Reputation: 7069
Fallback page via CloudFront distribution
I have a simple site mysite.com served behind CloudFront distribution and maintenance.mysite.com single static page hosted on S3 also served behind CloudFront distribution.
I want to be able to switch between them on route53 level when my main site is not available, but CloudFront doesn't allow to have same domain name attached to the different distributions. As per docs https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html
Duplicate and overlapping alternate domain names You cannot add an alternate domain name to a CloudFront distribution if the same alternate domain name already exists in another CloudFront distribution, even if your AWS account owns the other distribution.
What is the proper and fastest way to switch between main and backup pages on a route53 level? I don't want extra load balancers / lambdas to be involved and DNS way is the preferable solution.
Upvotes: 0
Views: 795
Answers (2)
Reputation: 7069
There is no straightforward solution, so I'm posting workarounds from AWS support here as an answer
Workaround 1:
You need to have 2 CloudFront distributions. One of these would be “Blue” and the other, “Green”. The Blue distribution would need to have www.domain.com as the alternate domain name. Now, create a DNS record that points www.domain.com to the CloudFront distribution “Blue” which will act as Production environment now.
Moving on, add the CNAME *.domain.com to the CloudFront distribution "Green" (the other distribution).
Now, in this setup, a request to www.domain.com would land on the Blue Distribution, as it has www.domain.com as the ADN (which is more granular than *.domain.com). Now, when you want to make the “Green” distribution as production distribution, just remove the Alternate Domain Name from the "blue" distribution. In that case, there would be only one distribution that would satisfy the request for www.domain.com, the Green one (which has *.domain.com as ADN), and the request would be routed to that even if your DNS points www.domain.com to the Blue distribution (as CloudFront routes a request based on the Host header and will choose a distribution that has that domain as the ADN).
Workaround 2:
You need to have 2 CloudFront distributions. One of these would be “Blue” and the other, “Green”. Create a DNS record that points www.domain.com to the CloudFront distribution “Blue” which will act as Production environment now. Also, add www.domain.com as a CNAME(Alternate Domain Name) to the distribution “Blue”. Meanwhile you can test the other CloudFront distribution “Green”.
When you want to make the “Green” distribution as production distribution, you should first point the DNS record for www.domain.com to the CloudFront distribution “Green”. Even though the DNS points to the “Green” distribution, the request will still be routed to the “Blue" CloudFront distribution because “Blue” CloudFront distribution has the CNAME(Alternate Domain Name) for www.domain.com (CloudFront will try to route the request to a CloudFront distribution that has the same CNAME(Alternate Domain Name) value as the value of the host header). Wait for a few hours for the new DNS record to propagate. Then, remove the CNAME from CloudFront distribution “Blue” and add it immediately to the CloudFront distribution ”Green”. Now all the requests will be routed by CloudFront to the “Green” CloudFront distribution since the “Green” CloudFront distribution has the CNAME(Alternate Domain Name) www.domain.com.
This workaround would involve some downtime when you move the CNAME from the "blue" distribution to the "green" distribution, so I would recommend going with the first workaround only. Also, please test this on a test environment first before testing it on the production distributions.
Upvotes: 0
Reputation: 1535
I think this depends on how you want to create www.mysite.com vs mysite.com. If, as you have in your diagram, all incoming requests are actually to mysite.com, then you can just have a CNAME* entry that points mysite.com to www. when that's up and running, and to maintenance. when it's in maintenance mode. However, if you want www. and mysite.com (with no subdomain) to both go to the same place and have that same place switch around, then you need to come up with another name for your production server. Then you can have
- prod.mysite.com
/
[www.mysite.com | mysite.com] -< CNAME* in Route53
\
- maintenance.mysite.com
CNAME is the standard DNS way to do this; however, I believe AWS charges for CNAME redirects and not for aliases, So, wherever I say CNAME above, you can actually create an A record in Route53, and then click on the "alias" switch and select "Alias to another record in this hosted zone".
Upvotes: 1
Related Questions
- Amazon CloudFront with Route 53
- Amazon S3 Redirect and Cloudfront
- AWS CloudFront in front of S3 and ALB
- Cloudfront distribution pointing to S3 bucket and ELB
- Unable to configure the Route53 to point to CloudFront Distribution for the static website hosted on S3
- AWS CloudFront redirect to path
- Path based routing to cloudfront and ec2
- How to use cloudfront for a DNS Failover
- Redirect traffic with CloudFront
- AWS Cloudfront and Route53