Routing control in Amazon Route 53 Application Recovery Controller - Amazon Route 53 Application Recovery Controller

Routing control in Amazon Route 53 Application Recovery Controller

To fail over traffic to application replicas in Amazon Route 53 Application Recovery Controller, you use routing controls that are integrated with a specific kind of health check in Amazon Route 53. Routing controls are simple on/off switches, grouped in a control panel and hosted on a cluster in Application Recovery Controller, that control the routing of client traffic. The traffic rerouting is accomplished by routing control health checks that are set up with Amazon Route 53 DNS records, for example, DNS failover records, associated with domain names that front your application replicas. This chapter explains how routing control works, how to set up routing control structures, and how to use them to reroute traffic for fail over.

The routing control structures that you create in Application Recovery Controller are: a cluster, a control panel (optional), routing controls, and routing control health checks. When you create routing controls, you add them to a control panel. All routing controls are grouped on control panels. You can use the default control panel that Application Recovery Controller creates for the cluster, or create your own custom control panels. You must create a cluster before you can create a control panel or a routing control.

After you create routing controls and routing control health checks, you can create safety rules to help prevent unintentional recovery automation side effects. You can update routing control states, individually or in batches, by using the AWS CLI or API actions (recommended), or by using the AWS Management Console.

About routing control in Amazon Route 53 Application Recovery Controller

Routing control uses health checks in Amazon Route 53 configured with DNS records for the top-level resource of the cells in your recovery group, such as an Elastic Load Balancing load balancer, to route traffic to a cell or stop routing traffic to a cell. Routing controls support fail over across any AWS service that has a DNS endpoint. You can update a routing control state to reroute traffic for your application when you detect latency drops or other issues.

You can also configure safety rules in Application Recovery Controller to make sure that rerouting traffic by using routing controls doesn't impair availability. For more information, see Create safety rules in Application Recovery Controller .

It's important to note that routing controls are not themselves a health check that monitors the underlying health of an endpoint. For example, unlike a Route 53 health check, a routing control doesn't monitor response times or TCP connection times. A routing control is a simple on/off switch, and an operator changes the state to redirects traffic. That state change moves the traffic for an entire application stack to go to a particular endpoint or prevents routing for the whole application stack. That is, when you change a routing control state from On to Off, that state change triggers Route 53 to move traffic off of an endpoint.

To update a routing control state so that you can reroute traffic, connect to one of the cluster endpoints in Application Recovery Controller. If the endpoint that you try to connect to is unavailable, try changing the state with another cluster endpoint. Your process for changing routing control states should be prepared to try each endpoint in rotation, since cluster endpoints are cycled through available and unavailable states for regular maintenance and updates.

You associate routing control health checks with Route 53 DNS names that front each application replica by setting up the DNS records. For example, if you want to control traffic failovers across two load balancers, one in each of two Regions, you can create two routing control health checks and create DNS records, for example, DNS failover records, with the DNS names of the respective load balancers.

A routing control in Application Recovery Controller has several benefits over rerouting traffic with traditional automated health checks.

  • A routing control gives you a way to fail over an entire application stack. This is in contrast to failing over individual components of a stack, as Amazon EC2 instances do, based on resource-level health checks.

  • A routing control gives you a safe and simple manual override that you can use to shift traffic to do maintenance or to recover from failures when internal monitors don't detect an issue.

  • You can use a routing control together with safety rules to prevent common side effects that can happen with fully automated health check-based automation, such as failing over to standby infrastructure that isn't prepared for failover.