Performance

CDN & Edge Computing

Serving assets and executing logic from locations geographically close to the user.

Overview

A Content Delivery Network (CDN) is a globally distributed network of servers (edge nodes) that caches and serves content from locations geographically close to users. CDNs reduce latency (by serving from nearby nodes), offload origin traffic, and provide DDoS protection. Modern CDNs (Cloudflare, Fastly, AWS CloudFront) also offer edge computing, smart routing, image optimisation, and WAF capabilities.

Origin

Akamai (Leighton and Lewin, 1998) pioneered CDN technology, initially solving the "Flash Crowd" problem for high-traffic events. Cloudflare (2010) democratised CDN access with a free tier. Fastly (2011) introduced real-time purging and VCL-based edge logic. Edge computing (Cloudflare Workers 2017, AWS Lambda@Edge 2016) moved application logic to the edge.

Examples

Cache-Control headers for optimal CDN caching in TypeScript

import { Response } from 'express';

// Static assets with content hash in filename: cache forever
// /static/app.a3f4b2c.js (webpack contenthash)
export function staticAssetHeaders(res: Response): void {
  res.setHeader('Cache-Control', 'public, max-age=31536000, immutable');
  // immutable tells the browser: the content will never change, do not revalidate
}

// API responses: cache at CDN for 60s, but allow stale content during refresh
export function apiCacheHeaders(res: Response, maxAgeSeconds = 60): void {
  res.setHeader(
    'Cache-Control',
    'public, s-maxage=' + maxAgeSeconds + ', stale-while-revalidate=300'
  );
  // s-maxage: CDN TTL (overrides max-age for CDNs)
  // stale-while-revalidate: serve stale for up to 300s while fetching fresh
}

// User-specific content: CDN must not cache; browser may cache in private store
export function privateHeaders(res: Response): void {
  res.setHeader('Cache-Control', 'private, no-store');
}

// Add Surrogate-Key for targeted purging (Fastly) or Cache-Tag (Cloudflare)
export function addCacheTags(res: Response, tags: string[]): void {
  res.setHeader('Surrogate-Key', tags.join(' '));
  // Purge: fastly.purgeKey('product-42') removes all responses with this tag
}

immutable combined with a content-hash filename means the browser never revalidates the file; the new hash on the next deploy causes the browser to fetch the new file. stale-while-revalidate enables background refresh so users never see latency on cache miss.

Cloudflare Cache-Tag purging via API in Ruby

require 'net/http'
require 'json'

class CloudflareCacheService
  CF_API = 'https://api.cloudflare.com/client/v4'

  def initialize
    @zone_id = ENV.fetch('CF_ZONE_ID')
    @api_token = ENV.fetch('CF_API_TOKEN')
  end

  # Purge by URL: specific resources
  def purge_urls(urls)
    post('/purge_cache', { files: urls })
  end

  # Purge by Cache-Tag: all responses with a specific tag
  # Requires Cloudflare Enterprise or Cache Rules with tagging
  def purge_by_tag(tags)
    post('/purge_cache', { tags: Array(tags) })
  end

  # Purge everything (use sparingly)
  def purge_all
    post('/purge_cache', { purge_everything: true })
  end

  private

  def post(path, body)
    uri = URI("#{CF_API}/zones/#{@zone_id}#{path}")
    http = Net::HTTP.new(uri.host, uri.port)
    http.use_ssl = true
    req = Net::HTTP::Post.new(uri.path, {
      'Content-Type' => 'application/json',
      'Authorization' => "Bearer #{@api_token}"
    })
    req.body = body.to_json
    response = http.request(req)
    JSON.parse(response.body)
  end
end

# After updating product #42: purge all cached responses tagged with 'product-42'
cdn = CloudflareCacheService.new
cdn.purge_by_tag('product-42')

Cache-Tag-based purging allows surgically invalidating all CDN edges serving a specific product without purging unrelated content. This is superior to URL-based purging because a product page may be at many URLs (pagination, sorting, filtering combinations).

Use Cases

01Static assets (JS, CSS, images, fonts) that change only on deploy and should be cached for a year at the CDN edge with immutable headers
02Public API responses (product listings, public content) where the same response serves many users and can be cached with a short TTL
03Video and large binary file delivery where CDN transfer costs and latency reductions are most significant
04DDoS protection: CDN edge nodes absorb volumetric attacks before traffic reaches the origin

When Not to Use

//Do not cache user-specific or session-specific responses at the CDN without vary headers or cache key customisation; users will see each other's data
//Do not cache responses that contain CSRF tokens, nonces, or session IDs in the body; cached responses will serve stale security tokens
//Do not rely on CDN caching for consistency-sensitive data (inventory stock, real-time pricing) where a 60-second cache lag is unacceptable

Technical Notes

Vary header tells CDNs to cache separate response versions per request header value. Vary: Accept-Encoding is standard (separate gzip/br caches); Vary: Cookie causes CDNs to bypass caching entirely for all requests with cookies
CDN cache hit ratio is a key metric: below 80% suggests misconfigured headers, too-short TTLs, or too many cache-busting query parameters. Cloudflare Analytics and Fastly Real-Time Log Streaming provide per-URL hit ratio data
stale-while-revalidate (RFC 5861) is supported by Cloudflare, Fastly, and modern browsers. It allows serving a cached response up to the stale-while-revalidate duration while revalidating in the background, eliminating cache-miss latency for most users
Fastly's Varnish Configuration Language (VCL) and Cloudflare Workers allow custom caching logic at the edge: personalising content, A/B testing, authentication checks, and geo-routing without origin round-trips