Configuring High Availability with CloudFront Distribution
Question
You use a CloudFront distribution for a custom origin in EC2
To achieve high availability, you want to add a secondary origin in the same CloudFront distribution.
If the primary origin is unavailable or returns certain HTTP error codes, CloudFront should automatically switch to the secondary origin.
How would you configure it most appropriately?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: C.
Option A is incorrect because you can only configure a custom error page in “settings > Error Pages”
You cannot achieve the failover requirement in the question.
Option B is incorrect because you cannot directly add priority settings in the origins.
Instead, you need to create an origin group.
Option C is CORRECT because you can use the origin group to configure failover routings in a CloudFront distribution:
Option D is incorrect because a Route 53 record cannot be selected as an origin in a CloudFront distribution.
Reference:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html
The most appropriate way to configure a secondary origin for a CloudFront distribution to achieve high availability is by creating an origin group with the two origins that routes requests to the secondary origin for failover. This can be done by configuring an origin group with the two origins, where CloudFront will route traffic to the primary origin by default, but in case of failure, it will automatically route traffic to the secondary origin. This can be achieved by following these steps:
- Go to the Amazon CloudFront console, select the distribution for which you want to add a secondary origin, and click on the “Origins and Origin Groups” tab.
- Click on the “Create Origin Group” button to create a new origin group.
- Enter a name for the origin group and select the two origins you want to include in the group.
- Configure the failover behavior by selecting “Custom” for the “Origin Group Failover Criteria” and selecting the HTTP error codes that should trigger a failover to the secondary origin.
- Save the origin group.
By creating an origin group and configuring failover behavior in this way, CloudFront will automatically switch to the secondary origin if the primary origin is unavailable or returns certain HTTP error codes, ensuring high availability for your application.
Option A, configuring a failover error page in the secondary origin, is not the best approach because it does not guarantee that CloudFront will switch to the secondary origin in case of failure. Option B, adding different priorities such as “primary” and “secondary” in the origins, is also not the best approach because it does not provide failover behavior. Option D, modifying the origin to be a Route 53 record and creating a failover policy in the Route 53 record, is a valid approach, but it is not the most appropriate for this scenario since it requires additional configuration in Route 53, whereas configuring an origin group is a simpler and more straightforward solution.
