This document describes how to add a site to Tencent Cloud EdgeOne and enable secure acceleration, so that you can get a quick start with the EdgeOne service.
EdgeOne brings the following benefits to your site:
EdgeOne nodes provide dynamic and static smart acceleration, to enable users to obtain resources from nodes nearby, which avoids network issues due to cross-region or cross-ISP access.
Files are cached on nodes to reduce the proportion of origin-pull requests, which decreases the traffic to the origin.
Services are provided from EdgeOne nodes to hide the IP address of the origin and protect the origin from malicious attacks.
More EdgeOne capabilities, such as DNS, security protection, edge functions, and L4 proxy, can be integrated with your site.
Preparations
1. You have registered a Tencent Cloud account.
2. You have registered a domain name, such as example.com. For more information about domain name registration, see Domain Registration.
Note:
If you want to set the service region of your site to Chinese mainland or Global, the domain name must have been filed with the Chinese Ministry of Industry and Information Technology.
3. Your site is hosted on an accessible service, such as Cloud Virtual Machine (CVM) or Cloud Object Storage (COS). For example, you have built a cross-border e-commerce site based on Tencent Cloud CVM, and the current server IP address is: 1.1.1.1.
Step 1: Add the Site
Perform the following operations to add the site to EdgeOne:
3. In the Enter your site input box, enter the domain name, In this example, enter example.com. Then, click Next.
Step 2: Select Service Region and Plan
This step requires binding the site access plan specs so that the platform can allocate the corresponding service resources for you. You can bind by purchase plan or bind sites to your plan:
Purchase plan
Bind sites to your plan
1. When entering the plan selection, the default is the Purchase plan page. Currently. You can view the Comparison of EdgeOne Plans to see the differences between the different plan versions.
2. After confirming the plan, check and agree to the EdgeOne Service Level Agreement below, and click the next step.
1. If you have already purchased a plan, you can click Bind sites to your plan to switch to the binding plan page and select the purchased plan to bind.
2. After selecting the plan, check and agree to the EdgeOne Service Level Agreement below, and click Next.
Step 3: Select the Access Mode
This step requires selecting the acceleration region and access mode that meet your needs.
1. Select the acceleration region. The acceleration region is mainly used to allocate node resources for the current site. When you select the Chinese mainland availability zone and the Global availability zone, it is required that the current domain has completed the MIIT (Ministry of Industry and Information Technology) ICP Filing.
2. Select the access mode. EdgeOne provides you with two access modes, namely NS server access mode, CNAME access mode and DNSPod managed access. The differences between the different access modes are as follows:
Mode
NS Access (Recommended)
CNAME Access
DNSPod managed access
Scenario
You want to change the original DNS provider and host DNS on EdgeOne.
You have hosted the domain name to another DNS provider, such as Tencent Cloud DNSPod, and you do not want to change the DNS provider.
When the domain name is hosted on Tencent Cloud DNSPod, it is recommended to use this mode for access
Access mode
You only need to change the settings of the DNS server once at the original DNS provider. After that, you can easily enable secure acceleration for the domain name in the EdgeOne console.
Each time you add a new subdomain and enable secure acceleration, you must add a CNAME record at the corresponding DNS provider.
If the domain name is already hosted on Tencent Cloud DNSPod and is in effect, this mode is selected to complete access directly after backend verification by EdgeOne.
Verification method
You need to change the URLs of the original NS servers to the ones provided by EdgeOne.
You need to verify the domain name ownership by adding a DNS record or using the verification file.
No ownership verification is required.
Scheduling method
After secure acceleration is enabled for the domain name, the A record can be directly resolved to point to the nearest EdgeOne edge node.
After secure acceleration is enabled for the domain name, the client access is scheduled to the nearest EdgeOne node by using the CNAME record.
After secure acceleration is enabled for the domain name, it is scheduled to the nearest EdgeOne edge node via Cname.
NS Access
CNAME Access
DNSPod managed access
1. On the Select an access mode tab, select NS access.
2. (Optional) In NS Access mode, EdgeOne automatically scans all DNS records for the domain name. You can verify the scan results by comparing them with the original DNS records.
If all the original DNS resolution records are retrieved, clicking Import all to import them to EdgeOne.
If you find that some DNS resolution records are missing, click Add record or Batch import to add them.
3. Click Next. In the NS server access mode, you need to go to the original domain registration service provider and change the domain's DNS server address to the DNS server address provided by EdgeOne. The operation steps can be referred to: Modify DNS server.
4. After the change, EdgeOne automatically detects the current URLs of the NS servers. After settings of the NS servers take effect, click OK.
Note:
The process may be slow with some domain registrars, please be patient.
1. On the Select an access mode tab, select CNAME access and click Next.
2. Verify the site ownership. EdgeOne allows you to verify your site ownership through DNS verification or file verification. For more information, see Verifying Site Ownership.
3. After the site ownership is verified, click OK.
Note:
The prerequisite for using this mode is that your current domain name is already hosted on Tencent Cloud DNSPod and is in effect.
1. In the access mode options, select DNSPod managed access and click Finish .
2. When you use this mode for the first time, a pop-up window will remind you of authorization to use the TEO_QCSLinkedRoleInDnspodAccessEO service role permission. Click Agree to Authorization . After the authorization is successful, site access will be successfully completed.
Step 4: Add an Acceleration Domain
Note:
1. Currently, access by Punycode-converted Chinese, Korean and Japanese domain names and domain names containing underscores is not supported.
2. After the domain is added, if your origin server type is IP/domain name, the origin host defaults to the acceleration domain. If your origin host needs specifying a different domain, you can refer to the Modification of Origin Host for configuration. If your origin server is a COS origin server, the origin host defaults to the domain name of the COS origin server.
1. Click the Site List in the left sidebar, and select the added site to go to Site Details Management.
2. Click Domain Name Service > Domain Management to go to the Domain Management Details page, and click Add Domain Name to add a new acceleration domain name.
3. Enter the acceleration domain name to be added and the corresponding origin server information. Once the configuration is complete, click Next.
Configuration item
Note
Acceleration domain name
Domain name provided for client access. Enter the host record value corresponding to the domain name. Wildcard domain name access is supported. If you need to access the main domain name, simply enter @.
For example: If you need to accelerate the website www.example.com , enter www here.
Origin server configuration
The origin server is the final resource address accessed when the client initiates a request. You can choose from IP/domain name, COS origin server, and origin server group:
IP/domain name: It is used to connect a single origin server. You can enter a single IP or a single domain name as the origin server.
COS origin server: It is used to add Tencent Cloud COS and AWS S3 authentication compatible COS buckets as origin servers. If the bucket allows public read-write access, you can also connect directly using the origin server type of IP/domain name.
Origin server group: If the origin server has multiple IPs, you can add them by configuring an origin server group.
VOD: Buckets authorized in VOD can be set to apply to all files within the application or to files in a specific bucket.
Load balancing: Actively detect origin server latency and health status, configure intelligent traffic scheduling policies, and provide safer and faster traffic distribution services.
For example: There is an existing cross-border e-commerce website built using Tencent CVM. The IP address of the server is: 10.1.1.1 . When configuring the origin server, select the IP/domain name as origin server configuration and enter this server address.
Note:
1. We recommend that you configure your origin server in the same region as the acceleration region. For instance, if the acceleration region is a Chinese mainland availability zone, set the origin server to be within the mainland for better origin-pull performance. If the origin server is in a global availability zone (excluding the Chinese mainland) and requires cross-border access, the origin-pull effect may not be guaranteed. If you need to accelerate access by Chinese mainland users and the origin site is in a global availability zone (excluding the Chinese mainland), refer toCross-regional Secure Acceleration (Oversea Sites).
2. If your acceleration region is a global availability zone, you can add corresponding rules in the rule engine. Set the matching condition to client geographic location and choose to modify the origin server, directing origin-pull requests to different origin servers based on the regions to ensure the origin-pull effect.
3. If your origin server type is IP/domain name, the origin host defaults to the acceleration domain name. If you need to specify a domain name for your origin host, refer to the Modification of Origin Host for configuration. If your origin server is a COS origin server, the origin host defaults to the domain name of the COS origin server.
IPv6 access
You can choose whether to enable IPv6 access support. Refer to the document: IPv6 Access. The default is to follow site configuration.
Origin-pull protocol
You can select the access protocol supported by your origin server. The default is to follow the protocol. The options are as follows:
Follow protocol: The origin-pull protocol is the same as the user access request protocol
HTTP : The HTTP protocol is used for origin-pull.
HTTPS: The HTTPS protocol is used for origin-pull.
Origin-pull port
It is used to specify the port used for origin-pull. Make sure that the port specified on your origin server is accessible. By default, HTTP origin-pull uses port 80, and HTTPS origin-pull uses port 443.
4. (Optional) When a domain name is added, EdgeOne provides recommended configuration based on common service scenarios to ensure smoother and safer operation. You can select recommended configuration based on your service scenario, click Next to apply the configuration or directly click Skip to proceed without applying any configuration, and go to the next step.
5. In case of access in CNAME mode or DNSPod managed access, once a domain name is created, EdgeOne will assign a CNAME address to the domain name. You need to complete the CNAME configuration to enable the secure acceleration for the domain name. For the configuration method, refer to: Modification of CNAME Resolution. In case of NS access, this step is not required, and the current acceleration domain name configuration will take effect once the DNS server becomes effective.
Step 5: Perform Access Test
You can perform the following steps to verify whether your site is connected to EdgeOne:The verification procedure varies based on the access mode you have selected in step 3.
NS Access
CNAME Access
In NS access mode, when the client accesses the accelerated domain, EdgeOne automatically schedule the access to the nearest edge node. You can check whether the IP address of the assigned edge node is on EdgeOne to verify whether the site has been added to EdgeOne.
1. You can obtain the IP address of the assigned edge node by using any of the following methods:
Windows
Mac/Linux
Visit the site
Open the command prompt and run the nslookup -qt=A www.example.com command. Then, check the IP address of the domain obtained by the A record resolution.
Open the terminal and run the dig www.example.com command. Then, check the IP address of the domain obtained by the A record resolution.
Visit www.example.com from a browser, press F12 to open the developer tools, and click any request record to view the IP address to which the request points. Then, copy this IP address.
2. On the IP Location Query page of the EdgeOne console, paste the IP address in the IP field and click Search to check whether the IP address is on EdgeOne. If yes, DNS of the accelerated domain has been switched to EdgeOne.
After you complete the CNAME configuration, EdgeOne automatically detects whether the CNAME configuration has taken effect. In the domain list, if the Status column of the accelerated domain is Activated, the domain is correctly configured and accelerated.
If you have correctly configured the CNAME record, but the status is CNAME unconfigured, this may be caused by the CNAME resolution latency of the DNS provider. In this case, you can manually verify the connection by using the following methods:
Windows
Mac/Linux
Open the command prompt and run the nslookup -qt=cname www.example.com command. Then, check the CNAME information of the domain. If the CNAME information is the same as that provided by EdgeOne, DNS of the accelerated domain has been switched to EdgeOne.
Open the terminal and run the dig www.example.com command. Then, check the CNAME information of the domain. If the CNAME information is the same as that provided by EdgeOne, DNS of the accelerated domain has been switched to EdgeOne.
