NetStorage is Akamai's secure, cloud-based storage service. It simplifies the management of your content and makes it easy to deliver it over the Akamai network. NetStorage also ensures your content is readily accessible by replicating it in multiple locations across the Akamai content delivery network.
You're protecting the connection between a requesting client and Akamai edge servers with a secure certificate for HTTPS. You might think you need to do the same to protect the connection between edge servers and your origin server.
You’ll be using NetStorage as your origin server. Connections to it are served over Akamai’s natively secure network via Standard TLS.
There are a few things you need to do to set up NetStorage.
Did you get NetStorage?
When you first worked with Akamai to get set up, your account team should have added NetStorage to your contract and given you at least one content provider (CP) code for its use.
This is where you'll upload and store your website or app content for delivery.
A storage group is one of the many objects that you create and manage via your Akamai contract. To create a new storage group, you need the unique identifier that Akamai generates for your contract. You can get this value using the list contract operation in the Property Manager API (PAPI).
Use this operation in the NetStorage Configuration API to create it:
The recipe above gets you up and running with a storage group. It applies default settings for some options and there are other options you can apply. You can use the edit a storage group operation to update it with additional settings.
An upload account gives you access to your storage group so that you can upload content to it. You set up an access method in an upload account based on popular transfer protocols. For this workflow, we'll be using SecureCopy as the access method.
You'll use a secure shell (SSH) key to validate and protect your connection to NetStorage. An SSH key consists of a pair of files—a private key and a public key. You need to create the pair on the machine you'll be using to transfer your site to NetStorage. We'll call this your local system going forward. The private key stays on your local system, and you need to apply the public key in NetStorage. Whenever you try to access NetStorage, the two keys are compared to each other. If they match, you're in.
Open a Terminal Session or Command Prompt on the system you'll use to transfer your site to NetStorage.
Run this command to create an SSH key pair for SecureCopy access, using
NetStorage-SCPas the file name:
$ ssh-keygen -t rsa -b 2048 -C "NetStorage-SCP" -f /Users/<username>/.ssh/NetStorage-SCP
C:\ ssh-keygen -t rsa -b 2048 -C "NetStorage-SCP" -f C:\Users\<username>\.ssh\NetStorage-SCP
- You can enter a passphrase (password) for added security and then enter it again to confirm. You can also press Enter twice to skip this.
If you include a passphrase, you'll need to provide it each time you perform an operation to interact with NetStorage.
You need to edit your OpenSSH client config to be compatible with NetStorage. Find the file on your local system. Here are some common locations:
Operating System Location
- Current user.
- Current user.
- Current user.
Open the file in a text editor and add the following lines:
Host *.upload.akamai.com HostKeyAlgorithms +ssh-dss
You need the full, public SSH key file in your upload account.
Navigate to your
NetStorage-SCP.pubfile in a text editor.
Copy the entire contents of this file.
Use this operation in the NetStorage Configuration API to create the account:
Wait until your upload account is ready
Propagation can take from 1 - 2 hours. Before you continue, wait until you receive the confirmation email for your upload account. You can't actually upload content to NetStorage until it's ready.
Just like with the storage group, we only covered the basics for this workflow. There are other configuration settings you can apply, and other access methods you can use to transfer content. Later, you can edit an upload account operation to add more.
You've got a storage group set up and an upload account to manage your site content, using Secure Copy as your access method.
There are some things you're going to need for this exercise:
- The NetStorage user name for Secure Copy. This is always
sshacsfor secure access methods.
- The NetStorage domain name. When you created your storage group, you set a
domainPrefix. If you didn't store it, you can run this operation to get it:
Access your local system where the site is stored.
Launch a Terminal Session or Command Prompt.
Run this command to start the upload:
<private key>. The full path and filename (NetStorage-SCP.pub) to the public key file.
<your site>. The full path to the root directory housing your site content. You only need the root directory name, not a file name.
<domainPrefix>. The domain name you set for your storage group.
scp -i <private key> -r /<your site>/ sshacs@<domainPrefix>.scp.upload.akamai.com:/
scp -i <private key> -r C:\<your site>\ sshacs@<domainPrefix>.scp.upload.akamai.com:/
This command recursively copies everything in the
<your site> directory, and from all subdirectories it may contain.
NetStorage offers a relatively simple, one-stop-shop method to host your deliverable content with Akamai. However, we support other origin server configurations, too:
|Origin server type||Description|
|Your origin server (the custom origin)||This applies if you already have your own custom origin server that you'd like to use.|
|The third-party origin server||This applies if you're using another cloud-based storage provider for your origin server, like Amazon Web Services or Google Cloud Interconnect.|
Updated about 1 month ago