You can use Object Storage Service (OSS) and Alibaba Cloud Content Delivery Network (CDN) together to cache objects stored in OSS to the edge nodes of CDN. When a large number of users repeatedly access an object in your bucket, they can obtain a cached version of the object from edge nodes to improve the response speed.

Prerequisites

An ICP filing is applied for at the Ministry of Industry and Information Technology (MIIT) for the domain name mapped to your bucket if the bucket is in mainland China regions. For more information, see ICP filing.

Background information

When you use OSS together with CDN, you are charged CDN outbound traffic fees, CDN back-to-origin outbound traffic fees, and API operation calling fees.
Note For other scenarios such as object upload and the download of non-static objects that are frequently accessed, we recommend that you use the transfer acceleration feature provided by OSS to accelerate data transfer. For more information, see Transfer acceleration.

Procedure

  1. Map a custom domain name to a bucket.
    1. Log on to the OSS console.
    2. In the left-side navigation pane, click Buckets. On the Buckets page, click the name of the bucket to which you want to map a custom domain name.
    3. In the left-side navigation pane, choose Transmission > Domain Names.
    4. Click Bind Custom Domain Name. In the Bind Custom Domain Name panel, enter the domain name that you want to map to the bucket in the Custom Domain Name field.
      Do not turn on the Add CNAME Record Automatically switch.

      If a domain name conflict message appears, the domain name is already mapped to another bucket. To resolve this issue, you can use another domain name or verify the ownership of the domain name and forcibly map the domain name to the bucket. This operation removes the mapping between the domain name and the previous bucket. For more information, see Verify the ownership of a domain name.

    5. Click Submit.
  2. Configure CDN acceleration.
    1. On the Domain Names tab, click Not Configured in the Actions column that corresponds to the domain name for which you want to configure CDN acceleration.
    2. On the Add Domain Name page, configure the parameters described in the following table. For more information, see Add a domain name to Alibaba Cloud CDN.
    3. Click Next. Then, click Return.
    4. In the domain name list, record the CNAME value of the domain name for which you want to configure CDN acceleration.
  3. Add a CNAME record.
    If the domain name is not hosted by Alibaba Cloud, you must add a CNAME record to the Domain Name Service (DNS) of your DNS provider. Alibaba Cloud DNS is used in this example to describe how to manually add a CNAME record for a domain name.
    1. Log on to the Alibaba Cloud DNS console.
    2. Click Manage DNS. On the Manage DNS page, click Configure in the Actions column corresponding to the domain name for which you want to add a CNAME record.
    3. On the DNS Settings page, click Add Record. In the Add Record panel, configure the parameters described in the following table.
      Parameter Description
      Type Select the type of the record to add. In this example, select CNAME.
      Host Enter the host record based on the prefix of the domain name.
      • To add a top-level domain such as aliyun.com, enter @.
      • To add a second-level domain, enter the prefix of the second-level domain. Example: If the domain is abc.aliyun.com, enter abc.
      • To map all second-level domains to the public endpoint of the bucket, enter *.
      ISP Line Select the ISP line used to resolve the domain name. To allow the system to select the optimal line, we recommend that you select Default for this parameter.
      Value Enter the CNAME that is recorded in Step 2.
      TTL Select the update interval of the record. In this example, keep the default value.
    4. Click Confirm.
      A new CNAME record takes effect immediately. A modified CNAME record may take up to 72 hours to take effect.
  4. Enable auto CDN cache update.
    On the Domain Names tab, turn on the Auto CDN Cache Update switch.
    If you want that the auto CDN cache update feature can be triggered by specific operations, submit a ticket. After you are authorized to configure auto CDN cache update for specific operations, click Supported Operations in the Auto CDN Cache Update column corresponding to the domain name, and select the operations by which auto CDN cache update can be triggered. The following table describes the supported operations.
    Parameter Description
    PutObject Uploads an object by calling the PutObject operation. For more information, see Simple upload.
    PostObject Uploads an object by calling the PostObject operation. For more information, see Form upload.
    CopyObject Modifies an object by calling the CopyObject operation. For more information, see Copy objects.
    AppendObject Uploads an object by calling the AppendObject operation. For more information, see Append upload.
    CompleteMultipartUpload Uploads an object by using multipart upload or resumable upload. For more information, see Multipart upload and resumable upload.
    DeleteObject Deletes an object by calling the DeleteObject operation. For more information, see Delete objects.
    DeleteObjects Deletes multiple objects by calling the DeleteMultipleObjects operation. For more information, see Delete objects.
    PutObjectACL Modifies the access control list (ACL) of an object by calling the PutObjectACL operation. For more information, see Object ACL.

    Objects that are deleted or whose storage classes are converted based on lifecycle rules are not updated to the CDN cache. When you enable auto CDN cache update, take note of the following items:

    • You can access the data updated on the CDN cache by using the URL in the following format: CNAME/ObjectName. However, the updated data cannot be accessed by using URLs that contain request parameters, such as the parameters for Image Processing (IMG) and video snapshots. For example, an accelerated domain name example.com is mapped to a bucket and the a.jpg object in the root directory of the bucket is updated. You can access the object updated on the CDN cache by using example/a.jpg. If you use example.com/a.jpg?x-oss-process=image/w_100 to access the object, you may access the earlier version of the object that is not updated.
    • Data update tasks initiated by using the auto CDN cache update feature may fail or be delayed.
    • Therefore, we recommend that you use this feature to update only a small number of objects. If you use the auto CDN cache update to update a large number of objects, some update tasks may be discarded due to traffic throttling.
    Notice To update a large number of objects or pages, we recommend that you call the RefreshObjectCaches operation. For more information, see RefreshObjectCaches.

FAQ

  • What do I do if AccessDenied is returned when I access an accelerated domain name that is mapped to a bucket?

    After you map a custom domain name to a bucket, you can add the specific path to the custom domain name to access OSS resources. Example: http://example.com/test/1.jpg. If you directly access the custom domain name such as http://example.com, AccessDenied is returned.

  • What do I do if the status of the domain name in the Alibaba Cloud CDN column alternates between configured and not configured when I refresh the Domain Names tab in the OSS console after CDN is configured for the domain name?

    The configurations of Alibaba Cloud CDN for a domain name take 10 minutes to take effect. Therefore, the status of Alibaba Cloud CDN may alternate on the Domain Names tab. We recommend that you wait 10 minutes after you configure CDN for the domain name and then refresh the tab to check the status.

  • How do I hide the error message returned by OSS after I use CDN to retrieve an object from OSS?

    For more information about how to resolve this issue, see How do I hide the error information returned from OSS when I retrieve an object from OSS by using CDN?.

  • Why am I unable to access the default homepage of the bucket when the access control list (ACL) of the bucket that I use CDN to retrieve from OSS is private?

    For more information about the cause of and solution to this issue, see Why am I unable to access the default homepage of a bucket when I retrieve an object from a private bucket by using CDN?.

References

  • To use an accelerated domain name to access OSS resources over HTTPS, you must host your certificate in OSS. For more information, see Host SSL certificates.
  • To implement cross-origin resource sharing (CORS) when Alibaba Cloud CDN is activated, you must configure CORS rules in the CDN console. For more information, see Configure CORS for Alibaba Cloud CDN.