Best architecture practice to improve performance of ecommerce website hosted in India to overcome the Great Firewall of China

Question

Not sure if this is the right platform but would like to give it a shot here as there are many legendary folks that live in stackoverflow domain.

We have a typical ecommerce website hosted in India. The architectural touch points can be summarized below

• Static content is loaded from AWS CDN
• The first point of entry is the AWS application load balancer
• Search functionality using elastic search
• Redis caching enabled
• business functionality implemented using nodejs, typescript, javascript and hosted in kubernetes cluster

The website is pretty fast anywhere but China because of the Great firewall of china

Solutions which we have tried

• We have tried using the Alibaba Global accelerator with AWS geolocation record routing policy to ensure that traffic originating from China should come from the Global accelerator instead from the main internet.

• We have also tried Huawei Cloud Connect again with Geo location to route traffic via Cloud connect going through the NAT gateway from HongKong to Singapore and then behaving as if the traffic is originated from Singapore

Performance wise the Huawei cloud connect seems to be performing better. However the static content which is loaded from AWS CDN is still slow as it tries to get from nearest AWS CDN node which is Japan.

How can we accelerate the CDN for the images ?

Any thoughts are welcome.

Answer 1

• Collect more browser-side data

Please collect better data from a person based inside China using Chrome's Lighthouse feature accessible via Dev Tools or as an extension, and share key metrics that Lighthouse flags as "needing attention" on this thread.

• Check at least the following common (mis)configurations

  • Is the origin server setting the correct time-to-live for every image, JS, and CSS file? AWS docs. Check S3 file-level metadata specifically if S3 is in use, or your application server's HTTP response to AWS CloudFront for static resources.

  • Are all intermediary CDNs and application-level proxies passing through the above Cache-Control and max-age directives to downstream users?

  • Using your browser's dev tools, are you able to observe the above headers once you set or edit them at the origin server? Is a typical user in mainland China able to observe these headers?

• Examine non-standard X-From-Cache headers (or similar) inserted by CDN networks or caching proxies to see which intermediary is misconfigured.

Answer 2

You're right. Since the website is fast everywhere except China, so it most probably got to do with the China's firewall. Optimizing TTL and cache headers won't get you far. I believe this is quite expected on websites outside China's network.

I'm not an expert regarding China's network, but you'll need an ICP license (ICP Filing or ICP Commercial License) to legally operate your website in China mainland. Without the license, your website may get blocked at any point. There are certain requirements for getting the license, so this might be quite challenging.

You'll probably want to host some of your servers in China region while getting the ICP license. Alibaba Cloud, Tencent Cloud, and Huawei Cloud are popular cloud providers in China mainland, and they provide ICP registration as a service as well (Alibaba Cloud GoChina ICP Filing Assistant / Huawei Cloud ICP License Service). AWS also have China region operated by third party companies. I think it'd be best to stick with a single provider for better service support and avoid architectural complexities.

Usually I recommend using Cloudflare as CDN as it's going to save you tons on bandwidth cost and it comes with bunch of features as well. However in this case, it wouldn't be of much help unless you subscribe to Cloudflare's China Network, which is only available for Enterprise customers (you'd still need ICP license).

Bottom line is, you'd need ICP license and comply with their regulations, and host your servers in China mainland to properly serve your Chinese customers.
Here are a few good reads that might help you:

• How Your Web App Can Serve the Chinese Market
• SANS - Doing Cloud in China
• Alibaba Cloud - FAQ about ICP filings
• AWS China Support - ICP Recordal