Amazon CloudFront can help organizations improve the performance of Web applications by using a content distribution...
network architecture and associated technologies to move data closer to users. In addition, it can help reduce costs compared to delivering similar content using the S3 data storage service underpinning Amazon Web Services.
"If you have infrastructure on AWS, then delivering from CloudFront is a no-brainer," said Ben Maynard, Senior Engineer at Logicworks, a cloud solutions provider. "If you are delivering static content globally, you should absolutely use CloudFront, as it will speed your application up with minimum effort," he added.
CloudFront is one of many content distribution network (CDN) services now available for speeding the delivery of content using a variety of techniques for caching content closer to users via edge servers. The service can support the acceleration of static content, such as video, large files and small files by staging frequently accessed content at 51 points of presence around the globe.
S3 versus CloudFront
To understand how CloudFront fits into the Web application architecture, it's important to consider the distinctions and interaction between Amazon S3 and CloudFront. S3 provides storage for a variety of content ranging from Web applications to media files. Any storage server or service (including S3) can be configured as an origin store for distributing content to CloudFront edge locations. However, there are cost advantages when content is hosted directly on S3.
When CloudFront is configured properly, requests for content can be made to the CloudFront edge locations, using fewer network hops and more streamlined TCP packets for delivering the content, compared with the fewer data centers hosting S3 services. When the first request for content is received, the data is fetched from the origin store and then cached at the edge server for a specified duration. Subsequent requests for the same data can be pulled directly from this cache rather than the S3 origin server.
CloudFront can serve both static and dynamic content, and the pricing for both is the same, said Nihar Bihani, Principal Product Manager at Amazon Web Services. Some of the other CDN providers charge more depending on the type of content. CloudFront makes sense for most types of content because the website gets a performance gain for the same cost. If the amount of content distributed via CloudFront grows past 10 terabytes per month, CloudFront is actually a penny cheaper per gigabyte.
CloudFront also includes a number of value-added services which can improve the user experience for viewing media files. For example, one of the challenges of streaming video to a large audience lies in delivering the best performance over the available network and to the target device. Most new computers, smartphones and set-top boxes can support full 1080p video. But older devices may not have the screen resolution or processing power to properly render video at this level of quality.
If the data rate chosen for the video is too low, the user misses out on the highest-quality experience possible. Conversely, if the video is streamed at too high a data rate, packets will be lost or delayed, and the user will experience choppy video playback.
To address these issues, Amazon CloudFront has implemented adaptive rate video playback, which is able to dynamically change bit rate depending on the user's device and network for both live and on-demand content using applications such as Microsoft Smooth Streaming, Wowza Streaming Engine or Adobe Media Server.
For example, the Public Broadcasting Service uses dynamic streaming to provide streaming video through mobile applications and several websites. They store the content in Amazon S3 and use this as an origin for their CloudFront distribution.
Setting up a basic streaming service is fairly straightforward when the content is made freely available to the public. In other business models, there may be a need to restrict access to the content to geographic regions or to paying customers. For example, Amazon Prime Music stores their content in S3 and then uses CloudFront to deliver this content securely to end users.
In this use, the content is protected using the Signed URL feature of Amazon CloudFront. The CloudFront configuration panel includes various options for turning these features on and off. The signed URLs can be generated manually or programmatically in response to user payment and can include variables such as ending date and time. A range of allowable IP addresses for requesting the content can also be generated to reduce the impact from users sharing their URLs with others.
It is also important to configure the S3 bucket so that users can only access the content via CloudFront, said Bihani. This requires the creation of a virtual CloudFront user called an "origin access identity" (OAI). The S3 origin server also needs to be set up with a white list of allowable users that only allows the OAI and administrators to access the S3 bucket directly.
Bihani said that geo-restrictions can also be set on CloudFront for enterprises with limited distribution rights or export restrictions. A media company could set up a white list to only allow a video to be distributed into countries allowed under its license. Alternatively, a black list can be set up for blocking access for files such as PC applications with export restrictions owing to the use of cryptography.
When content is restricted, it's also a good idea to think through the kinds of error messages that need to be generated for the end user. This can help convert non-subscribers into paying ones. It can also make it easier to troubleshoot problems when legitimate users are not able to retrieve content.
Optimize the files
It is a good idea to look at how the files can be shrunk. If the service is sending files out that are larger than they need to be, the costs of distribution will rise and the user experience will suffer.
Some of these types of optimizations include shrinking and storing files that are best suited for the target display. In addition, higher compression settings for pictures can also help reduce the size of the files. Techniques like converting pictures into sprites embedded directly in the Web page can help reduce the number of requests made to the server for retrieving popular images.
Check the configurations
It is important to check the configuration settings for the associated EC2, S3 and CloudFront services, and the URLs generated by the application. "I have seen people that thought they were uploading their content to use CloudFront, but they were only delivering from S3 because they did not configure the application to deliver the content properly," Maynard said. "It is important to make sure that content is being uploaded to CloudFront, and that the right link is in the Web code."
Many tools for deploying websites include features for taking care of these details somewhat automatically, such as plug-ins for Drupal and WordPress. These ensure that when new content is uploaded to the Web, the proper URLs are generated for taking advantage of CloudFront rather than directly from the Amazon S3.
As an enterprise begins to roll out new applications, it is a good idea to check in on updates to CloudFront and associated services. Maynard said, "You need to keep track of what is happening with CloudFront. Like other Amazon products, they are constantly adding to it. After a service has been set up, it is possible that other ways to improve costs or performance could emerge."