For CDN we just put servers in different geological locations, some using cloud service and some dedicated. In fact the system itself was made as distributed wherever possible.
For the anti DDoS: it was not a big/common issue and in the rare cases we can work with providers to mitigate.
We started with GeoDNS (e.g. AWS Route53) and later on added Anycast into the mix. The combination of these two is very powerful but I wouldn't recommend Anycast for projects without good network staff.
For most, I think GeoDNS is good enough and very simple. The number of users using nameservers that break it (like Cloudflare's 1.1.1.1)* is still small.
*: The reason why it breaks is because they don't send along the EDNS client subnet to the upstream nameserver for "privacy reasons". I disagree with that notion because 1. it's just the subnet 2. the website/service will see the full client IP anyways when it gets the http request. I mean how many times does one resolve a hostname and then not connect to it? And we are talking about the authorative nameserver, not the ISP nameserver.
For the anti DDoS: it was not a big/common issue and in the rare cases we can work with providers to mitigate.