我已经使用cloudfront缓存好几个星期了(7天缓存(。从那以后,我有几个页面的移动版本会显示给桌面用户,就好像缓存为每个用户存储了一个移动版本一样。
以下是cloudfront的地形配置:
resource "aws_cloudfront_cache_policy" "proxy_hubspot_cache_policy" {
name = "custom-caching-policy"
comment = "Our caching policy for the Cloudfront proxy"
default_ttl = 604800 # seven day of cache
max_ttl = 604800
min_ttl = 604800
parameters_in_cache_key_and_forwarded_to_origin {
enable_accept_encoding_brotli = true
enable_accept_encoding_gzip = true
cookies_config {
cookie_behavior = "none"
}
headers_config {
header_behavior = "none"
}
query_strings_config {
query_string_behavior = "all"
}
}
}
resource "aws_cloudfront_origin_request_policy" "proxy_hubspot_request_policy" {
name = "custom-request-policy-proxy"
cookies_config {
cookie_behavior = "all"
}
headers_config {
header_behavior = "allViewer"
}
query_strings_config {
query_string_behavior = "all"
}
}
resource "aws_cloudfront_distribution" "proxy_cdn" {
enabled = true
price_class = "PriceClass_100"
origin {
origin_id = local.workspace["cdn_proxy_origin_id"]
domain_name = local.workspace["cdn_domain_name"]
custom_header {
name = "X-HubSpot-Trust-Forwarded-For"
value = "true"
}
custom_header {
name = "X-HS-Public-Host"
value = local.workspace["destination_url"]
}
custom_origin_config {
origin_protocol_policy = "https-only"
http_port = "80"
https_port = "443"
origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
}
default_cache_behavior {
viewer_protocol_policy = "redirect-to-https"
allowed_methods = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
cached_methods = ["GET", "HEAD"]
target_origin_id = local.workspace["cdn_proxy_origin_id"]
cache_policy_id = aws_cloudfront_cache_policy.proxy_hubspot_cache_policy.id
origin_request_policy_id = aws_cloudfront_origin_request_policy.proxy_hubspot_request_policy.id
compress = true
}
logging_config {
include_cookies = true
bucket = data.terraform_remote_state.shared_infra.outputs.cloudfront_logs_s3_bucket_url
prefix = "proxy_${local.workspace["env_type"]}"
}
restrictions {
geo_restriction {
restriction_type = "none"
}
}
viewer_certificate {
acm_certificate_arn = aws_acm_certificate.proxy_certificate.arn
ssl_support_method = "sni-only"
}
aliases = [local.workspace["destination_url"]]
depends_on = [
aws_acm_certificate_validation.proxy_certificate_validation
]
}
resource "aws_cloudfront_monitoring_subscription" "monitor_www_proxy" {
distribution_id = aws_cloudfront_distribution.proxy_cdn.id
monitoring_subscription {
realtime_metrics_subscription_config {
realtime_metrics_subscription_status = "Enabled"
}
}
}
你知道配置中有什么问题吗?
非常感谢
我认为让CloudFront将移动页面与桌面页面分开缓存的最简单方法是将CloudFront-Is-Mobile-Viewer
和CloudFront-Is-Desktop-Viewer
标头配置为缓存密钥的一部分。如果您还想为表查看器或iOS和Android缓存等单独缓存,请注意所有可用的标题。
Terraform配置看起来像:
resource "aws_cloudfront_cache_policy" "proxy_hubspot_cache_policy" {
name = "custom-caching-policy"
comment = "Our caching policy for the Cloudfront proxy"
default_ttl = 604800 # seven day of cache
max_ttl = 604800
min_ttl = 604800
parameters_in_cache_key_and_forwarded_to_origin {
enable_accept_encoding_brotli = true
enable_accept_encoding_gzip = true
cookies_config {
cookie_behavior = "none"
}
headers_config {
header_behavior = "whitelist"
headers {
items = ["CloudFront-Is-Mobile-Viewer", "CloudFront-Is-Desktop-Viewer"]
}
}
query_strings_config {
query_string_behavior = "all"
}
}
}
请注意,在实现此配置后,这些标头也将传递到后端源,因此您可以更改应用程序的逻辑,以根据这些标头的值呈现移动与桌面,而不是检查user-agent
标头。