This is part 2 of a short series on how to make your blog faster. I’m presenting a simple and effective way to set up your own Content Delivery Network using Amazon’s web services (AWS).
Part 1 made us install the W3 Total Cache plugin for WordPress. In this part of the series we will enter amazon’s version of cloud computing. You either log into the AWS (Amazon Web Services) site with an already existing account or you create a new one. In the latter case they are going to ask you a couple of things (including your CC data), and once your account is set up you’re ready to enter AWS. Amazon lets you test several of its services for free – for a period of one year. I say “several”, because not everything is for free and those services free of charge have upper limits. If you exceed them, amazon will charge you. It won’t make you poor, though, so long as you don’t plan to host millions of files in the cloud during your test run.
AWS Login
After signing up you will receive three e-mails: one welcome message (with links to introductory infos), a sign-up confirmation e-mail, and, as soon as your account is set up completely, another e-mail. Log in, and you’ll find yourself in a somewhat overwhelming plethora of services. These are ordered in various groups. For our purposes we will need “Storage and Content Delivery” and “Administration and Security” services. (Depending on your needs you may set up backups, databases, active directory services, and much more. But that’s beyond the scope of this series.)
Amazon Web Services
For establishing a CDN we are going to use three of these services: IAM (Identity and Access Management), S3 (Scalable Storage), and CloudFront, the actual CDN service. In the following steps, we will follow W3 Total Cache’s needs and find out what we have to do for this in AWS.
So go back to your WordPress Console, switch to Performance -> General Settings -> CDN, select ‚Amazon CloudFront‘, hit Enable and finally the „Save all settings“ button.
Select CDN
Not much has happened so far. Instead, we’re getting this message:
A configuration issue prevents CDN from working: The “Access key”, “Secret key”, “Bucket” and “Replace default hostname with” fields cannot be empty. Specify it here.
Configuration Issue Message
Follow the „Specify it here“ link. We are now faced with a whole bunch of options we will have to fill:
Config Options
All these options are available at Performance -> CDN, too.
So we need something to log in (access key ID and secret key), something to save our data into (bucket), and perhaps a nicer hostname than the one the system is willing to give us. (SSL support is something we let the servers decide, so the default “Auto” is okay.) Let us start with the Access key ID. That is something we are getting at AWS.
Going back to Amazon, click on the IAM icon in the AWS Dashboard and enter the wild world of Identity and Access Management. The account(s) we are going to specify here are no „users“ in a typical sense, but technical accounts used by services like our WordPress blog.
IAM Dashboard
Some items of this security status pane are already checked, others need further action. The more we are configuring our IAM, the more of these alert triangles will turn into green checkboxes. First, click on the „Users“ link in the navigation pane. The list of users presented here is empty at first. Let us now create a user by clicking on the „Create New Users“ button. The next screen lets you enter up to five user names. Keep the „Generate an access key for each user“ checked. Then hit the „Create“ button.
IAM: create user
Now the access ID and the secret key are being generated. These credentials can be seen on the next screen:
IAM: user created
Don’t hit „Close“ too early: you will have to use this information for W3 Total Cache’s login credentials information. You should download the .csv file via clicking on the „Download Credentials“ button and save it in a secure place. After that click „Close“ and you will be returned to the Users table. Your new user should turn up here.
IAM: list of users
Add as many users as you want. There is nothing that wouldn’t hamper you from using that root account which you did set up when initially enterering AWS, but that’s definitely bad and insecure style. The new technical account will only be used by your blog and it will only get the rights needed for reading and writing data. Otherwise somebody who would get control over this account would be able to do far too horrible things besides damaging your blog!
You might notice that the „Password“ column is empty for our new user. That’s okay, because the access to AWS won’t use a simple username/password algorithm, but the access id and the secret key we have just created.
After creating one or more accounts we need to think about permissions for them. The account that your blog is going to use must have the permission to log on and also permissions to write, read, update, and delete content on these Amazon servers. This is our next step in part 3 of this series.
