You can create a CDN configuration to define upload and delivery settings for your video on demand or live stream content, or for mid-rolls. Once you complete your CDN configurations, you can associate them with your content source.
Jump to: video on demand | live stream | mid-rolls
Create a CDN configuration for video on demand content
- Sign in to Google Ad Manager.
-
Click Video, then Content sources, then CDN configurations, then New configuration.
- Enter a descriptive name. This name is only displayed in Ad Manager, not externally.
- Select Video on demand content as the configuration type.
-
Describe the CDN from which the content will be ingested:
Ingest URL prefix: The CDN prefix of the URL. This determines the CDN settings used for a piece of content.
CDN authentication
- Select None if your CDN doesn't require authentication. Otherwise, select the CDN and enter the authentication details.
- Select Akamai or Cloud Media (Beta)
- For Akamai
- Token authentication: Select Enabled or Disabled.
-
Media encryption: Select Enabled or Disabled.
- For Cloud Media (Beta)
- Cloud Media CDN keyset name: The Cloud Media CDN keyset name that verifies requests for content. Find additional resources for EdgeCacheKeyset.
-
Cloud Media CDN expiration (seconds) (optional): The amount of seconds the content is valid for the initial signed request. Only set this field if
signedRequestMaximumExpirationTtl
is set in the associated Cloud Media CDN configuration. Find additional resources for EdgeCacheService.
- For Akamai
The media encryption URL is only supported for HLS, not DASH. If a media encryption URL is provided for DASH, it is ignored.
For HLS, this asset URL should generally be a version of the master playlist URL, from the same domain where the segments are served. Each variant in the master playlist is checked for the
aka_me_session_id
andid
parameters. The first matched value from the first URL is cached and reused across user sessions for all segments of all streams served from that location.
-
Configure the default CDN details from which the content is delivered:
Name: Upon saving your CDN configuration, Ad Manager assigns a unique name to each delivery setting. This becomes visible only after you save.
Delivery URL prefix: The URL prefix for the CDN that is used to host the content.
Security settings: "Use ingest security settings" applies the same settings as ingest.
To use Akamai for delivery, cookie protection must be activated for token authentication.CDN authentication: Select None if your CDN doesn't require authentication. Otherwise, select the CDN and enter the authentication details:
- For Akamai
- Token authentication: Select Enabled or Disabled.
- Token authentication key: Select if your CDN requires an authentication key.
-
Disable server-side URL signing: Disable server-side URL signing to force the client to generate the signature.
Continue to Step 7.
- For Cloud Media (Beta)
- Cloud Media CDN keyset name: The Cloud Media CDN keyset name that verifies requests for content.
- Cloud Media CDN expiration (seconds) (optional): The amount of seconds the content is valid for the initial signed request. Only set this field if
signedRequestExpirationTtl
is set on the associated Cloud Media CDN configuration. - Master playlist origin path prefix (optional): This is the origin path prefix (for example, the publisher will not be able to select Master playlist origin forwarding type (7) for the Cloud Media CDN). It's always set to "Origin path."
- For Akamai
- Akamai CDN Authentication
Master playlist origin forwarding type: Select either "Origin path" or "Conventional" type.
Set up using the following example:Example
Using an example content path of
https://cdn.com/path/to/content.m3u8
:- Origin path: Includes the
originpath
query string parameter and sets the value to the path where Akamai will proxy the master playlist request:https://cdn.com/path/to/content.m3u8?originpath=/linear/hls/event/some-event/stream/some-stream/master.m3u8
- Conventional: Replaces the URL path with the path where Akamai will proxy the master playlist request:
https://cdn.com/linear/hls/event/some-event/stream/some-stream/master.m3u8
With the conventional type, you can optionally include a path prefix:https://cdn.com/pathprefix/linear/hls/event/some-event/stream/some-stream/master.m3u8
- Origin path: Includes the
- (Optional) Click Add delivery setting (Beta) if you plan to serve the content from more than one CDN, and configure the details for the additional CDN, as outlined in step 6. Learn more about delivering on-demand content from more than one CDN
- Click Save.
Create a CDN configuration for live stream content
- Sign in to Google Ad Manager.
-
Click Video, then Live streams, then CDN configurations, then New configuration.
- Enter a descriptive name. This name is only displayed in Ad Manager, not externally.
- Select Live stream content as the configuration type.
-
Describe the CDN from which the content is ingested:
Ingest URL prefix: The prefix of the URL of the CDN. This is used to determine which CDN settings should be used for a piece of content.
CDN authentication: Select None if your CDN doesn't require authentication. Otherwise, select the CDN and enter the authentication details:
Token authentication: Select if your CDN requires an authentication key. You also have the option of activating cookie protection.
-
Describe the CDN from which the content is delivered:
Delivery URL prefix: The prefix of the URL of the CDN that is used to host the content to be delivered.
Security settings: "Use ingest security settings" applies the same settings as ingest.
To use Akamai for delivery, cookie protection must be activated for token authentication. -
CDN authentication: Select None if your CDN doesn't require authentication. Otherwise, select the CDN and enter the authentication details:
- Token authentication: Select if your CDN requires an authentication key. You also have the option of disabling server-side URL signing and activating cookie protection.
- Disable server-side URL signing: If you are using Akamai token authentication, deactivate server-side URL signing to force the client to generate the signature.
-
Origin forwarding type: When you select Akamai as the CDN authentication, select either the "Origin path" or "Conventional" type, and then set up as in the following example:
Akamai Example
Using an example content path of
https://cdn.com/path/to/content.m3u8
:-
Origin path: Includes the
originpath
query string parameter and sets the value to the path where Akamai will proxy the master playlist request:https://cdn.com/path/to/content.m3u8?originpath=/linear/hls/event/some-event/stream/some-stream/master.m3u8
-
Conventional: Replaces the URL path with the path where Akamai will proxy the master playlist request:
https://cdn.com/linear/hls/event/some-event/stream/some-stream/master.m3u8
With the conventional type, you can optionally include a path prefix:
https://cdn.com/pathprefix/linear/hls/event/some-event/stream/some-stream/master.m3u8
-
- Click Save.
Create a mid-roll CDN configuration
If your content requires mid-roll ad breaks and you need Ad Manager to condition your content, you must provide SFTP access to your CDN so that Ad Manager can upload video segments after they are split at the ad break points. Create a mid-roll CDN configuration to allow Ad Manager access your content.
- Sign in to Google Ad Manager.
- Click Video, then Content sources, then CDN configurations, then New configuration.
- Enter a descriptive name. This name is only displayed in Ad Manager, not externally.
- Select Mid-roll as the configuration type.
-
Complete the following mid-roll settings:
Upload protocol: The protocol for the uploaded conditioned content.
Username, private key, and password: Ad Manager only accepts SFTP credentials that use a private key for authentication (either RSA or DSA). You can optionally supply a private key that uses a password.
Before you enter your private key, it's recommended that you test it using an independent SSH or SFTP client. Some examples of these clients are PuTTy or CyberDuck.
You should ensure that the user has full ownership (read/write/update/delete) to both the root path and subdirectories.
Ad Manager can't use an insecure FTP location and doesn't support SFTP authentication using a username and password.
Requirements for entering SSH keys
- Depending on the type of private key, it needs to begin with the following text:
-----BEGIN RSA PRIVATE KEY-----
or-----BEGIN DSA PRIVATE KEY-----
- Depending on the type of private key, it needs to end with the following text:
-----END RSA PRIVATE KEY-----
or-----END DSA PRIVATE KEY-----
- There must be a new line character (
\n
) where line breaks exist.
Sample key
-----BEGIN DSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: DES-EDE3-CBC,BFF8B97CEFE81031\n\n\nZcYWZ5Sq12m8bFxCGc1f3GYjcJSmrwyLMUzqryPGnbmnURULC19+WVddHzzcJ2D5\ncc/wYKzE5eRO2ZupeGRcaMwG1UYx171ucwfvoE5VfbD6fBAn7bkW+Qik0QdL3/M4\nN2l0LlqiZxBLEQ8bwZvfN9aeOfbpgFufbQw8X9jVk5gNzOucRC2B0Ul9DxfLSvWU\nvgnrlrqijvpLMRDtuGt7X8X1vb/gSIIsdWYl5kny0ULL1sK+ZLUHT6YCLPNxjJsE\nrgPxKRV6Z8TrygbfipZckd0LSEAJltwoIM/1iSeZt9mn4lrz1GF/jO5XeUcFwQWr\nu8emTMvXFbeTXOKmsjhhUsZgNxvMfUd+S2Bus66jb1jTm2jMGbKAtWola98e8C0h\nh4hh8OJU4ZhFyb2/xOqR7P7DKjWIYDTlb1t0EZv4xUE1UFTo4MwCZaOFBJs172ax\nFBWZLYoYF3gBDy2C6/dP5IJfa4G27NHeqU9WYPq5wTct0mqHhzrR2cj6pmRwwjq9\nmME3mDH8X0oMz5I6XHbJ0n5pc49YRXCrq4tP/GXevXh0z/wfzwt3x94oQuH9JwoD\npOT5xNOngA2pKJLuMc+D/g==\n-----END DSA PRIVATE KEY-----\n
Hostname: The hostname for the uploaded conditioned content files.
Path prefix: The directory where the conditioned content is uploaded. This directory should allow SFTP access to your CDN. You should ensure that the user has full ownership (read/write/update/delete) to this directory, and that the server has a reasonable amount of available storage space to accommodate the content ingested.
Delivery URL prefix: The prefix of the CDN URL that is used to host the content segments. This should always start with
https://
to avoid playback issues where https is used. - Depending on the type of private key, it needs to begin with the following text:
- Click Save.