More Related Content
More from Hiroyasu Suzuki
More from Hiroyasu Suzuki (17)
S3 & ELB & Varnish
- 1. S3 & ELB & Varnish
@suz_lab
Thursday, November 10, 11
- 4. S3
• HTTPでコンテンツをダウンロード
• 堅牢性 : 99.999999999%
: 99.99% (RRD)
• 可用性 : 99.99%
• SLA : 99.9%
Thursday, November 10, 11
- 5. ELB
• ロードバランサー
• SSL Termination
• 実は一つのEC2に複数のELBが接続可能
(AWS Management Console ではできない... )
Thursday, November 10, 11
- 6. Varnish
• コンテンツキャッシュサーバ
• リバースプロキシーサーバ
• HTTPヘッダの操作
Thursday, November 10, 11
- 7. S3 & ELB & Varnish
• S3 の HTTPS での独自ドメイン
• S3 への POST アクセス
• S3 のレスポンスに独自ヘッダ
• S3 & ELB の Zone Apex 対策
Thursday, November 10, 11
- 8. S3 の HTTPS での
独自ドメイン
• Facebookアプリ
• HTTPSはELBで処理
• N(ELB) : 1(Varnish)
Thursday, November 10, 11
- 9. 設定例
sub vcl_recv {
if(req.http.host == "www.cloudpack.jp") {
set req.backend = cloudpack;
set req.http.host = "s3.www.cloudpack.jp";
return(lookup);
}
return(error);
}
backend cloudpack {
.host = "s3.www.cloudpack.jp";
.port = "80";
}
Thursday, November 10, 11
- 10. S3 への
POST アクセス
• Facebookアプリ
• POSTをGETに変換
Thursday, November 10, 11
- 11. 設定例
sub vcl_recv {
if(req.http.host == "www.cloudpack.jp") {
set req.backend = cloudpack;
set req.http.host = "s3.www.cloudpack.jp";
set req.request = "GET";
return(lookup);
}
return(error);
}
Thursday, November 10, 11
- 12. S3 のレスポンスに
独自ヘッダ
• 携帯画像(SoftBank)
の著作権保護機能
• x-jphone-copyright
• SoftBank以外はOK...
Thursday, November 10, 11
- 13. 設定例
sub vcl_recv {
if(req.http.host == "www.cloudpack.jp") {
set req.backend = cloudpack;
set req.http.host = "s3.www.cloudpack.jp";
return(lookup);
}
return(error);
}
sub vcl_fetch {
if(req.http.host == "s3.www.cloudpack.jp") {
set beresp.http.x-jphone-copyright = "no-transfer";
}
return(deliver);
}
Thursday, November 10, 11
- 14. S3 & ELB の
Zone Apex 対策
• ELB で Route53 なら不要
• cloudpack.jp の頭に www つけて
リダイレクト(301)
Thursday, November 10, 11
- 15. 設定例
sub vcl_error {
set obj.http.Content-Type = "text/plain; charset=utf-8";
if(req.url == "/healthcheck.txt") {
set obj.status = 200;
synthetic {"health check"};
} else {
set obj.http.Location = "http://www." req.http.host req.url;
set obj.status = 301;
}
return(deliver);
}
Thursday, November 10, 11