Skip to content
Scalability
Cloud CDN
Cloud CDN (Content Delivery Network) uses Google's global edge network to serve content closer to users, which accelerates your websites and applications.
Cloud CDN works with the to deliver content to your users. The external Application Load Balancer provides the frontend IP addresses and ports that receive requests and the backends that respond to the requests.
In Cloud CDN, these backends are also called origin servers. Figure 1 illustrates how responses from origin servers that run on virtual machine (VM) instances flow through an external Application Load Balancer before being delivered by Cloud CDN. In this situation, the comprises Cloud CDN and the external Application Load Balancer.
Responses flow from origin servers through Cloud CDN to clients.
How Cloud CDN works?
When a user requests content from an external Application Load Balancer, the request arrives at a GFE that is at the edge of Google's network as close as possible to the user.
If the load balancer's URL map routes traffic to a backend service or backend bucket that has Cloud CDN configured, the GFE uses Cloud CDN.
Cache hits and cache misses
A cache is a group of servers that stores and manages content so that future requests for that content can be served faster. The cached content is a copy of cacheable content that is stored on origin servers.
If the GFE looks in the Cloud CDN cache and finds a cached response to the user's request, the GFE sends the cached response to the user. This is called a cache hit. When a cache hit occurs, the GFE looks up the content by its and responds directly to the user, shortening the round-trip time and saving the origin server from having to process the request.
A partial hit occurs when a request is served partially from cache and partially from a backend. This can happen if only part of the requested content is stored in a Cloud CDN cache, as described in .
The first time that a piece of content is requested, the GFE determines that it can't fulfill the request from the cache. This is called a cache miss. When a cache miss occurs, the GFE forwards the request to the external Application Load Balancer. The load balancer then forwards the request to one of your origin servers. When the cache receives the content, the GFE forwards the content to the user.
If the origin server's response to this request is , Cloud CDN stores the response in the Cloud CDN cache for future requests. Data transfer from a cache to a client is called cache egress. Data transfer to a cache is called cache fill.
Figure below shows a cache hit and a cache miss:
The initial response is served by the origin server while subsequent responses are served by the GFE from cache.
Cache hit ratio
The cache hit ratio is the percentage of times that a requested object is served from the cache. If the cache hit ratio is 60%, it means that the requested object is served from the cache 60% of the time and must be retrieved from the origin 40% of the time.
Types
Use cases
Use case
Recommended CDN product
Serve workloads with both standard web content and media content, such as social media sites.
You can have two configurations in this scenario:
Serve a website quickly to users.
Cloud CDN is the right choice for workloads that tend to deliver very small objects at high rates, such as ad tech and ecommerce platforms. Its strength is serving static web content, such as JavaScript, CSS, fonts, and inline images.
Serve large software downloads.
If you anticipate a large demand for software downloads, consider Media CDN.
If software downloads are a small fraction of your overall web workload, consider Cloud CDN.
Deliver streaming video over HLS and DASH.
If you have large-scale video streaming needs, Media CDN is the right choice due to improved origin shielding, Tbps-scale capacity, and detailed logging and metrics.
Meet strong compliance needs for serving firmware downloads—for example, to government agencies or healthcare providers.
Cloud CDN is the right choice. Cloud CDN has authorization and is best positioned to meet strong compliance needs.
Unless you are using signed requests, content stored in a CDN cache is typically publicly accessible by URL. As with any CDN, consider using your own digital rights management (DRM) or encryption schemes where needed.
Serve user-generated image content to users.
Cloud CDN is the right choice for most image-serving platforms.
There are no rows in this table
The following table describes use cases where Cloud CDN or Media CDN aren't suitable.
Exceptions
Use case
Suggestion
Deliver video over Real-Time Messaging Protocol (RTMP).
Media CDN and Cloud CDN don't support RTMP-based delivery to clients.
You can configure a global external passthrough Network Load Balancer to deliver RTMP if you have any legacy RTMP-based services. You can also use Live Stream API to package RTMP source streams into HLS/DASH assets for delivery through Media CDN.
Deliver user-to-user video over WebRTC.
Media CDN and Cloud CDN don't support WebRTC delivery.
You can configure a regional external passthrough Network Load Balancer to manage WebRTC-based services.
Use WebSockets for user-server communication.
Set up a global external Application Load Balancer. WebSocket traffic is not cacheable, and it benefits from the global backbone that connects Google's locations—where the external Application Load Balancer runs—to your backends.
Serve sensitive workloads, such as health data or other user-specific data.
Don't use Cloud CDN or Media CDN for serving sensitive workloads or user-specific data.
There are no rows in this table
Best Practices
Cache Modes
With cache modes, you can control the factors that determine whether Cloud CDN caches your content.
Cloud CDN offers three cache modes, which define how responses are cached, whether Cloud CDN respects cache directives sent by the origin, and how are applied.
The available cache modes are shown in the following table:
Modes
Cache mode
Behavior
CACHE_ALL_STATIC
Automatically caches successful responses with that isn't otherwise . Origin responses that set valid caching directives are also cached.
This behavior is the default for Cloud CDN-enabled backends created by using the Google Cloud CLI or the REST API.
USE_ORIGIN_HEADERS
Requires successful origin responses to set . Successful responses without these directives are forwarded from the origin.
FORCE_CACHE_ALL
Unconditionally caches successful responses, overriding any cache directives set by the origin. This mode is not appropriate if the backend serves private, per-user (user identifiable) content, such as dynamic HTML or API responses.
There are no rows in this table
Google Cloud Armor with Cloud CDN
Google Cloud Armor with Cloud CDN features two types of security policies:
Want to print your doc?
This is not the way.
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.