Google Cloud CDN - Attempt #1
After speaking with some folks on Twitter, I came to the realization that my disagreements with Cloudflare’s business are sufficient to warrant moving away, even if it means I have to pay a trivial sum more to host my site. The obvious solution seemed to be going back to Amazon, but I’m not 100% sure I like their business either, and since my current employer makes big use of Google Cloud, it seemed it might be a good idea to give them a go. After all, Google Cloud’s CDN, LoadBalancers, etc were all weak spots of mine and this seemed like a perfectly good excuse to get familiar. Plus, I have a good four hundred bucks in credit to burn up over the next 10 months, so what did I have to lose? If it turned out to be horrendously expensive, I had 10 months to figure out where to put it instead.
Since the domain I’m using (I tested on a subdomain, but same difference) was already verified with Google, I didn’t have to prove ownership of it or anything… but the configuration changes to the load balancers are excruciatingly slow. After almost 30 minutes (seriously, it wasn’t me screwing around, that’s how long it takes for changes to propagate!), I had an HTTPS load balancer up, connected to a storage bucket, with a Let’s Encrypt certificate. Good start! I had to reserve an IP address to have HTTP and HTTPS on the same IP - and there appears to be no automated way to redirect folks from HTTP to HTTPS. I figured I could work around that (HSTS et al), but I ran into other problems also.
Problem #1 - caching wasn’t working
What’s the point of a CDN if there’s no caching? I might as well just point DNS at the storage bucket and save a few bucks. Turns out this one was entirely on me - I copied the cache-control header, header name and all and it took me a shamefully long time to realize it:
date: Sat, 10 Aug 2019 06:43:35 GMT
cache-control: Cache-Control:public, max-age=86400
Once I fixed that, caching took off and things were as fast as I’d expect - a 40-byte HTML file taking about 35ms to load in my browser, not bad!
Problem #2 - lack of custom header support.
Problem #2 leads back to the HTTPS thing - I figured I could just serve over HTTP as well, using HSTS where appropriate, and canonical URLs to avoid the duplicate content penalty. The problem with this? Google Cloud’s LBs can’t do custom headers at all - there’s an open feature request that’s over two years old asking for it and it still hasn’t happened.
Problem #3 - inability to use non-Google origins.
I thought that perhaps I could work around problem #2 by using an Nginx server as the origin instead of Google Cloud’s storage bucket. Unfortunately try as I might, there seems to be no way to use a non-Google origin either! So instead of a $5 Vultr VM for the origin, I’d have to pay around 5x that for an equivalent machine with Google Cloud, and I’m not 100% sure it’d solve issue #2 either.
So shortly after dinner I decided to pull the pin, and I’ll start to look at other options… I’m thinking I’ll quite likely just go back to Amazon… it cost me around 40c/mo to host my site there last time, and it was slightly more performant than with Cloudflare, and I’m quite sure I can solve all these issues if I have to.