Delivery Settings Function

This function allows you to manage delivery settings, in order to control the delivery of content from an edge server. There is also a function for saving edge server access logs in object storage.

Acquiring the Delivery Settings List

This function acquires a list of the delivery settings you have created, delivery URLs, and access log status.

Tip: Even if a delivery status is "undeployed," it will appear in the list.

Creating Delivery Settings

Content delivery starts when you create delivery settings. Specify the following information to create delivery settings.

Table 1. Creating Delivery Settings (List of Items That Can Be Set)
Item Description Required
FQDN Information

Specify either of the following formats for the FQDN information that will be delivered:

  • When using a unique domain: FQDN

    Note: You must set CNAME on the DNS server.
  • When not using a unique domain: Prefix
  
Delivery Protocol Scheme

Specify either of the following:

Tip: If this setting is omitted, "http" will be specified.
  • For delivery by HTTP: http

  • For delivery by HTTPS: https

    If you access an edge server by HTTP, the connection is redirected to HTTPS.

  
Initial Status

Specify the initial status for the delivery settings.

Tip: If this setting is omitted, "activate" will be specified.
  • To enable content delivery immediately: activate
  • To disable content delivery: deactivate
  
Access Log Storage Destination

Specify a container in object storage to use as the storage destination for access logs.

Tip: If this is left blank, no access log is acquired.
Note: You can store access logs only in a container on object storage in Eastern Japan Region 1 (jp-east-1).
  
Access Log Prefix Specify the prefix to assign to the object name of the access log.  
Public Key Encryption of Access Log Specify the save directory of the public key to use to encrypt the access log.  
Caching Behavior Control Rules Specify delivery operations in json format, such as specifying the origin server to use for delivery or specifying a cache TTL with a condition such as an extension or path. Yes

Caching behavior control rules are used to implement an action specified as a "behavior" (for example, specification of TTL) when the conditions specified in "match" (for example, the condition that the extension is .jpg) are met.

Tip: Refer to Example Usage Scenarios and Caching Behavior Control Rules for examples of "matches" and "behaviors." For description formats, refer to API Reference Manual.

The items that can be set to "matches" and "behaviors" are shown below.

Table 2. Match (List of Items That Can Be Set)
Item Description
URL

Set a character string that identifies the URL to be accessed by the end user.

Examples: jpg, index.html, /img/*, /*

Method

Set the HTTP methods to be accessed by the end user. (Example: "GET, POST")

  • GET
  • POST
  • PUT
  • DELETE
  • HEAD
  • PATCH
Scheme

Set the scheme to be accessed by the end user.

  • HTTP
  • HTTPS
Header

Set whether there is a header to be accessed by the end user.

Example: "User-Agent: xxx yyy zzz"
Table 3. Behavior (List of Items That Can Be Set)
Item Description
Origin Settings

Specify FQDN and accompanying information for the origin server.

As accompanying information, specify information for the origin server to determine if access is via the content delivery service.

Examples of accompanying information:

  • Host header
  • Cache key that affects cache conditions
Cache TTL Settings Specify cache TTL as a fixed value, dependent on the origin, etc.
Query Strings Used by Cache Keys

For dynamic pages that can be cached, specify behaviors that identify cache keys.

Example: Exclude a query string that includes a session ID
Invalidate Cache Invalidate the cache on an edge server at a specified time (including "immediately").
IP Address Restriction Restrict end users who are allowed to access based on their IP addresses.
Region Restriction Restrict end users who are allowed to access based on the region where they originally accessed.
Referer Restriction Restrict end users who are allowed to access based on the referer information .
Token Verification Restrict end users who are allowed to access based on the referer information.
Failover If the originally specified origin server goes down, acquire content from a different origin server.

Acquiring Delivery Settings

You can specify the ID of the delivery setting to acquire the following content for the delivery setting:

  • Caching behavior control rules
  • Delivery URL
  • Delivery protocol
  • Delivery status
  • Access log storage destination
  • Access log status
  • Public key encryption of access log

Editing Delivery Settings

You can specify the ID of the delivery setting to edit the following content for the delivery setting:

  • Caching behavior control rules
  • Delivery status
  • Start/stop storing access logs, access log storage destination, change encryption settings and public key encryption
Note:
  • For caching behavior control rules, specify the content in its entirety rather than specifying the content partially.
  • You cannot make changes to delivery FQDN.

Deleting Delivery Settings

You can delete delivery settings that have been created, and stop content delivery. When the settings are deleted, the delivery URL is disabled and can no longer be accessed by end users. Storing access logs is also stopped.

Note:
  • Some time is required for the command to delete delivery settings to reach all edge servers.
  • If delivery is performed on a unique domain, you should disable the CNAME setting.
  • When contents were being delivered securely on a unique domain, it is also necessary to delete the certificates of the edge servers. When deleting certificates, submit the application using an application form. Until that time, charges will be incurred for the certificates.

Purging Cache

Purge the cache for content that matches a specific delivery URL from an edge server when replacing the files on an origin server or when incorrect files have been delivered.

There are the following two ways to purge the cache.

  • Delete the cache

    Delete the cache on edge servers. If you delete the cache, and then an end user accesses the content, edge servers will need to fetch (obtain) it from the origin server.

    Use this when it is necessary to ensure cache deletion, such as when an incorrect image has been published.

  • Invalidate the cache

    Invalidate the cache on edge servers. If you invalidate the cache and then an end user accesses the content, edge servers will need to fetch (obtain) it from the origin server only if the content is updated.

    From the viewpoint of increased load on the origin server and consumption of network bandwidth, it is recommended to invalidate the cache.

Note: Normally, around 5 seconds is required for the command to purge cache to reach all edge servers.

Access Log Function

Store access logs in the container for object storage that was specified when creating delivery settings or with the edit function for delivery settings. Storing access logs continue until the information for the storage destination is changed which stops access logs from being stored, or until the delivery settings are deleted. Access logs can be encrypted when they are stored (The default is unencrypted).

Note:

The time lag to start or stop storing access logs is normally about 6 hours after accessing the edge server. Some examples are shown below.

  • If delivery settings that enable access logs are created at 6am and the edge server is accessed immediately, that access log can be acquired at around 12pm.
  • When you stop storing access logs, the effects take place immediately. If storing access logs is stopped around 12:30pm, access logs after around 7am cannot be acquired.

Specify the following information for the storage destination for access logs.

  • Name of container for object storage

    Example: "container"

    Note: You can store access logs only in a container on object storage in Eastern Japan Region 1 (jp-east-1).

  • Pseudo path for the object (optional), and prefix that includes the first letters of the file name

    Example: "path/PreFix01_"

The access logs are stored for every delivery FQDN, at least every hour, and normally at least every 12 MB with the object name shown below. If the delivery setting is http, "-h" is added to the end. If the setting is https, "-s" is added.

[Prefix][Date][ApproximateStartTime]-[StartTime+1Hour]-[Number]-[h or s].log
Tip: Access logs are stored even if the edge server is not accessed.

Access logs are in CSV format, and include the following information.

Note: The date/time order is not guaranteed.
Table 4. List of Items Output to Access Logs
Item Description
date Date (UTC)
time Time (UTC)
cs-ip IP address of client
cs-method HTTP methods such as GET, POST
cs-uri

Origin URI for accessed file

(If the origin settings for the caching behavior control rule that you have set are not matched, "-" is output.)
sc-status Status Code response
sc-bytes Transferred size (Units: Bytes)
time-taken Time required from reception of request by the edge server until a response is sent (Units: ms)
cs (Referer) Referer information (If there is no information, "-" is output.)
cs (User-Agent) User-Agent information
cs (Cookie) Cookie information (If there is no information, "-" is output.)

Example of access log output:

date,time,cs-ip,cs-method,cs-uri,sc-status,sc-bytes,time-taken,cs(Referer),cs(User-Agent),cs(Cookie) 
2015/11/6,2:10:42,8.8.8.8,GET,/test01-fe102d0e775f4918abe81c17198bd62f.cdn-edge.cloud.global.fujitsu.com/images/privatenetwork-img-06.jpg,200,62038,82,-,Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36,_ga=GA1.3.547601374.14474166xx; _gat_UA-290256xx-1=1; _ga=GA1.2.547601374.144741663