I'm having difficulty providing a bluegreen for my s3 static website. I publish a version of the website in a given bucket and it is exposed at:
a Cloudfront distribution
then on a Route 53
and yet another CDN (corporate, which resolves the DNS) to reach the internet.
I've trying some "compute" solutions, like ALB, but I'm not successful.
The main issue of my difficulty is the long DNS replication time when I update CloudFront with a new address, making it difficult to rollback a future version to the old one (considering using different buckets for this publication).
Has anyone been through this or have any idea how to solve this?
AWS recommends that you create different CloudFront distributions for each
blue/green variant, each with its own DNS.
From the Hosting Static Websites on AWS prescriptive guidance:
Different CloudFront distributions can point to the same Amazon S3
bucket so there is no need to have multiple S3 buckets. Each variation
[A/B or blue/green] would store its assets under different folders in the same S3 bucket.
Configure the CloudFront behaviors to point to the respective Amazon
S3 folders for each A/B or blue/green variation.
The other key part of this strategy is an Amazon Route 53 feature
called weighted routing. Weighted routing allows you to associate
multiple resources with a single DNS name and dynamically resolve DNS
based on their relative assigned weights. So if you want to split your
traffic 70/30 for an A/B test, set the relative weights to be 70 and
30. For blue/green deployments, an automation script can call the Amazon Route 53 API to gradually shift the relative weights from blue
to green after automated tests validate that the green version is
healthy.
Hosting Static Websites on AWS - It's 2016 year whitepaper. It relies on non-working examples that don't work. You can't just setup two cloudfront distributions to serve the same CNAME for dns switching.
Another way is to do green/blue logic in lambda edge.
You can do blue/green or gradual deployment with a single Cloudfront distribution, 2 S3 buckets and Lambda#Edge.
You can find a ready-to-use cloudformation template that does this here.
Related
I'm trying to find a way to determine Cloudfront Origin Shield IP ranges and was wondering if by any chance it could be "CLOUDFRONT_ORIGIN_FACING" service from https://ip-ranges.amazonaws.com/ip-ranges.json ?
There are quite a few overlapping ranges from different services, its hard to just test this.
Yes, while there is no official confirmation in the documentation, I can't think of any other service with the above service code.
CLOUDFRONT_ORIGIN_FACING can only be referring to Amazon CloudFront Origin Shield.
Overlaps are fine, AWS can & will reuse IPs for various services.
I just tested a deployment with AWS Amplify and the Amazon console.
My app is based in Paris. I try to do a test with GTMETRIX (based in Canada), I get a bad "Largest Contentful Paint". More than 4.2s.
On the other hand, here in Europe, it loads very quickly (max 1 second).
I tested with a Canada based VPN, it is slow to load. In comparison, I hosted my application on another service (like Vercel or Netlify) and the loading is much faster.
I thought AWS Amplify was working with the Cloudfront CDN. I have the impression that it is not working properly given the slowness in other countries.
Can you tell me why ?
Thank you
PS : This is only a static vuejs application.
There are too many factors that leads to the slowness.
But, Yes - AWS Amplify leverages the Amazon CloudFront Global Edge Network to distribute your web app globally. To deliver content to end users with lower latency, Amazon CloudFront uses a global network of 144 Points of Presence (133 Edge Locations and 11 Regional Edge Caches) in 65 cities across 29 countries.
For debugging purpose, one thing that you can consider to try is by hosting your your static website in S3 and served through CloudFront (this article may help you to troubleshoot).
I have a CloudFormation stack which contains a CloudFront distribution resource. Our organization has subscribed to the AWS Shield Advance service and I would like to add protection to the CloudFront distribution.
I want to add it through the CloudFormation yaml template, so that I don't have to do it manually for every stack. But, it seems CloudFormation wouldn't recognize the AWS::Shield::Protection resource type.
I couldn't find any examples online and I'm wondering whether anyone knows whether it's doable?
Now you have support for it in CloudFormation.
You should use AWS::FMS::Policy .
You are correct. AWS Shield does not appear in the list of CloudFormation Resource Types.
There is, however, a CreateProtection() API call, so you could conceivably write a Lambda function as a Custom Resource in the CloudFormation template that adds protection to:
an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone
Current Stack
I am using a cloudfront to distribute my static website objects that live in an S3 bucket. I am using Route53 to handle my DNS routing and health checking.
What I'd like to accomplish
I recently came across Netlify that does Split testing between different feature Branches. I would like to stick with my current stack on AWS but would like to build in this functionality for AB testing.
What I tried
Originally, I wanted to have a Route53 serve 2 separate Cloudfront services each with their own S3 bucket. I would use Weighted Round Robin to distribute 10% of traffic to the testing environment and the other 90% to the production environment. I learned quickly that Amazon does not allow the same domain to serve 2 different Cloudfront services each serving their own S3.
The other option was to do this testing at the edge node of my cloudfront service. This would require me to serve two different objects to from the same S3, which seems very messy and not scalable.
My question
Is it even possible to replicate what Netlify does with Split testing when using AWS? If so, how can I implement it? If not, what is my next best option for AB testing a static website?
I am new here and have tried searching but could not get any answers.
I have set up Bit Torrent Sync on an EC2 micro instance with EBS attached.
The server is in Sydney which is where I spend most of my time.
However I do travel a fair bit and would like to have more locations where the files are located.
Is there a way to do this without setting up another EC2 server? I was thinking CloudFront may be helpful here but I do not know how to set it up.
Any other ideas?
Thanks in advance.
Well there's a couple of ways you can do this:
You can setup S3 with Cloudfront. Basically, you copy your static files to an S3 bucket (Global works good) and then say from the AWS console you can go to CloudFront and create a distribution for that specific bucket.
Point the the CloudFront distribution to the web server where you are hosting your files (Assuming you are using HTTP or HTTPs)
You can also specify a custom CNAME Record that you can use on your domain to point to the CloudFront distribution.
Furthermore for improved performance you can use: All Edge Locations when creating your CloudFront distribution.
Hope this helps.