Cloud-front backed with Nginx (which proxies to S3) randomly missing already cached items?

https://stackoverflow.com/questions/21248999

30-09-2022
|

Question

I wish to serve images from a S3 bucket with Cloudfront as CDN frontend, for that I tried the following:

What I wish to acheive (Attempt 2) -- (Misses cloudfront cache randomly)

I have the following setup to serve images: ( Cloudfront --> Nginx --> S3 ) Cloudfront - loading= Nginx -> S3">

<<<<<<<< Sample S3 headers >>>>>>>>>> Attempt-2 S3 headers

<<<<<<<< Sample Nginx -> S3 headers (Added Cache-Control) >>>>>>>>>> Attempt-2 Nginx- loading= S3 headers">

<<<<<<<< Sample Cloudfront -> Nginx -> S3 headers >>>>>>>>>> Attempt-2 Cloudfront- loading= Nginx->S3 headers">

What I am currently working with (Attempt 1) -- (Hits cloudfront as expected everytime)

Cloudfront - loading= S3">

Cloudfront Settings:

Respects GET params to support urls like (http://cdn.example.com/abc.jpg?v=1)
Cache TTL set to 157680000 ( Fallback for Cache-Control )

What am I screwing up in Attemp-2 with my headers ? ( Cloudfront missing randomly )

Url(http://cdn.example.com/abc.jpg) & Url(http://cdn.example.com/abc.jpg?v=1) both will have same ETag, is that fine ?

Update

#AWS followed up on forums.aws.amazon.com, still waiting for a reply:

https://forums.aws.amazon.com/thread.jspa?threadID=144286&tstart=0#

Update2

Recent hit/miss behavioral change from cloudfront without changing anything.
Earlier the hits/misses were random with no fix pattern
Now, (with no change on my end) I am getting all hits 1 day and all misses the next day.
This suggests that its 24 hour cache but TTL and cache headers suggest 5 year cache expiry.
This is again weird and without any explanations.

Hey, AWS can you see this ???

Solution

After about 4 months of repetitive to-n-fro with amazon support failed to resolve the issue.

All problems still persisting:

The cache expires in about a day and misses after 24 hours. ( My expiry is 1 year )
All headers and aws settings verified by amazon support themselves
Unfortunately, the company is still paying for this awful experience due to lockin.

enter image description here

------ After 24 hours ------

enter image description here

------ After 24 hours ------

enter image description here

------ After 24 hours ------

enter image description here

-------- And so on.. -------

Concluding, The problem still stands unresolved and amazon support seems to have given up. This is quiet a strange experience since aws is something we generally take for granted.

OTHER TIPS

Checking the 2 IPs you listed in AWS forum when you run dig resolver-identity.cloudfront.net:

74.125.190.17 is from Google in CA, USA   
67.215.80.11 is from OpenDNS from Singapore

Are you using OpenDNS or Google DNS? If you are, can you try to disable them and see if CloudFront will work properly from then on?

There is an article here talking about the disadvantage when you using OpenDNS/Google DNS with CDN, which may be helpful. http://apcmag.com/why-using-google-dns-opendns-is-a-bad-idea.htm

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow