Introduction
Akamai is a service provided by Akamai technologies, inc., the world’s largest content delivery network (CDN) provider. Akamai’s Edge servers reduce the system load caused by content delivery. Although it is not widely publicized service, there are many companies that use Akamai. So it is important to understand its function and impact that Akamai may cause in the future.
The Akamai failure that occurred in 2021 is still fresh in my mind. The system I am in charge of was also affected.
Content Delivery Flow provided by Akamai
By applying Akamai service, contents cached on Akamai Edge servers will be delivered to users, thereby reducing the load on the origin server.
(1) When a user accesses a URL to use a service, a name resolution request is sent to the local DNS server.
(2) The local DNS server also sends a name resolution request to the DNS server provided by your system.
(3)The DNS server returns CNAME for Akamai access.
* It is necessary to register the CNAME for Akamai access to the DNS server in advance.
(4) The local DNS server sends a name resolution request to the Akamai DNS server
(5) The Akamai DNS server returns the IP address of the most suitable Akamai Edge server to the local DNS server. (Dynamic mapping function)
(6) The local DNS server returns the IP address of the Akamai Edge server to the user.
(7) The user sends a request to the Akamai Edge server.
If the Akamai Edge server maintains a cache of the content, it delivers the content to the user directly.
Access flow from user to origin server after introducing Akamai service
Not all caches are located on the Akamai Edge servers. If the cache does not exist, Akamai Edge server needs to access the origin server that is built on the system side. The following figure shows the process flow when there is no cache on the Akamai Edge server.
(1) When a user accesses a URL to use a service, a name resolution request is sent to the local DNS server.
(2) The local DNS server also sends a name resolution request to the DNS server provided by your system.
(3)The DNS server returns CNAME for Akamai access.
* It is necessary to register the CNAME for Akamai access to the DNS server in advance.
(4) The local DNS server sends a name resolution request to the Akamai DNS server
(5) The Akamai DNS server returns the IP address of the most suitable Akamai Edge server to the local DNS server. (Dynamic mapping function)
(6) The local DNS server returns the IP address of the Akamai Edge server to the user.
(7) The user sends a request to the Akamai Edge server.
(8) If the Akamai Edge server does not cache the content, the Akamai Edge server sends a name resolution request for the origin server (web server provided by the system, etc.).
(9) The DNS server returns the IP address of the origin server.
(10) Akamai Edge server sends a request to the origin server.
(11) The origin server returns a response (content) to the Akamai Edge server.
(12) Akamai Edge server delivers content to users.
About Akamai Edge Server Changes
The Akamai Edge server accessed by the user is selected based on the user’s location. You can set the TTL (Time To Live) value in the settings when introducing Akamai, so it is possible for users to access the same Edge server for a short period of time. However, you had better assume that the Edge server to be accessed by users will be changed basically.
On the other hand, there may a requirement to restrict the Edge servers that can be accessed by the origin server from a security perspective. In that case, it is possible to fix the Edge server that accesses the origin server for a certain period of time (Called SiteShield function). However, please note that you may need to change the firewall access restriction settings, etc when Edge Server’s IP address is changed.
Workaround at the time of Akamai Edge Server Failure
When an Akamai Edge server becomes in failure state, the Edge server is disconnected and the user can bypass and access a normal Egde server. Edge servers are distributed around the world so that its availability is extremely high.
Workaround at the time of Failure between Akamai Edge Server and Origin Server
If a failure occurs between the Akamai Edge server and the origin server, users will not be able to access the origin server. In this situation, Edge server will fail over to the Akamai Storage Contents server and display the Sorry page.
コメント