文章目录
aws(学习笔记第四十五课 route53-failover
- 使用
route53 - 尝试
route53的health check
学习内容:
- 使用
route53的domain以及sub domain - 使用
route53的health check
1. 代码链接以及微调整
1.1 代码链接
1.2 准备hostedzone
1.2.1 理解hostedzone
这里理解hostedzone就是一个父domain的定义,在这个父domain里面,可以定义多个arecord,即子的sub domain。
1.2.2 提前创建hostedzone
这里不采用cdk创建的方式,现直接创建hostedzone。
1.3 代码修改
1.3.1 从cdk.json开始
修改如下设定:
domain:finlay.commail: 自己的emailprimaryRegion:ap-northeast-1# 这里是亚洲的regionsecondaryRegion:ap-northeast-1# 这里是亚洲的region
1.3.2 修改app.py
region都修改成ap-northeast-1AliasHealthcheckRecordStack暂时都注释掉
1.3.3 修改healthcheck_alarm_stack.py
- 将
region都修改成ap-northeast-1
1.3.4 修改hosted_zone_stack.py
如下,将hostedzone修改成预先定义的形式,进行from_lookup调用。
self.zone = route53.HostedZone.from_lookup(self, "HostedZone", domain_name=domain)
2. 代码整体架构
- 在两个
Region A和Regiono B,分别启动一个vpc,在里面分别启动一个Fargate,和一个NLB。 - 通过
from_lookup,得到已经提前创建的hostedzone(finlay.com)。 - 在
hostedzone里面创建Failover Record(failover.finlay.com)。 - 并对
Failover Record分别注册一个primary和sencondary分别指向两个Region的Fargate。 - 对
primary和secondary进行创建health check。 - 创建
healthCheckMetric,对primay health check进行监视。 - 创建
healthCheckAlarm,添加alarm_action给snsTopic - 对
snsTopic进行subsribe,如果primary的Fargate有问题,进行email通知。
3. 代码解析
3.1 对提前创建好的hostedzone进行from_lookup
前面的步骤创建了hostedzone。这里可以使用from_lookup进行使用。
class HostedZoneStack(Stack):
def __init__(self, scope: Construct, construct_id: str, domain: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
# Test Env
# self.zone = route53.PublicHostedZone(self, "HostedZone", zone_name=domain)
# use below code to use already created hosted zone
self.zone = route53.HostedZone.from_lookup(self, "HostedZone", domain_name=domain)
3.2 FargateAppStack的Fargate定义
- 定义一个
vpc - 在里面定义
ecs cluster - 定义
Fargate service - 最后定义
network
# Need to Change different app
class FargateAppStack(Stack):
def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# Create VPC and Fargate Cluster
# NOTE: Limit AZs to avoid reaching resource quotas
vpc = ec2.Vpc(
self, "MyVpc",
max_azs=2
)
cluster = ecs.Cluster(
self, 'Ec2Cluster',
vpc=vpc
)
self.fargate_service = ecs_patterns.NetworkLoadBalancedFargateService(
self, "FargateService",
cluster=cluster,
task_image_options=ecs_patterns.NetworkLoadBalancedTaskImageOptions(
image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample")
)
)
self.fargate_service.service.connections.security_groups[0].add_ingress_rule(
peer = ec2.Peer.ipv4(vpc.vpc_cidr_block),
connection = ec2.Port.tcp(80),
description="Allow http inbound from VPC"
)
CfnOutput(
self, "LoadBalancerDNS",
value=self.fargate_service.load_balancer.load_balancer_dns_name
)
3.3 HealthcheckAlarmStack
3.3.1 创建primary health check
# primary record
primaryHealthCheck = route53.CfnHealthCheck(self, "DNSPrimaryHealthCheck", health_check_config=route53.CfnHealthCheck.HealthCheckConfigProperty(
fully_qualified_domain_name=primaryLoadBalancer.load_balancer_dns_name,
type="HTTP",
port=80
))
创建primaryHealthCheck,指向primaryLoadBalancer.load_balancer_dns_name。
3.3.2 创建failover.finlay.com的primary
primary = route53.ARecord(self, "PrimaryRecordSet",
zone = zone,
record_name="failover",
target = route53.RecordTarget.from_alias(route53_targets.LoadBalancerTarget(primaryLoadBalancer)),
)
primaryRecordSet = primary.node.default_child
primaryRecordSet.failover = "PRIMARY"
primaryRecordSet.health_check_id = primaryHealthCheck.attr_health_check_id
primaryRecordSet.set_identifier = "Primary"
3.3.3 创建secondary health check
# secondary record
secondaryHealthCheck = route53.CfnHealthCheck(self, "DNSSecondaryHealthCheck", health_check_config=route53.CfnHealthCheck.HealthCheckConfigProperty(
fully_qualified_domain_name=secondaryLoadBalancer.load_balancer_dns_name,
type="HTTP",
port=80,
))
创建secondaryHealthCheck,指向secondaryLoadBalancer.load_balancer_dns_name。
3.3.4 创建failover.finlay.com的secondary
# secondary record
secondary = route53.ARecord(self, "SecondaryRecordSet",
zone = zone,
record_name="failover",
target= route53.RecordTarget.from_alias(route53_targets.LoadBalancerTarget(secondaryLoadBalancer)),
)
secondaryRecordSet = secondary.node.default_child
secondaryRecordSet.failover = "SECONDARY"
secondaryRecordSet.health_check_id = secondaryHealthCheck.attr_health_check_id
secondaryRecordSet.set_identifier = "Secondary"
3.3.5 创建snsTopic
创建snsTopic,并且subscribe通知email。
# cloudwatch metric & alarm to SNS
snsTopic = sns.Topic(self, "AlarmNotificationTopic")
snsTopic.add_subscription(
EmailSubscription(email_address=email)
)
3.3.6 创建healthCheckMetric
healthCheckMetric = cloudwatch.Metric(
metric_name="HealthCheckStatus",
namespace="AWS/Route53",
statistic="Minimum",
period=Duration.minutes(1),
region="ap-northeast-1",
dimensions_map={
"HealthCheckId": primaryHealthCheck.attr_health_check_id
}
)
3.3.7 对healthCheckMetrics创建alarm
healthCheckAlarm = healthCheckMetric.create_alarm(self, 'HealthCheckFailureAlarm',
evaluation_periods=1,
threshold=1,
comparison_operator=cloudwatch.ComparisonOperator.LESS_THAN_THRESHOLD
)
3.3.8 将snsTopic添加到alarm
healthCheckAlarm.add_alarm_action(SnsAction(snsTopic))
4 执行stacks
4.1 创建public hosted zone
默认每个hostedzone会生成两个record
4.2 执行cdk部署
cd aws-cdk-examples/python/route53-failover
python -m venv .venv
source .venv/Script/activate
pip install -r requirements.txt
cdk --require-approval never deploy --all
创建将会花费一些时间。
4.3 primary和secondary的两个record都会被创建
注意,http://failover.finaly-renew.com 访问80端口,还是不好用,因为dns传播会花费一点时间。
注意,finlay.com在之前的学习中被创建了,虽然delete了但是还是会报错,这里使用finaly-renew.com
这里,虽然由于传播时间的原因failover.finlay-renew.com没有好用,但是
http://primar-farga-u8pxawhqffia-76faf5e45781a628.elb.ap-northeast-1.amazonaws.com/
已经有效。
4.4 cleanup
最后注意cdk destroy和删除hostedzone。