Working of Cloud CDN
Cloud CDN works with the Global external HTTP(S) load balancer to deliver content to the users. The external HTTP(S) load balancer provides the frontend IP addresses and ports that receive requests and backends that help respond to the requests.
Content can be sourced from various types of backends by Cloud CDN, and it can be Instance groups, Serverless NEGs (Network End Point Groups), or Internet NEG for external backends or buckets (Cloud Storage).
Features of Cloud CDN
Origin and Backend Support
The content can be pulled from any HTTP-capable origin, including cloud storage backends within Google Cloud and storage buckets in other clouds.
Caching
Cloud CDN helps to cache regularly accessed content, increasing the performance and reducing load and delivery costs. Cloud CDN provides reasonable control over cache keys, TTLs (Tunneled Transport Layers), and other caching features.
Route Matching and Origin Selection
Requests that arrive through Cloud CDN are routed through the Google Cloud load balancing architecture, which provides extensive routing and configuration capabilities at each edge site.
Modern Protocols
Cloud CDN supports modern protocols like QUIC, TLS version 1.3, and many more, which helps in efficient content delivery even in congested network conditions. This increases reliability and reduces delays in initiating connections. As a result, a positive user experience is enabled.
Observability
This feature is related to logging and metrics. Cloud CDN provides monitoring, performance information, and debugging, which helps to understand how the traffic and congestion are served.
Programmatic in Nature and API-driven Configuration
It allows to automate and manage changes across large teams and manage changes programmatically. All the configuration is exposed through REST API and Google Cloud Console out-of-the-box.
Security
The applications can use request protocols when they use cloud CDN-configured data plane for their communication. This ensures security.
Content Authentication
Cloud CDN provides content authentication. Responses from Google Cloud’s globally distributed caches can be served by signed requests (even when we need a request to be authorized).
Compliance
Cloud CDN follows HIPPA, PCI-DSS, SOC1, SOC2, SOC3, ISO 27001, IS0 27017, ISO 27018, ISO 27701, and FedRAMP Moderate, which ensures higher compliance.
Caching in Cloud CDN
All HTTP responses are not cacheable. Let us know more about caching in Cloud CDN.
Cache Modes
Whether or not your content will be cached by Cloud CDN is determined by some factors which can be controlled using Cache modes.
The cache modes are responsible for defining how the responses are cached, whether or not Cloud CDN respects cache directives sent by origin, and how TTLs are applied. Three Cache modes are offered by Cloud CDN:
- CACHE_ALL_STATIC
- USE_ORIGIN_HEADERS
-
FORCE_CACHE_ALL
Below are the steps to configure cache modes for a cloud CDN-enabled backend:
-
Navigate to the Load Balancing page in the Google Cloud console.
-
Select your external HTTP(S) load balancer by clicking its name.
-
Select Edit.
-
Select a backend in the Backend setup and click Edit.
-
Make sure Enable Cloud CDN is checked.
-
Select one of the following choices under Cache mode:
-
Cache static content(recommended): Static content refers to web assets that do not change based on the user. The response's Content-Type determines static content.
-
Use origin settings based on Cache-Control headers: Valid cache directives in the response headers are used to cache responses.
-
Force cache all: Cache all successful origin material, ignoring any private or no-store directives.
- Save the file.
Cache Keys
Cache keys are used to identify cache entries in Cloud CDN. The cache converts the URI (Uniform Resource Identifier) of the request into a cache key when a request comes into the cache. It then compares the request with the keys of the cached entries. If it finds a match, the cache returns the object associated with that key.
Using Signed URLs
A signed URL is one that allows you to make a request with limited authorization and time. The query strings of signed URLs contain authentication information, allowing users without credentials to perform particular activities on a resource. When you create a signed URL, you specify a user or service account that must have adequate authority to make the related request.
After you generate a signed URL, anyone with it can use it to conduct defined actions (such as reading an item) within a given time frame.
Do the following before using signed URLs:
-
Check that Cloud CDN is enabled. Signed URLs can be configured on a backend before Cloud CDN is enabled, but they have no effect until Cloud CDN is activated.
- Update the Google Cloud CLI (Command Line Interface) to the most recent version if necessary.
Creating Signed Request Keys
Create one or more keys on a Cloud CDN-enabled backend service, backend bucket, or both to enable support for Cloud CDN signed URLs and signed cookies.
As your security requirements dictate, you can create and delete keys for each backend service or backend bucket. At any given time, each backend can have up to three keys defined. We recommend rotating your keys regularly by deleting the oldest, inserting a new key, and signing URLs or cookies with the new key.
You can use the same key name in many backend services and backend buckets because each set of keys is independent of another set of keys. Key names may contain up to 63 characters. You can use the following characters to name your keys: A-Z, a-z, 0-9, _ (underscore), and - (hyphen).
Keep your keys private since anyone who possesses one of your keys can generate signed URLs or signed cookies that Cloud CDN will accept until the key is erased from Cloud CDN. The keys are saved on the machine where the signed URLs or signed cookies are generated. Cloud CDN also saves the keys used to validate request signatures.
The key values are not provided in any API responses to keep the keys private. If you misplace a key, you must make a new one.
Cloud CDN with a Backend Bucket
The backend bucket supports the following:
- Any storage class in the cloud, including multi-region buckets
-
Policies for cloud CDN caching at Google's global edge
Cloud Storage employs the same cache as Cloud CDN by default. You can utilize Cloud CDN controls on your content if you enable Cloud CDN on the backend bucket. Cache modes, signed URLs, and invalidation are examples of cloud CDN controls. Cloud CDN also allows you to cache massive amounts of data (more than 10 MB). If you do not use Cloud CDN on your backend bucket, you can only control caching for smaller content using origin Cache-Control headers as defined by the Cloud Storage metadata.
Cloud CDN with Managed Instance Group
Cloud CDN uses Google Cloud's global external HTTP(S) load balancers to provide routing, health monitoring, and Anycast IP support. Global external HTTP(S) load balancers can have several backend instance types, and you can choose which backends (or sources) you want Cloud CDN to be enabled for.
Cloud CDN with External Backend
An external backend is a Google Cloud-independent endpoint. When employing an external backend with an external HTTP(S) load balancer, Cloud CDN caching can increase speed.
The global external HTTP(S) load balancer with advanced traffic management functionality does not support external backends. External backends can only be used with the global external HTTP(S) load balancer (classic).
External Backends Using NEGs
When the content is hosted in another cloud or on-premises and you want to deliver your content over Google’s distributed edge caching infrastructure, go for using external backends. External backend, Network endpoint Group (NEG), and external endpoint are different terms with similar meanings.
Frequently Asked Questions
Does Cloud CDN improve website security?
The answer is yes. Cloud CDN provides monitoring and services to improve security and meet the regulations and latest web security trends.
Is CDN needed with cloud hosting?
Yes. You need a CDN even if you are already hosting your digital assets on the cloud.
How does CDN solve web performance issues?
A CDN is an interconnected network to provide dependability, speed, scalability, and security. They allow web organizations to avoid common internet drawbacks like latency and provide web content quickly and reliably.
How costly is CDN service?
CDN service can vary depending on bandwidth, network size, target regions, and performance. CDN server prices vary based on billing or payment methods per CDN provider.
Are CDN and Cloud the same?
Cloud computing and content delivery networks (CDNs) are comparable because they offer material from geographically distributed computers. But here is where they differ: Unlike cloud computing, a CDN distributes stuff as soon as feasible.
Conclusion
So in this blog, we discussed CDNs, Cloud CDN, and its features. We then discussed Caching and modes of Caching in Cloud CDN. Other topics like signed URLs, signed request keys, backend buckets, managed instance groups, external backend, and NEGs for cloud CDN were covered. Cloud CDN is a powerful tool to manage network congestion and allow fast and reliable content delivery to the users.
To explore more about Cloud Computing, check out our blogs on Cloud Computing Architecture, Cloud Server, and Introduction to Cloud Computing. To know more about Google Cloud Platform certifications, click here.
Please refer to our guided pathways on Code studio to learn more about DSA, Competitive Programming, JavaScript, System Design, etc. Enroll in our courses, and use the accessible sample exams and questions as a guide. For placement preparations, look at the interview experiences and interview package.
Do upvote our blogs, keep learning and keep growing!
Happy Reading!