Making CDN Programmable: Use Cases, Script Overview, and EdgeScript Demos
By Alibaba Cloud ApsaraVideo Team
At 3:00 pm on 08 May, Tuoshan, a technical expert from the Alibaba Cloud Content Delivery Network (CDN) team introduced EdgeScript in a video titled, “Making CDN Programmable — Practical Applications of EdgeScript”. This article recaps the main themes of the video, in which Tuoshan described the challenges of the Alibaba Cloud CDN team during the process of CDN adoption and corresponding solutions. He explained the vision behind EdgeScript, providing the script overview and a hands-on tutorial to walk the audience through some of the basic EdgeScript features.
Challenges of CDN
Alibaba Cloud CDN has deployed more than 2,800 nodes, with over 2,300 nodes covering 34 provincial-level regions in China and more than 500 nodes spanning over 70 countries and regions outside China. It has a total bandwidth capacity close to 130 Tbit/s. It implies that Alibaba Cloud CDN needs to satisfy the varying needs of a huge user base operating a wide range of services, including usage scenarios, downloading, live streaming, video-on-demand, and dynamic acceleration.
An out-of-the-box CDN with only a limited amount of functionality has certain drawbacks and may fail to meet consumer requirements. Such requirements may include developers’ need to customize CDN capabilities, business experts’ need for an intuitive coding platform in order to implement their business plans, and O&M support personnel’s need to isolate staging and production environments to achieve stability and quick transitions.
What can we do to optimize our CDN based on the black-box paradigm? We need to make CDN programmable to allow customers to customize their business systems beyond standard functions.
Vision for EdgeScript: An Efficient Solution for Personalizing CDN-based Business Systems
In order to better meet the needs of customers, Alibaba Cloud has launched EdgeScript to serve as the dedicated script tool for CDN programmable configurations. EdgeScript helps you easily build custom business systems based on Alibaba Cloud CDN and reap agile and iterative business development benefits.
EdgeScript has been available through public preview since September 2019 and has already been widely used by people both inside and outside Alibaba Group. Tuoshan believes that the most beneficial features of EdgeScript are its customization capabilities and agility, allowing it to be used in a wide range of scenarios, and its shortening of the release cycle from two to four weeks to just one week.
Typical Use Cases
A CDN is essentially a tunnel connecting its customers to end-users. It is used to accelerate distribution before the end-users access the content in the origin server. Therefore, there are two ends to a CDN. One is the access end, and the other is the origin server. EdgeScript enables script-based programmable configurations for both accesses and origin-pulls.
To make the access-side configurations programmable, EdgeScript can be used in the following situations:
1) Scenario Authentication: This is commonly seen in hotlink protection for live and on-demand video streaming. EdgeScript secures the resources by quickly customizing the logic for request parameter-based and cookie-based authentication, as well as authentication involving complex algorithms.
2) Remote Authentication: Given that CDNs are mainly used for distributed storage and internal content distribution, they only offer limited authentication support for client-related operations, such as the playing of video/audio files and user retention. The data processing for such operations generally requires self-built client-side authentication centers. This is where EdgeScript comes in. It can be used to remotely access apps and, therefore, interact with client-side authentication centers. This is particularly useful for adding hotlink protection to basic authentication support.
3) Request and Response Controls: EdgeScript features total control over the requests received by the CDN.
4) Redirects and Rewrites: A common application is redirection for multilingual sites. For example, users visiting the Chinese site are redirected via 302 to one site, whereas users visiting the English or German site are redirected to another site.
5) Blocking and Interception: EdgeScript can be used to implement programmable and custom policies to block traffic associated with specific regions, logic, or client IP addresses. At the same time, it can also implement anti-scraping policies to protect websites against crawlers.
6) A/B Testing: Generally, if a new feature is deployed on the origin server in an external system, it may need to go through A/B testing. CDN can be of significant use for such cases. It forwards the origin request header to different URLs to trigger different functions on the origin server and complete the A/B test.
7) Cache Policies: When customizing your business, use EdgeScript to design a tailored solution when the validity period of cache entries or the current cache policy no longer suffice for your needs.
8) Throttling Control: Different speed limits can be applied to VIP users and non-VIP users.
9) Rewriting m3u8 Files: This is usually required in live streaming and other video-related businesses.
10) Dynamic Tagging: EdgeScript can be used to tag CDN logs.
EdgeScript also has several use cases related to the programmable support for origin-pulls. The first is origin-pull authentication. The second is origin-pull policies and traffic redistribution. Customers can use EdgeScript to switch between different origin servers. For example, if three origin servers, A, B, and C, are available and A is receiving too many requests, the customer can redirect some of the origin traffic to B or C. Third, it can be used for origin-pull request and response control.
According to Tuoshan, all of these use cases were tested during the public preview. We are already working to make these functions accessible in the public cloud to provide all users with the smooth delivery experience made possible by EdgeScript.
Differences Between EdgeScript and EdgeRoutine
EdgeRoutine (ER) was introduced in a separate blog. So what differentiates EdgeScript from EdgeRoutine?
EdgeScript and EdgeRoutine provide programmable support for Alibaba Cloud CDN or the traffic between end-users and origin servers in the data plane. The major difference lies in their coverage of different flows. EdgeScript makes configurations programmable throughout business process flows, such as in various authentication, blocking, custom rewrites and redirects, request controls, and A/B testing scenarios. However, EdgeScript covers only a small part of data flows, such as rewriting m3u8 files, while most of the data flows are handled by EdgeRoutine, such as Combo, edge server-side rendering (SSR), and Edge Side Includes (ESI).
Throughout the design of EdgeScript, we stuck to one fundamental principle: keep the syntax simple and the function libraries large.
We have introduced only a few new syntax elements to shorten the learning curve for users. In addition, EdgeScript also comes with very large function libraries. These libraries are stable, secure, and allow users to experience all that CDN has to offer. They will also be available on the public cloud. EdgeScript does not require its users to have any programming experience. It can be used with Alibaba Cloud CDN by anyone who wishes to customize their business systems.
1) Data Types
It supports four data types: numbers, booleans, strings, and dictionaries.
EdgeScript supports both built-in and user-defined variables. Learn more about the built-in variables at here.
As a vital feature of programmable tools, the ability for users to create user-defined variables is also provided by EdgeScript, as is illustrated in the following figure:
EdgeScript supports a small number of native operators, including the assignment operator “=”, the MINUS operator “-”, and the function call operator “()”.
How can we operate with a few operators and multiple data types? In fact, the corresponding built-in functions support the data-type operations instead of operators. EdgeScript provides APIs for different data-type operations, such as number operations, string operations, boolean comparisons, and dictionary operations, as shown in the following figure.
EdgeScript supports only a few native operators, with most operators available through a uniform API, presenting a concise programming design interface to users. This method shields users from the complexity of operators, including the priority, associations, and data type semantics. Moreover, the native runtime operator is used during DSL code conversion to maintain high performance.
4) Control Statements
EdgeScript supports if, if-else, and return statements, as well as multi-level nesting and forEach callback. The following is an example of if-else statements:
EdgeScript supports user-defined functions and built-in function libraries. The following figure shows a user-defined function:
The grouping operator must be used to call either built-in or user-defined functions.
The following figure lists the categories and the built-in functions of EdgeScript, including if functions, numeric functions, string functions, dictionary functions, request processing functions, throttling functions, cache functions, time functions, cipher algorithm functions, and JSON functions. The internal APIs will be published to external users in the future.
This section recaps the hands-on demonstrations given by Tuoshan. EdgeScript supports two programming platforms, EdgeScript WebIDE and EdgeScript CLI, which was opened for a public preview last year.
Use the EdgeScript CLI to perform stage and production environment operations, such as adding, querying, and deleting rules, publishing a staging environment to production, and rolling back to a previous release.
EdgeScript WebIDE is accessible to all users on the Alibaba Cloud CDN console. The configuration interface is shown below:
Now configure one EdgeScript rule for each domain name by default and easily configure priorities when multiple rules are available. Also specify whether a rule is executed before or after other configurations based on its execution position. Editing, adding, deleting, modifying, and querying of rules are conducted in the staging environment first for stability, and changes are then published to production after the operations are authenticated in the stage.
Tuoshan demonstrated the use of EdgeScript in many scenarios, such as blocking specific file types, identifying old versions of Internet Explorer, throttling, request parameters-based rewriting, authentication, and debugging with _es_dbg.
Alibaba Cloud CDN, as a basic cloud component, is evolving from providing standard services into a programmable network. A programmable CDN enables users to quickly build a personalized business system on the cloud and allows them to swiftly implement configuration changes and iterations. Going forward, we hope to see more people using EdgeScript to customize their CDN services.
The views expressed herein are for reference only and don’t necessarily represent the official views of Alibaba Cloud.