2. Getting started with Fastly

Let's get started by creating a Fastly account and logging in to the Fastly web interface. We can sign up for a free trial — no credit card information is required. After we sign up and verify our account, we'll see the screen shown below.

The Fastly web interface

Changing the service name

Fastly created a service for us when we signed up for our account. We're looking at the service configuration in the screenshot above. We can have multiple services in our Fastly account, each of which can correspond to a different website or application. The service configuration holds all of the settings for our service — things like domain names, origins, headers, cache settings, and more.

Let's rename the service by clicking on its current name (Unnamed Service) and giving the service a memorable name, like Taco Labs, as shown below.

Renaming our service

We have only one service right now, but we might have more in the future. Giving our service a memorable name can help us distinguish it from our other services, all of which will be displayed together on the home (All services) page.

Adding the domain

Now we're ready to add the domain to our service configuration. The domain is the public URL we want users to visit. Setting this lets Fastly know where traffic to our service will originate from. Type www.tacolabs.com in the domain field and click Add to save the domain to our service configuration, as shown below.

Adding the domain

Adding the origin hostname

Next, we'll add our origin's hostname to our service configuration so Fastly knows where to pull content from. We'll click the Hosts link on the sidebar, and then enter the public URL of our S3 static website (www.tacolabs.com.s3-website.us-east-2.amazonaws.com), as shown below.

Adding the origin hostname

Disabling TLS for the origin connection

There are two connections we can secure with TLS: The connection between our origin and Fastly, and the connection between Fastly and our users. You can see the difference between the two connections in the diagram shown below.

There are two connections you can secure with TLS certificates

Fastly automatically enabled TLS between our origin and Fastly when we entered a hostname in the web interface. (If we had entered an IP address, TLS would have been automatically disabled.) Since S3's static hosting feature doesn't support TLS, we need to adjust our origin settings to disable TLS between our S3 bucket and Fastly. We'll set up TLS between Fastly and our users later.

Click the pencil icon to edit the origin settings and select No, do not enable TLS, as shown below. Then click the Update button to save our settings. All set!

Disabling TLS between our S3 bucket and Fastly

Understanding service versioning

We're ready to activate our service configuration, but before we do, let's talk about how Fastly manages changes to service configurations. This is something that confuses a lot of new users, so it's worth exploring how it works now, before we go any further.

Fastly versions service configurations. It's a bit like having version control principles applied to our Fastly service settings. So far in this tutorial, we've been working on a draft service configuration. Once we activate our draft service configuration, Fastly will push the settings to production and lock our service configuration. To make changes, we'll need to clone the active version and edit a new version.

Use the web interface to switch between versions of a service configuration

Each version of a service configuration is assigned a version number, as shown above. You can't edit previous and active service configurations, but you can clone a previous version to change it in a new version. You can use the web interface to add comments to a version, show differences between two different versions, and roll back to a previous version of a service configuration. To learn more about services and how they work, see our documentation on working with services.

Activating a service configuration

Let's activate our service configuration so we can preview how Fastly caches and delivers our website. Click the Activate button in the top-right corner of the screen, as shown below. Remember, this won't impact our production website in any way — we're not changing our DNS records yet.

Click the Activate button to deploy the service configuration

Fastly will lock our service configuration and push the settings to production.

Previewing our website

It can take a couple of minutes for Fastly to propagate the service configuration changes. Once the changes are live, we can preview how Fastly caches and delivers our website. Fastly provides a test domain name for every service. We can find a link to this on the Domains page, as shown below.

The test domain link that lets us preview our website

Let's click the link to open it in our web browser. Boom! There's our website at http://www.tacolabs.com.global.prod.fastly.net/. Fastly pulled our website from our S3 static site, cached it on a POP server, and delivered it through the test domain.

Checking cache

Even at this early stage, it's a good idea to start checking the cache and inspecting the HTTP headers to see how Fastly is delivering our website. There are two ways of doing this. We can use the web interface to check the cache status of an object, or we can use a command line utility called curl.

First, let's try using the command line interface. Curl is installed by default on most Unix and Linux-based systems. Open a terminal application and enter the following command:

$ curl -svo /dev/null -H "Fastly-Debug:1" http://www.tacolabs.com.global.prod.fastly.net

We'll see the following in the output:

< Age: 585551
< X-Served-By: cache-sna10742-LGB
< X-Cache: HIT
< X-Cache-Hits: 1

The X-Cache: HIT tells us the object is in Fastly's cache. (If we ran the command before visiting the website, we'd see X-Cache: MISS — that would indicate that our website was not yet in Fastly's cache.) We can also see the current age of the object in cache and the cache node that served the content to our computer.

We'll continue checking cache and examining headers throughout this tutorial. If you're interested in learning more, see our guide on checking cache and our HTTP header reference documentation.

Securing our site with free TLS

You might have noticed that the URL of our preview site, like that of the URL of our S3 static site, isn't protected by TLS. We can fix that by using Fastly's free TLS option. That will give us another preview URL for our service, one that's designed to use TLS by default.

Before we can add the new TLS domain, we need to clone the active version of our service configuration. Click Clone to create a new draft version. Then, on the Domains page, click the Create Domain button and add the new domain, as shown below. We'll use Fastly's shared TLS domain (<name>.global.ssl.fastly.net) and put tacolabs at the beginning, so the full URL will be tacolabs.global.ssl.fastly.net.

Adding the new TLS domain

Let's click the Add button to add the domain, and then click the Activate button to activate the new version of the service configuration. Fastly will deploy our changes and then we'll be able to see our website at https://tacolabs.global.ssl.fastly.net. The connection will finally be encrypted! Or will it?

Overriding the Host header for the origin

As it turns out, there's a slight problem with the version of the service configuration we just activated. When we visit https://tacolabs.global.ssl.fastly.net, we see the page shown below. What's wrong?

Amazon can't find the content because we haven't specified an override host

We talked briefly about HTTP headers earlier. Now we need to set one to get Amazon to route our request correctly. In this case, we'll specify an override host by setting an override Host header at the origin level. We need to do this because Amazon is expecting a different host header than the one Fastly is sending.

Let's click the Edit configuration button to clone our service and create a new draft version. Then, on the Origins page, click the pencil icon to edit the origin settings. Just above the Advanced options section, we'll enter our origin hostname (www.tacolabs.com.s3-website.us-east-2.amazonaws.com) in the Override host field, as shown below, and then click the Update button.

Setting the override host

Click the Activate button to activate the new version of the service configuration. Fastly will deploy our changes. This might take a few minutes. Then, we'll be able to see our website at https://tacolabs.global.ssl.fastly.net.

Back to Top