Skip to navigationSkip to main contentSkip to footerScaleway Docs HomepageAsk our AI
Ask our AI
Log inSign up

How to create an Edge Services pipeline

Edge Services boosts performance and security for Scaleway resources at the edge. You create a pipeline towards a backend, such as an Object Storage bucket or a Load Balancer, to bring you a number of possible benefits:

  • Customize your backend's endpoint using a subdomain of your own domain
  • Add your own SSL/TLS certificate, safeguarded in Scaleway Secret Manager, or generate a managed Let's Encrypt certificate, so your subdomain can serve content over HTTPS
  • Enhance performance by caching content, to be served directly by Edge Services from the cache
  • Finely control your cached objects via purging (cache invalidation)
  • Configure a Web Application Firewall (WAF) to protect your backend from threats and malicious activity

Before you start

To complete the actions presented below, you must have:

How to create an Edge Services pipeline

  1. Click Edge Services in the Network section of the Scaleway console side menu.

  2. Click Create pipeline. The pipeline creation wizard displays.

  3. Under Configure backend, select the Backend type for this pipeline, then configure the backend depending on the type you selected:

  4. Under Configure options, set the options you want for this pipeline:

    • Cache: When enabled, content from your backend is cached with Edge Services and served directly to users from Edge Services' servers. Set a Lifetime value to dictate how long objects should remain in the cache before being freshly retrieved from the backend. A value of 0 means objects will not be cached, unless they have a caching directive. Find out more about caching.
    • WAF: When enabled, requests to your backend are evaluated by a Web Application Firewall. Malicious requests are blocked or logged, depending on your settings. Set a paranoia level to determine WAF's aggressivity, and a mode (block or log) for dealing with malicious requests. Find out more about WAF.

  5. Enter a name for the pipeline, or keep the randomly generated one.

  6. Check the cost summary for the pipeline, notably whether it falls within the limits of your current subscription plan, then click Create Edge Services pipeline.

    You are returned to the Pipelines tab, where the newly created pipeline now displays.

    Important

    For Object Storage backends, your bucket's visibility can be set to private, but any objects within it that you want to expose via Edge Services must be set to public. However, if you are using Edge Services with bucket website, objects can remain private.

How to access your bucket via Edge Services

Once you have created an Edge Services pipeline for an Object Storage bucket, you can access your bucket and its content via the following endpoints. Make sure that you replace bucket-name or pipeline-id with relevant details for your bucket/pipeline.

EndpointWhere to find this endpoint in the consoleNotes
https://bucket-name.s3.nl-ams.scw.cloudThe Bucket settings tabEdge Services is bypassed when the bucket is accessed via this endpoint
https://pipeline-id.svc.edge.scw.cloudThe Edge Services tabEdge Services serves bucket content when this endpoint is used

The endpoints shown above are available as standard. However, with Edge Services, you can also choose to configure a custom domain from which your bucket can be accessed. Read more about this in How to configure a custom domain.

Troubleshooting pipeline creation

If you see the message Edge Services was unable to contact the host via the Load Balancer. Check your backend configuration settings and try again, check the following elements of your Load Balancer configuration:

  • Protocol: Ensure you did not select the wrong protocol, e.g. HTTP selected while the frontend chosen is configured to receive HTTPS, or the opposite.
  • Destination host: Ensure that you entered the correct destination host, with no typos, for a host that exists behind the selected Load Balancer.
  • Load Balancer ACLs: Ensure that there are no ACLs configured on your Load Balancer which are blocking traffic from Edge Services.

WebSocket support

If you want Edge Services to be able to forward WebSocket requests to a Load Balancer, you must enable a specific parameter via the Edge Services API.

Make a call to the Update backend stage endpoint, to enable the has_websocket parameter in the scaleway_lb object.

If you do not enable has_websocket, WebSocket requests will not be forwarded to the Load Balancer. This means that any client attempting to establish a WebSocket connection to the Load Balancer backend via Edge Services will experience a failed connection or a 400/500 HTTP error.

This parameter cannot yet be set via the Scaleway console.

Help for Kubernetes Load Balancers

If you are setting up an Edge Services pipeline for a Kubernetes Kapsule Load Balancer, follow these steps to determine which Load Balancer and frontend to configure for your pipeline:

  1. Run kubectl describe svc.

    An output displays.

  2. Locate the section of the output that relates to your LoadBalancer service. It should look something like this:

    Name:                     myloadbalancer
Namespace:                default
Labels:                   app=mydeployment
Annotations:              service.beta.kubernetes.io/scw-loadbalancer-id: fr-par-1/a92de52e-262f-99f9-be66-5220003a2e42
Selector:                 app=mydeployment
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.32.220.60
IPs:                      10.32.220.60
LoadBalancer Ingress:     51.159.25.111
Port:                     http  8000/TCP
TargetPort:               8000/TCP
NodePort:                 http  32041/TCP
Endpoints:                
Session Affinity:         None
External Traffic Policy:  Cluster

  3. Find the service.beta.kubernetes.io/scw-loadbalancer-id annotation, and note your Load Balancer ID (e.g. a92de52e-262f-99f9-be66-5220003a2e42). Check your Load Balancer list in the console to find the Load Balancer name that corresponds to this ID. This is the Load Balancer you should select for the Edge Services pipeline.

  4. Find the NodePort line and note the port mentioned (in the example above, 32041). In the console, find the frontend of the Load Balancer from step 3 that corresponds to this port. This is the frontend and port you should select for the Edge Services pipeline.

See Also
ArrowLeftIconHow to subscribe to Edge ServicesHow to configure a custom domainArrowRightIcon
Still need help?

Create a support ticketArrowRightIcon
No Results