Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cacheable Presigned URL with Cloudflare Workers

oliver
October 06, 2023
Technology
2
6.8k

Cacheable Presigned URL with Cloudflare Workers

2023年10月06日「Cloudflare Meetup Nagoya 第3回」にて発表した資料。
https://cfm-cts.connpass.com/event/294096/

oliver

October 06, 2023
Tweet

More Decks by oliver

See All by oliver
comilioとCloudflare、そして未来へと向けて
oliver_diary
6
720
テキストエディタのブラウザ実装 / tokyo_study
oliver_diary
0
290
迫り来る絶望的状況からの脱却物語 / #CEDEC2021
oliver_diary
7
15k
PWAとクラウドゲーミングの現状そしてPWAとOOParts
oliver_diary
3
11k
OOPartsによるPWA事例紹介
oliver_diary
2
9.3k
クラウドゲーミング最新開発事例 - #CEDEC2020
oliver_diary
6
16k
クラウドゲーミング時代のPWA
oliver_diary
0
12k
OOPartsが切り開く クラウドゲーミング ✖︎ PWA
oliver_diary
4
16k
今日から始めるFirestoreのテスト
oliver_diary
2
11k

Other Decks in Technology

See All in Technology
より良い開発者体験を実現するために~開発初心者が感じた生成AIの可能性~
masakiokuda
0
200
SDカードフォレンジック
su3158
1
630
Стильный код: натуральный поиск редких атрибутов по картинке. Юлия Антохина, Data Scientist, Lamoda Tech
lamodatech
0
760
Would you THINK such a demonstration interesting ?
shumpei3
1
230
AIエージェント開発手法と業務導入のプラクティス
ykosaka
5
1.6k
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
0
200
クラウド開発環境Cloud Workstationsの紹介
yunosukey
0
190
30代からでも遅くない! 内製開発の世界に飛び込み、最前線で戦うLLMアプリ開発エンジニアになろう
minorun365
PRO
12
4k
YOLOv10~v12
tenten0727
4
970
意思決定を支える検索体験を目指してやってきたこと
hinatades
PRO
0
230
Рекомендации с нуля: как мы в Lamoda превратили главную страницу в ключевую точку входа для персонализированного шоппинга. Данил Комаров, Data Scientist, Lamoda Tech
lamodatech
0
770
2025-04-24 "Manga AI Understanding & Localization" Furukawa Arata (CyberAgent, Inc)
ornew
2
230

Featured

See All Featured
Raft: Consensus for Rubyists
vanstee
137
6.9k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
5
530
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
GraphQLの誤解/rethinking-graphql
sonatard
71
10k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
Designing for Performance
lara
608
69k
Rails Girls Zürich Keynote
gr2m
94
13k
Gamification - CAS2011
davidbonilla
81
5.2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
227
22k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
40
7.2k

Transcript

  1. Cloud fl are Meetup Nagoya ୈ3ճ Cacheable Presigned URL with

    Cloudflare Workers 2023/10/06 oliver

  2. ࣗݾ঺հ • גࣜձࣾϢʔπʔςοΫʢ୅ද / ιϑτ΢ΣΞΤϯδχΞʣ • લલ৬͸޿ࠂ഑৴ɺલ৬͸Ϋϥ΢υήʔϛϯά • Cloud fl

    are͸਺೥લ͔Βͣͬͱ௥͔͚͍ͬͯΔ • ͱ͋Δࣄ৘Ͱେྔͷը૾഑৴ΛηΩϡΞͳঢ়ଶͰ഑৴͢Δٕज़͕ඞཁͱͳͬ ͍ͯΔʢͷͰɺࠓճͷLTͰݕূ݁ՌΛൃද͠Α͏ͱࢥͬͨʣ minakawadaiki.com

  3. ը૾഑৴ʹCloudflareΛ બ୒͢Δ1൪ͷཧ༝

  4. σʔλΤάϨεྉ͕ۚ 0ԁ͔ͩΒ https://www.cloud fl are.com/ja-jp/learning/cloud/what-are-data-egress-fees/

  5. ֎෦ʹஔ͔ΕͯΔը૾Λ CloudflareͰϓϩΩγ͢Δ

  6. ֎෦ʹஔ͔ΕͯΔը૾ΛCloudflareͰϓϩΩγ͢Δ • ύλʔϯ1ʢDNSΛCloud fl areͰ؅ཧͰ͖Δ৔߹ʣ • DNS ProxyΛઃఆͯ͋͛͠Ε͹OK • Ωϟογϡͤͨ͘͞ͳ͍΋ͷ·ͰΩϟογϡͤ͞ͳ͍Α͏ʹ஫ҙ

    https://developers.cloud fl are.com/support/third-party-software/others/con fi guring-an-amazon-web-services-static-site-to-use-cloud fl are/

  7. ֎෦ʹஔ͔ΕͯΔը૾ΛCloudflareͰϓϩΩγ͢Δ • ύλʔϯ2ʢDNSΛCloud fl areͰ؅ཧͰ͖ͳ͍৔߹ʣ • Cloud fl are WorkersͰΩϟογϡͯ͋͛͠Δ

    • Workersͷݺͼग़͠ྉ͕͔͔ۚΔͷͰ஫ҙ • 1೔͋ͨΓ10ສ݅ͷϦΫΤετ·Ͱແྉʢ2023೥10݄6೔࣌఺ʣ • ϦΫΤετ100ສ݅͋ͨΓֹ݄0.15υϧʢ2023೥10݄6೔࣌఺ʣ https://developers.cloud fl are.com/workers/examples/cache-api/

  8. DNSΛCloudflareͰ؅ཧͰ͖ͳ͍৔߹ https://<workers-path>/image?src=https://<image-path>

  9. Cloudflare্͚ͩͰը૾഑৴͢Δ

  10. Cloudflare্͚ͩͰը૾഑৴͢Δ • ύλʔϯ̍ʢCloud fl are ImagesΛ࢖͏ʣ • ը૾֨ೲ10ສ఺͋ͨΓ$5ʢ2023೥10݄6೔࣌఺ʣ • ը૾഑৴10ສ఺͋ͨΓ$1ʢ2023೥10݄6೔࣌఺ʣ

    • ༷ʑͳը૾ૢ࡞ʢϦαΠζͳͲͷฤूʣ͕URLͰՄೳ • Workers + R2ͱൺ΂ͯগׂ͠ߴͳҹ৅ https://www.cloud fl are.com/ja-jp/developer-platform/cloud fl are-images/

  11. Cloudflare্͚ͩͰը૾഑৴͢Δ • ύλʔϯ̎ʢCloud fl are Workers + R2Λ࢖͏ʣ • R2ͷྉۚʢಡΈऔΓʹ͔͔Δ෦෼͚ͩهࡌʣ

    • ετϨʔδ: $0.015 / GB ετϨʔδ • ΫϥεBૢ࡞ɿطଘͷঢ়ଶΛಡΈऔΔ: $0.36 / 100ສ • ը૾ૢ࡞͸WorkersͰ΋ผ్՝ۚ͢Ε͹Մೳ https://developers.cloud fl are.com/r2/api/workers/workers-api-usage/

  12. Cloudflare Workers + R2Λ࢖͏ https://<workers-path>/< fi le-name>/with-cache ͜͜ͰΩϟογϡ͍ͤͯ͞Δ

  13. ॺ໊෇͖URLͰը૾ΛकΔ

  14. ॺ໊෇͖URLͰը૾ΛकΔ • Ϣʔεέʔε • ಛఆͷ૊৫ʹॴଐ͍ͯ͠Δਓ͚͔ͩ͠ݟΕͳ͍ը૾ • Notionͷը૾ͱ͔GitHubͷը૾ͱ͔ • ອըͳͲΛߪೖͯ͠ઐ༻ͷReaderͳͲͰಡΉ৔߹ •

    kindleͱ͔ͦͷଞອըΞϓϦͱ͔ https://docs.aws.amazon.com/ja_jp/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html

  15. ॺ໊෇͖URLͰը૾ΛकΔ ᶃ ݖݶʹج͍ͮͯॺ໊෇͖URLΛൃߦ͢Δ ᶄ ॺ໊Λݕূ͠ը૾ΛϨεϙϯε ॺ໊෇͖URLൃߦαʔόʔ ը૾ετϨʔδ https://<domain>/<image-path>/verify?mac=<MAC>&expiry=<number>

  16. WorkersͰ࣮૷͢Δ

  17. WorkersͰ࣮૷͢ΔʢURLੜ੒ʣ https://developers.cloud fl are.com/workers/examples/signing-requests/ • `/:image/generate` ͰΞΫηεΛ଴ͪड͚Δ • generateSignedUrlؔ਺Ͱ࡞੒ͨ͠ॺ໊෇͖URLΛΫϥΠΞϯτʹϨεϙϯε

  18. WorkersͰ࣮૷͢ΔʢURLੜ੒ʣ https://developers.cloud fl are.com/workers/examples/signing-requests/ • Web Crypto API ͰΩʔΛੜ੒ •

    ΞϧΰϦζϜ͸ॺ໊෇͖URLͰΑ͘༻͍ΒΕΔ
 HMAC-SHA256Λ࠾༻ • HMAC͸ڞ௨伴҉߸ํࣜͳͷͰ
 ॺ໊ଆͱݕূଆͰಉ͡ΩʔΛ༻͍Δ • ॺ໊URLʹ࠷௿ݶඞཁͳ৘ใ͸ɺͦͷURLͷ༗ޮظݶͱΞΫ ηεൣғʢ ࠓճͰ͍͏ͱ `url.pathname` ʣͰ͋ΓɺͦΕΒ ΛؚΊͯॺ໊͍ͯ͠Δ • ॺ໊ͯ͠ੜ੒͞ΕͨMACΛURLʹؚΊΔͨΊBase64ʹม׵ • `+`จࣈ͸URLʹؚΊΔͱόάΛੜΉͨΊɺ `-` ʹม׵ • URLͷQuery ParamsʹMACͱ༗ޮظݶʢexpiryʣΛ෇༩

  19. WorkersͰ࣮૷͢Δʢը૾ΞΫηεʣ • ॺ໊෇͖URLʹ෇༩͞Ε͍ͯΔMAC ͱexpiryΛ༻͍ͯɺ`verifySignedUrl` ؔ਺Λ࣮ߦʢৄࡉ࣍ϖʔδʣ • ʮॺ໊͕ਖ਼͍͠ʯ͔ͭʮͦͷॺ໊͕ ༗ޮظݶ಺ʯͰ͋Δ͔ΛνΣοΫ • R2͔Βը૾Λऔಘ͠ɺϨεϙϯε

    https://developers.cloud fl are.com/workers/examples/signing-requests/

  20. WorkersͰ࣮૷͢Δʢը૾ΞΫηεʣ • ݕূ༻ͷڞ௨伴Λ࡞੒͢Δ • URLͰड͚औͬͨMACΛBase64͔Βม׵ • ॺ໊ʹར༻ͨ͠
 ʮ`${url.pathname}@${expiry}`ʯΛੜ੒ • ॺ໊Λݕূ

    https://developers.cloud fl are.com/workers/examples/signing-requests/

  21. Ωϟογϡ༗ແͰͷ଎౓Λൺֱ͢Δ

  22. R2 from Workers with no cache ntimes 10 -- curl

    ‘https://<worker-domain>/<image-path>/no-cache’ --compressed -o /dev/null -w "%{time_total}\n" -s | percentile

  23. Presigned URL With R2 ntimes 10 -- curl ‘https://<r2-domain>.r2.cloud fl

    arestorage.com/images/<image-name>?X-Amz-Expires=3600&X-Amz-Date=20231005T200233Z &X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=<credential>
 &X-Amz-SignedHeaders=host&X-Amz-Signature=<sig>’ --compressed -o /dev/null -w "%{time_total}\n" -s | percentile

  24. R2 from Workers with cache ntimes 10 -- curl ‘https://<workers-domain>/<image-path>/with-cache’

    --compressed -o /dev/null -w "%{time_total}\n" -s | percentile

  25. Public bucket on R2 ntimes 10 -- curl ‘https://<public-r2-domain>/images/<image-name>’ --compressed

    -o /dev/null -w "%{time_total}\n" -s | percentile

  26. ଎౓Λൺֱ͢Δʢ20MBͷը૾ʣ Workers with no cache Presigned URL Workers with cache

    Public bucket 0 0.3 0.6 0.9 1.2 S S S S S

  27. ຊ୊

  28. Cacheable Presigned URL with Cloudflare Workers

  29. ΩϟογϡՄೳͳॺ໊෇͖URL • ͳͥඞཁ͔ • R2ͱ͸͍͑ɺΩϟογϡ͞Εͯͳ͍ը૾͸Ϩεϙϯε͕஗͍ • R2ͷಡΈऔΓΑΓWorkersͷݺͼग़͠ͷํ͕௿ίετ • ΍Βͳ͚Ε͹͍͚ͳ͍͜ͱ •

    ॺ໊෇͖URLͷϩδοΫʹΩϟογϡॲཧΛ௥Ճ • ॺ໊෇͖URLΛ࡞੒͢ΔࡍͷexpireΛௐ੔͢Δ

  30. ॺ໊෇͖URLͷϩδοΫʹΩϟογϡॲཧΛ௥Ճ • ॺ໊ͷݕূʹ੒ޭͨ࣌͠ʹΩϟογϡ͔ Βऔಘ͢ΔίʔυΛ௥Ճ • Ωϟογϡ͕ͳ͍৔߹͸R2͔Βը૾Λऔ ಘ͠Ϩεϙϯε͢Δ

  31. ॺ໊෇͖URLΛ࡞੒͢ΔࡍͷexpireΛௐ੔͢Δ https://advancedweb.hu/cacheable-s3-signed-urls/

  32. ॺ໊෇͖URLΛ࡞੒͢ΔࡍͷexpireΛௐ੔͢Δ • ࠓճ͸؆қతʹʮ࣍ͷX࣌0෼ + 10sʯ
 Λ༗ޮظݶͱͨ͠ॺ໊෇͖URLΛ
 ࡞੒͍ͯ͠Δ • ཁ͢Δʹ13࣌15෼ʹੜ੒͞ΕΔॺ໊URL ͱ13࣌59෼ʹੜ੒͞ΕΔॺ໊෇͖URL͕

    ಉҰʹͳΔ͜ͱͰΩϟογϡ͞ΕΔΑ͏ ʹͳΔ

  33. UploadपΓͷ࿩͸·ͨͲ͔͜Ͱ