Multi region Active active APIGateway

0

We are building a global application that consists of regional API Gateways that should be accessible from a global.example.com domain with Active-active failover between regions. We are constrained to follow a pattern of using a different account per region and can possibly need to use the same regions (For eg uswest-2 in AccA, uswest-2 in accB and useast2 in acc C).

Two approaches we are considering for the failover is:

  1. In region/account A, Make the APIGateways private with vpc endpoint and front them with an ALB. We can use a Global Accelerator pointing to this to get static IPs and finally create global.example.com pointing to this accelerator. However, for region/account B, we cannot use the accelerator in A to add an endpoint in region/account B since cross acccount resouces isn't supported. Is there a workaround for this?

  2. Another approach is to use the same custom domain in both regions like above, but keep the APIgateway public and use a route53 record to point global.example.com to use CNAMEs of the public APIGateway in multiple regions/accounts. Will this work as described?

Which approach would be the recommended one given our priority is to maximize the Availability and minimize time for failure routing.

1 Answer
0

There's probably a lot more discussion to be had on this particular question - mainly because each option you choose will have an impact on the rest of your design.

If it were me, I'd go with option 2. Given that the two regions are (by the sounds of it) operating independently anyway; and you want any impact to one region not to affect the other then having separate API Gateways (and the infrastructure behind that) is a good idea. It assumes that you have a method for reliably replicating the data between the two regions but otherwise it's the way I'd go.

The particular can of worms this open is: What does the client do? If the client uses DNS and is directed to region A which is having an outage of some sort then it has to figure out there is an issue and choose to go to region B (somehow).

If you go and look at the various Netflix engineering blogs and YouTube talks that's what they do; the back end infrastructure operates independently in three regions and there is a lot of intelligence in the client to figure out which region it should talk to in order to continue serving content. In particular, look at their posts around the Simian Army (Chaos Monkey/Gorilla/Kong) to see how they test that.

For a lot of other really good content check out the Amazon Builder's Library which has lots of advice from our experience.

And finally, reach out to your local AWS Solutions Architect to continue this discussion - there are going to be more questions and (I suspect) more opinions about the right way to go.

profile pictureAWS
EXPERT
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions