Cloud CDN helps you cache regularly accessed content closer to users, improving performance, lessening the load on your origin infrastructure, and reducing cost-of-delivery.
Our content delivery network is built on top of our global external HTTP(S) load balancer infrastructure and benefits from the routing, intelligent backend selection, and health checking capabilities that it brings. Cloud CDN can be enabled on a per-origin basis, allowing you to serve cacheable and dynamic content (for example, API traffic) from the same underlying load balancer.
This document summarizes the features available in Cloud CDN.
Origin and backend support
Your content can be pulled from any HTTP-capable origin, including Compute Engine and Cloud Storage backends within Google Cloud and origins outside of Google Cloud, such as storage buckets in other clouds.
|Cloud Storage buckets (including redundant multi-region storage)||✔|
|Custom (external) origins (on-premises, multi-cloud)||✔|
|Compute Engine virtual machine (VM) instances||✔|
|Google Kubernetes Engine (GKE) container instances||✔|
Caching behavior can be configured per origin, allowing you fine-grained control over cache keys, TTLs, and other caching features based on the content type being served.
|Custom cache keys (host, path, query parameters)||✔|
|Include or exclude specific query parameters||✔|
|Support for standard
|Programmatic cache invalidation||✔|
Route matching and origin selection
Requests landing on Cloud CDN use the Google Cloud load balancing infrastructure to provide comprehensive routing and configuration capabilities at each edge location.
www.example.comcan be routed to a group of Compute Engine backends, while
media.example.comcan be mapped to a Cloud Storage bucket.
Incoming HTTP requests can be redirected to HTTPS automatically at the edge.
Matching can be performed on host, path, query parameter, and header prior to backend (origin) selection.
CDN policies, including cache key customization, can be customized per origin.
|Host-based and path-based backend selection||✔|
|URL rewrites and redirects||✔|
|Header and query parameter matching||✔|
|Per-origin cache policies||✔|
Modern protocols, including TLS version 1.3 and Google's own QUIC protocol, reduce the time it takes for clients to initiate connections, and increase reliability in adverse or congested network conditions. Anycast allows Google Cloud to route users to the nearest edge cache automatically and avoid relying on DNS propagation delays that can impact availability.
These factors directly benefit the user experience by delivering render-blocking web content more quickly and reducing playback start time and rebuffering when serving video.
|HTTP/2 to clients and origins||✔|
|TLS version 1.3||✔|
|Global Anycast (IPv4 and IPv6)||✔|
Observability (logging and metrics)
Observability tools provide monitoring, debugging, and performance information to understand how traffic is being served by Cloud CDN. Near real-time metrics and logging are provided by Cloud Logging and Cloud Monitoring.
|Detailed request logs||✔|
|Cache-hit rate reporting||✔|
|Request and response metrics:
|Export to Cloud Storage, BigQuery, or external tools||✔|
|Alerting (including email, PagerDuty, Slack, and Pub/Sub)||✔|
Programmatic, API-driven configuration
All configuration is exposed through our REST API and Google Cloud Console out-of-the-box, allowing you to automate changes across large teams and manage changes programmatically.
|Google Cloud Console||✔|
Applications can use the following request protocols when they use the Cloud CDN-configured data plane to communicate.
|Managed SSL (TLS) certificates (no additional cost)||✔|
|Bring-your-own SSL (TLS) certificates (no additional cost)||✔|
|Customizable SSL policies (versions, ciphers)||✔|
|Encryption at rest||✔|
Signed requests let you serve responses from Google Cloud's globally distributed caches, even when you need requests to be authorized.
|Signed URLs (absolute, prefix)||✔|