Versions Compared

Old Version 9

changes.mady.by.user Joe Damato

Saved on

compared with

New Version Current

changes.mady.by.user Joe Damato

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Instructions for enabling CloudFront:

  1. Run If you are installing packagecloud:enterprise for the first time (and not performing an upgrade of an existing installation) you can skip to the next step. If you are upgrading an existing installation, begin by running packagecloud-ctl reindex-everything in a screen session. This will re-index all repositories and may take some time. This step is required because new attributes will be set on all objects written to S3 so that CloudFront will cache objects correctly. Skipping this step will result in caching issues once CloudFront is enabled.

  2. Run packagecloud-ctl generate-cloudfront-secret and add generated secret to /etc/packagecloud/packagecloud.rb as instructed.

  3. Run packagecloud-ctl reconfigure

  4. Run packagecloud-ctl bootstrap-cloudfront and then run the generated command as instructed (see next step for an example).

  5. Run the generated command from step 34, which looks like packagecloud-ctl reconfigure-cloudfront-distribution arn:aws:lambda:us-east-1:999999999999:function:packagecloud_cloudfront_auth:1' and add configuration values to /etc/packagecloud/packagecloud.rb as instructed.

  6. Run packagecloud-ctl reconfigure

  7. Run packagecloud-ctl restart

...

Are packages cached inside of CloudFront? What about repository metadata (indexes)?

As of packgecloud:enterprise 2.0.7, with CloudFront enabled, only packages are accessed and cached through CloudFront, repository metadata still goes to S3 using SigV2 signed URLs.

Starting with packagecloud:enterprise 3.0.0, packages and repository metadata will be accessed through CloudFront (to mitigate the June 4, 2019 SigV2 deprecation), but only packages will be cached, repository metadata will be passed-through to ensure Package Managers When CloudFront is enabled, all requests for package files or repository metadata will go through CloudFront. Package files are cached, but repository metadata is written to AWS S3 with a special Cache-Control header so that CloudFront will never cache it. Repository metadata is never cached when it passes through CloudFront to ensure package managers always see the latest generated indexes.

...