Zvemukati Delivery Networks (CDNs) anoshandiswa mumawebhusaiti uye maapplication kunyanya kukurumidzira kurodha kwezvinhu zvakamira. Izvi zvinoitika nekuda kwekuchengetwa kwemafaira paCDN maseva ari munzvimbo dzakasiyana dzenzvimbo. Nekukumbira data kuburikidza neCDN, mushandisi anoigamuchira kubva kune iri pedyo server.
Nheyo yekushanda uye kushanda kwezvese zvemukati zvekutumira network inenge yakafanana. Mushure mekugamuchira chikumbiro chekudhawunirodha faira, iyo CDN server inotora iyo-nguva kubva kune yekutanga sevha uye inopa kune mushandisi, panguva imwe chete ichiichengeta kwenguva yakatarwa. Zvese zvikumbiro zvinotevera zvinopindurwa kubva kune cache. Ese maCDN ane sarudzo dzekutanga kurodha mafaera, kudzima cache, kuseta zuva rekupera, nezvimwe.
Zvinoitika kuti, nechikonzero chimwe kana chimwe, iwe unofanirwa kuronga yako wega yekutumira network, uyezve - rega mirairo yekuunganidza bhasikoro rinotevera ribatsire kwatiri.
Source:
Paunenge uchida yako CDN
Funga nezvezviitiko apo kumhanya yako CDN ine musoro:
- kana pane chido chekuchengetedza mari, uye kushandiswa kwemari kunyange kana uchishandisa maCDN asingadhuri akafanana mari inosvika mazana emadhora pamwedzi
- kana isu tichida kuwana chisingaperi cache kana cache isina server uye chiteshi vavakidzani
- CDN masevhisi haana mapoinzi ekuvapo mudunhu raunoda
- chero akakosha ekutakura emukati marongero anodiwa
- isu tinoda kukurumidzira kuendeswa kwezvinhu zvine simba nekuisa server yekugadzira padyo nevashandisi
- pane kushushikana kuti wechitatu-bato CDN sevhisi inogona kuunganidza zvisiri pamutemo kana kushandisa ruzivo nezve mushandisi maitiro (mhoroi isiri-GDPR-inopindirana masevhisi) kana kuita zvimwe zvisiri pamutemo.
Mune zvimwe zviitiko zvakawanda, zvakanyanya kufanira kushandisa zvigadziriso zviripo zvakagadzirirwa.
Chii chaunoda kutanga
Zvinoshamisa kana iwe uine yako Autonomous System (AS). Nayo, unogona kugovera iyo IP yakafanana kune akati wandei maseva uye padanho retiweki, tungamira vashandisi kune iri pedyo. Izvo zvakakodzera kutaura kuti kunyangwe neiyo / 24 kero block, zvinokwanisika kuvaka yemukati yekutumira network. Vamwe vanopa seva vanokubvumidza kuti uite chiziviso chekushandisa munzvimbo dzese dziripo kwavari.
Kana iwe usiri muridzi anofara we block ye IP kero, saka kumhanya iri nyore CDN iwe uchada:
- domain name kana subdomain
- maseva maviri ari munzvimbo dzakasiyana. Sevha inogona kuve yakatsaurirwa kana yechokwadi
- geoDNS chishandiso. Nayo, mushandisi, achinge ataura iyo domain, anozotungamirwa kune iri pedyo server
Bhalisa domain uye odha maseva
Nekunyoreswa kwedomasi, zvese zviri nyore - tinonyoresa mune chero nzvimbo nechero registrar. Iwe unogona zvakare kushandisa subdomain yeCDN, semuenzaniso chimwe chinhu chakadai cdn.domainname.com. Chaizvoizvo, mumuenzaniso wedu, tichaita izvozvo chaizvo.
Kana ari maseva ekuodha, anofanirwa kubhadharwa mumatunhu uye nyika uko vateereri vako varipo. Kana iyo purojekiti iri intercontinental, saka zviri nyore kusarudza vanopa vanopa vanopa maseva pasi rese kamwechete. Mienzaniso: , ΠΈ - kumaseva akazvitsaurira, ΠΈ - yegore chairo*.
Kune yedu yakavanzika CDN, isu tichaodha matatu chaiwo maseva pamakondinendi akasiyana. At Vultr pa server ye $5/mo tichawana 25GB SSD nzvimbo uye 1TB yemotokari. Paunenge uchiisa, sarudza yazvino Debian. Masevha edu:
Frankfurt, ip: 199.247.18.199
Chicago, ip: 149.28.121.123
Π‘ΠΈΠ½Π³Π°ΠΏΡΡ, ip: 157.230.240.216
*Vultr uye DigitalOcean inovimbisa $100 kiredhiti kune vashandisi vanonyoresa kuburikidza nemanongedzo ari muchinyorwa nekukurumidza mushure mekuwedzera nzira yekubhadhara. Munyori anogashirawo rumbidzo diki kubva pane izvi, izvo zvakakosha kwaari iye zvino. Ndapota nzwisisa.
Kugadzira geoDNS
Kuti mushandisi aendeswe kune inodiwa (yepedyo) sevha kana uchinge wawana domain kana CDN subdomain, tinoda DNS server ine geoDNS basa.
Nheyo uye kushanda kwe geoDNS ndeiyi inotevera:
- Inotsanangura IP yemutengi akatumira chikumbiro cheDNS, kana IP yerecursive DNS server iyo inoshandiswa pakugadzirisa chikumbiro chemutengi. Masevha anodzokororwa akadaro anowanzo maDNS-s evanopa.
- IP yemutengi inoziva nyika yake kana dunhu. Kune izvi, GeoIP dhatabhesi anoshandiswa, ayo kune akawanda akawanda nhasi. Pane zvakanaka .
- Zvichienderana nenzvimbo yemutengi, inomupa iyo IP kero yepedyo CDN server.
DNS server ine geoDNS basa inogona kuva , asi zviri nani kushandisa yakagadzirira-yakagadzirwa mhinduro ine network yeDNS maseva pasi rese uye kubva mubhokisi:
- ΠΎΡ $9.95/mo, GeoDNS mutero, nekusarudzika kune imwe DNS Failover
- ΠΎΡ $25/mo, DNS Failover yakagoneswa
- ΠΎΡ $35/mo kune mambure 50M geo-zvikumbiro. DNS Failover inobhadharwa zvakasiyana
- ΠΎΡ $125/mo, pane gumi DNS Failvers
- , "Geo Steering" chimiro chinowanikwa muzvirongwa zveBhizinesi
Paunenge uchiraira geoDNS, iwe unofanirwa kutarisisa kune huwandu hwezvikumbiro zvinosanganisirwa mutero uye chengeta mupfungwa kuti iyo chaiyo nhamba yezvikumbiro kune iyo domain inogona kudarika zvinotarisirwa kakawanda. Mamirioni emadandemutande, scanner, spammers nemamwe mweya yakaipa anoshanda asinganeti.
Anenge ese masevhisi eDNS anosanganisira basa rinokosha rekuvaka CDN - DNS Failover. Nerubatsiro rwayo, unogona kuseta kutarisa kwekushanda kwemaseva ako uye, mukusavapo kwezviratidzo zvehupenyu, wobva watsiva kero yeasiri kushanda sevha ine backup imwe muDNS mhinduro.
Kuvaka CDN yedu, isu tichashandisa , GeoDNS mutero.
Ngatiwedzerei nzvimbo itsva yeDNS muaccount yako, tichitsanangura domain yako. Kana isu tichivaka CDN pane subdomain, uye iyo huru domain yatove kushandiswa, ipapo pakarepo mushure mekuwedzera iyo zone, usakanganwa kuwedzera iripo inoshanda DNS marekodhi. Nhanho inotevera ndeyekugadzira akati wandei A-marekodhi eiyo CDN domain / subdomain, imwe neimwe ichashandiswa kudunhu ratakatsanangura. Unogona kutsanangura makondinendi kana nyika sematunhu, madiki-matunhu anowanikwa kuUSA neCanada.
Muchiitiko chedu, iyo CDN ichasimudzwa pane subdomain cdn.sayt.in. Nekuwedzera nzvimbo sayt.in, gadzira yekutanga A-rekodhi ye subdomain uye inongedza yese yeNorth America kune server muChicago:
Ngatidzokorore chiito kune mamwe matunhu, tichirangarira kugadzira imwe yekupinda yematunhu akasarudzika. Hezvino izvo zvinoitika pakupedzisira:
Yekupedzisira yakasarudzika yekupinda muscreenshot inoreva kuti matunhu ese asina kutaurwa (uye aya iEurope, Africa, setiraiti Internet vashandisi, nezvimwewo) ichaendeswa kune server muFrankfurt.
Izvi zvinopedzisa iyo yakakosha DNS setup. Izvo zvinosara kuenda kune iyo domain registrar's webhusaiti uye kutsiva yazvino domain NSs neaya akapihwa CloudDNS. Uye nepo maNS achagadziridzwa, isu tichagadzira maseva.
Kuiswa kweSSL zvitupa
Yedu CDN ichashanda pamusoro peHTTPS, saka kana iwe uchitova neSSL zvitupa zvedomain kana subdomain, zviise kune ese maseva, semuenzaniso, kune dhairekitori. /etc/ssl/yourdomain/
Kana pasina zvitupa, unogona kuwana yemahara kubva Let's Encrypt. Yakakwana yeizvi . Mutengi ari nyore uye ari nyore kumisikidza, uye zvinonyanya kukosha, inokutendera kuti usimbise domain/subdomain neDNS kuburikidza neiyo CloudDNS API.
Isu tichaisa acme.sh pane imwe chete yemaseva - European 199.247.18.199, kubva pane izvo zvitupa zvichakopwa kune vamwe vese. Kuisa, mhanya:
root@cdn:~# wget -O - https://get.acme.sh | bash; source ~/.bashrcPanguva yekuiswa kweiyo script, basa reCRON richagadzirwa kuti riwedzere kuvandudzwa kwezvitupa pasina isu kutora chikamu.
Paunenge uchiburitsa chitupa, iyo domain inotariswa uchishandisa DNS uchishandisa API, saka muClouDNS account yako muReseller API menyu, unofanirwa kugadzira mushandisi mutsva API uye kuseta password yayo. Iyo inokonzeresa auth-id ine password ichanyorwa mufaira ~/.acme.sh/dnsapi/dns_cloudns.sh (kwete kuvhiringidzwa nefaira dns_clouddns.sh) Heano mitsara inoda kuburitswa uye kugadziridzwa:
CLOUDNS_AUTH_ID=<auth-id>
CLOUDNS_AUTH_PASSWORD="<ΠΏΠ°ΡΠΎΠ»Ρ>"
Iye zvino tichakumbira chitupa cheSSL che cdn.sayt.in
root@cdn:~# acme.sh --issue --dns dns_cloudns -d cdn.sayt.in --reloadcmd "service nginx reload"Mune sarudzo, yeramangwana, isu tatsanangura murairo wekuti udzorere otomatiki iyo web server kumisikidzwa mushure mekuvandudzwa kwega kwega kwechitupa nguva yechokwadi mune ramangwana.
Maitiro ese ekutora chitupa anogona kutora kusvika maminetsi maviri, usakanganise. Kana chikanganiso chekusimbisa domain chikaitika, edza kumhanyisa murairo zvakare. Kumagumo tinozoona kwakaiswa zvitupa:
Rangarira makwara aya, anozoda kutsanangurwa kana uchikopa chitupa kune mamwe maseva, pamwe chete newebhu server marongero. Isu hatitarise kukanganisa kwekurodhazve maNginx configs - haizove pane yakanyatso gadziridzwa server kana uchivandudza zvitupa.
Zvese zvatakasiira SSL ndezvekukopa chitupa chakagamuchirwa kune mamwe maviri maseva tichichengetedza nzira yekumafaira. Ngatigadzire madhairekitori akafanana pane imwe neimwe yadzo uye tiite kopi:
root@cdn:~# mkdir -p /root/.acme.sh/cdn.sayt.in/
root@cdn:~# scp -r [email protected]:/root/.acme.sh/cdn.sayt.in/* /root/.acme.sh/cdn.sayt.in/
Kuti ugadzirise zvitupa nguva dzose, gadzira zuva nezuva CRON basa pane ese ari maviri maseva nemurairo:
scp -r [email protected]:/root/.acme.sh/cdn.sayt.in/* /root/.acme.sh/cdn.sayt.in/ && service nginx reload
Muchiitiko ichi, kupinda kune kure kure sosi server kunofanirwa kugadzirwa , i.e. pasina kuisa password. Usakanganwa kuzviita.
Kuisa uye kugadzirisa Nginx
Kushandira static zvemukati, isu tichashandisa Nginx yakagadziriswa senge caching proxy server. Gadziridza rondedzero yepakiti uye uiise pane ese matatu maseva:
root@cdn:~# apt update
root@cdn:~# apt install nginxPanzvimbo peiyo default, isu tinoshandisa iyo config kubva kune spoiler pazasi:
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_proxied any;
gzip_vary on;
gzip_types text/plain application/javascript text/javascript text/css application/json application/xml text/xml application/rss+xml;
gunzip on;
proxy_temp_path /var/cache/tmp;
proxy_cache_path /var/cache/cdn levels=1:2 keys_zone=cdn:64m max_size=20g inactive=7d;
proxy_cache_bypass $http_x_update;
server {
listen 443 ssl;
server_name cdn.sayt.in;
ssl_certificate /root/.acme.sh/cdn.sayt.in/cdn.sayt.in.cer;
ssl_certificate_key /root/.acme.sh/cdn.sayt.in/cdn.sayt.in.key;
location / {
proxy_cache cdn;
proxy_cache_key $uri$is_args$args;
proxy_cache_valid 90d;
proxy_pass https://sayt.in;
}
}
}Rongedza mune config:
- max_size - ukuru hwecache, isingapfuuri nzvimbo inowanikwa disk
- chisingashande -Kuchengetera nguva yedata yakavharirwa iyo isina munhu akawana
- ssl_certificate ΠΈ ssl_certificate_kiyi - nzira dzeSSL chitupa uye mafaera akakosha
- proxy_cache_valid - nguva yekuchengetedza yedata yakachengetwa
- proxy_pass - kero yeserver yekutanga iyo CDN ichakumbira mafaera ekuchengetedza. Mumuenzaniso wedu, izvi sayt.in
Sezvaunogona kuona, zvose zviri nyore. Kuomerwa kunogona chete kusimuka mukuisa iyo caching nguva nekuda kwekufanana kwemirairo chisingashande ΠΈ proxy_cache_valid. Ngatizviongorore nemuenzaniso wedu. Hezvino zvinoitika kana kusashanda=7d ΠΈ proxy_cache_valid 90d:
- kana chikumbiro chikasadzokororwa mukati memazuva manomwe, data ichabviswa kubva kucache mushure menguva iyi
- kana chikumbiro chikadzokororwa kamwechete mazuva e7, ipapo data iri mu cache ichaonekwa isingachashandi mushure memazuva makumi mapfumbamwe uye Nginx ichaigadzirisa nechikumbiro chinotevera, ichitora kubva kune yekutanga server.
Yapedza kugadzirisa nginx.conf, redha zvigadziriso:
root@cdn:~# service nginx reloadCDN yedu yakagadzirira. Ne $15/mo. takagamuchira mapoinzi ekuvapo pamakondinendi matatu uye 3 TB yetraffic: 1 TB munzvimbo yega yega.
Kuongorora basa reCDN
Ngatitarisei mapings kuCDN yedu kubva kunzvimbo dzakasiyana dzenzvimbo. Chero sevhisi yeping ichashanda kune izvi.
Launch point
Host
IP
Avg nguva, ms
Germany Berlin
cdn.sayt.in
199.247.18.199
9.6
Netherlands, Amsterdam
cdn.sayt.in
199.247.18.199
10.1
France Paris
cdn.sayt.in
199.247.18.199
16.3
United Kingdom, London
cdn.sayt.in
199.247.18.199
14.9
Kanadha, Toronto
cdn.sayt.in
149.28.121.123
16.2
USA, San Francisco
cdn.sayt.in
149.28.121.123
52.7
USA, Dallas
cdn.sayt.in
149.28.121.123
23.1
USA, Chicago
cdn.sayt.in
149.28.121.123
2.6
USA, New York
cdn.sayt.in
149.28.121.123
19.8
Π‘ΠΈΠ½Π³Π°ΠΏΡΡ
cdn.sayt.in
157.230.240.216
1.7
Japan Tokyo
cdn.sayt.in
157.230.240.216
74.8
Australia, Sydney
cdn.sayt.in
157.230.240.216
95.9
Migumisiro yacho yakanaka. Iye zvino tichaisa mufananidzo wekuedza mumudzi wenzvimbo huru test.jpg uye tarisa kumhanya kwayo kurodha kuburikidza neCDN. Zvinonzi - . Zvemukati zvinounzwa nekukurumidza.
Ngatinyorei diki script kana isu tichida kudzima cache pane iyo CDN point.
purge.sh
#!/bin/bash
if [ -z "$1" ]
then
echo "Purging all cache"
rm -rf /var/cache/cdn/*
else
echo "Purging $1"
FILE=`echo -n "$1" | md5sum | awk '{print $1}'`
FULLPATH=/var/cache/cdn/${FILE:31:1}/${FILE:29:2}/${FILE}
rm -f "${FULLPATH}"
fi
Kudzima cache yese, ingoimhanyisa, faira rakasiyana rinogona kucheneswa seizvi:
root@cdn:~# ./purge.sh /test.jpgPanzvimbo yemhedziso
Chekupedzisira, ini ndoda kupa mamwe matipi anobatsira kuitira kuti ndibve ndangotsika reki iyo yakaita kuti musoro wangu urwadze panguva iyoyo:
- Kuti uwedzere kukanganisa kushivirira kweCDN, zvinokurudzirwa kugadzirisa DNS Failover, iyo inobatsira kukurumidza kuchinja A rekodhi kana pakaparara server. Izvi zvinoitwa mune control panel DNS marekodhi eiyo domain.
- MaSaiti ane yakafara geographic coverage pasina mubvunzo anoda nhamba yakakura yeCDNs, asi ngatisave vanonyanyisa. Zvingangodaro kuti mushandisi haaone mutsauko wakakura uchienzaniswa neCDN yakabhadharwa kana ukaisa maseva munzvimbo 6-7: Europe, North America (kumabvazuva), North America (kumadokero), Singapore, Australia, Hong Kong kana Japan.
- Dzimwe nguva vabati havabvumiri kushandiswa kwemaseva akarenda kune zvinangwa zveCDN. Naizvozvo, kana iwe ukaerekana wafunga kuendesa zvemukati dhizaini sevhisi sevhisi, usakanganwa kuverenga iyo mitemo yemumwe mupi wekutambira pamberi.
- Explore kumiririra kuti makondinendi akabatana sei uye funga izvi paunenge uchigadzira network yekutumira
- Edza kutarisa kumaseva ako. Nenzira iyi iwe unogona kuona matunhu ari padyo neCDN mapoinzi uye kugadzirisa GeoDNS zvakanyanya
- Zvichienderana nemabasa, zvichave zvinobatsira kunyatso-tune Nginx kune chaiyo caching zvinodiwa uye uchifunga nezve mutoro uri paserver. Zvinyorwa nezve Nginx cache zvakandibatsira zvakanyanya mune izvi - uye kukurumidza kwebasa pasi pemitoro inorema: ΠΈ
Source: www.habr.com