Alibaba Content Delivery Network
This course focuses on Alibaba's Content Delivery Network (CDN), exploring its features, architecture, and use cases. You'll also follow along with a guided demo from the platform which will show you how to use the CDN console.
- Learn CDN concepts and fundamentals
- Understand the architecture of Alibaba Cloud's CDM service
- Look at some of CDN's key features
- Consider some common CDN scenarios and use cases
- Learn how to use the CDN console
This course is intended for anyone looking to use Alibaba CDN to manage their Alibaba Cloud workloads, as well as anyone studying for the ACP Cloud Computing certification exam.
To get the most out of this course, you should have a basic understanding of the Alibaba Cloud platform.
Okay, it's time to get hands-on. Let's take a look in the console, let's have a quick console demo. We'll get started on that in just a moment. Let's now briefly explore the CDN console. So I'm here on the Alibaba Cloud console homepage. We'll first navigate over to CDN, so I'll click on the product menu here and also for products and services, and then do a quick search for Alibaba Cloud CDN. I'll click on that and that will take me over to the CDN console homepage.
So you can see on the homepage there's an overview, there's some basic information about your CDN deployments, total traffic, peak bandwidth, number of HTTPS requests, number of quick requests, and you can see this data from yesterday, last month, or the current month. And then you can see what billing method you're using, pay by traffic is the billing method in use right now, as well as any price details, our total number of domains in use, currently zero, I haven't set anything up, as well as some security information and information about any SSL certificates you've chosen to deploy.
From here in the domain names list, you can see any domain names that are associated with the CDN, right now there are none. We're going to fix that in just a moment. Let's now go on to monitoring and usage analysis. So from here I can get traffic and bandwidth information, back-to-origin statistics, information about visits, hit rate, HTTP codes, as well as a back-to-origin HTTP codes here. Currently there's no data because I haven't set up the CDN.
Once I have done that, I'll also be able to get data here under real-time monitoring. This includes bandwidth, traffic, requests, queries per second, as well as overall statistics like page view and number of unique visitors. And of course from here, I can get some usage information that will tell me how much I'm likely to have to pay. This usage information is based on CDN traffic. So, currently I'm using, I believe the pay by bandwidth, excuse me, pay by traffic mode.
So here under usage, I'd want to switch to traffic and then choose the region where I've deployed my CDN, since there's a different cost per region. There's also a security monitoring console, which allows you to turn on CDN rate limiting, which can block malicious requests. Currently, I have not turned that on, so I'm gonna leave that off. I can set my refresh and prefetch settings here. Currently, that's blank as well. And then I can take a look at any logs that have been generated by the CDN, and I can even download those for offline viewing if I want. And I can perform an IP check in here from the tools section.
Under security and protection you can see there's some information about configuring HTTPS. So if I want to add an SSL certificate, I can do that as well. Let's start by adding a domain name for ourselves here. So, let's open up another tab. So I'll open up a tab to Alibaba Cloud DNS. So here I have two domain names, I'm going to use chinasite.xyz, that's the domain name I'll also see it with my CDN, let's do that now, click on add domain name. And you can see under the add domain name settings, I can choose which port I'll be listening on, the IP address of my origin, the region in which I want to accelerate, as well as the domain name that I'm going to accelerate, which will be china, oops, everything.chinasite.xyz, wildcards are supported, so I'll go with that for now, all chinasite.xyz sub-domains will be accelerated.
I'll assume that what I want to accelerate here is I want to optimize for images and small files. And then you can see, I can choose different types of origin, I can choose another domain so I can enter a domain name, a function compute domain name. So if my site is a site hosted on Alibaba Cloud serverless function compute, I can choose a function compute endpoint, I can choose a public IP address, or I can choose an OSS bucket. So if I'm using Alibaba Cloud OSS, I can directly associate this domain name with an OSS bucket. And in fact, that's the one I'm going to choose because if I enter an IP address here, I will have to go through a verification process to prove my ownership of the source domain.
If I choose OSS I don't have to do that. So I'll choose an OSS domain, custom OSS origin, let's see. Actually, I can probably just choose from this list, here I have JDP image bucket, that is the domain I want to use as my source. Let me show you what's in there. So OSS, Object Storage Service, open another tab. I have quite a few buckets, I do a lot of demos, so there's quite a few buckets going well, this is the one I'm interested in. And I've got this bucket set up for static web hosting.
So if I go to basic settings, you can see static pages are turned on. There's a default index and the default not found page here. And I've got two HTML files here, index.html, notfound, and then two images, one JPEG image of a rabbit and one web image of a cat, which are both referenced by index.html. What I want to do is try to accelerate those files with CDN. It's also possible to directly associate a domain name with my OSS bucket but if I do that, I won't get the acceleration benefits of the CDN.
Okay, let's go back to the CDN configuration. We'll set up listening on port 80, we won't use HTTPS, although we could if we wanted. And my acceleration domain will be global excluding mainland China, so let me explain what these three options do. So, mainland China only turns on CDN services only for users based in mainland China, global is the entire world plus mainland China, and global excluding mainland China is of course, the entire world minus mainland China.
So why do we have those unusual divisions? Why do we have these three options? Well, it's because if accelerate your site in mainland China, you need to get something called an ICP. An ICP certificate entitles you to host a public website in China. The ICP certificate is something you have to apply for in advance, it's a fairly complicated process. So if you're a global customer and you have your site hosted outside of China, and you're mostly interested in reaching customers who are also outside of China, then global excluding mainland China is probably the right choice, since that will avoid the need to apply for ICP.
Okay, so we've chosen our OSS domain, we've chosen the domain name to accelerate, and we've chosen global except mainland China as our acceleration region. Let's click on next and continue on with our setup. So you can see .chinasite.xyz is added. We now need to add a CNAME record for this domain so we can start using CDN services. We have to have this domain translate into the domain name of the CDN service, whenever a user visits chinasite.xyz.
Let's go back to the console here and we'll take care of that on our, oh, so this is the CNAME record I need to add, okay? Oops, that's the documentation. Let's go ahead and copy that. Doing it by hand is actually a good practice, so let's go do this by hand so you can learn what's going on here. So we want to add a wildcard record, so I won't enter anything there. It's of a CNAME type. It should point to this value and time-to-live, 10 minutes, that should be fine, we'll confirm and you can see another wildcard value added, that points to all that chinasite.xyz on my CDN. So the CNAME here points to the Alibaba Cloud CDN, and later on if a user requests chinasite.xyz, they'll be passed the CNAME record. When they pass this CNAME record to DNS, just like we learned in the architecture section, Alibaba Cloud DNS will determine where the user is approximately, and then will pass the public IP back of the nearest CDN node so that the user will be connected to a CDN node that's close to them, thereby accelerating the origin site, which is of course over here in our OSS bucket. So let's go ahead and test this out.
So we've added our CNAME record. We don't need to turn on advanced DNS protection, although we can if we want, we can use DNSSEC. We can set up weighted round robin scheduling from DNS as well, there's a lot of features in Alibaba Cloud DNS. We'll save those for another demo or another lab though. We can close this documentation now and refresh. And you can see it says, you must add a CNAME record, which we have done, but it looks like we'll have to wait for that configuration to finish for a few seconds. Click on enable here, okay. Well, it's still configuring, so what we'll do is we'll wait for that to finish and then we'll come back, this could take a few minutes.
Alright, so while I was waiting for that CNAME record change to take effect, I actually decided to alter the settings a little bit. So I've added two domain names, one is a wildcard domain for anything in the form something.chinasite.xyz, and one is a domain name that points to the root, chinasite.xyz, and I've changed my DNS settings accordingly, so that original CDN CNAME is now pointed to by a CNAME record for www and that route that, excuse me, the root domain, chinasite.xyz is now pointing to this new CDN CNAME here. They're both configured and working.
How can we check that? Well, we can open up a terminal and run dig chinasite.xyz, which should point here to this chinasite.xyz.w.kunlunsl.com. And you can see that CNAME that gives us a variety of public IP addresses that it can map to. We can do the same thing for www.chinasite.xyz, and that should point to our CNAME, all.chinasite.xyz, and then .a.lahua.shanbx, which is the original CNAME that we set up, that's the CDN wildcard CNAME that will work for any URL of the form something.chinasite.xyz, although right now there's only a record pointing to www. But in any case, we should now be able to visit URLs of that forum, so if I go to chinasite.xyz, there's my site, I load it up.
If I go to ww, excuse me, that was www.chinasite.xyz, if I visit the route directly, I should get the same thing. So now I'm visiting, there's no www, I'm just visiting chinasite.xyz, same thing, it loads up. Okay, the problem is I'm in China right now, and I want to test what the CDN looks like from other regions, so I'm in Hangzhou, this is accurate. Right now, it looks like my site loads pretty quickly. Let's try changing our location and see what effect that has, I'll use a VPN to do that.
So I've now altered my location, it now appears that I'm in Tokyo, Japan. Let's try to visit the site again, we'll open a new tab. And this time before we do that, we'll turn on the Chrome developer tools and we'll make sure this box for disable cache is checked. And then we can see how long it takes us to load up chinasite.xyz, the first time we load the page, it might be a little bit slow because the CDN will have to go back to the OSS bucket, and fetch the content for the site from the origin. But things should be faster the second time. Let's test that out, chinasite.xyz here we come.
So we can see that it's attempting to load up cute bunnies, cute kitties, and we can take a look in the waterfall display here, to get an approximation of how long these things took to load. Okay, so it looks like the site took 3.2 seconds to load, in particular, it took about 980 milliseconds for a bunny and about 970 milliseconds for our kitty. So, let's try that again. When we refresh, don't worry, these images will not be pulled from the local cache on my laptop, because I've turned that off here in Chrome developer tools, they will once again, have to be fetched from the CDN. Let's see if we get a speed improvement the second time round.
So sure enough, it looks like things were a lot faster, let's check it out. So, our site now loaded much faster, chinasite.xyz itself, loading in 200 milliseconds, 800 milliseconds for the bunny, so actually a little bit longer than last time, but 400 milliseconds for the kitten. So, actually that, excuse me, no, they're both shorter than last time, it was 987 milliseconds for the bunny before 800 now, 979 milliseconds for the kitten before, and now it's just 499. So actually all the load times are now lower as we would expect, and that's because this time the images are actually being pulled from a CDN node in Japan, near where my VPN endpoint is. And of course, the actual performance for someone in Japan would be better than that.
You have to remember that in addition to the time to fetch the content from the CDN and pass it to my VPN endpoint, I'm still in China, so then that traffic has to be sent over my VPN to my laptop here. So we do see a speed improvement, but it's not as good as we would see if we were actually physically in Japan. Now let's try this again from another area, let's try from say Germany. Alright, so after a little bit more twiddling around, we're now in Frankfurt, Germany. So let's go back to our website tab here, clear our window, and refresh, and let's see what things look like loading the site fresh from Germany.
So it's taking a little while, alright? Looks like we finished loading the chinasite.xyz after 4.65 seconds, and it took three seconds to load the bunny and another three seconds to load up the kitten. And remember, the CDN node that Alibaba Cloud has in Germany had to go back to the OSS bucket, which is not in Germany and fetch the content from there in order to serve it to me. So, the first time you load something from the CDN, it might have to go back to the origin and fetch the content from there, so there's not necessarily a speed improvement the very first time you hit the CDN, because there might be a cache miss. Let's try refreshing the page again now, leaving this disable cache feature on, which will again, prevent my local browser from caching the images which would bias the results.
So again, we'll fetch all the content for the page over the internet, hopefully this time directly from a CDN node in Germany. So, let's see if we get better load times. So again, we'll refresh and wow, that's a lot better. So again, the first time we loaded the bunny, 3.2 seconds, and about three seconds for the kitten. The second time around, we're looking at 360 milliseconds for the bunny and 318 milliseconds for the kitten. So it looks like our CDN is working great.
Alright, so we're back in the CDN console, I've turned my VPN off and I'm back in China. One last thing I wanted to go over is some of the domain name settings, we didn't go into a lot of detail there, but if you click on manage for either of these two domain names we've configured, you'll see we can make a number of modifications. So for instance, we can modify the origin, we can change it to be another OSS bucket, or even a different source entirely, like a different website.
We can set Origin Protocol Policy for fetching content from the origin. We can choose to use a private bucket access method for OSS buckets that are hosted on Alibaba Cloud, this way access is done without exposing the contents of the bucket directly to the public internet. So we can set back-to-origin request timeouts, we can set cache settings, we can turn on HTTPS if we want. There's access control settings like URL signing, IP address whitelist and blacklist, user agent whitelist and blacklist. And then we can turn on various optimization features like intelligent compression or HTML optimization. Same thing for video, we can turn off video object, chunking video seeking, audio extraction, and more.
Under security settings, there's rate-limiting, anti-DDoS integration to block DDoS attacks, and you can even block entire regions if you want, you could say, block an entire portion of the world or a particular geographical area from accessing your CDN. You could also turn on bandwidth caps and enable edge script, so edge script allows you to run certain tasks dynamically on the CDN nodes, so that these tasks can occur near to the end user, without actually having to reach back to the origin site. So in some cases, this allows you to do things that would normally be done by a dynamic website, at the CDN edge location near the user, further accelerating your site. And then of course you can configure IPv6 optionally as well. And that's it for the CDN demo for now.
Thank you for joining me in this section, and I look forward to seeing you in the next section.
Alibaba Cloud, founded in 2009, is a global leader in cloud computing and artificial intelligence, providing services to thousands of enterprises, developers, and governments organizations in more than 200 countries and regions. Committed to the success of its customers, Alibaba Cloud provides reliable and secure cloud computing and data processing capabilities as a part of its online solutions.