CDN Cache control and Invalidations

A CDN stores a copy of your objects in a global network of caching servers. Upon request your objects will be served from these caches. Objects that are not requested for a period of a year will be cleaned out of the caching servers, but if there is a continuous demand for certain objects then they could remain in the cache indefinitely.

The problem with this is that new versions of these objects on the Origin server are not automatically replacing old versions of objects in the cache. For that reason we advise to assign a maximum lifespan to an object. This can be done through the use of Cache Control Headers.

Cache-Control HTTP Header

Cache-Control headers are HTTP headers that tell the cache how long an object should remain cached for. These headers are normally set by the Origin server, by Apache or Nginx in the case of a hosting server or by values in the meta-data for an object in the case of an object store.

RFC 2616 (section 14.9) has the full details on the Cache-Control header. Below we list the values that are most important in determining the lifespan of an object.

The max-age value is the most important value for the cache-control header to determine the maximum lifespan of an object in the cache. It will always overrule any directives set by an Expires header for example (see RFC 2616 section 14.9.3).

The assigned variable is the age in seconds, so when an object should remain in the cache for a maximum of 15 minutes, the header should read: Cache-Control: max-age=900. We recommend maximum lifespans between one minute and one hour depending on the situation.

We also recommend to add the must-revalidate flag to the Cache-Control header. This flag tells the cache to strictly follow any maximum lifespan information you give it about an object. We like to include this because caches somtimes take liberties with the maximum lifespans of objects.

This flag forces an object to always be cached, even if it normally would not.


When we want an object to be cached for a maximum of 15 minutes, the best header to set is:

Cache-Control: public, max-age=900, must-revalidate

Active Invalidation

There are off course situations feasible that waiting for an object to be revalidated is not acceptable. To mitigate these situations there is the possibility to send active invalidation requests to the CDN.

Active invalidations may never be the default way to control freshness of objects in the cache. Use the Cache-Control headers to control the freshness.

Invalidation requests can be send via our interface or the CDN-API. We urge you to only use this as a last resort, as the invalidation requests are 'expensive' requests that could have an impact on performance. Frequent use of active invalidations will violate the fair-use policy of the CloudVPS CDN.

Configuring the Cache-Control headers

Here will provide a few examples on where and how to set the Cache-Control headers. For web servers we have examples for the Apache and Nginx web servers. Please read the web server documentation for implementation details. We have two examples concerning the object store: setting the cache control headers through the interface and setting them through a command line API call.

Apache2 web server
In order to be able to set the cache-control header, the mod_headers module must be installed and loaded into the Apache web server. Together with the FilesMatch directive, you can control the cache control header for specific file extensions. The example below is valid in both a .htaccess file or a VirtualHost segment.

<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
  Header set Cache-Control "public, max-age=900, must-revalidate"

Nginx web server
The Nginx web server requires the ngx_http_headers_module to be installed and loaded. The example below is valid in the server server configuration.

location ~* ^.+\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$ {
  add_header Cache-Control "public, max-age=900, must-revalidate";

The ObjectStore (interface)
The CloudVPS Interface makes it possible to add or update meta-data for a specific object, HTTP Headers can be eddited under 'Special Fields' in the object view.

To get to the meta-data for an object in the CloudVPS Interface, from to the ObjectStore tab, select the 'Manager' sub-tab and choose the container you have selected as Origin Server for your Supername. Choose the relevant object in the object list after which it loads the meta-data for that object.

You will find the 'Special Fields' header in the right-most column (the meta-data column). Click the plus button and a dialogue opens. Choose 'Cache-Control' as the key for the HTTP Header and fill the value input with the right values. Click the Save button and the Cache-Control header is added to that object.

The ObjectStore (API)
In order to update HTTP Headers via the API, a POST request must be sent to the full path of the object you wish to update. A POST request replaces current headers on the object so it is imperative to resend important headers. An important header to resend is the Content-Type header, this header determines, in for instance a browser, what type (image/jpeg, video/mp4, text/plain, etc)  the object is and how to display it. In the below example we will update a jpeg image using the command line and the cURL binary:

curl -X POST -H "X-Auth-Token: $keystone_token"  \
-H "Cache-Control: public, max-age=900, must-revalidate" \
-H "Content-type: image/jpeg" \



General FAQ

Show all FAQs

OpenStack FAQ

Show all FAQs


Show all FAQs