Alibaba Cloud CDN supports the following types of origin servers: Object Storage Service (OSS) domain names, IP addresses of origin servers, domain names of origin servers, and Function Compute domain names. You can specify one or more origin servers of each type and specify primary and secondary origin servers to balance loads.
When Alibaba Cloud CDN retrieves resources from an origin server, the origin server is billed for data transfer. For example, if the origin server is a data center, the data center is billed for data transfer and bandwidth resources. If the origin server is an OSS bucket, the OSS bucket is billed for data transfer.
Add an origin server or modify the information about an origin server
Log on to the Alibaba Cloud CDN console.
In the left-side navigation pane, click Domain Names.
On the Domain Names page, find the domain name that you want to manage and click Manage in the Actions column.
In the Origin Information section, click Add Origin Sever in the upper-left corner of the origin server list or click Modify in the Actions column.
To add an origin server, click Add Origin Server in the upper-left corner of the origin server list.
To modify the information about an origin server, click Modify in the Actions column.
Select the type of the origin server and enter the address of the origin server.
OSS domain name
If your origin server is an Object Storage Service (OSS) bucket, you can select or enter the public domain name of the OSS bucket, such as
***.oss-cn-hangzhou.aliyuncs.com. Alibaba Cloud CDN does not support internal domain names of OSS buckets.
You can obtain the public domain name of an OSS bucket in the OSS console. You can also select the domain name of an OSS bucket that belongs to the current Alibaba Cloud account from the Domain Name drop-down list.
Discounts for data transfer between Alibaba Cloud CDN and OSS:
If you want OSS to identify network traffic that is sent from Alibaba Cloud CDN and apply for a discount on the data transfer, you need to set the origin server type to OSS Domain in the Alibaba Cloud CDN console.
If you set the origin server type to Site Domain in the Alibaba Cloud CDN console, OSS identifies network traffic that is sent from Alibaba Cloud CDN as outbound data transfer over the Internet. In this case, the discounts do not apply.
For more information, see Billing of OSS content acceleration.
IP address: You can configure one or more IP addresses for an origin server. Internal IP addresses are not supported. IPv4 addresses and IPv6 addresses are supported. At least one of the IP addresses must be an IPv4 address. If you use a public IP address of an Alibaba Cloud Elastic Compute Service (ECS) instance as the address of the origin server, the IP address is exempt from manual review.
Site Domain: Enter the domain names of one or more origin servers.Note
The origin domain name must be different from the accelerated domain name. Otherwise, a DNS resolution loop occurs, and requests cannot be redirected to the origin server.
The format of the origin domain name:
The domain name must be 1 to 67 characters in length,
and can contain lowercase letters, digits, and hyphens (-). Example: example.com.
The domain name cannot contain Chinese characters, uppercase letters, or special characters other than hyphens (-). The domain name cannot be only a hyphen (-). A hyphen (-) in a domain name cannot be followed by another hyphen (-). The domain name cannot start or end with a hyphen (-). If the domain name contains Chinese characters, such as 阿里云.网址, you must apply for an ICP number for the domain name in Chinese characters and use the Punycode tool to convert the Chinese characters into English letters, such as xn--fiq****.xn--eq****. Then, you can specify the converted domain name as the domain name that you want to accelerate.
You can add the address of an Alibaba Cloud Application Load Balancer (ALB) instance, such as example.hangzhou.alb.aliyuncs.com, as the address of an origin server.
Function Compute Domain: Enter a Function Compute domain name that belongs to the current Alibaba Cloud account. If you select this value, you need to configure the Region and Domain Name parameters. For more information, see Configure a custom domain name.
You can configure priorities to specify primary and secondary origin servers. The primary origin server has a higher priority than the secondary origin server. Alibaba Cloud CDN preferably redirects requests to the primary origin server. If a fault occurs on the primary origin server, requests are redirected to the secondary origin server. The priority ranges from 0 to 127. A smaller value indicates a higher priority. By default, the priority of the primary origin server is 20, and the priority of the secondary origin server is 30. If you want to specify other values, submit a ticket.
For example, you have specified two origin servers: Server A and Server B. Server A is the primary origin server and Server B is the secondary origin server. In this case, Alibaba Cloud CDN preferably redirects requests to Server A. If Origin Server A fails, Alibaba Cloud CDN redirects user requests to Origin Server B. After Origin Server A recovers, Alibaba Cloud CDN fails back to Origin Server A.
If origin servers have the same priority, Alibaba Cloud CDN redirects requests to the origin servers based on the weights of the origin servers. This way, loads are balanced among the origin servers. You can specify a weight based on your business requirements.
The weight of an origin server ranges from 1 to 100. An origin server that has a higher weight receives more requests.
Default value: 10.
For example, you specify Origin Server A and Origin Server B as primary origin servers. If the weight of Origin Server A is 80 and that of Origin Server B is 20, Alibaba Cloud CDN redirects 80% of requests to Origin Server A and 20% of requests to Origin Server B.
The port on the origin server that processes requests. The default port is port 80. You can specify a port based on the settings of your origin server. Valid values: 1 to 65535.
Default value: 80.
If you specify port 443, requests are redirected to the origin server over HTTPS. If you specify port 80 or a custom port, requests are redirected to the origin server over HTTP.
If you want Alibaba Cloud CDN to redirect HTTPS requests to origin servers over custom ports, configure the origin protocol policy. For more information, see Configure the origin protocol policy.
If the Origin Protocol Policy feature is enabled, the port that is specified by this parameter becomes invalid. By default, the feature is disabled. For more information about how to disable the origin protocol policy feature, see Configure the origin protocol policy.
If the origin server is an Object Storage Service (OSS) bucket, OSS determines whether you can specify a custom port.
Back-to-origin retry, back-to-origin timeout, and origin probing
- Retry order:
- The retry is performed based on the priority of origin addresses in descending order. You can view the origin addresses in the Alibaba Cloud CDN console.
- If two addresses have the same priority, the retry order is based on the weight ratio.
- Retry granularity:
- Retries are performed for each IP address. If a domain name is specified as an origin address, Alibaba Cloud CDN retries all IP addresses resolved from the domain name and accesses other available origin servers only if all the IP addresses that belong to the domain name are unavailable.
- Probes automatically skip origin servers that are in the dead table.
- Retry status code:
- A CDN POP sends a retry request when it receives an HTTP 5xx status code from the origin server.
- Back-to-origin timeout: The CDN POP sends a retry request after it receives a retry status code from the origin server. If no retry status code is received from the origin server, the timeout processing logic is followed. After the timeout period is reached, the CDN POP is triggered to retry.
- By default, the timeout period that is required to establish a TCP connection between POPs and an origin server is 10 seconds. To adjust the timeout period, submit a ticket
- The origin write timeout is the amount of time allocated for data write after the TCP connection is established. By default, the origin write timeout is 30 seconds.
- The origin read timeout is the amount of time that is required by the origin server to return all content requested by a CDN POP after the TCP connection is established. By default, the origin read timeout is 30 seconds.
- You can adjust the values of the origin read timeout and origin write timeout by configuring a timeout period for back-to-origin HTTP requests.
- Origin probing:
- Abnormal TCP connection: If the TCP connection between a CDN POP and an origin server fails or times out for two times in a row, CDN removes the IP address of the origin server from the list of available origin IP addresses and adds the IP address to the dead table. In this case, subsequent back-to-origin requests are no longer sent to the IP address. Then the CDN POP connects to the origin server over TCP to probe the IP address every 5 minutes. If the TCP connection is established, Alibaba Cloud CDN restores the IP address to the list of available origin IP addresses.
- Normal TCP connection: If the TCP connection between a CDN POP and an origin server is normal, but the POP receives a retry status code such as the 5xx status code from the origin server, the IP address of the origin server is not removed from the list of available origin IP addresses. In this case, a retry is triggered and subsequent requests are still sent to the origin server based on the weight ratio. If HTTP request errors occur at Layer 7 when the TCP connection is normal, the IP address of the origin server is not automatically removed from the list of available origin IP addresses. If you want Alibaba Cloud CDN to automatically remove the IP address from the list of available origin IP addresses, submit a ticket
For information about origin servers, see origin server.
If you use multiple origin servers for acceleration, you can specify different origin hosts. This way, POPs use the origin hosts to retrieve resources from different origin servers. For more information, see Configure the default origin host.
For information about how to specify the HTTP or HTTPS protocol for origin fetch, see Configure the origin protocol policy.
If your origin server is a private OSS bucket, you need to grant Alibaba Cloud CDN access permissions on the private OSS bucket. For more information, see Grant Alibaba Cloud CDN access permissions on private OSS buckets.
If the IP address of the origin server is associated with multiple domain names and POPs access your origin server over HTTPS, you need to configure Server Name Indication (SNI). For more information, see Configure SNI.