From what I’ve been told by the Azure support staff, the Azure CDN is at best deprecated at the moment while they work out the details of a new service they are supposed to roll out eventually. For that reason and because the particular site I am building requires the content to secured (It’s going to be paid for) I need to look somewhere else for a CDN since the current Azure offering doesn’t offer that possibility.
I was thinking of using Cloudfront but the dilemma I’m having is where to store my files. I cannot seem to find anything online about inter-operability between Azure and Cloudfront (using either Cloudfront with Azure Blob Storage, or an Azure Web Worker and S3/Cloudfront for file storage and CDN).
Does anybody have any experience, tips, pointers, or gotchas on doing this? Or perhaps a recommend another service I can use?
To point your CloudFront CDN to your Azure Blob storage you will need to set up a managed custom domain on your Azure storage service and point your CloudFront CDN origin domain name to this custom domain.
Steps:
Create a CNAME entry for your domain to point to your blob storage (eg CNAME blob.mydomain.com to myservice.blob.core.windows.net)
Add a managed custom domain to your Azure storage account: blob.mydomain.com
Create a CloudFront CDN distribution with origin server blob.mydomain.com
Use your CloudFront CDN url to access your resources eg: http://acbdefgh.cloudfront.net/users/john
Alternatively set up a CNAME to point to your CloudFront CDN domain. Eg avatar.mydomain.com to acbdefgh.cloudfront.net and update your CloudFront distribution CNAME with avatar.mydomain.com
The ability to invalidate cached objects is a good example of why you might want to use Amazon's CloudFront CDN over the Azure CDN. Using the steps above you could for example use CloudFront to cached objects that occasionally need to be invalidated (such as profile pics - avatar.mydomain.com) and the Azure CDN for everything else (blob.mydomain.com) where both sub domains point to the same azure blob storage account myservice.blob.core.windows.net.
Related
I have an Azure storage account with a static website on the blob service enabled. I also have configured custom domain for my blob service. To be able to serve my website over HTTPS on the custom domain I need to somehow apply my certificate. How can I do it?
p.s.
I don't want no CDN
To be able to serve my website over HTTPS on the custom domain I need
to somehow apply my certificate. How can I do it?
Unfortunately it is not possible as of writing this answer because Azure Storage still doesn't have the ability to allow you to bring your own certificates. You will need to use CDN if you want HTTPS enabled custom domain mapped to your static website hosted in Azure Blob Storage.
From this link:
It's easier to enable HTTP access for your custom domain, because
Azure Storage natively supports it. To enable HTTPS, you'll have to
use Azure CDN because Azure Storage does not yet natively support
HTTPS with custom domains. see Map a custom domain to an Azure Blob
Storage endpoint for step-by-step guidance.
You can use an application gateway instead of CDN, here is a recipe:
https://github.com/easkerov/azure-sa-custom-domain-ssl-sample
My website and my domain are hosted on a different service provider from azure. I created a CNAME record and I have added my custom domain to the azure. So right now I can go to http://images.mysite.com/images/myimage.png. The image that loads comes from the blob storage from azure. However, if I try to do this via https, I get NET::ERR_CERT_COMMON_NAME_INVALID error.
I've been through many guides, and seen just about every setting in azure portal and I can't figure out how to import my ssl into azure so that this will work. I have a feeling it has to do something with Azure CDN option, which I don't have configured and don't want to pay extra just for this one feature. Can I do this without it somehow?
I've been through many guides, and seen just about every setting in
azure portal and I can't figure out how to import my ssl into azure so
that this will work.
Simple answer to your question is that it is not possible as of today. Azure Storage still doesn't support HTTPS with custom domain. You'll need to use CDN if you wish to use your SSL certificates to facilitate secure connection.
From https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name:
Azure Storage does not yet natively support HTTPS with custom domains.
You can currently Use Azure CDN to access blobs by using custom
domains over HTTPS.
I just need to know when to use the Origin Types in Azure CDN endpoints.
I have already created a Web App service and when I create an endpoint, i am presented with a list of Origin Types: Storage,Web App,Cloud service,Custom origin. If I choose Web App, I see my Web App. If I choose Storage, I see the storage account i created. My purpose is to have a fast web app by caching all "cachable" assets.
When creating an Azure CDN endpoint, what or when should I use the following Origin Types :Storage,Web App,Cloud service,Custom origin?
I have not seen any documentation that provides any guidance on this.
For Azure service like Storage, Web App, Cloud service, you can use that respective origin type, for other public custom name or IP address, you can select Custom origin. See the process of creating a CDN endpoint.
Especially, if you host a static website on the Azure storage account. To make your static website files available over your custom domain and HTTPS, see Using the Azure CDN to access blobs with custom domains over HTTPS. As a part of this process, you need to point your CDN to the primary static website endpoint as opposed to the primary blob service endpoint. If so, you can select primary static website endpoint in the custom origin, see details here.
I'm trying to serve my cloud storage content using custom domain over https. Currently, I'm using Amazon S3 with CloudFront to deliver the content using custom domain over https. But S3 with CloudFront is costly, So I'm now searching for an alternative.
Is Azure or Google Cloud natively support to serve content using custom domain over https. Without using CDN?
At the moment, google cloud storage only support HTTP. As per documentation To serve your content through a custom domain over SSL, set up a load balancer, use a third-party Content Delivery Network with Cloud Storage, or serve your static website content from Firebase Hosting instead of Cloud Storage.
I was able to find this blog which might help you on the setup.
With that being said, if you are looking for functionality like this you may also try with App Engine, as by default, HTTPS connections on your custom domain will automatically be enabled using managed SSL certificates. You can visit this link for more details. Also, there is a there is a feature request submitted to support auto managed SSL with GCLB.
Is Azure or Google Cloud natively support to serve content using
custom domain over https. Without using CDN?
Azure allows you to map a custom domain to your blob storage endpoint. Using this, you can serve the content stored in blob storage using a custom domain. You can read more about it here: https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name
However please note that this will not work over https. For https, you will need to use Azure CDN.
The OP's needs will be met by using Firebase as mentioned in passing by #KarthickN.
Firebase is a Google product which deploys your own domain name site automatically through SSL (https). You can first push your site onto one of the remote git repositories and use CI/CD for Firebase to deploy. You don't need to worry about CDN as firebase will use Google's global edge servers. Small usage is free then move onto paid plans as your needs grow plans
I answered a similar question here.
Is there any way to host static website (HTML + CSS + JS) in Azure? Like we do Amazon S3 Static Website hosting, they charge only for storage.
UPDATE: 29-June-2018
It is now possible to host static websites in Azure Storage. You can read more about it here: https://learn.microsoft.com/en-gb/azure/storage/blobs/storage-blob-static-website
As of today, no. Azure doesn't have an equivalent of that. You can however host static sites as Web Apps and for free as well if you're comfortable with the restrictions with free tier.
It's not officially supported, but if you hosted your site in Azure Blob Storage's root container and made the container publicly accessible, you could probably achieve the same affect. You can even give the blob storage account a custom domain name.
Only downside is that you'll have to figure out a good deployment story. Two of your options are to use an FTP-like client such as CloudBerry to manually deploy your site, or write your own deployment script using the blob storage api
I found a way to host a static website in an Azure blob, using a subdomain and an http re-direct
I do the following
1) In Azure I create a storage account with a container ( called docs ) that has Blob access policy.
2) I upload my static website to the docs container using the storage explorer. This includes some PHP files in a sub folder.
3) In the DNS I set up a cname record for a subdomain ( called info say) with alias myblob.blob.core.windows.net ( where myblob is the name of my blob)
4) In the DNS I create an Http redirect for record to a file on the subdomain for www with url http://info.mydomainname.com/docs/index.html
5) In Azure I create a custom domain for info.mydomainname.com
My website then works however if someone knows the location of the PHP files then they can download them which means I must not store secrets in them.
I have asked if there is a work around here