×
Community Blog Boost Your E-Commerce Business in China Using Global Acceleration

Boost Your E-Commerce Business in China Using Global Acceleration

Learn how you can use Alibaba Cloud's Global Acceleration to improve the shopping experience on your e-commerce website for users in China.

By Rohit Gupta, Solutions Architect

For many international businesses with a presence in China, network stability issues are often the biggest concern when their users or employees in China try to access services based in other countries and regions. In the past, resolving these issues required a lot of technical expertise and expensive leased network capacity. Thanks to Alibaba Cloud's network products, this is no longer the case. It is now a relatively simple and straightforward task to get your mission critical applications running smoothly for your Chinese user base! Read on.

Alibaba Cloud has several market-leading network products and services which help to resolve networking issues for customers in and outside of China, including Global Acceleration (GA for short). GA is a network acceleration product that provides a dedicated network connection between two Alibaba Cloud regions. One region is designated as the "service area" and one is the "accelerated area". The "service area" is the region which hosts the service or application your users need access to, while the "accelerated area" is an Alibaba Cloud region closest to your users (say, in China). The accelerated area will usually expose a public IP (a fundamental concept of GA) to users which they can use to access whatever service is hosted in the "service area".

Problem Statement

The organization is a typical e-commerce business that sells fashion brands online to their wide customer base in and outside China. Their customers outside China are satisfied with the website access but the users in China don't get a consistent and/or good performance. For users in China, the access is usually slow and unstable, discouraging the shoppers and leading to a considerable fall in sales. To add to the misery, in a week's time, there is a huge global online sales event where they are expecting a substantial increase in website visits.

Hence, the organization needs a quick and definite solution to achieve following:

  1. Improved shopping experience for users in China in general to boost the sales.
  2. Sustain the online shopping event that is going to happen in a week's time.

Technical Overview

In some cases, the service your users want to access may not actually be hosted on Alibaba Cloud. In this case, you need to establish a proxy in the Alibaba Cloud "service area" region which can accept requests from the "accelerated area" and forward them on. The following is the typical architecture for a scenario where user access in China is accelerated for a website hosted in Sydney. Global Acceleration (GA) is used to send traffic from China to a proxy server located in Alibaba Cloud's Sydney region, which then forwards user traffic on to the correct address (website).

1

How does traffic flow in this solution? Let's take a look:

  1. User in China tries to access the Australian website via their web browser: a DNS request is made.
  2. Since DNS has already been configured to route China traffic via Global Acceleration's public IP, the user request routed through GA.
  3. The request for the website domain first goes to the nearest Alibaba Cloud CDN node (note that CDN is an optional component in the architecture but helps accelerates the response time immensely)
  4. CDN domain in China routes the traffic to the GA instance which has already been configured to route the traffic to a reverse poxy located in Alibaba Cloud's Sydney region.
  5. The user's traffic is routed to the reverse proxy in Sydney. Note that the reverse proxy can be configured using web server software such as NGINX and should ideally have an Alibaba Cloud SLB in front of it to avoid having a single point of failure.
  6. Reverse proxy is configured to send the traffic to the server hosting the website
  7. The proxy server sends the response back to the user in China
  8. For overseas users (i.e not in China), the request also goes to the DNS
  9. In the case of overseas users, the request is not routed via the GA and hence the IP of the actual server is sent back to the user
  10. The user is able to access the website hosted on the Sydney server

Key Architecture Components

S.No Component Description
1 Accelerated area An accelerated area is the area where you want to improve the user experience. China is the accelerated area for our setup
2 Service area Service area is the area/region where the service that needs to be accelerated is hosted. Australia is the service area in our example
3 GA instance An Alibaba Cloud GA instance must be created in the accelerated area/region. The GA instance can only bind to an Alibaba Cloud ECS instance or an Alibaba Cloud SLB
4 Reverse Proxy If the origin server (where the service is hosted) is not an Alibaba Cloud ECS instance or SLB, you need to use a reverse proxy to route the traffic to Alibaba Cloud resources (SLB or ECS) You don't need a reverse proxy to bind to the GA instance if the service is hosted on an Alibaba Cloud ECS instance and/or a CDN is not being used to serve the website requests
5 CDN This is an optional component. But if this is in place, you need to use a reverse proxy with GA to route the traffic because GA can't bind to a CDN domain at the backend
6 Origin server This is the server that hosts the service to be accelerated. It could be an Alibaba Cloud ECS instance or a server outside Alibaba Cloud. As mentioned earlier, if it is non-Alibaba Cloud server, you must use a reverse proxy solution with the GA to route the traffic

Deploy the Solution

Proxy Setup

The proxy setup consists of a Server Load Balancer (SLB) and an ECS instance sitting behind it. The high level steps are:

  1. Login to Alibaba Cloud ECS console and create an ECS instance. You don't need a heavy server here, so a 4 core 8G instance should be good. You could choose your own OS but usually a CentOS or Ubuntu server is preferred
  2. Install and start NGINX
    # sudo apt-get update
    # sudo apt-get install nginx

  3. Configure the proxy to route the incoming traffic to the actual server hosting the website

    1. SSH to the ecs server and navigate to
      # cd /etc/nginx/sites-enabled

    2. Edit the proxy file
      # ls –lrt
      
      # vi myproxy

    3. The proxy file should look like this (sample only)
      =====================================================================
      server {
      #    listen 80;
      #    listen [::]:80;
      
          listen 443 ssl;
          listen [::]:443;
      
      
          server_name         xxxx.com;
      
          ssl_certificate    /etc/ssl/xxxx.crt;
          ssl_certificate_key  /etc/ssl/xxxx.key;
      
      #       ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
      #       ssl_ciphers RC4:HIGH:!aNULL:!MD5;
      #       ssl_prefer_server_ciphers on;
      #       keepalive_timeout    60;
      #       ssl_session_cache    shared:SSL:10m;
      #       ssl_session_timeout  10m;
      
          proxy_set_header    X-Real-IP $remote_addr;
          proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
      #   proxy_set_header    Host $http_host;
          proxy_set_header    Host fashionbunker.com.cn;
          proxy_set_header    X-Forwarded-Proto $scheme;
          add_header          Front-End-Https   on;
      
          location / {
                  proxy_pass https://xxxx.com;
          }
      }
      ======================================================================

      For each domain that you want to redirect the traffic to, there should be a similar block entry in the proxy file

      Note that an up to date SSL certificate should be available at the specified location if you want the traffic between proxy and the web server to be encrypted

  4. Next, we need to setup an intranet SLB i.e an Alibaba Cloud load balancer instance that is not exposed to internet. The reason we need an intranet SLB here is because the traffic from GA to SLB will flow over Alibaba Cloud's internal network and not via the open internet

    1. Login to the Alibaba Cloud SLB console
    2. Choose a region and create a SLB instance

      2

    3. Now create a TCP listener listening on port 443 and having your proxy server as the backend default server

      3

      You could also create an https listener and upload the SSL certificate if you want the traffic from SLB to the proxy to be encrypted as well. However, since between SLB and proxy it is the Alibaba Cloud internal network, I chose to create a TCP listener on port 443

Global Acceleration (GA) Setup

Now we need to create a Global Acceleration (GA) instance in China. Global Acceleration is available under the VPC console

4

  1. Login to the VPC console and go the 'Global Acceleration' link
  2. Choose your region on top of the screen and click on 'Create Instance' button

    5

  3. On the screen, provide the necessary details and click on 'Buy now' (the details shown in the screenshot are just a sample and may not necessarily align to your requirements)

    6

  4. Once successfully purchased, the GA instance will appear in the console and you can see the public IP. Also at this point you should bind your SLB (created in the service area) to the GA instance

    7

CDN Setup

Next is to create CDN domain for accelerating your website. Note that to be able to create the CDN domain, you need to have an ICP licence

  1. In the CDN console, click on 'Add Domain Name'

    8

  2. Provide the necessary details and click 'Next' at the bottom of the screen

    9

    NOTE:

    1. For origin site, mention the IP of the GA instance that was created earlier
    2. Select port 443, if you are going to use HTTPS acceleration and encrypt the traffic from CDN to the origin (i.e GA)
    3. Acceleration region will be Mainland China for this particular use case

  3. Once the domain is created, go the 'Manage' in the list of domains and enable HTTPS acceleration. At this point you will need to upload the SSL certificate as well as the private key of the certificate. Refer https://www.alibabacloud.com/help/doc-detail/27118.htm

DNS Geo Routing

The last step in this setup would be to setup DNS geo routing. This has to be done with your DNS provider so that when a website access request is made, the DNS configuration is able to route the traffic via the closest CDN node and Global Acceleration's (GA's) public IP in case the request has originated from China.

Solution Outcomes

The aforementioned solution was deployed and tested in a timely manner by Alibaba Cloud's architects and hence the customer was able to realize the gains during the online shopping event. Though the initial goal was to survive the shopping event, the performance in general was so much better that the customer decided to go ahead with the solution and subscribe to the Alibaba Cloud services as a long term arrangement.

1 1 1
Share on

Alibaba Clouder

2,599 posts | 764 followers

You may also like

Comments

Raja_KT March 21, 2019 at 2:47 pm

Interestingone..."If the origin server (where the service is hosted) is not an Alibaba Cloud ECS instance or SLB, you need to use a reverse proxy to route the traffic to Alibaba Cloud resources (SLB or ECS) " .