Cloudfront configuration

1. I assume this only caches media items in the s3 bucket. It will not cache .js, .css, or other static content.

2. How does this deal with cach clearing? When you clear the cache on JR, does it also clear it on CF?

3. The module config was pretty straightforward. As far as I can tell, just create a key and add it to the module configuration. However, do you also need to set up a cloudfront distribution? If so, can you provide some guidance on the minimum configuration to get that working? Especially with regards to the url signing settings.


updated by @dannya: 03/24/16 08:34:33AM

Correct.


CloudFront is not a cache, so this is not related.


Make sure you have created a new CloudFront distribution that uses the SAME S3 bucket that you have configured in the S3 config as the source - that's it. The module will take care of the rest in regards to signing URLs, invalidating, etc.

Let me know if that helps.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

1. Will this be added at some point? Those files represent a lot of hits to the origin server

2. When an item in s3 is pulled into cloudfront, it sits there and it may or not get refreshed based on the header info. If you update a file in JR, and clear your cache, you will need cloudfront to come and fetch the new file. You need to invalidate the object. You need to flush the file on cloudfront. I don't know what you want to call that. But how would you do that?

3.So when creating the distribution specifically:

Origin Domain Name- Same as bucket in s3 config
Origin Path-Blank
Restrict Bucket Access- NO (default)????
Restrict Viewer Access(Use Signed URLs orSigned Cookies)- NO
Viewer Protocol Policy-HTTPS Only(if applicable)
Allowed HTTP Methods- GET,HEAD

No - there's no plan at this time. It would add a significant amount of complexity for files that are cached by the browser. And with HTTP/2 coming online, moving your CSS/JS to a CDN is no longer a good idea.


That's automatically done by CloudFront/S3 - when cloudfront sees a newer version of an object is in the source bucket, it gets updated.


If you read the help for this in the AWS control panel it will tell you why you would (or would not) want to do this. This really isn't JR related.


Yep - pretty much everything at the default is good.

let me know if that helps.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

OK. I configured everything with the defaults. The distribution is enabled and I uploaded the key to JR. However nothing is coming through cloudfront

Give it time - it can take an hour or two for CloudFront to fully setup a distribution. You have to wait for the "status" to say "Deployed" and the "State" to be enabled in your AWS control panel.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Enabled and deployed. Been many many hours.

It's working here for me. Can you confirm the items in your S3 bucket available at your CloudFront distribution URL?


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

How do I check?

Upload a file to your S3 bucket and then try to access it at the CloudFront URL.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

I'm not sure where I get the cloudfront url. Does it just replace the hostname of the s3 bucket or the whole s3 path?

e.g.

S3 butcket
https://s3.amazonaws.com/bucketname/media/imagename.jpg

Cloudfront domain name shows xxxyyyzzz.cloudfront.net

So is cloudfront URL?
https://xxxyyyzzz.cloudfront.net/bucketname/media/imagename.jpg?

That is not working, but I suspect it's incorrect

It should just be the Cloudfront URL - i.e.

https://xxxyyyzzz.cloudfront.net


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Yes, that is working correctly, but nothing is pulling on the site.
updated by @dannya: 12/08/15 01:55:47PM

Did you upload a file to your S3 bucket and make sure your distribution is working by accessing that file at your cloudfront URL?


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Following up here to your email you sent me.

The way it works is that it replaces your S3 URL in the source with your CloudFront URL for non-signed URLs (i.e. media plays), and for media plays it uses the certificate info to create the proper signed URL.

So look at your HTML source and see if the CloudFront URL is being used. If it is, try clicking directly on the URL and see if you can view the item or you get an error.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

No. As in my original post. It is not pulling from cloudfront. All the objects are coming from s3. All the media has s3 hostname.

If you're still seeing just the S3 URLs, then make sure you have checked the "CloudFront Enabled" option in the CloudFront tab. It's a very simple setup.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

I had only configured the main cloudfront tab. The cloudfront settings on the global config was not obvious. I didn't expect there to be settings in 2 different places.

Anyway, Images seem to be working, but the player is not able to retrieve the audio file. Getting 403 forbidden error.

This means the Private key and ID are either incorrect OR the file does NOT exist in your S3 bucket.


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net

Try putting the bucketname in this structure:
S3 Bucket URL: https://bucketname.s3.amazonaws.com

I got an error similar while using a structure similiar to that, then trying to view images while I was writing the docs the other day for:
https://www.jamroom.net/the-jamroom-network/documentation/howto/3387/howto-use-amazon-s3-storage-to-lower-hosting-costs#get-your-aws-access-key

That structure I change suggested is the one that worked to get the audio images out to my test site here:
http://iixxiicc.jamroomhosting.com/admin/audio

Example image:
https://iixxiicc.s3.amazonaws.com/cache/aaaaa_9b8c8a6c64b7018be2d558d7b249ce66.jpg?_v=1449816804
updated by @michael: 12/16/15 11:15:24PM

As I said, images are coming through fine now. It's the audio files that are not playing now. 403 forbidden error. I have confirmed configuration key.
updated by @dannya: 12/23/15 09:39:22AM

If you can, post the URL to a page you are trying to play the file from so I can check out the created URL.

Thanks!


--
Brian Johnson
Founder and Lead Developer - Jamroom
https://www.jamroom.net