Marketplace
cdn-architecture
Use when designing content delivery networks, caching strategies, or global content distribution. Covers CDN architecture, cache hierarchies, origin shielding, cache invalidation, and edge optimization.
allowed_tools: Read, Glob, Grep
$ Installer
git clone https://github.com/melodic-software/claude-code-plugins /tmp/claude-code-plugins && cp -r /tmp/claude-code-plugins/plugins/systems-design/skills/cdn-architecture ~/.claude/skills/claude-code-plugins// tip: Run this command in your terminal to install the skill
SKILL.md
name: cdn-architecture description: Use when designing content delivery networks, caching strategies, or global content distribution. Covers CDN architecture, cache hierarchies, origin shielding, cache invalidation, and edge optimization. allowed-tools: Read, Glob, Grep
CDN Architecture
Comprehensive guide to Content Delivery Network architecture - caching, distribution, and edge optimization patterns.
When to Use This Skill
- Designing CDN strategies for web applications
- Implementing cache hierarchies
- Optimizing origin load and performance
- Understanding cache invalidation patterns
- Selecting CDN providers and features
- Configuring edge caching rules
CDN Fundamentals
How CDNs Work
Without CDN:
User (Tokyo) โโโโโโโโโโโโโโโโโโโโบ Origin (New York)
2000km, ~200ms RTT
With CDN:
User (Tokyo) โโโบ Edge (Tokyo) โโโบ Origin (New York)
<10km, ~10ms RTT (only on cache miss)
CDN Benefits:
โโโ Reduced latency (content served from nearby)
โโโ Origin offload (fewer requests hit origin)
โโโ DDoS protection (distributed, absorbs attacks)
โโโ Scalability (handles traffic spikes)
โโโ Reliability (multiple POPs for redundancy)
CDN Architecture
CDN Components:
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Internet โ
โโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ
โโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโ
โ โ โ
โโโโโโผโโโโโ โโโโโโผโโโโโ โโโโโโผโโโโโ
โ Edge โ โ Edge โ โ Edge โ
โ POP 1 โ โ POP 2 โ โ POP 3 โ
โ(Tokyo) โ โ(London) โ โ(NY) โ
โโโโโโฌโโโโโ โโโโโโฌโโโโโ โโโโโโฌโโโโโ
โ โ โ
โโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโ
โ
โโโโโโโโโโโโผโโโโโโโโโโโ
โ Origin Shield โ
โ (Mid-tier) โ
โโโโโโโโโโโโฌโโโโโโโโโโโ
โ
โโโโโโโโโโโโผโโโโโโโโโโโ
โ Origin โ
โ (Your servers) โ
โโโโโโโโโโโโโโโโโโโโโโโ
Terminology:
- POP: Point of Presence (edge location)
- Edge: Servers closest to users
- Origin Shield: Optional intermediate cache
- Origin: Your actual servers
Cache Hit/Miss Flow
Request Flow:
1. User requests asset.js
2. Edge Cache Check
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Is asset.js in edge cache? โ
โโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโ
โ
โโโโโโโโโโดโโโโโโโโโ
โ โ
HIT: Return MISS: Forward
immediately to origin shield
(~10ms)
3. Origin Shield Check (if configured)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Is asset.js in shield? โ
โโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโ
โ
โโโโโโโโโโดโโโโโโโโโ
โ โ
HIT: Return MISS: Forward
to edge to origin
(~50ms)
4. Origin Fetch
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Fetch from origin server โ
โ Cache in shield and edge โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
(~200ms)
Key Metrics:
- Cache Hit Ratio (CHR): % of requests served from cache
- Time To First Byte (TTFB): Latency to receive first byte
- Origin Requests: Number of requests reaching origin
Caching Strategies
Cache-Control Headers
Cache-Control Directives:
Browser + CDN:
Cache-Control: public, max-age=31536000
โโโ Cacheable by anyone for 1 year
CDN Only:
Cache-Control: private, no-store
โโโ Don't cache (sensitive data)
Short-term Cache:
Cache-Control: public, max-age=300, s-maxage=3600
โโโ Browser: 5 min, CDN: 1 hour
Stale-While-Revalidate:
Cache-Control: public, max-age=3600, stale-while-revalidate=86400
โโโ Serve stale for 24h while revalidating in background
CDN-Specific Headers:
CDN-Cache-Control: max-age=3600
Surrogate-Control: max-age=3600
Cloudflare-CDN-Cache-Control: max-age=3600
Caching Decision Matrix
Content Type โ Caching Strategy:
Static Assets (JS, CSS, images):
โโโ Long TTL (1 year)
โโโ Content-based filename (hash)
โโโ Immutable flag
โโโ Cache-Control: public, max-age=31536000, immutable
HTML Pages:
โโโ Short TTL or no-cache
โโโ Revalidation-based
โโโ ETag/Last-Modified
โโโ Cache-Control: no-cache (revalidate every time)
API Responses (public data):
โโโ Short to medium TTL
โโโ Vary by appropriate headers
โโโ Consider stale-while-revalidate
โโโ Cache-Control: public, max-age=60, stale-while-revalidate=300
API Responses (personalized):
โโโ Don't cache at CDN
โโโ May cache at browser with auth
โโโ Cache-Control: private, no-store
User-Generated Content:
โโโ Medium TTL
โโโ Consider purge on update
โโโ Cache-Control: public, max-age=3600
Vary Header
Vary Header Usage:
Purpose: Cache different versions based on request headers
Vary: Accept-Encoding
โโโ Cache separate gzip vs brotli vs plain versions
Vary: Accept-Language
โโโ Cache separate versions per language
โโโ WARNING: Can explode cache variations
Vary: Cookie
โโโ Usually means "don't cache at CDN"
โโโ Every unique cookie = different cache entry
Best Practices:
โ Vary: Accept-Encoding (always for compressible content)
โ Vary: Origin (for CORS)
โ Avoid Vary: Cookie (fragments cache badly)
โ Avoid Vary: User-Agent (thousands of variants)
Alternative to Vary:
- Normalize headers at edge
- Use query parameters instead
- Separate URLs for different variants
Origin Shielding
Shield Architecture
Without Origin Shield:
Edge POPs: 200+ locations
โ โ โ โ โ โ โ โ โ โ
โโโดโโดโโดโโดโโดโโดโโดโโดโโ
โ
All 200 POPs can request from origin
โผ
โโโโโโโโโโ
โ Origin โ (200 potential requesters on cache miss)
โโโโโโโโโโ
With Origin Shield:
Edge POPs: 200+ locations
โ โ โ โ โ โ โ โ โ โ
โโโดโโดโโดโโดโโดโโดโโดโโดโโ
โ
All edge misses go to shield
โผ
โโโโโโโโโโโโโโโโโโโ
โ Origin Shield โ (1 shield per region)
โ (Collapsed) โ
โโโโโโโโโโฌโโโโโโโโโ
โ
Only shield requests from origin
โผ
โโโโโโโโโโ
โ Origin โ (1-3 potential requesters)
โโโโโโโโโโ
Benefits:
- Collapses cache misses
- Reduces origin load
- Better cache efficiency
- Improved origin availability
Request Collapsing
Request Collapsing (Coalescing):
Scenario: 100 users request same uncached asset simultaneously
Without Collapsing:
100 requests โโโบ Edge โโโบ 100 requests โโโบ Origin
(thundering herd)
With Collapsing:
100 requests โโโบ Edge โโโบ 1 request โโโบ Origin
โ
99 requests wait
โ
Response cached, all 100 served
Implementation:
- First request triggers origin fetch
- Subsequent requests for same URL wait
- All requests served from single origin response
- Critical for protecting origin on cache miss spikes
Cache Invalidation
Invalidation Strategies
Strategy 1: TTL-Based Expiration
โโโ Let content expire naturally
โโโ Simple, predictable
โโโ Delay in propagating changes
Strategy 2: Purge (Immediate Invalidation)
โโโ Remove specific URLs from cache
โโโ Fast update propagation
โโโ Can be expensive at scale
Strategy 3: Soft Purge (Stale-While-Revalidate)
โโโ Mark content as stale
โโโ Serve stale while fetching fresh
โโโ Best user experience
Strategy 4: Versioned URLs
โโโ Change URL when content changes
โโโ No purging needed
โโโ Best cache efficiency
โโโ asset.js?v=abc123 or asset.abc123.js
Strategy 5: Cache Tags (Surrogate Keys)
โโโ Tag content with identifiers
โโโ Purge by tag instead of URL
โโโ Powerful for related content
โโโ Purge all "product-123" tagged content
Versioning Patterns
URL Versioning:
Pattern 1: Query Parameter
/styles.css?v=1.2.3
/styles.css?v=a1b2c3d4 (hash)
+ Simple to implement
- Some CDNs don't cache query strings by default
Pattern 2: Filename Hash
/styles.a1b2c3d4.css
+ Best cache efficiency
+ CDNs cache by default
- Requires build process
Pattern 3: Path Versioning
/v1.2.3/styles.css
+ Clear version organization
- May have many versions to purge
Recommendation:
- Static assets: Filename hash (best cache efficiency)
- APIs: Path versioning (/v1/api/...)
- HTML: Short TTL + revalidation
Cache Tags / Surrogate Keys
Cache Tags Example:
Response from origin:
HTTP/1.1 200 OK
Surrogate-Key: product-123 category-electronics homepage
Cache-Control: public, max-age=86400
Content tagged with:
- product-123 (specific product)
- category-electronics (product category)
- homepage (appears on homepage)
Purge Scenarios:
- Product updated: Purge "product-123"
- Category reorganized: Purge "category-electronics"
- Homepage changed: Purge "homepage"
Single purge affects all URLs with that tag.
Edge Computing
Edge Functions
Edge Function Use Cases:
1. Request Manipulation
- URL rewriting
- Header modification
- Authentication
- Geolocation-based routing
2. Response Manipulation
- HTML injection (A/B testing)
- Content transformation
- Personalization at edge
- Response compression
3. Security
- Bot detection
- Rate limiting
- WAF rules
- Token validation
4. Caching Logic
- Custom cache keys
- Vary normalization
- Cache bypass rules
- Selective purging
Platforms:
- Cloudflare Workers
- AWS Lambda@Edge / CloudFront Functions
- Fastly Compute@Edge
- Akamai EdgeWorkers
A/B Testing at Edge
Edge A/B Testing:
Traditional (Origin-Based):
User โโโบ CDN โโโบ Origin โโโบ Determine variant โโโบ Response
โ (uncacheable due to personalization)
Cache miss every time
Edge-Based:
User โโโบ Edge Worker โโโบ Assign variant (cookie/header)
โ
โโโ Variant A: Serve /page-a (cacheable)
โโโ Variant B: Serve /page-b (cacheable)
Benefits:
- Each variant is separately cacheable
- No origin computation per request
- Consistent variant assignment
- Analytics at edge
CDN Selection
Provider Comparison
CDN Provider Considerations:
Performance:
โโโ Global POP coverage
โโโ Network quality (peering)
โโโ Cache hit ratio
โโโ TTFB benchmarks
Features:
โโโ Edge computing support
โโโ Real-time analytics
โโโ Custom caching rules
โโโ Image optimization
โโโ Video streaming
โโโ Security features (WAF, DDoS)
Pricing Models:
โโโ Bandwidth-based
โโโ Request-based
โโโ Flat-rate
โโโ Commit discounts
Integration:
โโโ API quality
โโโ Terraform/IaC support
โโโ CI/CD integration
โโโ Monitoring integration
Major Providers:
- Cloudflare: Great developer experience, generous free tier
- Fastly: Excellent for dynamic/personalized content
- AWS CloudFront: Best with AWS ecosystem
- Akamai: Enterprise, most POPs globally
- Azure CDN: Best with Azure ecosystem
Best Practices
CDN Best Practices:
1. Cache Efficiency
โก Use content hashing for static assets
โก Set appropriate TTLs for content type
โก Implement origin shielding
โก Monitor cache hit ratios
2. Performance
โก Enable compression (Brotli/Gzip)
โก Use HTTP/2 or HTTP/3
โก Implement preconnect hints
โก Optimize for Core Web Vitals
3. Cache Invalidation
โก Prefer versioned URLs over purging
โก Use cache tags for related content
โก Implement soft purge when possible
โก Have purge automation ready
4. Security
โก Enable HTTPS everywhere
โก Configure proper CORS
โก Implement security headers
โก Use signed URLs for sensitive content
5. Monitoring
โก Track cache hit ratio
โก Monitor origin load
โก Set up latency alerts
โก Analyze error rates
Troubleshooting
Common Issues:
1. Low Cache Hit Ratio
- Check Vary header proliferation
- Verify cache-control headers
- Look for query string variations
- Check for cookie-based variation
2. Stale Content
- Verify cache-control max-age
- Check purge propagation delay
- Confirm versioning strategy
- Review origin response headers
3. High Origin Load
- Implement origin shield
- Enable request collapsing
- Extend TTLs where appropriate
- Add caching for API responses
4. Slow Performance
- Check POP distribution
- Verify compression enabled
- Review TLS configuration
- Analyze origin response time
Debug Headers:
X-Cache: HIT/MISS
X-Cache-Hits: 123
Age: 3600
CF-Cache-Status: DYNAMIC/HIT/MISS
Related Skills
edge-computing- Compute at CDN edgelatency-optimization- End-to-end latency reductionmulti-region-deployment- Global infrastructure patternscaching-strategies- Application-level caching
Repository
melodic-software
Author
melodic-software/claude-code-plugins/plugins/systems-design/skills/cdn-architecture
3
Stars
0
Forks
Updated1d ago
Added6d ago