Define your property
You set up a delivery configuration, or property, to determine how your site will be delivered to requesting clients. We'll use Akamai's Ion product and the Property Manager Editor to do this.
How long will this take? |
Approximately 20 minutes
Create a delivery configuration in Control Center using recommended settings. |
Before you begin
You'll need some things before you can create your property:
-
Your Akamai contract and primary group. When you went through the [get access] (doc:get-access-ui#1-get-your-components) process, you worked with your Akamai account team to set up your contract and primary group.
-
Your domain. When you set up your Linodes and your edge certificate, you used your domain name. You'll need this exact value. Also, if you added any other domains to your edge certificate as subject alternative names (SANs), you'll need them, too.
Wait for your certificate to finish
If your edge certificate hasn't gone through all of the phases for completion, you should wait until it does.
1. Create a new property
-
Access Akamai Control Center.
-
Login using your primary admin user.
-
Select + Create > Property.
-
Based on your version of Ion, Premier or Standard, click Create Property in the applicable card. The Setup Ion<version> window is revealed.
-
Click Property Manager.
-
Enter a Property name. This serves as the filename for the property and how it's displayed throughout Property Manager.
-
Select your Akamai contract and primary group.
-
Click Next.
2. Create an edge hostname
Here, we'll create hostname entries that are used to redirect requests for your site to Akamai edge servers.
What's an edge hostname?
You provide us with the domain that your customers use to access your site or app and Akamai appends a specific domain to it. Here's an example:
Akamai takes your edge certificate and applies it to the edge hostname to secure it. Later, you'll need to update your existing DNS record for your site or app to be a CNAME record that points to the edge hostname. As a result, a client request to your domain is rerouted to the edge hostname and securely sent to an optimal Akamai edge server, where your property is read.
Add a new edge hostname
-
In the Property Version Information panel, select Enhanced TLS.
-
In the Property Hostnames panel click + Hostnames and select Add Hostname(s).
-
In Add Hostname(s), enter your domain to serve as your Property Hostname and click Next.
-
Select IPv4 + IPv6 (dual stack) and click Next.
-
Select your edge certificate from Select Certificate and click Next.
-
Click Submit. Your new edge hostname is added.
-
If you set up other domains as SANs in your certificate, repeat this process for each one.
Your certificate is in the staging network
A property hostname entry displays "Awaiting user input Manage in CPS" in the Certificate column at this phase. This means that your edge certificate is currently only available in the staging network. This is expected. You'll be testing later and the certificate needs to be in staging.
3. Add your Linodes as a custom origin
Now, you'll use the Origin Server behavior in your Ion property to include your Linodes as custom origin servers.
Define your origin hostname
You need to establish a unique name for your origin server. Your Ion property will use it to contact your Linodes to get your site and cache it on the Akamai edge network.
Use a random string for this value—for example, 1hkeh1g76
—to conceal your origin server. Then, append it with your domain to create your origin server hostname: 1hkeh1g76.docassociates.com
.
You can only use alphanumeric characters in an origin server hostname.
Set up the Origin Server behavior
Apply some settings to set up your Linodes as your origin servers.
-
In the Property Configuration Settings panel, click the Default Rule.
-
In the Origin Server behavior, set these options and leave all others at their default:
-
Origin Type. Select Your Origin.
-
Origin Server Hostname. Enter the origin hostname you came up with.
-
Cache Key Hostname. Set this to Incoming Host Header to best support your Linode.
-
Verification Settings. Select Choose Your Own.
-
Trust. Select Specific Certificates (pinning).
-
-
The Specific Certificates (pinning) options are revealed. Click Add Certificate, and set these options:
-
Select Retrieve From Origin.
-
Hostname / IP. Enter the IP address that you noted for your for your NodeBalancer.
-
HTTPS Port. Set to 443.
-
If you don't have the IP address for your NodeBalancer:
- Access Cloud Manager.
- Select NodeBalancers ().
- Click your NodeBalancer to open it.
- Under IP Addresses, click next to the IPv4 address to copy it.
-
Make sure Ports settings are as follows:
-
HTTP Port. Set to 80. This enables communication between your Ion property and your Standby #1 and Standby #2 Linodes, via your NodeBalancer.
-
HTTPS Port. Set to 443.
-
Add a DNS record
Update your DNS configuration to include a new A
record for your origin server. DNS configuration tools can vary, but you want to set the record using these values:
-
Host name. Set this to the origin server hostname.
-
Type. Set this to an
A
record. -
TTL. Set an applicable time to live for Akamai edge servers to request content from your origin server.
-
Data. Set this to the IP address of your NodeBalancer.
4. Set rules and behaviors
You can configure other rules in the Property Configuration Settings to optimize the delivery of your site. Ion automatically includes several sub-rules and behaviors in the Default Rule that are preset to help with this. Here, we'll cover some that you should specifically set up for your property.
Set up your CP code
You need to add one to your Ion property to track the delivery of your website or app through the Akamai edge network. This CP code will also let you generate reports for the content you deliver with this property.
-
Open the Augment insights sub-rule in the Default Rule.
-
Click the Traffic reporting child rule to open it.
- You should have had at least one CP code for Ion set up when you originally worked with your account team. Click the Content Provider Code field and select it.
Enable mPulse RUM
mPulse is a real user monitoring (RUM) solution that collects and analyzes detailed information about your users' experience whenever they visit your site. It's used with other Ion features to help accelerate delivery. So, we want to make sure it's enabled.
-
Open the Augment insights sub-rule in the Default Rule.
-
Click the mPulse RUM child rule to open it.
-
Ensure the Enable is set to On.
-
Leave all other options set at their default.
Want to know more about mPulse? Check out the Ion user documentation.
Enable HTTP/3
HTTP/3 helps reduce latency and resource consumption. It retains the HTTP/1.1 and HTTP/2 concepts, but it moves away from the traditional transmission control protocol (TCP) transport layer. Instead, it uses the IETF QUIC protocol that handles streams by itself. This supports improved performance and a faster connection setup.
-
Open the Accelerate delivery sub-rule in the Default Rule.
-
Click the Protocol optimizations child rule to open it.
-
In the HTTP/3 behavior, ensure that Enable is set to On.
HTTP/3 doesn't replace HTTP/2
To accept HTTP/2 requests, the HTTP/2 behavior is required, too. To accommodate this, it's automatically enabled in the background for a new Ion property.
Enable Adaptive Acceleration
Adaptive Acceleration improves HTML page load performance by prepositioning content. It uses Akamai's learning engine that's powered by real user data gathered via mPulse. It provides site acceleration and can incrementally improve the rendering process by up to 5%.
-
Open the Accelerate delivery sub-rule in the Default Rule.
-
Click the Adaptive acceleration child rule to open it.
-
Set the following options and leave all others at their default:
- Beacon Data Source. Select mPulse.
- Automatic Server Push, Automatic Preconnect, and Automatic Font Preload. Set these to On.
For more on Adaptive Acceleration, take a look at its tutorial in the Ion user documentation.
Enable Caching
Caching your website content on edge servers makes it closer to end users to help speed up delivery. You should add some form of caching to your Ion property.
-
Select the Offload origin sub-rule in the Default Rule.
-
Set the Caching option to Cache and set Maxage to at least 10 minutes. This gives your Linodes enough time to index and access your content if it changes.
- Scroll down to the Cache HTTP Error Responses behavior. Set Enabled to On and set Max-age to 30 seconds. This gives your Linodes enough time to address and log errors.
- Select the HTML pages child rule. Set its Caching option to Cache and Maxage to at least 10 minutes, to match what you've set for standard Caching.
Add Auto Domain Validation
Your edge certificate has a lifecycle of 90 days. After which, you need to renew it. Add Auto Domain Validation to your Ion property to automate this renewal.
-
Select the Default Rule in your Ion property.
-
click Add Behavior.
-
In Search available behaviors, type
auto
to filter results and select Auto Domain Validation from the list. -
Click Insert Behavior.
The behavior is added to your Default Rule. You don't need to set anything. Just including the behavior enables it. It applies to all of the edge hostnames you've set in your Ion property that use an Enhanced TLS, domain-validated certificate. The renewal process will automatically start 16 days before their 90-day lifecycle ends.
What about the other rules?
Leave all other rules and behaviors at their default settings. A new Ion property includes several that are preset as a best practice, and others are optional. You don't need to change any of them now. You can always create a new version of your property later and make changes.
For complete details on all of these rules and behaviors, take a look at Define property configuration settings in the Ion user documentation.
Save your Ion property
With all recommended settings applied, scroll to the bottom of the page and click Save.
Updated over 1 year ago