Azure Microsoft Cloud Recharge: AzureCDN Acceleration Principle and Configuration Tutorial
On the battlefield of cloud computing and global network acceleration, Microsoft has a unique set of "combination punches". Many students who have just taken over foreign enterprise projects, overseas business or multinational SaaS systems are often confused when looking for CDN in Microsoft cloud (Azure) background:
"Why is there not only an Azure CDN, but also something called Azure Front Door?"
Today, the technical old bird uses the vernacular to help you
Azure CDN
The underlying acceleration principle, the essential difference between it and Front Door, and a complete set of "life-saving and pit-preventing" configuration tutorials in daily operation and maintenance are clearly explained.
Part 1: The underlying logic of Microsoft network acceleration
Before the formal configuration, we must first sort out the two main products of Azure network acceleration, and don't choose the wrong one:
Azure Front Door: It is a global network portal based on the Anycast (anycast) architecture. If your application has a large number of dynamic API requests, user login interactions, and needs to bring its own Super Firewall (WAF) to prevent DDoS, you should choose Front Door.
Azure CDN (static content delivery): It is the standard edge node (POP) caching network. If you need to distribute a large number of static resources (such as the product map of the independent station, the audio and video package of App, JS/CSS packaged at the front end), choose Azure CDN with the lowest cost and the fastest speed.
Its acceleration principle is actually two things:
Nearby data: Microsoft has an extremely dense POP node in the world. When users in London visit, the traffic is intercepted directly in the local Microsoft computer room in London. If there are cached pictures in it, zero delay will be returned directly.
Global optical fiber shortcut: what if the cache misses (back to the source)? If you change to a small manufacturer, the traffic will cross the sea and return to the source on the congested public highway. However, Microsoft directly stuffed the traffic into its own private optical fiber backbone network all over the world, and the green light soared all the way back to your source station in the United States or Singapore.
Part 2: How to Configure Azure CDN
The logic of configuring a CDN in the Azure console is very organized and disciplined, using a "two-level management system"
You must first create a
"Profile (Profile)"
(Decide which manufacturer's chassis to use), and then create it in it.
Endpoint (Endpoint) (determines which site to accelerate).
Step 1: Create a CDN configuration file (Profile)
Log in to the Azure Portal console, search for "CDN profiles" at the top of the page, and click Create.
Pricing Tier (Pricing tier): [There's an era watershed hidden here] Microsoft is gradually bringing the older generation of Cl
ASSIC classic architecture upgrade. If your business is overseas, it is recommended to directly choose the more modern and more integrated Azure Front Door/CDN Standard Edition or Premium Edition. If you choose the traditional solution, you can switch between Microsoft, Akamai or Verizon(Edgio) engine chassis depending on your budget (the global node distribution of different engines is slightly focused).
Step 2: Create an endpoint (Endpoint) and bind the origin site
In the newly created Profile page, click "+ Endpoint".
Origin type: Microsoft Cloud is very smart. If your file is in Microsoft's network disk, select Storage(Blob storage) directly. If it is a virtual machine, select Virtual machine or Web Apps. If the server is external (for example, Alibaba Cloud), select Custom origin.
Origin host name: Enter the actual IP address or real domain name of your origin.
Origin response timeout: The default is 30 seconds. If your backend needs to process some extremely slow and heavy data analysis queries, it is recommended to manually increase the size, otherwise CDN will directly throw a 504 timeout error.
Step 3: Get through the last mile of DNS (configure CNAME)
After the endpoint is created, Microsoft will send you a similar
yourwebsite.azureedge.net
The official domain name.
You must go to the background of your domain name resolution service provider (such as Aliyun DNS, Cloudflare or GoDaddy) and give your official domain name (such
static.yourcompany.com
) plus one
CNAME record
, point to this
azureedge.net
The accelerated network will only take effect.
Part III: A Guide to "Advanced Tuning and Life Preservation" for Operation and Maintenance of Old Birds
The system of the big factory is extremely powerful, but if you use the default configuration to "run naked", the acceleration will be ineffective, and the monthly bill will be off the charts. The following three tips are the golden guidelines for a production environment:
1. Configure the rules engine (Rules Engine) to achieve "dynamic and static separation"
Many novices found that the website did not become faster after CDN, and the return rate was as high as 95%. This is because your back-end code does not issue the correct cache response header, causing Microsoft nodes to dare not cache.
Old bird solution: add two rules to the rules engine (rule engine) of the endpoint: condition: if the file suffix matches. jpg, .png, .js, .css. Action: Force overwrite cache (Cache expiration $\righ
Tarrow $Override), the time is set to 30 days. In this way, no matter how bad your back-end code is, Microsoft will help you carry these static traffic on the edge of the world.
2. Know the pop-up pit of the query string cache (Query String Caching)
If the URL accessed by the user has parameters, such
image.jpg?v=1
and
image.jpg?v=2
What should CDN do?
Azure CDN provides three modes:
Bypass query strings (ignoring parameters): No matter what follows the question mark, the global node only caches one copy of image.jpg. Static resources most recommended]
Cache every unique URL (strictly cached): As long as the parameters after the question mark are a little different, CDN thinks this is a brand-new file and returns to the source. [Careful Selection] If hackers use scripts to put random timestamps after question marks (e. g.? t = 123456), this will completely penetrate the CDN cache and millions of requests will directly paralyze your source server instantly!
3. How to clean the error cache in seconds (Purge)
What if the code goes online urgently or the picture is wrong and the whole network nodes have cached the wrong version?
Don't panic, go to the endpoint page, there is a striking at the top
Purge (Clear)
Button.
If you want to refresh the whole station, enter/*.
If you only want to update a front-end file with a bug, enter the exact path such as/js/main.js. After clicking OK, Microsoft's backbone network will wipe out all the old caches of global edge nodes within 1 to 2 minutes, forcing them to go back to the source to get the latest code next time.
Summary
Configuring Azure CDN is actually using Microsoft's "global optical fiber high-speed rail network" to set up "static file front warehouses" at the intersection nearest to your users ".
As long as you
The boundary between static CDN and dynamic Front Door is clarified, the rule engine is used to forcibly lock the cache time of static files, and the query string is set to "ignore parameters" to prevent malicious penetration attacks.
, you can use the most elegant and economical posture to let users around the world experience the smooth speed of flying when accessing your system.
