Using Route53 Health Checks and Failover in front of CloudFront Distribution

Question

My architecture looks like:

- Route 53 --> CloudFront --> Application Load Balancer --> EC2 Servers

I want to set up failover routing so that if the EC2 Servers go down, Route53 sends our traffic to an S3 bucket with a simple error page as a static site.

This all seems pretty straightforward, but when I try to set up failover routing on the DNS record, the option to "Evaluate Target Health" is grayed out:

![Screenshot of setting up the record](https://repost.aws/media/postImages/original/IMRdazYPV0QFKfNTOF3TQZMw)

This seems to be because the target is a CloudFront distribution. If I switch it to a different kind of alias, the option is no longer grayed out.

How can I proceed to set up the failover DNS if I can't monitor the target's health?

Accepted Answer

Hello,

"Evaluate Target Health" works with Alias Records that support health checks, CloudFront is not a service supported as it does not return health checks.

I think a better option for you is to use CloudFront's custom error responses.  This way if there is an error coming from the ALB, it can redirect traffic to a custom static page hosted on an S3 bucket.

See documentation here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/GeneratingCustomErrorResponses.html

Answer

Another option is to front the site with CloudFront and use an origin group with one origin being the ELB and the other origin being the S3 static page. You would use the NoCache policy so that each request is sent to the origin instead of caching. See: [Optimizing high availability with CloudFront origin failover](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html).

Using Route53 Health Checks and Failover in front of CloudFront Distribution

関連するコンテンツ