In a previous post, I talked about optimizing traffic to your end-users by implementing Azure Traffic Manager, but this isn’t the only way to do this. If you use the Azure CDN, you add another way of optimizing this traffic to your Swiss Army Knife of Knowledge!
So what is a CDN?
It’s a web host?
Not exactly! A CDN does not host content, and isn’t meant to replace proper web hosting. It helps by caching content on the network edge, improving web site performance.
In Azure CDN, you get a global solution that can rapidly deliver high-bandwidth content to users. It does this by caching content at strategically placed physical nodes (typically at the Edge network) across the world. CDN’s can accelerate dynamic content as well, as this cannot be cached, by using network optimizations such as CDN POPs.
Alrighty! What are the benefits?
Well we’ve already mentioned better website performance, and thus, improved user experience. But this is especially the case when you’re using applications where multiple round-trips are required to load content.
You’re also offered the ability to better handle instantaneous high loads. For example when you launch a new product.
User requests will be distributed better, and content will be served from the edge servers, so less traffic hits you origin servers.
A CDN also provides a bit of website security. By implementing a CDN you improve security by providing DDoS mitigation, improvements to security certificates, and a few other items.
How does it work?
- Little Red is in the mood for some content and sends a request by using a special domain name, such as <GiveMeContent>.azureedge.net. DNS routes the request to the best performing POP location. Typically this is the location geographically closest to the user.
- If no edge servers in the POP have the file in cache, the pop is going to request the file from the origin server(s).
- The origin server(s) will return the file to an edge server in the POP
- An edge server in the POP will cache the file and return the file to little Red. This file will remain cached on the edge server in the POP until the time-to-live (TTL) in the HTTP headers expires. By default, this TTL is 7 days, unless otherwise specified.
- If other users want the same file…
- The POP Edge servers will return the file from the cache directly (if the TTL for the file has not expired).
You can have a maximum of 26 CDN profiles, 25 Endpoints per profile, and 25 custom domains per endpoint.
So the basic premise of CDN looks very interesting! But what else is on offer?
Dynamic Site Acceleration
Whilst standard CDN capabilities allows the caching of files closer to endpoints, this only speeds up the delivery of static files. But with dynamic web applications, storing content in edge locations is not possible as the server generates custom content based on user behavior.
DSA provides a solution to this conundrum, and is offered through Azure Front Door.
With caching rules you can modify the default cache expiration behavior both globally, and with custom conditions, such as the URL path, and file extension.
HTTPS on an Azure CDN Custom Domain
Using HTTPS protocol on your custom domain, you are ensured that sensitive data is delivered securely via TLS/SSL encryption.
Diagnostics logs allows you to view core analytics and save them in a storage account, event hubs, or log analytics workspace. It’s available on all pricing tiers and gives you a good view in to what is going on with your CDN.
You can improve performance even further by using file compression. It’s a simple and effective method to improve fire transfer speeds, as well as increasing page-load performance. And all of that, with just reducing a file’s size before it is sent from the server. It also reduces bandwidth costs and provide a more responsive experience for your users.
Restriction CDN content by country/region
By default, content will be server regardless of the location of the user making the request. It is, however, possible that you want to restrict content by country or region. Using the geo-filtering feature, yo ucan create rules on specific paths, blocking or allowing content to be served.