Hosting 1000s of static sites

0

I am building an app that lets users create their own websites. My initial idea for the infrastructure was: Create S3 bucket configured as static site for a user Register domain with Route53, record pointing at bucket User publishes html & assets to their bucket

I am now realizing AWS discourages this by limiting buckets (1000) limiting domains (20) and generally seeming to not want you to obfuscate their services behind your own (makes sense). Any other high level architecture ideas that will allow me to serve files from s3 as a series of small, fast static websites? I would like to use cloudflare/cloudfront & gracefully handle SSL as well.

2回答
2
承認された回答

All the limits you talk about can be changed by AWS. Often this is just a matter of filing a support ticket detailing you business case and it is arranged within minutes.

If the number of route53 domains will not be stretched by AWS to suite your business case you can always start using an external dns provider like transip.

Anyway the dns records can all point to the domain of one CloudFront distribution. You can use a CloudFront edge@lambda funtion (origin request) to insert the domainname (that comes from the dns record) into the origin path.

The origin could wel be just one s3 bucket holding the data of all your customers, each customer uses his domain as a prefix into the bucket.

You would need to put in place some security controls to keep each customers data safe.

Caution: be aware that CloudFront can cache content and serve stale content!

profile picture
JaccoPK
回答済み 2年前
profile pictureAWS
エキスパート
Toni_S
レビュー済み 2年前
1

I just want to add that @JaccoPK's recommendation is exactly how I would handle this.

Store all of your sites in individual directories in the same S3 bucket, and use a bucket policy that requires 1) all requests to come through CloudFront, and 2) each directory requires a unique (per site) secret request header.

Use a single CF distribution and add all of your client hostnames as aliases. Then in your default cache behavior associate an origin request Lambda@Edge function that looks for the incoming hostname, and routes the traffic to the appropriate S3 bucket and directory, plus injects the required secret request header for that site. One more thing to be aware of is as JaccoPK mentioned, CloudFront caches content, this is by design. You will want to make sure that requests for site1 index.html do not get cached for site2, etc. Make sure to include the host header in the cache policy cache key settings.

For DNS, configure all of your CNAME's in Route53 to point to the domain name of the CF bistro that you created.

That should do the trick.

profile pictureAWS
回答済み 2年前
profile pictureAWS
エキスパート
Toni_S
レビュー済み 2年前
  • Thanks! I have this all setup now and it works. My one concern is a cloudflare distro only takes 1 SSL certificate and ssl certificates are limited to 10 domain names. I can get the limit raised but it still seems like a nightmare to automate issuing a new certificate and adding it and the new hostname to the cloudflare distribution every time a new site is added. Not to mention that would likely cause downtime.

  • Hello. Any updates on the SSL limitation problem? I'm facing the same issue now and looking for a solution.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ