10 things I didn’t know about Amazon’s Cloudfront

After having migrated my blog to Amazon Web Services I decided to accelerate it using their CDN offering. Overkill? Perhaps. Gratifying? Absolutely!  With almost 20 worldwide PoPs the response times as seen by Pingdom plummeted during my migration last month:


Here are 10 things I didn’t know going in:

1. Cloudfront is barebones, offering only simple static caching. There are no accelerated proxies or advanced features like header manipulation, url rewriting, cookie exchanges, etc.

2. It is reliable and fast. In San Jose, I’m getting over a 5x improvement in response times compared to only using the EC2 origin:


Here are my numbers for the past 30 days based on Pingdom’s global polling:

image image

3. Origin max-age directives less than 3600 are rounded up to an hour so if your content is updated more frequently you’ll need to use invalidation, versioning, or not cache it at all.

4. There is no UI for invalidating content, it’s all done via APIs that you need to build, and there are costly monthly limits. Here’s a PHP implementation for single file invalidation.

5. If you want even more speed, consider using their “Route 53” DNS service which you can manage from within the same console as CloudFront’s.  Their authoritative DNS servers are in the same 20 worldwide PoPs.

6. Updating distributions (CNAMEs, invalidations, enabling https, etc.) can take 20 or more minutes to push to all edges.

7. Logging is disabled by default.  To enable it you’ll need to have an S3 bucket space.

8. CF has an aliases feature so take advantage of it to enable domain sharding. By using 2 or more CNAMEs the browser can make more concurrent requests. I’m using cdn and www.

9. CloudFront makes HTTP 1.0 requests so be sure your origin still correctly responds with gzipped content.  For example in nginx, uncompressed files are served even if compressed ones are requested for 1.0 requests.  To override this you can add this to your nginx.conf: “gzip_http_version 1.0;”

10. CloudFront is not included in the 1 year free Amazon AWS offer so expect a bill for CF as well as for any origin fetch bandwidth that exceeds your free monthly aggregated bandwidth.  There are 2 monthly fees, GB out (about 2 dimes per GB) and # of requests (‘bout a penny per 10k). You get lower prices if you commit for more. My bill for the month was 25 cents (~50k object requests):


Looking back, moving to EC2 and Cloudfront was a sound decision which not only reduced my monthly VPS expenses but greatly improved performance and reliability.