Use Alibaba Cloud CDN to accelerate the retrieval of resources from an ECS instance - CDN

This topic explains how CDN enhances content delivery for Elastic Compute Service (ECS) and outlines the steps to do so.

Benefits

ECS is a high-performance, stable, reliable, and scalable IaaS-level service provided by Alibaba Cloud. CDN can accelerate static content delivery. Using ECS instances as origin servers for CDN provides the following benefits:

All requests destined for the origin server are redirected to Alibaba Cloud CDN points of presence (POPs). This reduces loads on the origin server.
Charges apply to outbound data transfer from CDN rather than directly over the Internet. Outbound data from Alibaba Cloud CDN is billed at a lower rate.
Clients retrieve static resources from the nearest POPs. This minimizes the network transmission distance and ensures the transmission quality.

How it works

If the origin server is an ECS instance, CDN caches static resources on POPs including scripts, images, audio files, and video files. Clients can retrieve the cached resources from the nearest POPs. Dynamic resources, such as data from web programs and databases, are returned from the ECS instance to clients.

Note

If you need to accelerate dynamic resources on an ECS instance, use Edge Security Acceleration (ESA).

The following figure shows the architecture: 应用场景

Example

The website image.example.com needs acceleration for image retrieval from an ECS instance. The following table describes the details:

	Description	Example
Website domain name	The domain name that is accelerated by CDN.	`image.example.com`
Business type	Determine the business type based on your website content. For example, if the website contains mostly images, the business type is Image and Small File.	Image and small file distribution
Acceleration area	The region where the website visitors are located.	The Chinese mainland
Origin domain name	Specify Origin Domain Name or IP. Origin Domain Name: Enter your origin domain name. The domain name is resolved to the public IP address of the ECS instance. IP: You can directly use the public IP address of the ECS instance as the origin address.	The domain name of the origin server is used in this example: `ecs.example.com`
Other services	Enable other features based on your business requirements.	Increase cache hit ratios by adding cache rules. Specify domain names for origin fetch by configuring origin hosts. Accelerate delivery for specific resources by enabling the range origin fetch feature. Increase the cache hit ratio and accelerate file distribution by enabling parameter filtering. Protect websites from hotlinking by configuring Referer whitelists or blacklists. Protect websites from hotlinking and IP theft by enabling URL signing.

Workflow

The following diagram shows how CDN speeds up resource retrieval from an ECS instance:

加速ECS流程

Set up

Prerequisites

You have registered an Alibaba Cloud account . You have completed account verification if you want to use services covering the Chinese mainland.
You have activated Alibaba Cloud CDN.
An ECS instance has been created. For more information, see Create an ECS instance.
You have a domain name to be accelerated.

Add a domain name

Log on to the Alibaba Cloud CDN console.
In the left-side navigation pane, click Domain Names, click Add Domain Name, and configure the following parameters as the example:
Note
- The first time you add a domain name in the CDN console, you must verify the ownership of the domain name (only the ownership of the root domain name needs to be verified). If you have already verified your domain ownership, skip this step. For more information, see Verify the ownership of a domain name.
- For more information about the parameters and precautions, see Configure basic information and business information.
- Domain Name to Accelerate: image.example.com
- Business Type: Image and Small File
- Region: Global
Click Add Origin Server to configure the origin server.
For Origin Info, select Site Name or IP, and enter the origin domain name or the public IP address of the ECS instance. In this example, the origin information is the origin domain name ecs.example.com. Keep the default values for other parameters.
Note
For more information about the parameters and precautions, see Configure the origin server.
After you configure the origin server, click Next.
Wait for verification.
After the domain name passes the verification, the status of the domain name changes to Enabled. In this case, the domain name is added to CDN.
When the Domain Status becomes Enabled, the CNAME of the accelerated domain name is displayed. In this example, the CNAME is image.example.com.w.kunlunsl.com.

Set up the domain name

Enable the corresponding features based on your business requirements to improve acceleration performance and secure data transmission.

In the CDN console, go to Domain Names. In the domain name list, click Manage in the Actions column of the target domain name.
Based on your business requirements, configure the features described in the following list:
- Increase the cache hit ratio
  Specify a time-to-live (TTL) value for cached resources based on the following rules to increase the cache hit ratio:
  - Specify a TTL of one month or longer for static files that are infrequently updated, such as images and application packages.
  - Specify a TTL based on your business requirements for static files that are frequently updated, such as JavaScript and CSS files.
  - Specify a TTL of 0 seconds to disable caching for dynamic files, such as PHP, JSP, and ASP files.
- Specify the site to which POPs redirect requests
  If multiple sites are hosted on your origin server, and the site on which the requested content resides is different from the site to which the accelerated domain name points, you need to configure an origin host. The origin host specifies the site to which Alibaba Cloud CDN redirects requests.
- Improve the efficiency of file downloads from POPs
  After you enable the range origin fetch feature, the ECS instance that functions as the origin server returns the file chunk that is specified by the Range header to POPs. This reduces origin traffic and accelerates content delivery.
  Note
  The range origin fetch feature is suitable for large file distribution such as audio and video streaming. You do not need to enable the range origin fetch feature when you use Alibaba Cloud CDN to accelerate the delivery of images.
- Increase the cache hit ratio or file distribution efficiency
  After you enable the ignore parameters feature, CDN POPs remove the parameters after ? in the URL when generating a cache hashkey. This allows the client to hit the same cache file when accessing the same resource file with different parameters, which helps increase the cache hit ratio and reduce traffic to origin.
- Limit users who can access resources on POPs and prevent other websites from referencing your resource links
  After you configure a Referer whitelist or blacklist, CDN allows or blocks requests based on user identities. If a request is allowed, CDN returns the URL of the requested resource. If a request is denied, CDN returns the HTTP 403 status code.
- Protect websites from hotlinking issues and IP theft
  URL signing cannot be performed without an origin server. The origin server generates signed URLs based on the URL signing settings on the POPs. After you enable URL signing, only requests that pass authentication can access resources on POPs.

Configure CNAME

To enable CDN acceleration, add a CNAME record with your DNS provider to map your domain name to the CNAME. Without this, requests cannot be redirected to POPs.

In the following example, Alibaba Cloud DNS is used to show how to add a CNAME record.

Use the Alibaba Cloud account to which the accelerated domain name belongs to log on to the Authoritative DNS Resolution page in the Alibaba Cloud DNS console.
On the Authoritative DNS Resolution page, find the root domain name (example.com) of the accelerated domain name and click DNS Settings in the Actions column.
Click Add Record to add a CNAME record.
- Type: CNAME
- Hostname: image
- Value: Enter the CNAME value that you obtained from the domain name list, which is image.example.com.w.kunlunsl.com in this example.
- Keep the default values for other parameters.
Verify that the CNAME record takes effect.
- Method 1: Use the Alibaba Cloud CDN console
  1. Log on to the Alibaba Cloud CDN console and navigate to the Domain Names page.
  2. Find the domain name and move the pointer over the CNAME Status column. If the CNAME status is Configured, the CNAME has taken effect.
    Note
    If you add a CNAME record, it takes effect immediately. If you modify a CNAME record, it takes 10 minutes for the update to take effect because the default TTL of a CNAME record is 10 minutes. During this period, the status may be displayed as Pending Configuration in the Alibaba Cloud CDN console until the update takes effect. The actual time period varies based on the TTL that you specify for the CNAME record.
- Method 2: Run the nslookup command
  1. Start Command Prompt in Windows or Terminal in macOS or Linux.
  2. Run the nslookup -type=CNAME domainName command. If the CNAME in the output is the same as the CNAME assigned to the domain name, Alibaba Cloud CDN takes effect for the domain name. Example:
```
nslookup -type=CNAME www.example.com
```