Lookup CloudFrontAlternative Domain NameRoute53TypeCNAMEAAlias
> nslookup cdn.awssummit.co.jp
Server: 192.168.2.1
Address: 192.168.2.1#53
Non-authoritative answer:
cdn.awssumit.co.jp canonical name = dxxxx.cloudfront.net.
Name: dXxxx.cloudfront.net
Address: 54.230.234.XXX
Name: dXXXX.cloudfront.net
Address: 54.230.234.XXX
:
CNAME A Record + Alias
cdn .awssummit.co.jp.
> Nslookup cdn.awssummit.co.jp
Server: 192.168.2.1
Address: 192.168.2.1#53
Non-authoritative answer:
Name: cdn.awssumit.co.jp
Address: 54.230.234.XXX
Name: cdn.awssumit.co.jp
Address: 54.230.234.XXX
Name: cdn.awssumit.co.jp
Address: 54.230.235.XXX
:
-
/
Cloudwatch Alarm Request
TotalErrorRate
-
Pricing
-
CloudFront
SSL
EC2 S3
201412
TB/ $0.0.85 $0.085 $0.140 $0.140 $0.250 $0.140 $0.170
40TB/ $0.080 $0.080 $0.135 $0.135 $0.200 $0.135 $0.130
100TB/ $0.060 $0.060 $0.120 $0.120 $0.180 $0.120 $0.110
350TB/ $0.040 $0.040 $0.100 $0.100 $0.160 $0.100 $0.100
524TB/ $0.030 $0.030 $0.080 $0.080 $0.140 $0.095
4PB/ $0.025 $0.025 $0.070 $0.070 $0.130 $0.090
5PB/ $0.020 $0.020 $0.060 $0.060 $0.125 $0.085
HTTP $0.0075 $0.0090 $0.0090 $0.0090 $0.0160 $0.0090 $0.0090
HTTPS $0.0100 $0.0120 $0.0120 $0.0120 $0.0220 $0.0125 $0.0120
(10,000)
SSLDistribution1$600 SNI
All Data Transfer $0.020 $0.020 $0.060 $0.060 $0.125 $0.100 $0.160
(GB)
1,000$0.005
CloudFront(GB)AWSAmazon CloudFront$0.000
(GB)
-
CloudFront Price Class
Price Class
Price Class
-
Free Tier
AWS 1 50GB/ 2/HTTPHTTPS
-
CloudFront CDN
-
Appendix
Amazon CloudFront Developer Guide
http://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/Introduction.html
Amazon CloudFront FAQhttp://aws.amazon.com/jp/cloudfront/faqs/
Amazon CloudFront Pricinghttp://aws.amazon.com/jp/cloudfront/pricing/