Upload
others
View
14
Download
0
Embed Size (px)
Citation preview
Amazon Edge Services
Wesley Wilk
Solutions Architect
Agenda
AWS WAF
CloudFront
Route 53
CloudFront
Content Distribution Network
Cost Optimization
Performance
Security
Automatic Scalability
CloudFront scales with
demand while reducing
load on your origin
User A
User B
User C
Request A
OriginCloudFront
9 Regions 46 Edge Locations
CloudFront’s Global Customer Reach
http://aws.amazon.com/about-aws/globalinfrastructure/
Edge Location
AWS Region
Europe
Amsterdam (2)
Dublin
Frankfurt (3)
London (3)
Madrid
Marseille
Milan
Paris (2)
Stockholm
Warsaw
South America
Rio de Janeiro
Sao Paulo
North America
Ashburn, VA (3)
Atlanta, GA
Dallas, TX (2)
Hayward, CA
Jacksonville, FL
Los Angeles, CA (2)
Miami, FL
Newark, NJ
New York, NY (3)
Palo Alto, CA
Seattle, WA
San Jose, CA
South Bend, IN
St. Louis, MO
Asia
Chennai
Hong Kong (2)
Manila,
Melbourne
Mumbai
Osaka
Singapore (2)
Seoul
Sydney
Taipei
Tokyo (2)
An extensive global network
Locations highlighted in red indicate new in last 12 months
Elastic Load
Balancing
Dynamic Content
Amazon EC2
Static Content
Amazon S3 Custom Origin
OR
OR
Custom OriginAmazon CloudFront
example.com
*.jpg
*.php
Delivering Customer Experience
NASA/JPL
10
Amazon CloudFront - Broad Range of Use Cases
News, Weather, Sports, & Social
Media
Large File
Downloads
E-commerce
Media Gaming
Popular CloudFront Features
Video Streaming
• Adaptive Bitrate Live & VOD Streaming (HLS, HDS, Smooth. MPEG-DASH)
• RTMP (Flash) and HTTP(S) delivery
Security
• Private Content
• Custom SSL Support
• Geo Restriction
Content Management
• AWS Management Console
• Full control via APIs
• Programmatic Invalidation
• Access Logs
• Usage Charts
Dynamic Content Acceleration
• Low Content Expiration Periods (TTL=0)
• Device Detection
• CORS Support
• Geo Targeting
• Multiple Cache Behaviors
• Multiple Origin Servers
• Zone Apex Support
• Query String & Cookie Support
• Put/Post HTTP Verb Support
Price Flexibility
• Pay for Use
• Price Classes
• Reserved Capacity Private Pricing
11
POST /2012-07-01/distribution HTTP/1.1
Host: cloudfront.amazonaws.com
Authorization: AWS authentication string
Date: time stamp
Other required headers
<?xml version="1.0" encoding="UTF-8"?>
<DistributionConfig
xmlns="http://cloudfront.amazonaws.com/doc/2012-07-01/">
Manage Your Content Your Way
API Console
US East
54.172.163.146East-1681410680
CloudFront
Image Bucket
CloudFront Demo
d37ji516vqgs9p.cloudfront.net
Web Application Firewall (WAF) Integration
• Protect your site from application-layer attacks
• Create web ACL’s containing rules and actions
• Attach web ACL to a CloudFront distribution
• Rule Examples:– Block traffic from specific IP addresses or ranges
– Block specific strings in the URI
– Guard against various forms of SQL injection
AWS WAF Demo
Route53
Domain Name Server (Public, Private) & Domain
Registration
• Fast, uses anycast network of DNS servers
• Cost Effective
• Secure
• Highly Available
• Region Independent
• DNS resolution within and among AWS VPCs
• Purchase a new domain name or transfer the management of your existing domain name to Route 53.
Routing To Regions
Algorithms
• Weighted Round Robin
• Least Latency (~GeoBased)
• Failover
US-East
EU
Health Checks
• DNS Failover, Defined by customer
US-East
EU
X
Zone Apex Support
"Zone apex" is the root domain of a website (example.com, without the
www).
Problem: The DNS specification requires "zone apex" to point to an IP
address (an ‘A’ record), not a CNAME (such as the name AWS provides
for a CloudFront distribution, ELB, or S3 website bucket).
Solution: Use Route 53’s ALIAS record.
Zone Apex Support
• Route 53 helps make it easy and reliable to configure a zone apex
record (Route 53 calls this an ‘Alias’ record) for AWS resources.
• You can now use CloudFront to deliver content from the root
domain, or "zone apex" of their website – i.e. configure both
http://www.example.com and http://example.com to point at the
same CloudFront distribution.
• It’s free – ‘Alias’ queries that are mapped to a CloudFront
distribution are provided free of charge.
US EastUS West - Oregon
54.172.163.146East-1681410680Image Bucket
Route 53
52.10.26.174
Route 53 Demo – Weighted Round Robin
OregonLB-1000846678
meetup.myorangecloud.org
Route 53 Traffic Flow
• Traffic Flow offers a visual interface in which users can drag and
drop elements of traffic routes into a graphical diagram for easier
management.
• Traffic Flow also includes a versioning feature that allows rollback to
previous versions of routing policies.
• This feature can greatly simplify complex routing configurations
• Traffic flow also lets you route traffic to non-AWS resources
Route 53 Traffic Flow Demo
Single Endpoint in a Nutshell
Static Videos/Images
Ad-US
Ad-EU
Single Endpoint
myapps.com/ads/
myapps.com/inventory/
myapps.com/click-through/
CloudFront
Route53
Click-US
Click-EU
Route53
Route53