具有自定义来源和相同域的Cloudfront [英] Cloudfront with custom origin and identical domain

问题描述

假设一个域名为www.example.com的网站托管在Webhoster的LAMP服务器上，该服务器不是Amazon。该域由Route53管理。

Let's say a website with the domain www.example.com is hosted on a LAMP server of a webhoster, which is not Amazon. The domain is managed by Route53.

是否有可能以某种方式将所有设置保留在LAMP Web服务器上，并且仍将www.example.com用作Cloudfront的域？像这样：

Is it possible to somehow keep all settings on the LAMP webserver and still use www.example.com as the domain for Cloudfront? Like:

Client -> www.example.com -> Cloudfront Edge Server -> Custom origin available over www.example.com on LAMP webserver of third party webhoster

我想同时将www.example.com用于Cloudfront Edge Server和LAMP服务器。

最诚挚的问候

推荐答案

您无法在CloudFront上执行 / etc / hosts 之类的操作-它始终使用公共DNS来解析

You cannot do anything like /etc/hosts on CloudFront -- it always uses public DNS to resolve the origin.

但是，您仍然可以做您想做的事情-但您只需要了解为什么这种解决方案的确是

However, you can still do what you are trying to do -- but you just need to understand why this solution is indeed what you want, because it will seem like it is not (as you indicated in comments).

在Route 53中，为源的新主机名创建一个新的A记录。服务器，例如origin.example.com。 您根本不会在源服务器上的任何地方配置该值。您的源服务器仍然认为它是www.example.com。

In Route 53, create a new A record for a new hostname for the origin server, such as origin.example.com. You do not configure this value anywhere on your origin server at all. Your origin server still believes it is www.example.com.

在路线53，创建一个指向origin.example.com的别名A记录www.example.com。

In Route 53, create an alias A record www.example.com pointing to origin.example.com.

此时，您的站点可以完全按照您的期望和要求运行。主机名 origin.example.com在解析路径中，但是此信息对于原始来源而言是不可见的且未知。

At this point, your site works exactly as you expect and require. The hostname "origin.example.com" is in the resolution path, but this information is invisible and unknown to the origin.

在CloudFront中，创建一个发行版，设置

In CloudFront, create a distribution, setting the origin domain name to origin.example.com and the Alternate Domain Name for the distribution to www.example.com.

在每个缓存行为的设置中，确保将原始域名指定为origin.example.com，并将备用域名分配给www.example.com。

In the settings for each Cache Behavior, ensure that the Host header is whitelisted for forwarding to the origin.

Host 标头已列入白名单，以便转发到源。

Change Route 53's alias for www.example.com to point to your CloudFront distribution.

更改www.example.com的Route 53别名

When requests arrive at CloudFront, the request retains the Host: www.example.com header. CloudFront uses DNS to find the IP address for origin.example.com however, it only uses this information to make the connection to the origin. The incoming request is still addressed to www.example.com. If the origin has an SSL certificate for www.example.com, CloudFront will accept it as valid, because you configured the Host header for whitelisting, and it matches the cert.

当请求到达CloudFront时，请求将保留主机：www.example.com 标头。 CloudFront使用DNS查找 origin.example.com 然而的IP地址，它仅使用此信息来建立到源的连接。传入请求仍发送至www.example.com。如果源具有针对www.example.com的SSL证书，则CloudFront将其视为有效，因为您已将 Host 标头配置为白名单，并且与该证书匹配。 / p>

在此配置中，使用在浏览器地址栏中分配的dzczcexample.cloudfront.net主机名访问CloudFront发行版将不起作用，因为CloudFront会发送那个主机名作为起点，但是一旦将www.example.com的Route 53别名指向分配的cloudfront.net域名，请求将被正确处理。

In this configuration, accessing the CloudFront distribution with the assigned dzczcexample.cloudfront.net hostname in the browser's address bar will not work, because CloudFront will send that hostname to the origin, but once you point the Route 53 alias for www.example.com to the assigned cloudfront.net domain name, requests will be processed correctly.

这篇关于具有自定义来源和相同域的Cloudfront的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！