These three sample CloudFormation templates show you how to configure Amazon Route 53 Application Recovery Controller automatically.
The three templates are specific to the TicTacToe demo application deployed with a CDK script. For more information about AWS Cloud Development Kit, go to the AWS CDK documentation.
- The first template configures readiness checks. Readiness checks ensure that your recovery environment is scaled and configured to take over when needed.
- The second template configures routing controls and health checks. You use routing controls to rebalance traffic across application replicas during failures.
- The third template creates Route 53 DNS failover records. DNS failover records on health checks enable you to reroute traffic by using routing controls. (This template must be run after the first two.)
Before you deploy the CloudFormation templates, download and deploy the TicTacToe demo application by using the supplied CDK application.
The three CloudFormation templates are located in the cloudformation folder of the project.
Please make sure to install AWS CDK v2. The CDK scripts won't work with AWS CDK v1.
# Install CDK 2, if you haven't already done so
npm install -g aws-cdk@next
# Download the CDK script that allows to deploy the app
wget http://r53-application-recovery-controller-cfn-app-iad.s3-website-us-east-1.amazonaws.com/tictactoe-infra-cdk-arc-cfn-templates.zip
unzip tictactoe-infra-cdk-arc-cfn-templates.zip
cd tictactoe-cdk
pushd app
# first time only (one time operation)
npm install && cdk bootstrap
# deploy the app
cdk deploy --all --outputs-file ../out.json
popdThe application deployment takes ~10 minutes to complete. The database stack creation might take up to 10 minutes. You will be prompted 3 times for confirmation (y/n?), always answer y. Three CloudFormation stacks are created :
TictactoeAppCdkStack-us-east-1: the application stack deployed inus-east-1regionTictactoeAppCdkStack-us-west-2: the application stack deployed inus-west-2regionTictactoeDatabaseCdkStack: the database stack, deployed inus-west-2and shared by the two application stacks.
Now that the application is deployed, you are ready to depploy the Route 53 Application Recovery Controler (ARC) CloudFormation templates.
The CloudFormation templates expect the following parameters:
- AWS Regions: Regions where the TicTacToe AWS resources are deployed:
us-east-1andus-west-2 - DNS hosted zone: Update line 7 of the 'scripts/Route53-create-dns-records.sh' script with a value that corresponds to your AWS environment
- DNS domain name: Update line 6 of the 'scripts/Route53-create-dns-records.sh' script with a value that corresponds to your AWS environment
If you don't have your own DNS domain hosted on Route53, you can still deploy the HealthCheck and Routing Control templates, but not the DNS failover healthcheck records template.
The CloudFormation readiness check template is specific to the TicTacToe demo application deployed with a CDK script.
The TicTacToe CDK deployment script generates a file (out.json) that contains the ARNs of resources that are required as input parameters for the template.
This template takes the following parameters:
- The AWS Regions where the resources are located
- The demo application load balancers ARNs
- The demo application Auto Scaling group ARNs
- The demo application DynamoDB table ARN
To read the parameters and provide them as input to the template, I provide a shell script scripts/Route53-create-readiness-check.sh. It reads out.json and provides the appropriate values to the CloudFormation readiness check template.
The script deploys the stack in us-west-2region by default. You can change this by editing line 19 (REGION=us-west-2)
This template creates the following resources:
- 2 cells, one for each AWS Region
- 1 recovery group, for the whole application
- 3 resource sets, one each for the load balancers, Auto Scaling groups, and DynamoDB table
- 3 readiness checks, one for each resource set
To deploy the readiness check template, open a terminal and type the following:
# assuming you're in the main directory of this project
cd scripts
./Route53-create-readiness-check.shAlternatively, to invoke CloudFormation by using the AWS CLI, issue a command similar to the following:
REGION=us-west-2
STACK_NAME=Route53ARC-ReadinessCheck
aws --region $REGION cloudformation create-stack \
--template-body file://./cloudformation/Route53-ARC-readiness-check.yaml \
--stack-name $STACK_NAME \
--parameters ParameterKey=Region1,ParameterValue=us-east-1 \
ParameterKey=Region2,ParameterValue=us-west-2 \
ParameterKey=LoadBalancer1,ParameterValue=$LOAD_BALANCER_1_ARN \
ParameterKey=LoadBalancer2,ParameterValue=$LOAD_BALANCER_2_ARN \
ParameterKey=AutoScalingGroup1,ParameterValue=$AUTO_SCALINGGROUP_1_ARN \
ParameterKey=AutoScalingGroup2,ParameterValue=$AUTO_SCALINGGROUP_2_ARN \
ParameterKey=DynamoDBTable,ParameterValue=$DYNAMODB_TABLE_ARN \The CloudFormation routing Control template creates the cluster in Application Recovery Controller and other required routing control infrastructure.
This template takes the following parameters:
- The two AWS Regions for the application cells
The template creates the following resources:
- 1 cluster
- 1 control panel
- 2 routing controls in
us-east-1andus-west-1 - 1 safety rule, to ensure that at least one cell is active at all times
- 2 Route 53 routing control health checks
To learn about these resources and how they work, see the Amazon Route 53 Application Recovery Controller documentation.
The routing control template is independent of the readiness check template described earlier, so you can deploy the two stacks in parallel if you like.
To deploy the routing control template, open a terminal and type the following:
# assuming you're in the main directory of this project
cd scripts
./Route53-create-routing-control.shAlternatively, if you want to invoke CloudFormation by using the AWS CLI, you can issue a command similar to the following:
REGION=us-west-2
STACK_NAME=Route53ARC-RoutingControl
aws --region $REGION cloudformation create-stack \
--template-body file://./Route53-ARC-routing-control.yaml \
--stack-name $STACK_NAMEYou can use the DNS records template to configure the following required Route 53 DNS failover records for the routing control health checks:
- An A ALIAS PRIMARY failover record: Points to the TicTacToe demo application load balancer deployed in
us-east-1 - An A ALIAS SECONDARY failover record: Points to the TicTacToe demo application load balancer deployed in
us-west-2
After you deplopy the template, the DNS records are associated with the corresponding routing control health checks that were created earlier. The failover records enable you to use the routing controls to failover traffic in Application Recovery Controller.
This template uses the following parameters:
- The TicTacToe demo application load balancer DNS names and Hosted Zone Ids. These are provided as output by the application CDK script that you run earlier, in the file
out.json. - The health check ids tnat are created when you deploy the routing control template. The routing control CloudFormation stack returns these values as output.
- A Route 53 hosted zone ID. This is the domain name where you want to create the DNS records. For this demo, I hardcoded my DNS domain,
seb.go-aws.comin the shell script, but you must use your own domain.
To read the parameters and provide them as input to the template, I provide a shell script scripts/Route53-create-dns-records.sh. It reads out.json and provides the appropriate values to the CloudFormation readiness check template.
WARNING
YOU MUST CHANGE THE DNS DOMAIN NAME AND DNS HOSTED ZONE ID BEFORE YOU DEPLOY THIS TEMPLATE
As noted at the top of this README, update the following values to fit your environment:
- DNS hosted zone: Update line 7 of the
scripts/Route53-create-dns-records.shscript with a value that corresponds to your AWS environment- DNS domain name: Update line 6 of the
scripts/Route53-create-dns-records.shscript with a value that corresponds to your AWS environment
To deploy the Routing Control template, open a terminal and type the following:
# assuming you're in the main directory of this project
cd scripts
./Route53-create-dns-records.shAlternatively, if you want to invoke CloudFormation using the AWS CLI, you can issue a command similar to the following:
REGION=us-west-2
STACK_NAME=Route53-dns-records
ROUTE53_HEALTHCHECKID_CELL1=$(aws --region $REGION cloudformation describe-stacks --stack-name Route53ARC-RoutingControl --query "Stacks[].Outputs[?OutputKey=='HealthCheckIdEast'].OutputValue" --output text)
ROUTE53_HEALTHCHECKID_CELL2=$(aws --region $REGION cloudformation describe-stacks --stack-name Route53ARC-RoutingControl --query "Stacks[].Outputs[?OutputKey=='HealthCheckIdWest'].OutputValue" --output text)
aws --region $REGION CloudFormation create-stack \
--template-body file://./cloudformation/Route53-DNS-records.yaml \
--stack-name $STACK_NAME \
--parameters ParameterKey=LoadBalancerDNSNameEast,ParameterValue=$LOAD_BALANCER_1_DNS \
ParameterKey=LoadBalancerDNSNameWest,ParameterValue=$LOAD_BALANCER_2_DNS \
ParameterKey=LoadBalancerHostedZoneEast,ParameterValue=$LOAD_BALANCER_HOSTEDZONE_EAST \
ParameterKey=LoadBalancerHostedZoneWest,ParameterValue=$LOAD_BALANCER_HOSTEDZONE_WEST \
ParameterKey=DNSHostedZone,ParameterValue=$DNS_HOSTED_ZONE_ID \
ParameterKey=DNSDomainName,ParameterValue=$DNS_HOSTED_ZONE_NAME \
ParameterKey=DNSHealthcheckIdEast,ParameterValue=$ROUTE53_HEALTHCHECKID_CELL1 \
ParameterKey=DNSHealthcheckIdWest,ParameterValue=$ROUTE53_HEALTHCHECKID_CELL2
Send your questions or feedback to stormacq@amazon.com