Thursday, March 5, 2015

Configuring the Automatic DNS failover in Amazon AWS for high Availaibility

For Critical applications high availability you can configure Automatic DNS failover in Amazon AWS. The DNS failover is fully automatic and runs as the healtchcheck fail is confirmed.

You can perform the failover to an static website hosted in S3 , or an on premise environment , or you can failover to other web instance hosted in some other region.

We would be running an instance in the singapore region as our primary DNS and will be configuring the failover in the US region. So as the healtcheck failure is configured the Route 53 will automatically failover the DNS to the secondary DNS in the US-east region. You can choose any region as you like. Further as soon as the healthcheck fail is recovered the DNS would again recover to the primary DNS in the singapore region. This is primarily used in setting up the DR environment and can help to increase the uptime in your environment.

Here are the steps you need to perform to achieve this:-

1. Spin up an EC2 Instance in the Singapore region and make sure you have the port 22 and port 80 open for  this instance by enabling the suitable security group policies.

Further you need to install a web server (Apache) for hosting a domain which is going to failover. After Instance becomes available use the following steps to install and configure an apache server to serve the domain.

# yum install httpd
#vi /etc/httpd/conf/httpd.conf
#mkdir -p /var/www/unixcloudfusion
#cd /var/www/unixcloudfusion
#vi index.html
This is the Instance hosted in the Singapore Region
#Enter the following lines in the configuration files change servername as per your domain

# /etc/init.d/httpd start

2. Similarly spin up and another Instance in the US-EAST region and follow the same steps to configure and run a  web server. Use the similar configuration though you can slightly modify the index.html file so that as the failover occurs you are displayed a content showing that instance is hosted in the US-EAST region

3. Now go to the Route 53 service in the console which is the DNS management service in the Amazon AWS. Here you need to set the hosted zone and point your domain nameservers to the Amazon AWS nameservers which would be provided once you select create the hosted zone. Set the name servers as displayed in the console

Next create the Healthcheck for your web instance running in the singapore region. Select "Create Health Check". Select the following to configure healthcheck

Protocol : http
IP Address : (ip-address-singpore-region-instance)
Port : 80
Request Interval: 10 seconds (as we are just testing in production consider longer period)
Failure Threshold : 1 (Consider increased number of checks in production)

click create.

This healthcheck would continuously monitors your port 80 for response and if it receives fine response it reports back as healthy

Next click on the "Create Record Set" and set the A record for your www subdomain.
TTL 60 seconds
Value:- ip-address-singapore-region-instance
Routing policy: failover
Set id: region singapore application name
Associate Health check: yes
Select the Healthcheck to associate from Dropdown

Next we will configure the Failover record set. click on the "Create Record Set" and set the A record for your www subdomain.
TTL 60seconds
Value: ip-address-us-east-region
Routing policy: failover
Set id: region us-east application name
Associate Healthcheck: No

Now you are all set to test in the Browser

Go to your domain and you will see the content is being served from the singapore region. Once you confirm the same go to your singapore EC2 instance and  stop the apache webserver . Check your healthcheck  status in the console it should report it as Unhealthy.

Try accessingg the URL again you will see this time the content is fetched from the US-east regionThis confirms the DNS failover has been successfully done. Try restarting your webserver in the singapore region  you will healthcheck violation will recover. Try accessing your domain now and you will see the content is being fetched from the singapore region again.

There are few considerations as this was a quick overview of setting the automatic DNS failover and should be sufficient for you to set the failover DNS for high availaibility for your applications. But it is important to keep points in mind. The ip address of the web servers will change as soon as you restart the server unless you are using static ip address for the resolution of this problem best practice is to use CNAME record to you public domain of your EC2 instance. Other important thing you want to consider is keeping the code same in both the regions at all the times.


Post a Comment