CloudFlare and CDN for cloud failover

Forums › IT Pro and developers › CloudFlare and CDN for cloud failover

jasnz

41 posts

Geek

#150786 3-Aug-2014 10:40

Hi All,

Well on our new site we are nearing the phase where we can do cloud failover. All our ansible scripts and nagios monitoring and such is nearing this point. That is if someone drives over the internet cable for Dunedin or the power fails to our suburb we auto-launch servers in the cloud and redirect things to them. This is not perfect in that we will be down for 5 minutes or so with current launch timings. But it is not too bad as a first cut at eliminating down time.

Now the question is for our New Zealand server we were thinking of using cloud flare as a front end. (They have a nice API whereby the failover servers can programatically change the DNS resolution of our name to point to the new cloud launched servers while the outage is occurring.)

We are going to be doing this on the live site of course. Just before we do this we will be buying another domain in NZ and trailing failover on that etc.. But before we start going around and buying extra domains and trying this I thought I would just ask the other experts, how does this all sound.

Using CloudFlare etc:
By using CloudFlares DNS outside NZ is this likely to significantly impact normal operations? (currently our domain registrar and DNS is severed by 1stdomains.) If so would there be better options around (I saw fastly mentioned here.)

Automated WebDriven Changes (Selenium, etc):
We could try and use something like Selenium to programatically log into the registration site and change our DNS record, but every so often someone like 1stdomains will change their web pages and things in a crunch will not work... we know this since some of our other non-critical selenium scrapings have suffered this problem... so that solution was ruled to be fairly unreliable for us... But at a pinch we could do this with Nagios checks to see that the rest of the page is working ok...

NZ registrants with API facilities:
Or does anyone know of NZ registrant who has an API which we can programatically change the DNS resolution with?

Thanks!
Jas

1 | 2 | 3

20575 posts

Uber Geek

Trusted

Lifetime subscriber

#1101073 3-Aug-2014 13:42

Your domain registrar is irrelevant. Cloudflare will serve DNS for your domain, it has to do to what it does. Not sure about the best way to implement cloud failover but will be reading with interest.

freitasm

BDFL - Memuneh
79257 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1101203 3-Aug-2014 16:52

When using Cloudflare the "visible" address for anyone visiting your site is the Cloudflare POP address. The actual IP address is used by Cloudflare to access the origin server (your server) to get content to serve.

Changing the IP address on Cloudflare just tells their service to get the origin content from a different server - visitors to your site will continue to see the Cloudflare POP address.

This could give the impression of the site being up if the main node goes down and a secondary node is available to keep serving the content.

itxtme

2102 posts

Uber Geek

#1101236 3-Aug-2014 18:43

Just got an email from AWS that have just added geographical failover for Route53 (DNS), and a price drop of 20%. Closest servers for you would be in Sydney. If you dont want CDN capabilities just geographic elastic IP addresses this could be a good option. They have an SDK for most development environments.

jasnz

41 posts

Geek

#1101377 4-Aug-2014 06:33

@timmmay. Maybe I should have been a bit clearer. I was more meaning by the registrant the person who is the primary record keeper for my domain. Are there any of these in NZ which allow programatic changing of the DNS resolution is my question... We can of course get a cheaper VPS in NZ and run bind on it or something like that but I am lead to believe there is lot of dark magic surrounding these things and if we can avoid it I would rather just go with a top level DNS server in NZ and programatically change it.

@freitasm: Ahhh... So even if we turn off the CDN nature of CloudFlare and just used it for DNS and DNS redirection, would it likely increase a lot of the ping times / latency in the end?

@itxtme: Thanks. we were thinking also of Rout53 but like all AWS services they are quite complicated with *many* options. It is not quite as simple as say digital ocean or CloudFlare where you basically fire the thing up and then get on with other stuff... But with Sydney servers this would be good... So there is no comparable service in NZ that we could use then?

Thanks all for the answers!

freitasm

BDFL - Memuneh
79257 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1101383 4-Aug-2014 07:01

No, if you turn off the CDN it will just be a distributed DNS for your domain, pointing directly to the server. It only proxies if you turn the CDN on.

freitasm

BDFL - Memuneh
79257 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1101384 4-Aug-2014 07:02

If you just want a resilient DNS you can always use Dyn as another option.

jasnz

41 posts

Geek

#1101428 4-Aug-2014 08:10

Ahh... I didn't know about Dyn. Thanks! This looks like it also might do the trick but from a quick scan they also only have a resolver in Sydney... So the ping time might not be that different than say Route53 or indeed CloudFlare which also has a centre in Sydney. (But it is nice to have other options... Thanks!)

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

freitasm

BDFL - Memuneh
79257 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1101431 4-Aug-2014 08:15

DNS revolvers may influence time for first resolution of an IP address but won't influence ping times to your server.

Zeon

3916 posts

Uber Geek

Trusted

#1101477 4-Aug-2014 09:40

jasnz: @timmmay. Maybe I should have been a bit clearer. I was more meaning by the registrant the person who is the primary record keeper for my domain. Are there any of these in NZ which allow programatic changing of the DNS resolution is my question... We can of course get a cheaper VPS in NZ and run bind on it or something like that but I am lead to believe there is lot of dark magic surrounding these things and if we can avoid it I would rather just go with a top level DNS server in NZ and programatically change it.

@freitasm: Ahhh... So even if we turn off the CDN nature of CloudFlare and just used it for DNS and DNS redirection, would it likely increase a lot of the ping times / latency in the end?

@itxtme: Thanks. we were thinking also of Rout53 but like all AWS services they are quite complicated with *many* options. It is not quite as simple as say digital ocean or CloudFlare where you basically fire the thing up and then get on with other stuff... But with Sydney servers this would be good... So there is no comparable service in NZ that we could use then?

Thanks all for the answers!

Lots of NZ registrars will offer APIs. I know Sitename do definitely. The APIs allow all their resellers to provide a service.

Speedtest 2019-10-14

freitasm

BDFL - Memuneh
79257 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1101481 4-Aug-2014 09:43

The best thing anyway is not use DNS as failover management because DNS changes can take some time to be used since there's a TTL for those records. If the TTL is too high DNS resolvers will take too long to refresh. If TTL is too low changes are too frequent impacting performance on client side.

The correct way of implementing failover is through a load balancer in front of a failover cluster.

DNS will not be the answer.

jasnz

41 posts

Geek

#1101494 4-Aug-2014 10:04

Yes, this is the first stab at cloud failover. If we used a load balancer than these sites need to be up constantly... Because of the application we are running they are pretty memory intensive. We need something like 40G of memory to run stuff (at the stage we are at right now...) this will only get bigger. Having these size machines constantly up in the cloud would be very expensive... On the flip side we can handle 5 minutes downtime for now... So having the TTL being 300 seconds for us is not so much of a problem. Maybe at some long time in the future we will have some other way to do this but for now DNS switch over seems to be our best bet :)

Certainly having the sites up all the time would be quite expensive.

(We do actually have a site which is in the cloud which constantly monitors our site and we could indeed funnel all traffic through that to our site and use that as a "load" balancer that does no balancing but I don't really see much advantage in that... But maybe there is?

timmmay

20575 posts

Uber Geek

Trusted

Lifetime subscriber

#1101503 4-Aug-2014 10:10

Not everyone honours dns ttl, imho it's not a great solution. I'd look at Amazon cloud load balancing, see if it can route to your servers first and bring up theirs if required. Or some other third party load balancing.

Why do you need so much ram? Just curious.

jasnz

41 posts

Geek

#1101510 4-Aug-2014 10:23

So the "Amazon cloud load balancing" what is this called in http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/Welcome.html

any pointers in having the cloud load balancer not balance and just redirect to an outside server?

(As to why: It is a Java and Postgres thing. And we need a separate machine for each sort of install. There are currently 10 VM's with 4G's each on each machine... or so...)

Thanks!
Jas

itxtme

2102 posts

Uber Geek

#1101521 4-Aug-2014 10:52

I would think you cant use it for external servers as the concept of an elastic IP is an internal AWS network one.

What do you need the memory for DB or web App??

The ultimate solution would be an EC2 instance(s) running your web application with load balancing.

You can then use RDS Postgres DB's to run the DB. If you use RDS you can create DB redundancy out of the box using the multi-deployment option.. If one fails AWS automatically switches to the alternative DB (the cost is reflected in running two DB instances).

The beauty of this solution is you can instantly deploy from snapshots your web app into a new EC2 instance and scale up or outwards. Plus you pay by the hour not by the month.

This would obviously be a massive shift in infrastructure from your current setup so may be prohibitive at this time. If you havent already sign up for an account with AWS and you get 1 year access to their free tier including micro EC2 + RDS. It really is a fantastic product set.

Zeon

3916 posts

Uber Geek

Trusted

#1101529 4-Aug-2014 11:00

Everyone goes on about AWS and IaaS but its not the answer for everyone. We are in a similar boat where we may have 50+ CPU cures at any time under full load to power our App. The first thing people say is "why not use AWS" and I said I've looked at it and it was going to be about 5x the price and its not even HA.

So where are you hosting your servers? might be best to colocate at a highly available datacentre and look to use some kind of load balancing. Talk to Insane, he works for Vocus and they have some kind of geo-seperate solution for that.

Speedtest 2019-10-14

1 | 2 | 3