Create Global Edge

Prev Next

Available in Classic and VPC

This section describes how to create a Global Edge from the NAVER Cloud Platform console.
To create a Global Edge, you first create a profile and then create an edge that belongs to it, and there are 2 ways to create an edge: Quick Start and Self Integration.

  • Quick Start: Create an edge with a simple setup.
  • Self Integration: Create a customized edge by configuring the details of the edge yourself.

Create profile

To create a profile:

  1. From the NAVER Cloud Platform console, navigate to i_menu > Services > Content Delivery > Global Edge.
  2. Click [Create profile] on the Management page.
  3. Enter the profile name on the Create profile page.
    • You can use letters, numbers, hyphens (-), and underscores (_) within a range of 3 to 35 characters.
  4. Click [Complete].
    • This directs you to the Management page with the created profile selected.

Create an edge with Quick Start

To create an edge using Quick Start:

Note

To create an edge using Quick Start, your content origin must be stored in Object Storage of NAVER Cloud Platform.

  1. From the NAVER Cloud Platform console, navigate to i_menu > Services > Content Delivery > Global Edge.
  2. Select the profile to create an edge from the Profile dropdown list at the top of the page.
  3. Click [Create edge].
  4. Once the Edge settings page appears, select Quick Start, and then click [Next].
  5. Proceed with the following steps in order:

1. Deployment configuration

Configure the default settings for the edge that you want to deploy.

  • Edge name: Enter the edge name.
    • You can use letters, numbers, hyphens (-), and underscores (_) within a range of 3 to 35 characters.
  • Service Protocol HTTPS: Choose whether to use HTTPS for content requests (recommended). HTTPS encrypts data transmitted between the server and browser.
  • Service domain: Set the domain that you will use to access the service by clicking on a link or entering the URL in the browser.
    • Use NAVER Cloud Platform domain: Use the automatically generated domain in the format "random number.edge.naverncp.com".
    • Use customer's domain: Use a domain other than NAVER Cloud Platform domain. You must enter the domain to use.
      • If you selected Service Protocol HTTPS, click [Register certificate] and register your SSL certificate.
  • Service region: configure the edge server region to enable caching and transfer of content.
    • If you select Korea or Japan, content caching and delivery can only be done through the edge servers located in the selected country.
    • If you select Global, content caching and transfer can be done through edge servers located around the world over NAVER Cloud and partner networks.

2. Origin configuration

Note

When integrating Object Storage with Global Edge, we recommend applying and using the Cache customization feature (Rule builder > Detailed cache rules) for content protection.

Specify the location where the content origin is stored.

  • Select origin: Select the origin type.
    • NCP Object Storage: Configure Object Storage, NAVER Cloud Platform service, as the origin.
    • NCP Load Balancer: Configure Load Balancer, NAVER Cloud Platform service, as the origin.
    • NCP API Gateway: Configure API Gateway, NAVER Cloud Platform service, as the origin.
    • External origin domain: Configure an external server IP (IPv4) or a domain as the origin.
  • Forward Host Header: Set the host header to forward to the origin.
    • Incoming Host Header: Name of the host for the last user of a website or app, which is used in connecting between the client and Global Edge's edge server (for example, www.navercloud.com).
    • Origin Hostname: Origin's host name, which uses the domain defined in the Origin Server Hostname field (for example, example.kr.object.ncloudstorage.com).
    • Custom: Use user-defined value.
  • Set origin protocol: Specify the port for the origin server that the edge server will use for HTTP and HTTPS requests.
    • HTTP's standard port is 80, and HTTPS' standard port is 443.
    Note

    Allowable origin port numbers:
    72; 80-89; 443; 488; 591; 777; 1080; 1088; 1111; 1443; 2080; 7001; 7070; 7612; 7777; 8000-9001; 9090; 9901-9908; 11080-11110; 12900-12949; 45002;

  • Origin path: Specify the directory path to add to the requests for the origin.
    • When the origin is example.navercloud.com, the origin path is /image/, and the request is my_img/example.jpg, the origin call becomes example.navercloud.com/image/my_img/exmaple.jpg.
  • Origin failover: The edge server fails over to another origin based on specific response codes.
    Note

    Response status code values
    404, 500, 502, 503, 504

3. Caching

Configure how you want to control the cache.

  • Default Caching (30 days): Caches all objects, and sets the Time-to-Live (TTL) of the cache to 30 days.
Note

Other cache settings and optimization settings are automatically applied as follows:

  • Cache settings
    • Negative TTL(s): ON
    • Remove Vary Header: ON
    • Cache Key Hostname: Incoming Host Header
    • Cache Key Ignore Query String: Ignore all
  • Optimization setting
    • Compressed transfer: ON
    • Large file transfer: ON

4. Creation completed

After reviewing the settings, click [Complete edge creation] at the top of the page.

  • The created edge will be added to the list and deployed automatically.
  • It may take several minutes to tens of minutes for an edge to be deployed.

Create an edge with Self Integration

To create an edge using Self Integration:

  1. From the NAVER Cloud Platform console, navigate to i_menu > Services > Content Delivery > Global Edge.
  2. Select the profile to create an edge from the Profile dropdown list at the top of the page.
  3. Click [Create edge].
  4. Once the Edge settings page appears, select Self Integration, and then click [Next].
  5. Enter the edge name, and then click [Next].
    • You can use letters, numbers, hyphens (-), and underscores (_) within a range of 3 to 35 characters.
  6. Click each setting listed in the left of the page to configure the detailed settings manually.
Note

When you complete one setting and move on to another, the setting values you entered will be automatically saved.

Deployment settings

Configure the default settings for the edge that you want to deploy.

Service settings

The service configuration items are as follows:

Item Description
Service protocol Define protocol to be used for calling content.
  • HTTP: Transfer information from the server to the browser in an unencrypted plain text state.
  • HTTPS: Transfer information from the server to the browser in an encrypted state.
  • HTTP and HTTPS: Use both HTTP and HTTPS.
Service region Configure the region of the edge server that will allow content caching and transfer.
  • If you select Korea or Japan, content caching and delivery can only be done through the edge servers located in the selected country.
  • If you select Global, content caching and transfer can be done through all edge servers located around the world. Select this if you want to deploy content in a global environment.
Service domain Set the domain for the client to access.
  • Use NAVER Cloud Platform domain: Use the domain provided by NAVER Cloud Platform.
    • Auto-generate: Auto-generate a domain in the form of "random number.edge.naverncp.com."
    • Enter manually: If you enter the secondary sub domain, it is created in the form of "input value.edge.naverncp.com."
  • Use customer's domain: Use a domain other than NAVER Cloud Platform domain. Enter the domain you want to use manually.
    • To serve with HTTPS, click [Register certificate] and register your SSL certificate.

Global Edge Logging

Global Edge Logging allows you to log request information for each object and store it in Object Storage.
Detailed items are as follows:

Item Description
Select Region Select the Region of Object Storage to save log files.
Select bucket Select the bucket of Object Storage to save log files.
Bucket prefix Enter the detailed path to save the log.

Origin settings

Configure the origin of the content to be cached.

Origin settings

The origin configuration items are as follows:

Item Description
Origin domain Enter the domain of the content origin for the edge server to refer to.
  • Use Object Storage: If there is the origin in Object Storage on NAVER Cloud Platform, select it and designate the Region and the bucket.
  • Use Load Balancer: If Load Balancer of NAVER Cloud Platform is the origin, select the Region and the name of Load Balancer.
  • Use API Gateway: If the API Gateway of NAVER Cloud Platform is the origin, select the name of API Gateway.
  • Use external origin: Select this option if the origin is located outside Object Storage. Enter the corresponding IP or domain name and designate the Region.
Forward Host Header Configure the host header to be used when forwarding client requests to the origin server. If the origin domain is Object Storage, you can set only Origin Hostname.
  • Incoming Host Header: Use the host header sent upon the client’s request. Based on the host header of the service domain. Example: www.navercloud.com.
  • Origin Hostname: If the origin server is set to receive only a specific value, convert the host header to the value.
    Example: if the origin server host name is defined as origin1-www.navercloud.com and if you forward the client request for www.navercloud.com to the origin server, the host header will be converted to origin1-www.navercloud.com.
  • Custom: Set the host header to the value you specify. Enter the host header value manually.
Origin protocol settings Configure the port of the origin server that the edge server will connect to. Select between HTTP and HTTPS, and enter the port number.
  • The default values are 80 for HTTP port and 443 for HTTPS port, and can be edited.
Origin path Enter the detailed path of the content origin located within the origin server.
Note

  • When selecting API Gateway as the origin, we recommend setting the Forward Host Header to Origin host name and the Origin Protocol to HTTPS 443.

  • Supports integration with API Gateway and Load Balancer services in the VPC environment.

Origin failover

Origin failover is a feature that forwards requests to a backup origin server according to the code when the origin server fails to respond.
Click [Create] to set up forwarding rules. Detailed items are as follows:

Item Description
Rule Name Enter the name of the forwarding rule.
Rule Configuration Rule configuration
  • IF: Set the response code that serves as the condition for the rule.
  • THEN: Specify the backup origin server. If selecting Object Storage, specify the bucket, or if selecting Custom, enter the IP or domain name.

Cache settings

Configure how you want to control the cache.

Default Caching

The default cache settings for all objects are as follows:

Item Description
Cache options Set the cache operation.
  • Cache: Cache objects on the edge server.
  • Bypass Cache: Manually request to the origin server without caching objects.
  • Prioritize origin Cache-Control header: Prioritize requesting the value of the Cache-Control indicator set on the origin server.
Serve Stale object Designate the work to conduct when the object cache life is expired (when the content origin is unavailable).
  • Serve stale if unable to validate: Use expired objects if the cache cannot revalidate its validity with the content origin.
  • Always revalidate with origin: Always revalidate the cache's validity with the content origin before using the object.
Maxage Specify the maximum retention period for the cache.
  • Set if Cache is set as the Cache option.
  • It can be set from seconds to days.

Negative TTL(s)

Using Negative TTL(s) caches error responses from the origin server, reducing the load on the origin server.
When you click the toggle button to turn on the feature, it is applied by default for 10 seconds to 4xx and 5xx HTTP code responses.

Bypass Query String

By using bypass query string, requested URLs that contain specific strings are not cached and are bypassed to the origin server. To configure settings:

  1. Click the Bypass Query String toggle button to turn on the feature.
  2. Enter the string that will be used as the bypass criterion in the query string input field and click the empty space around the field once to recognize the string.
    • Repeat this process to enter multiple strings.
  3. Click [Save] after entering all the desired strings.
    • After saving, you can click [Edit] to edit the strings if necessary.

Cache Key Hostname

When configuring cache keys, you can select the host name to use. Detailed items are as follows:

Item Description
Incoming Host Header Include the service domain in the cache key.
Origin Hostname Include the origin server's host name in the cache key.

Cache key Ignore Query String

By default, query strings are not used in the cache key, but you can control object types by changing whether or not the strings are included or by allowing only specific strings to be used. Detailed items are as follows:

Item Description
Ignore all Exclude all query strings from the cache key.
Allow all Include all query strings in the cache key.
Allow specific strings Include only specific query strings in the cache key. Enter the specific query string in the input field and save it.

Ignore case sensitivity in cache keys

Generally, origins are considered to be case-sensitive with respect to the URL's path and file name.
When caching requests, the edge server determines how to handle the case sensitivity of URLs.
Some origin servers, like those using Microsoft IIS, do not differentiate between uppercase and lowercase. If the origin does not distinguish between uppercase and lowercase, activate this feature.

Remove Vary Header

If the response from the origin server contains a Vary header instead of Accept-Encoding, the edge server will not cache the response.
If you turn on the feature by clicking the toggle button, the origin server will respond with a Vary header, but the Vary header will be removed to allow the object to be cached when the actual content is the same.

Edge Auth

To prevent unauthorized sharing of content, you can generate a one-time token and configure it to respond to authenticated requests only. To configure settings:

  1. Click the Edge Auth toggle button to enable the feature.
  2. Select your preferred authentication method between Signed URL and JWT.
    • Signed URL: Embed authentication information in the URL, allowing all clients to access it.
    • JWT: Generate a JSON token with authentication information and place it in the HTTP header to identify the client.
  3. Enter the desired name in the Token name input field and click [Create] in the token key field.
    • The token will be generated and displayed.
    • Every time you click [Create], the key value of the token changes.

Rule builder

Configure how to create detailed cache rules and control content.

Detailed cache rules

You can set rules for caching objects on the edge server.
You can click [Add cache rules] to add up to 10 rules. Detailed items are as follows:

Item Description
Rule Name Enter the name of the cache rule.
Rule Configuration Rule configuration
  • IF: Enter rule conditions.
    • Directory: Enter directory.
      Example: /, /*, /example/*, /example/1/2/*
    • File Extension: Enter file extensions.
      Example: .jpg, .png
    • Advanced: Enter both directory and file extension.
      Example: /example/*.png
  • THEN: Set the cache operation to perform.
    • Cache: Cache objects on the edge server.
    • Bypass Cache: Manually request to the origin server without caching objects.
    • Prioritize origin Cache-Control header: Prioritize requesting the value of the Cache-Control indicator set on the origin server.
    • Serve Stale object: Designate the work to conduct when the object cache life is expired (when the content origin is unavailable).
      • Serve stale if unable to validate: Use expired objects if the cache cannot revalidate its validity with the content origin.
      • Always revalidate with origin: Always revalidate the cache's validity with the content origin before using the object.
    • Maxage: Specify the maximum retention period for the cache.
      • Set if Cache is set as the cache operation.
      • It can be set from seconds to days.

You can also click the [Advanced settings] button to set more detailed rules.

Item Description
Rule-based origin routing Provides origin branching based on URL prefix. If the request meets the IF conditions, route the origin to the specified location.
  • Origin domain: Enter the content origin domain to route to. You can use Object Storage of NAVER Cloud Platform or an external domain.
Browser cache Designate the caching operation to send to client from Edge server.
  • Behavior: Select Allow cache or Not allow cache.
  • Maxage: Enter the maximum duration when allowing cache.
Cache Key Query Parameters When configuring cache key, set if query strings are included or not and control caching operations.
  • Behavior: Select whether to allow or ignore recognition of query strings.
    • Ignore all: Ignore query strings, and recognize and cache the same object if the file names are identical.
    • Allow all: Recognize the query strings, and if the file name is the same but the query strings are different, treat them as different objects and cache accordingly.
    • Ignore specific strings: Ignore only the entered query strings and recognize objects.
    • Allow specific strings: Recognize only the entered query strings and recognize objects.
  • Parameters: If allow or ignore specific strings is selected, enter the strings to serve as reference.
Access Deny Block access for IF conditions.
URL Redirect If the IF conditions are met, set to respond by redirection without connecting to the origin server.
  • Destination protocol: Protocol of redirection destination.
  • Destination hostname: Host name of redirection destination.
  • Destination path: Path of redirection destination.
  • Redirect Status Code: Redirection status code.
URL Rewrite If the IF conditions are met, automatically edit the URL of the request.
  • Rewrite to…: Enter the detailed path of the destination.

When you save the cache rule, a list of rules is generated.

  • You can easily view the saved content in the list.
  • The priority is automatically applied in the order in which they are saved. To change the priority, click i-globaledge_down or i-globaledge_up, or drag i-globaledge_reorder.
  • To edit the saved rule, click i-globaledge_edit to edit and click [Save].
  • To delete the saved rule, click i-globaledge_delete.
Note

You cannot apply both URL Redirect and URL Rewrite settings at the same time.

The following rules are applied to The Redirect Destination path and Rewrite settings:

Input value
a-zA-Z0-9_:.,/?!()[]@<>=-+*&`|~^%

Managed rules

When using CDN services, you can configure frequently used features. Detailed items are as follows:

Item Description
CORS Add a cross-origin resource sharing (CORS) header to the properties of protected resources called from other domains. (Default values can be found below.)
  • access-control-allow-origin: *
  • access-control-allow-methods: GET,POST,OPTIONS
  • access-control-allow-headers: origin access-control-allow-origin
  • access-control-allow-credentials: true
  • access-control-max-age: 86400
HTTP/2 Enable HTTP/2, an open network protocol for transferring web content. Loading time and resource consumption of web properties are reduced.
True-Client-IP Header Add the client IP address to the header when forwarding requests to the origin server. You can establish policies based on the client IP using a header on the origin server.
HSTS Use the HTTPS protocol instead of HTTP for all browser connections to enhance security.
Note

When setting up CORS, the following rules apply:

  • For access-control-allow-origin, , is not allowed and only a single string may be used.
  • For access-control-allow-headers, , is not allowed when * is used.
  • access-control-allow-origin: access-control-allow-credentials=true cannot be used with *.

HTTP Header Modification

You can set it to redefine HTTP headers that are transferred when making a request to the origin server or when responding to a client. To configure settings:

  1. Click [Modify HTTP Header].
  2. Select the type of header to override.
    • Modify Origin Request Header: Redefine the HTTP header transferred when forwarding requests to the origin server.
    • Modify Client Response Header: Redefine the HTTP header transferred when responding from the server to the client.
  3. Enter the rule.
    • Rule Name: Enter the rule name.
    • Rule Configuration: Configure rule details.
      • Action: Select the action to perform from add, edit, and delete.
      • Header Name: Enter the HTTP header to be targeted by the action.
      • Value: If you selected add or edit, enter the header value to apply.
  4. Click [Save].
    • The rules are saved and a list is created.
    • To edit the saved rule, click i-globaledge_edit to edit and click [Save].
    • To delete the saved rule, click i-globaledge_delete.
Note

The following rules are applied to the header name and value settings of Ncloud Global Edge:

Header name Header value
a-zA-Z0-9_- a-zA-Z0-9_:.,/?!()[]@<>=-+*&`|~^%

Optimization

Configure ways to improve performance when transferring content to users.

Zip transfer

Using zip transfer enables content to be transferred faster by applying zip when transferring content to client browsers or devices that support Gzip or Brotli zip.
By clicking on the toggle button to turn on the feature, you can specify the Gzip or Brotli header in the Accept-Encoding to zip the content.

  • Zip transfer support extension: css, js, json, xml, html, ttf, otf, woff, woff2, and eot

Large file transfer

Using large file transfer allows content to be transferred in pieces instead of a single file when requesting content from the origin server, improving origin offloading.
When you turn on the feature by clicking on the toggle button, optimization for large file transfers will be applied.

Header Max Size

Specifies the maximum size of a Request Header that the platform can handle.
The default is 16K for a single header and 32K for all headers.

Note

Header Max Size only applies to Korean/Japanese transference platforms.
For example, if the service area is "Global," it applies to the Korean/Japanese transference platforms, and is standardized to 32K for transference platforms in other regions.*

Access control

Adjust the range of access to the edge.
You can create a whitelist or blacklist and add 3 types of access control conditions.

  • Whitelist: Allow access for requests that match the conditions.
  • Blacklist: Reject access for requests that match the conditions.
Item Description
IP / CIDR Control access based on the client's IP or CIDR.
  • To add access control criteria, click [Add IP / CIDR] and enter the criteria value. Up to 50 entries can be entered.
  • To delete criteria, select the checkbox and click [Delete].
Geo Control access based on the country where the client is located.
  • To add access control criteria, click [Add Geo] and select the country.
  • To delete criteria, select the checkbox and click [Delete].
Referer Header Control access based on the referrer in the HTTP request headers.
  • To add access control criteria, click [Add Referer Header] and enter the criteria value. Up to 50 entries can be entered.
  • To delete criteria, select the checkbox and click [Delete].

Complete settings

After reviewing the settings, click [Complete settings] at the top of the page.

  • The created edge will be added to the list and deployed automatically.
  • It may take several minutes to tens of minutes for an edge to be deployed.
  • To preview the settings, click [Preview settings].