AWS Route 53
Record Types
- A: map a hostname to IPv4
- AAAA: map a hostname to IPv6
- CNAME: map a hostname to another hostname
- the target is a domain name which must have an A or AAAA record
- cannot create CNAME record for the top node of the a DNS namespace
- example.com => no, www.example.com => yes
- NS: name server for the Hosted Zone
- control how traffic is routed for a domain
Host Zone
- a container that holds information about how you want to route traffic for a domain
- public host zone: determines how traffic is routed on the internet
- private host zone: determines how traffic is routed within a VPC
TTL
- the client will cache the DNS query result for TTL seconds
CNAME vs Alias
-
CNAME
- maps a hostname to any other hostname (point to Load Balancer, CloudFront)
- only for non-ROOT domain (not for mydomain.com)
-
Alias
- maps a hostname to an AWS resource
- works for both ROOT domain (mydomain.com) and non-ROOT domain(abc.mydomain.com)
- automatically recognize the changes in the resource's IP addresses
- free of charge
- native health check
- targets
- ELB, CloudFormation Distributions, API Gateway, S3 websites, VPC interface endpoints, Global Accelerator
- Route 53 record in the same hosted zone
- NOT for an EC2 DNS name
-
difference
- Alias can be used for the top node of a DNS namespace (Zone Apex)
- Alias record is always of type A/AAAA for AWS resources
-
for example: we have a ALB: my-backend.ap-southeast-2.elb.amazonaws.com, the following two configs are the same
- CNAME: my-backend.my-domain.com => my-backend.ap-southeast-2.elb.amazonaws.com
- A (Alias): my-backend.my-domain.com => my-backend.ap-southeast-2.elb.amazonaws.com
Routing Policies
-
define how Route 53 responds to DNS queries
-
DNS doesn't route any traffic, it only response to DNS queries
-
Simple
- typically route traffic to a single resource
- can specify multiple values in the same record, a random one is chosen by the client
- when alias is enabled, specify only one AWS resource
- cannot be associated with health checks
-
Weight
- control the % of the requests that go to each specific resource
- DNS records must have the same name and type
- use cases:
- load balancing between regions
- testing new applications
-
Latency
- route traffic to resources in the AWS region that provides the lowest latency
- all resources must be in AWS regions
-
Failover
- route traffic to a resource when the resource is healthy or to a different resource when the first resource is unhealthy
- primary record
- secondary record (failover)
-
Geolocation
- based on geographic location of your users
- Location: continents, countries/regions
-
Geoproximity
- based on geographic location of your users
- location type: Coordinates, AWS local zone group, AWS Region
-
IP-based
- based on user's IP address, define IP address range (CIDR)
-
multi value
- return multiple values (such as IP addresses) for the DNS query
- can work with health checks, only healthy resources are returned
Routing traffic to a website that is hosted in a S3 bucket
- a registered domain
- a S3 bucket that's configured to host a static website, and the bucket name must be the same as your domain or subdomain
- for example, if you use the subdomain, blog.daniel.com, the bucket name must be blog.daniel.com
- an S3 bucket configured as a website endpoint doesn't support SSL/TLS, so you need to route traffic to the CloudFront distribution and use the S3 bucket as the origin for the distribution
Active-active and active-passive failover
-
Active-active failover
- you configure active-active failover using any routing policy other than
failover
- you want all of your resources to be available the majority of the time; when a resource becomes unavailable, Route 53 can detect that it's unhealthy and stop including it when responding to queries
- all the records that have the same name, the same type (such as A or AAAA) and the same routing policy (such as weighted or latency) are active unless Route 53 considers them unhealthy
- you configure active-active failover using any routing policy other than
-
Active-passive failover
- you configure active-passive failover using the
failover
routing policy - you want a primary resource or group of resources to be available the majority of the time and you want a secondary resource or group of resources to be on standby in case all the primary resources become unavailable
- when responding to queries, Route 53 includes only the healthy primary resources; if all the primary resources are unhealthy, Route53 begins to include only the health secondary resources
- you configure active-passive failover using the