Skip to content
Pablo Rodriguez

Caching Using Cloudfront

Caching using CloudFront

Section titled “Caching using CloudFront”

Content Delivery Network (CDN)

Section titled “Content Delivery Network (CDN)”

Delivery Challenge

Section titled “Delivery Challenge”

Deliver geographically dispersed content with low latency and low cost for end users to access.

CDN Solution

Section titled “CDN Solution”
  • Is a globally distributed system of caching servers
  • Has intermediary servers between the client and the application
  • Caches copies of commonly requested files (static content)
  • Delivers a local copy of the requested content from a nearby cache edge or point of presence

Challenge: Because of the global and complex nature of the internet, communication traffic between applications and their users (clients) has to move over large physical distances. If the user is located far from that server, it will take a long time to load a large file, such as a video or website image.

Solution: A CDN is a network of interconnected servers that speeds up application loading for data-heavy applications. Static content is stored on CDN servers geographically closer to the users and reaches their computers much faster.

A CDN improves efficiency by introducing intermediary servers between the client and the website server. These CDN servers manage some of the client-server communications. They decrease web traffic to the web server, reduce bandwidth consumption, and improve the user experience of your applications.

Which Type of Content Can You Cache?

Section titled “Which Type of Content Can You Cache?”
  • Images can be cached
  • Videos can be cached
  • Web objects can be cached (HTML documents, CSS style sheets, JavaScript files)

You can configure CloudFront to deliver dynamically generated content from an application that runs on a custom origin, such as an Amazon EC2 instance or a web server.

CloudFront Features

Section titled “CloudFront Features”

CloudFront is a CDN service built for high performance, security, and developer convenience.

Key Capabilities:

Section titled “Key Capabilities:”
  • Delivers content across the globe securely with low latency and high transfer speeds
  • Provides high-speed content distribution by delivering through edge locations
  • Improves application resiliency from distributed denial of service (DDoS) attacks by leveraging services such as AWS Shield and AWS WAF

CloudFront speeds up the distribution of your content by routing each user request through the AWS backbone network to the edge location that can best serve your content. Using the AWS network dramatically reduces the number of networks that your users’ requests must pass through, which improves performance.

You also get increased reliability and availability because copies of your content are now cached in multiple edge locations around the world.

CloudFront Global Edge Network Components

Section titled “CloudFront Global Edge Network Components”

CloudFront Edge Locations

Section titled “CloudFront Edge Locations”
  • Are more numerous and closer to users
  • Have smaller caches
  • Help ensure that popular content can be served quickly to viewers

CloudFront Regional Edge Caches

Section titled “CloudFront Regional Edge Caches”
  • Are fewer and farther away from users
  • Have larger caches
  • Help with less popular content in particular

CloudFront uses a global network of more than 550 edge locations and 13 Regional edge caches in more than 100 cities across 50 countries.

Performance

Regional edge caches are CloudFront locations that are deployed globally and close to your viewers. They are located between your origin location and the global edge locations that serve content directly to viewers. Regional edge caches reduce the need for CloudFront to go back to your origin server, and they improve overall performance for viewers.

How Caching Works in CloudFront

Section titled “How Caching Works in CloudFront”

  1. A user makes a request to access the cat.jpg image file.

  2. The DNS routes the request to the edge location that can best serve the request. CloudFront checks the cache for the requested content. If the content is in the cache, CloudFront delivers it immediately to the user.

  3. If the content is not currently in the cache, CloudFront forwards the request to the origin location that you identified as the source for the definitive version of your content (e.g., Amazon S3 bucket).

  4. The origin location sends the object back to the edge location.

  5. CloudFront forwards the file to the user and adds it to the cache for the next time someone requests it.

The time to live (TTL) is the setting in CloudFront that determines how long the edge locations should cache the content before requesting it again from the origin server.

How to Configure a CloudFront Distribution

Section titled “How to Configure a CloudFront Distribution”

  1. Specify an origin location from which CloudFront gets your files. An origin server stores the original, definitive version of your objects.

  2. Configure the distribution, which tells CloudFront which custom origins to get your files from when users request the files through your website or application.

  3. CloudFront becomes available and assigns a domain name to your new distribution.

  4. CloudFront sends your distribution’s configuration to all edge locations.

Controlling How Long Content is Cached

Section titled “Controlling How Long Content is Cached”

Set a Maximum TTL Value

Section titled “Set a Maximum TTL Value”
  • Expires cached content faster with a low maximum TTL value
  • Trade-off: More frequent requests to your origin because caches need repopulation

Implement Content Versioning

Section titled “Implement Content Versioning”
  • Every time you update content, embed a version identifier in the file names
  • CloudFront immediately fetches new files from the origin
  • Sidesteps CloudFront expiration behaviors altogether

Specify Cache-Control Headers

Section titled “Specify Cache-Control Headers”
  • Manage CloudFront expiration behavior by specifying Cache-Control headers for your website content
  • Provides precise control over content expiration for individual files

Use CloudFront Invalidation Requests

Section titled “Use CloudFront Invalidation Requests”
  • Force CloudFront to expire content from edge caches
  • Takes several minutes to complete
  • Should be used sparingly and only for individual objects

Using CloudFront for Video Streaming

Section titled “Using CloudFront for Video Streaming”

You can use CloudFront to deliver streaming videos. You must use an encoder to format and package video content before CloudFront can distribute it.

Examples of encoders:

  • AWS Elemental MediaConvert
  • Amazon Elastic Transcoder

The packaging process creates segments, which are static files that contain your audio, video, and captions content. It also generates manifest files, which describe which segments to play and the specific order to play them in.

DDoS Mitigation

Section titled “DDoS Mitigation”

Security Challenge

Section titled “Security Challenge”

Publicly accessible content is exposed to common web threats that affect availability and compromise security.

CloudFront Solution

Section titled “CloudFront Solution”
  • Route 53 monitoring and mitigation are built in as it routes traffic to CloudFront
  • AWS WAF can create web access control lists (ACLs) that configure rules to analyze incoming requests and block threats
  • AWS Shield DDoS mitigations allow only traffic that is valid for web applications to pass through

CloudFront protects against network and application layer attacks, supports multiple methods of access control, and helps ensure secure delivery for sensitive data. CloudFront delivers content over HTTPS by using the latest TLS version to encrypt and secure communication between viewer clients and CloudFront.

CloudFront provides a comprehensive CDN solution that not only improves performance through caching but also enhances security and availability for global content delivery.