CDN Primer - andywahr/azure-cdn-guidance GitHub Wiki
CDNs have 4 basic capabilities:
- Cache Static File Content (JS, CSS, Images, Videos, Files, etc..)
- Cache Web Page Content Warning read: Caching Dynamic Content
- Dynamic Site Acceleration (DSA): Make a consistent global experience for your website utilizing the CDN Provider's network
- Web Application Firewall (WAF): Filters, monitors, blocks HTTP traffic.
A CDN Provider deploys an extremely large (regionally or globally) infrastructure that consists of a network of Points of Presences (Pops) which effectively are mini-data centers. These data centers are linked together in a private network allowing a CDN Provider to control latency and performance, and provide consistent service for regional or global traffic management and caching. By using a CDN in front of your site, you effectively extend the "Edge" of your "Origin" or website closer to end users. When you have an asset being served by a CDN:
- Your end users' connection to your site is handled closer to them (much more consistent connection and faster SSL handshake since this almost always since the CDN is closer to the user than your site)
- If the asset is cached, it will be delivered directly from that Pop (it doesn't have to make a request to your web site)
- If your site is being accelerated, you get more consistent world wide performance (users connect to the nearest Pop, then traverse close to your site thru the CDN's private network not the public internet)
- If your site has WAF, blocking occurs at the "Edge" or at the Pop, and your Origin is not impacted
There are several strategies on how to take advantage of CDN, but it has all to do about how often the content of the URL request changes.
Caching Static Content
Static files are the easiest, they only change when you change the file. Static files can be CSS, JS, Image, and Video files. HTML files can also be considered static, meaning the exact file without changes is accessed by users. (For something interesting see Host a static website in Azure Storage).
Caching Dynamic Content
If your content is hosted in a website that is running (SharePoint, WordPress, NodeJS, Java, .Net, etc...), you would use DSA instead of just traditional caching. When your website is running some kind of executable code, requests to it can serve a combination of Static Content and Dynamic Content. Dynamic Content is when executable code server side issues content that might be based on a static file you created. It can influence parts of the HTTP Response that wraps the content you have created that are used by your application, such as headers and cookies as well as the HTML. Every request could result in different headers, cookies, and HTML. This becomes the fundamental challenge of caching Dynamic Websites.
WARNING - Caching Dynamic Content could mean you cache things like Cookies and response Headers. If you website uses any kind of Authentication that originates server side with Response Headers and Cookies, it's very likely caching those pages would cache the first person to hit the page. Turning on Caching for an existing Dynamic Site requires a significant amount of investigation before preceding.
On Azure, we provide choice of 3 Providers thru the Azure Content Delivery Service:
| Provider | Static/Web Page Content | Dynamic Site Acceleration | Web Application Firewall |
|---|---|---|---|
| Microsoft | Azure CDN Profile - Standard Microsoft: General web delivery | Azure Front Door | Azure Web Application Firewall on Azure Front Door |
| Verizon (Standard) | Azure CDN Profile - Standard Verizon : General web delivery | Azure CDN Profile - Standard Verizon : Dynamic site acceleration | N/A |
| Verizon (Premium) | Azure CDN Profile - Premium Verizon : General web delivery | Azure CDN Profile - Premium Verizon : Dynamic site acceleration | N/A |
| Akamai | Azure CDN Profile - Standard Akamai: General web delivery | Azure CDN Profile - Dynamic site acceleration | N/A |