More Related Content Similar to AWS Webcast - Amazon CloudFront Zone Apex Support & Custom SSL Domain Names (20) More from Amazon Web Services (20) AWS Webcast - Amazon CloudFront Zone Apex Support & Custom SSL Domain Names 1. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
New Amazon CloudFront Features:
CloudFront Custom SSL Certificates
Zone Apex Support for CloudFront
…to help make Whole Site Delivery easier with CloudFront!
Nihar Bihani – Sr. Product Manager, Amazon CloudFront
nihar@amazon.com
2. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Agenda
Learn about new CloudFront features:
• Custom SSL Certificate Support
• Zone Apex Support for CloudFront
Use Case: Whole Site Delivery
Why use CloudFront for Whole Site Delivery?
Demo
3. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
CloudFront Custom SSL Certificate Support
4. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Custom SSL Certificate Support for CloudFront: WHAT?
Custom SSL Certificate support lets you use CloudFront to
deliver content over HTTPS using your own domain name
and your own SSL certificate.
5. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Custom SSL Certificate Support for CloudFront: WHY?
…helps lower latency and increase reliability of websites, while getting the
security benefits of using your own SSL certificate.
Whole Site Delivery – Deliver your entire website, including the dynamic and secure
portions of the site, using CloudFront.
Cookie Access – Cookies are generally is restricted by most web browsers to the
domain (or sub-domain) that originally sets the cookie. You thus need to use your
own custom domain name when setting cookies on HTTPS pages.
Branding – Use your own brand name in your URLs instead of d123.cloudfront.net.
6. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Custom SSL Certificate Support for CloudFront: HOW?
1. You upload your own SSL certificate to AWS IAM.
2. Request access to this feature by submitting this form:
http://aws.amazon.com/cloudfront/custom-ssl-domains/
3. Once approved by AWS, you can associate your SSL certificate to one
or more CloudFront distributions.
4. Start using your own domain name (e.g. mysite.com) in your HTTPS
URLs delivered via CloudFront.
7. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Custom SSL Certificate Support for CloudFront: PRICING
• Simple, predictable pricing. Monthly cost of $600 per custom SSL
certificate, pro-rated by the hour.
- No initial set-up fees
- No premium on data transfer pricing
- Self-service; no need for professional services or consultants
• You may use any type of certificate – wildcard, EV, SAN, etc.
• You can use the same certificate with multiple CloudFront distributions.
• ALL CloudFront edge locations used to serve HTTPS requests for best
possible performance.
8. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Zone Apex Support for CloudFront
9. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Zone Apex Support for CloudFront: WHAT?
"Zone apex" is the root domain of a website (example.com, without the
www).
Problem: The DNS specification requires "zone apex" to point to an IP
address (an ‘A’ record), not a CNAME (such as the name AWS
provides for a CloudFront distribution, ELB, or S3 website bucket).
Solution: Use Route 53’s ALIAS record.
10. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Zone Apex Support for CloudFront: WHY?
• Route 53 helps make it easy and reliable to configure a zone apex record
(Route 53 calls this an ‘Alias’ record) for AWS resources.
• You can now use CloudFront to deliver content from the root domain, or
"zone apex" of their website – i.e. configure both http://www.example.com
and http://example.com to point at the same CloudFront distribution.
• It’s Free – ‘Alias’ queries that are mapped to a CloudFront distribution are
provided free of charge.
11. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Zone Apex Support for CloudFront: HOW?
The Route 53 console supports configuring ALIAS queries for CloudFront distributions.
12. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Use Case: Whole Site Delivery
13. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Dynamic
Static
What is Whole Site Delivery?
14. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Typical Website Architecture
Elastic Load
Balancing
Dynamic Content
Amazon EC2
Static Content
Amazon S3
cdn.example.com/*.jpg
www.example.com/*.php
Custom Origin
OR
OR
Custom Origin
15. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Whole Site Delivery with CloudFront
Elastic Load
Balancing
Dynamic Content
Amazon EC2
Static Content
Amazon S3 Custom Origin
OR
OR
Custom Origin
Amazon CloudFront
www.example.com
*.jpg
*.php
16. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Whole Site Delivery: Common Myths
Myths…
None of my HTML pages are cacheable.
My HTML pages are customized so
those cannot be cached.
My pages are personalized and unique
for each user, so a CDN won’t be useful.
Debunked…
Often, many pages are cacheable – e.g.
search results pages.
Use Cookies and Query Strings as
cache keys – e.g. local weather pages.
Network and path optimizations allow
CloudFront to speed up dynamic content
– e.g. personalized pages.
17. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Whole Site Delivery Use Cases
• News
• Weather
• Sports
• Social Media
• Advertising
• Stocks
• Ecommerce [NEW!]
• Travel [NEW!]
18. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Why use CloudFront for Whole Site Delivery?
19. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Benefits of Whole Site Delivery with Amazon CloudFront
Making your web applications…….
Faster
Scale Better
More Available
Easier to Manage
Cost Less
…by leveraging AWS’ presence at the edge of the Internet.
20. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
CloudFront can make your web applications…….
Faster
Scale Better
More Available
Easier to Manage
Cost Less
21. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Faster: The Performance Problem
Long Distance + Poor Network = Slow Load Times
22. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Faster: How CloudFront Helps
CloudFront helps change this equation to…
Short Distance + Optimized Network = Fast Load Times
23. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Faster: Global CloudFront Network
Europe
Amsterdam (2)
Dublin
Frankfurt (2)
London (2)
Madrid
Milan
Paris (2)
Stockholm
Asia
Hong Kong (2)
Osaka
Singapore (2)
Tokyo (2)
South America
Sao Paulo
North America
Ashburn, VA (2)
Dallas, TX (2)
Hayward, CA
Jacksonville, FL
Los Angeles, CA (2)
Miami, FL
Newark, NJ
New York, NY (3)
Palo Alto, CA
Seattle, WA
San Jose, CA
South Bend, IN
St. Louis, MO
Australia
Sydney
24. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Faster: Optimized Network Paths
Dynamic Content
Static Content
Amazon CloudFront
www.example.com
*.jpg
*.php
Low Latency
TCP/IP Window Sizing
Persistent Connections
Monitored Network Paths
25. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
CloudFront can make your web applications…….
Faster
Scale Better
More Available
Easier to Manage
Cost Less
26. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Scale Better: How CloudFront Helps
Caching static content at the Edge.
Offloading connection set-up and SSL negotiation to the Edge.
Persistent connections and collapse forwarding help scale your
origin.
27. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
CloudFront can make your web applications…….
Faster
Scale Better
More Available
Easier to Manage
Cost Less
28. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
More Available: How CloudFront Helps
CloudFront is architected for high availability.
Serve cached content even when origin is unavailable.
Availability SLA.
29. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
CloudFront can make your web applications…….
Faster
Scale Better
More Available
Easier to Manage
Cost Less
30. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Easier to Manage: How CloudFront Helps
No need to write any custom code.
No need to split-up the website across multiple domains (e.g. for
dynamic and static content, or https vs. http)
- Multiple origins and cache behaviors make it easy to architect for whole site
delivery.
Self service signup and configuration via AWS Management
Console and APIs.
31. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
CloudFront can make your web applications…….
Faster
Scale Better
More Available
Easier to Manage
Cost Less
32. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Cost Less: How CloudFront Helps
Same price for dynamic and static content!
Preferential pricing on origin fetches from S3 and EC2. NEW!
CloudFront is less expensive than AWS Data Transfer, over 10 TB/mth.
Reserved Capacity Pricing for reduced rates with commitment.
33. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Configuring CloudFront for Whole Site Delivery
Demo
34. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Demo
35. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Demo
36. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Demo
37. © 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Questions?