Project

General

Profile

Actions

Infrastructure CDN » History » Revision 3

« Previous | Revision 3/5 (diff) | Next »
Evgeni Golov, 12/14/2017 12:35 PM


CDN infrastructure

Overview
We use Fastly as a CDN provider for our web content.

Who has access?
  • Greg
  • Ewoud
  • Evgeni

Which vhosts are served via CDN?
  • downloads.theforeman.org
  • stagingdeb.theforeman.org

Setup

Varnish

theforeman.org
  • Service: theforeman.org
  • Domains: theforeman.org and www.theforeman.org
  • Backend: web02.theforeman.org, with TLS enabled and a health check for HEAD /introduction.html
  • this service currently gets no traffic as it is not configured in DNS

downloads.theforeman.org
  • Service: downloads.theforeman.org
  • Domains: downloads.theforeman.org
  • Backend: web02.theforeman.org, with TLS enabled and a health check for HEAD /HEADER.html

stagingdeb.theforeman.org
  • Service: stagingdeb.theforeman.org
  • Domains: stagingdeb.theforeman.org
  • Backend: web02.theforeman.org, with TLS enabled and a health check for HEAD /HEADER.html

TLS
Fastly provides a shared certificate which has theforeman.org and *.theforeman.org added. (There is a _globalsign-domain-verification TXT record in the theforeman.org DNS zone for that.)

DNS
Each vhost needs a CNAME pointing at p2.shared.global.fastly.net

TODO
  • Investigate IPv6
  • Move more vhosts as soon as the current ones are deemed stable

Updated by Evgeni Golov over 6 years ago · 3 revisions