Overview of the Windows Azure CDN
Updated: July 31, 2013
The Windows Azure Content Delivery Network (CDN) caches Windows Azure blobs and static content used by cloud services at strategically placed locations to provide maximum bandwidth for delivering content to users.
If you are an existing CDN customer, you can now manage your CDN endpoints through the Windows Azure Management Portal.
|Note that the CDN has a separate billing plan from Windows Azure Storage or Windows Azure Cloud Services.|
The CDN offers developers a global solution for delivering high-bandwidth content by caching the content at physical nodes in the United States, Europe, Asia, Australia and South America. For a current list of CDN node locations, see Windows Azure CDN Node Locations.
The benefits of using the CDN to cache Windows Azure data include:
Better performance and user experience for end users who are far from a content source, and are using applications where many ‘internet trips’ are required to load content
Large distributed scale to better handle instantaneous high load, say, at the start of an event such as a product launch
|When you create or enable a CDN endpoint, it may take up to 60 minutes to propagate worldwide.|
When a request for an object is first made to the CDN, the object is read retrieved directly from the Blob service or from the hosted service. When a request is made using the CDN syntax, the request is redirected to the CDN endpoint closest to the location from which the request was made to provide access to the object. If the object is not found at that endpoint, then it is retrieved from the service and cached at the endpoint, where a time-to-live setting is maintained for the cached object.
Once the CDN is enabled on a Windows Azure storage account, any blobs that are in public containers and are available for anonymous access will be cached via the CDN. Only blobs that are publically available can be cached with the Windows Azure CDN. To make a blob publically available for anonymous access, you must denote its container as public. Once you do so, all blobs within that container will be available for anonymous read access. You have the option of making container data public as well, or restricting access only to the blobs within it. See Restrict Access to Containers and Blobs for information on managing access control for containers and blobs.
For best performance, use CDN edge caching for delivering blobs less than 10 GB in size.
When you enable CDN access for a storage account, the Management Portal provides you with a CDN domain name in the following format: http://<identifier>.vo.msecnd.net/. This domain name can be used to access blobs in a public container. For example, given a public container named
music in a storage account named
myaccount, users can access the blobs in that container using either of the following two URLs:
Windows Azure Blob service URL:
Windows Azure CDN URL:
You can cache objects to the CDN that are provided by a Windows Azure hosted service.
Caching for hosted services has the following constraints:
The CDN should be used to cache static content only.
Warning Caching of highly volatile or truly dynamic content may adversely affect your performance or cause content problems, all at increased cost.
Your hosted service must be deployed to in a production deployment.
Your hosted service must provide the object on port 80 using HTTP.
The hosted service must place the content to be cached in, or delivered from, the /cdn folder on the hosted service.
When you enable CDN access for on a hosted service, the Management Portal provides you with a CDN domain name in the following format: http://<identifier>.vo.msecnd.net/. This domain name can be used to retrieve objects from a hosted service . For example, given a hosted service named
myHostedService and an ASP.NET web page called music.aspx that delivers content, users can access the object using either of the following two URLs:
Windows Azure hosted service URL:
Windows Azure CDN URL:
You can use query strings to differentiate objects retrieved from a hosted service. For example if the hosted service returns a chart that can have different view based on area for which it is generated you can pass a query string to retrieve the specific chart required. For example:
Query strings are passed as string literals. If you have an service that takes two parameters, such as
Query strings are ignored for blob content. In particular, this means that shared access strings cannot be used to enable CDN access to private containers. For more information on enabling query strings for CDN, see How to Enable CDN for Windows Azure and Best Practices for the Windows Azure Content Delivery Network.
Windows Azure allows you to retrieve content from the CDN using HTTPS calls. This allows you to incorporate content cached in the CDN into secure web pages without receiving warnings about mixed security content types.
Accessing CDN content using HTTPS has the following constraints:
You must use the certificate provided by the CDN. Third party certificates are not supported.
You must use the CDN domain to access content. HTTPS support is not available for custom domain names (CNAMEs) since the CDN does not support custom certificates at this time.
HTTPS is from the CDN to the client only. Requests from the CDN to the content provider (Storage Account or hosted service) are still made using HTTP.
Even when HTTPS is enabled, content from the CDN can be retrieved using both HTTP and HTTPS.
For more information on enabling HTTPS for CDN content, see How to Enable CDN for Windows Azure.