Cloud 9.02

Setup and Configure Fastly

Understanding Fastly installation, API keys, VCL snippets, Shield configuration, and GeoIP mapping.

Exam Critical: Understanding Fastly installation, API keys, VCL snippets, Shield location, and GeoIP configuration is important for the exam!

Setup and Configure Fastly

mindmap root((Fastly Setup)) Control Panel Access Root domain merchant Root domain Cloud Support tickets Installation Composer package fastly magento2 On Staging Configuration API keys Caching Application VCL snippets Shield location Advanced Admin timeout GeoIP mapping Country to store view

Fastly Control Panel Access

Important Notes Before Configuration

Two Critical Notes

Before we discuss Fastly, it is important to make two notes regarding Fastly control panel access:

Scenario 1: Root Domain in Merchant's Fastly Account

Merchant-Controlled Fastly

If the root domain is hosted in a merchant's Fastly account, you need to create a Fastly support ticket to add Cloud's subdomains in.

Example:
  • Merchant controls: example.com in their Fastly account
  • Need to add: shop.example.com (Magento Cloud subdomain)
  • Action: Open Fastly support ticket
  • Request: Add Cloud subdomain to merchant's Fastly account

Scenario 2: Root Domain in Cloud's Fastly Implementation

Cloud-Controlled Fastly

If the root domain is hosted under the Cloud's Fastly implementation, you need to create a Magento support ticket to make your subdomains available for modification in Fastly.

Example:
  • Cloud controls: example.com in Cloud's Fastly
  • Need to configure: www.example.com or store.example.com
  • Action: Open Magento support ticket
  • Request: Make subdomains available for modification
Scenario Root Domain Hosted By Support Ticket To Purpose
1 Merchant's Fastly Account Fastly Support Add Cloud subdomains
2 Cloud's Fastly Implementation Magento Support Make subdomains modifiable

Fastly Overview

Configuration Scope

Important Note

This section will be an overview of the Fastly configuration. Please take the time to thoroughly review the Fastly documentation in DevDocs (see link below) and implement this for yourself in a sandbox environment.

What is Fastly?
  • CDN (Content Delivery Network): Global edge server network
  • Caching Layer: Reduces load on Magento servers
  • WAF (Web Application Firewall): Security protection
  • Image Optimization (IO): On-the-fly image optimization
  • DDoS Protection: Traffic filtering and mitigation

Installing Fastly

Composer Package Installation

Installation is Easy

Installing Fastly is easy: just install the fastly/magento2 Composer package.

Installation Command

composer require fastly/magento2
Installation Steps:
  1. Local Development: 
    # Install Fastly module
composer require fastly/magento2

# Commit to git
git add composer.json composer.lock
git commit -m "Add Fastly module"
git push origin staging
  2. Deploy to Staging:
    • Push changes to staging branch
    • Module installs automatically during deployment
    • Verify module is enabled
  3. Verify Installation: 
    bin/magento module:status | grep Fastly
# Should show: Fastly_Cdn

Configuring Fastly on Staging

Configuration Steps

Once the module is on Staging, it needs to be configured.

Step 1: Enter Fastly API Keys

API Key Location

Enter the correct Fastly API keys (can be found in /mnt/shared/fastly_tokens.txt).

How to Get API Keys:
  1. SSH to Staging: 
    magento-cloud ssh -e staging
  2. Read the tokens file: 
    cat /mnt/shared/fastly_tokens.txt
  3. Output contains:
    • Fastly Service ID
    • Fastly API Token
Enter Keys in Admin:
  1. Log in to Magento Admin
  2. Navigate to Stores → Configuration → Advanced → System → Full Page Cache
  3. Set Caching Application to "Fastly CDN"
  4. Enter Fastly Service ID
  5. Enter Fastly API Token
  6. Click Test Credentials to verify
  7. Save configuration

Step 2: Set Fastly as Caching Application

Full Page Cache Configuration

Critical Setting

Instruct Magento to use the Fastly CDN as the Caching Application in Store Configuration.

Configuration Path

Stores → Configuration → Advanced → System → Full Page Cache
Setting Value Description
Caching Application Fastly CDN Enable Fastly as FPC backend
Fastly Service ID From fastly_tokens.txt Your Fastly service identifier
Fastly API Token From fastly_tokens.txt Authentication token for API

Step 3: Upload VCL Snippets

Varnish Configuration Language

VCL Upload

Upload VCL snippets to Fastly (here are the default ones).

What are VCL Snippets?

VCL (Varnish Configuration Language):
  • Defines how Fastly handles requests
  • Controls caching behavior
  • Manages routing and responses
  • Customizes CDN functionality

Uploading VCL Snippets

In Magento Admin:
  1. Go to Stores → Configuration → Advanced → System → Full Page Cache → Fastly Configuration
  2. Click Upload VCL to Fastly button
  3. Magento uploads default VCL snippets
  4. Verify upload success
  5. VCL snippets include:
    • recv (receive request handling)
    • hash (cache key generation)
    • hit (cache hit handling)
    • miss (cache miss handling)
    • pass (bypass cache)
    • fetch (backend request)
    • deliver (response delivery)
    • error (error handling)
Default VCL Snippets

The Fastly module includes default VCL snippets optimized for Magento. These handle common caching scenarios, authentication, and AJAX requests.

Step 4: Configure Shield Location

Fastly Shield POP

Shield Configuration

Configure Fastly to use a Shield location that is closest to the location where the merchant's store is deployed.

What is Shield?

Shield Point of Presence (POP):
  • Additional caching layer between edge servers and origin
  • Reduces origin requests: Edge servers request from Shield instead of origin
  • Improves cache hit ratio: Consolidates cache warming
  • Decreases origin load: Fewer direct requests to Magento

How It Works

User Request
    ↓
Edge Server (Fastly POP worldwide)
    ↓ (if cache miss)
Shield POP (centralized caching layer)
    ↓ (if cache miss)
Origin Server (Magento Cloud)

Configuring Shield

In Magento Admin:
  1. Go to Fastly Configuration → Backend Settings
  2. Find Shield dropdown
  3. Select Shield POP closest to your origin:
    • US-based origin → US Shield (e.g., IAD, DCA, SJC)
    • EU-based origin → EU Shield (e.g., AMS, FRA, LHR)
    • APAC-based origin → APAC Shield (e.g., SYD, SIN, TYO)
  4. Save configuration

Additional Configuration Options

Advanced Settings

Admin Page Timeout

Purpose:

You can also configure the timeout for Magento admin pages.

Why This Matters:
  • Admin operations can take longer (e.g., imports, exports)
  • Default timeout may be too short
  • Prevents 503 errors during long operations
Configuration:
  1. Navigate to Fastly Configuration → Backend Settings
  2. Find First Byte Timeout and Between Bytes Timeout
  3. Increase for admin paths
  4. Typical values: 60-180 seconds for admin

GeoIP Mapping to Store Views

Country-Based Store View

Additionally, you can map visitors to specific store views based on their country (IP address).

Use Cases:
  • Automatic language selection (US → English, FR → French)
  • Currency display (US → USD, EU → EUR)
  • Compliance (EU → GDPR store view)
  • Localized content
Configuration:
  1. Go to Fastly Configuration → GeoIP Handling
  2. Enable GeoIP
  3. Map countries to store views: 
    US → us_store
GB → uk_store  
FR → fr_store
DE → de_store
  4. Upload configuration to Fastly
  5. Fastly detects visitor IP and routes to appropriate store view

Complete Configuration Checklist

Full Setup Workflow

Step Action Verification
1 Install fastly/magento2 via Composer Module appears in module list
2 Get API keys from /mnt/shared/fastly_tokens.txt Service ID and API Token retrieved
3 Set Caching Application to "Fastly CDN" Test credentials succeeds
4 Upload VCL snippets to Fastly VCL upload success message
5 Configure Shield location Shield POP selected and saved
6 Configure admin timeout (optional) Timeout values set
7 Configure GeoIP mapping (optional) Country-to-store mapping active

Testing Fastly Configuration

Verification Steps

1. Test Credentials

# In Magento Admin: Fastly Configuration
Click "Test Credentials"
# Should show: "Credentials are valid"

2. Check HTTP Headers

# Test if Fastly is serving content
curl -I https://your-site.com

# Look for Fastly headers:
X-Cache: HIT, MISS, or PASS
X-Served-By: cache-xxx-XXX (Fastly server)
Fastly-Debug-Digest: ...
Via: 1.1 varnish

3. Purge Cache Test

  1. In Admin: System → Cache Management
  2. Click Flush Magento Cache
  3. Verify Fastly cache is purged
  4. Check logs for purge success

4. GeoIP Test (if configured)

# Test from different countries using VPN or proxy
# Verify correct store view loads based on IP

Common Fastly Features

Additional Functionality

Image Optimization (IO)

  • On-the-fly image resizing and optimization
  • WebP conversion
  • Reduces bandwidth and improves performance

Web Application Firewall (WAF)

  • Protection against common attacks (SQL injection, XSS)
  • OWASP rules implementation
  • Custom blocking rules

Edge Modules

  • Custom VCL for specific functionality
  • A/B testing
  • Request/response modifications

Best Practices

Fastly Configuration Guidelines

Do's

  • Configure on Staging first: Test before production
  • Select correct Shield: Closest to origin server
  • Test credentials: Verify API connection works
  • Upload default VCL: Use Magento's optimized snippets
  • Configure GeoIP carefully: Test routing for all countries
  • Monitor cache hit ratio: Aim for high percentage
  • Review Fastly documentation: Thoroughly understand features
  • Implement in sandbox: Practice configuration

Don'ts

  • Don't skip credential test: Always verify API keys work
  • Don't forget VCL upload: Required for proper functionality
  • Don't use wrong Shield: Choose geographically appropriate
  • Don't deploy without testing: Test thoroughly in staging
  • Don't ignore timeout settings: Configure for admin operations

Exam Tips

Key Points to Remember

  • Two access scenarios: Merchant Fastly (ticket to Fastly) vs Cloud Fastly (ticket to Magento)
  • Installation: composer require fastly/magento2
  • API keys location: /mnt/shared/fastly_tokens.txt
  • Caching Application: Set to "Fastly CDN" in configuration
  • VCL upload: Upload VCL snippets to Fastly (default ones provided)
  • Shield location: Configure closest to origin deployment location
  • Admin timeout: Can configure timeout for admin pages
  • GeoIP mapping: Map visitors to store views based on country/IP
  • Configuration path: Stores → Configuration → Advanced → System → Full Page Cache
  • Test credentials: Always verify API connection
  • Staging first: Configure on staging before production
  • Review documentation: Thoroughly review DevDocs Fastly guide
Previous: Cloud 9.01 Configure DNS Practice Cloud 9.02