DNS FailOver

edited November 2020 in Technical

Looking into basic Fail Over options for a website or service. Cloudns offers a failover dns service that would fit the bill well. Although I don't want to use them as my DNS. Thinking I could achieve the same thing with a basic cron script utilizing Vultr, CloudFlare or other DNS provider with DNS services and API. Essentially a site, service, or port monitor that can switch DNS settings if found to be down. Anyone have anything like that already written up they would be willing to share or found themselves?

Additionally Cloudflare offers a few "Free" Workers. Can those be utilized to run the scheduled script instead perhaps?

Edit: Ideally I would like a script that can eventually be changed as needed with just new provider API commands making the DNS provider easily changeable if desired.

Comments

  • edited November 2020

    @sureiam said: Although I don't want to use them as my DNS.

    Why? Route53 provides this - but likely ClouDNS would be less money depending on number of zones, healthy checks, etc.

  • edited November 2020

    @aaronstuder said:

    @sureiam said: Although I don't want to use them as my DNS.

    Why? Route53 provides this - but likely ClouDNS would be less money depending on number of zones, healthy checks, etc.

    In addition to cost (which I know there are some coupons and other ways to get that basically free) I would prefer to have a script that's easily interchangeable between providers. Route53 or ClouDNS would lock me in if I want FailOver. I don't like being locked into one domain registrar or DNS if possible. Not that I'm changing frequently but they are the basic foundation of every site or service so it's nice to have something that's flexible.

  • @aaronstuder said:

    @sureiam said: Although I don't want to use them as my DNS.

    Why? Route53 provides this - but likely ClouDNS would be less money depending on number of zones, healthy checks, etc.

    I too would be interested to know why - I signed up with them about 5 months ago after trialling the free plan and it seems like a decent service so far.

  • i am a fan of ClouDNS --- to me they are like having a black belt with dns and they can kick ass.

  • edited November 2020

    @BusterWolf said:

    @aaronstuder said:

    @sureiam said: Although I don't want to use them as my DNS.

    Why? Route53 provides this - but likely ClouDNS would be less money depending on number of zones, healthy checks, etc.

    I too would be interested to know why - I signed up with them about 5 months ago after trialling the free plan and it seems like a decent service so far.

    Let's say 5 years down the line you decide to use a different DNS provider. You now have to recreate everything from scratch or give up features you appreciate. It's just preferred for me to do put in the extra effort from the start and create a provider independent solution then set it and forget (except maybe testing it once a year).

    Edit: Also Cloudns only provides free DNS for 1 domain. That's not gonna cut it for me and I am very happy with the free DNS providers and their impressive Anycast networks. But it's mostly because of the desire to have provider flexibility in my solution.

  • @sureiam said: provider flexibility in my solution

    All you (ideally) need is: https://github.com/AnalogJ/lexicon

    Thanked by (1)sureiam
  • @nullnothere said:

    @sureiam said: provider flexibility in my solution

    All you (ideally) need is: https://github.com/AnalogJ/lexicon

    Geez, how have I never run across this before!? That's Fantastic thanks for sharing. Still need to write up the rest of the script though to check a site or ping a port (which I'm not very good at). But thats really nice to have in my back pocket for sure.

  • @sureiam said: to check a site or ping a port

    IMHO, that is relatively small and straightforward (vs dealing with myriad DNS provider APIs). Also, beware that there is some not-too-small latency with many providers before the DNS change is "refreshed". Usually I've had the best/lowest latency on the changes with Cloudflare (they seem to have overall best anycast network with excellent propagation times).

    Needless to say be careful/wary with your API tokens (some of them are downright dangerous as they are account level tokens that can do a lot of damage to ALL your DNS records). How I wish there were more single DNS record tokens (somewhat akin to the dynamic DNS updates for a single host).

  • @nullnothere said:

    @sureiam said: to check a site or ping a port

    IMHO, that is relatively small and straightforward (vs dealing with myriad DNS provider APIs). Also, beware that there is some not-too-small latency with many providers before the DNS change is "refreshed". Usually I've had the best/lowest latency on the changes with Cloudflare (they seem to have overall best anycast network with excellent propagation times).

    Needless to say be careful/wary with your API tokens (some of them are downright dangerous as they are account level tokens that can do a lot of damage to ALL your DNS records). How I wish there were more single DNS record tokens (somewhat akin to the dynamic DNS updates for a single host).

    Yea that's one thing I really appreciate about S3 style data management. The ability to lock users to specific buckets and commands. I would love that level of control over DNS API commands in a script.

  • @sureiam said:

    @BusterWolf said:

    @aaronstuder said:

    @sureiam said: Although I don't want to use them as my DNS.

    Why? Route53 provides this - but likely ClouDNS would be less money depending on number of zones, healthy checks, etc.

    I too would be interested to know why - I signed up with them about 5 months ago after trialling the free plan and it seems like a decent service so far.

    Let's say 5 years down the line you decide to use a different DNS provider. You now have to recreate everything from scratch or give up features you appreciate. It's just preferred for me to do put in the extra effort from the start and create a provider independent solution then set it and forget (except maybe testing it once a year).

    Right, so it's not a problem with ClouDNS as such, you just don't want to be tied to a provider - fair enough. As a relatively new customer I thought you might have had some kind of issue it'd be worth knowing about.

    Edit: Also Cloudns only provides free DNS for 1 domain. That's not gonna cut it for me and I am very happy with the free DNS providers and their impressive Anycast networks. But it's mostly because of the desire to have provider flexibility in my solution.

    I avoid free services, generally speaking - trust issues, perhaps.

  • InceptionHostingInceptionHosting Hosting ProviderOG

    @BusterWolf said: I avoid free services, generally speaking - trust issues, perhaps.

    me too however I do like to support Freemium i.e. when they have a free tier so you can check shit out first and even stay on the free tier of you want but you can get the real 'power' when you pay, runcloud for example.

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • BusterWolfBusterWolf OGRetired
    edited November 2020

    @AnthonySmith said:

    @BusterWolf said: I avoid free services, generally speaking - trust issues, perhaps.

    me too however I do like to support Freemium i.e. when they have a free tier so you can check shit out first and even stay on the free tier of you want but you can get the real 'power' when you pay, runcloud for example.

    I've no issue with that doing that myself, if the free tier is fully-featured enough to properly trial a service, but limited enough to make sure folks can't sit on the free tier forever - ClouDNS being a good example, Cloudflare being an example of a service I don't trust.

  • tetechtetech OG
    edited November 2020

    I have done a similar thing to this integrating both HetrixTools and UptimeRobot so that it uses a "proper" monitoring service. Works with both their free and paid tiers. Or you could use cloudping.

    I then "translate" the webhook call from these services to the DNS API using python. The translation function is hosted on AWS Lambda and is below their "always free" level. I put it at AWS because I do not have anything else there, i.e. I want it to be kept separate from the stuff I am monitoring. I've done this in real life and my charges have been $0. However, you could put it wherever you want.

    The output of the translation is a call to the DNS API. In my case, I use NS1 and simply flag the host as up/down; the NS1 filter chain takes care of the rest. I also did this for Oracle DNS. It would be pretty easy to substitute another DNS provider's API. In reality I'm doing two updates per trigger, because I do not rely on a single DNS provider and thus have NS records for two providers per domain.

    I put a tutorial at HT, but if any questions you're welcome to bring them here.

    Thanked by (3)Naix sureiam nullnothere
  • @tetech said:
    I have done a similar thing to this integrating both HetrixTools and UptimeRobot so that it uses a "proper" monitoring service. Works with both their free and paid tiers. Or you could use cloudping.

    I then "translate" the webhook call from these services to the DNS API using python. The translation function is hosted on AWS Lambda and is below their "always free" level. I put it at AWS because I do not have anything else there, i.e. I want it to be kept separate from the stuff I am monitoring. I've done this in real life and my charges have been $0. However, you could put it wherever you want.

    The output of the translation is a call to the DNS API. In my case, I use NS1 and simply flag the host as up/down; the NS1 filter chain takes care of the rest. I also did this for Oracle DNS. It would be pretty easy to substitute another DNS provider's API. In reality I'm doing two updates per trigger, because I do not rely on a single DNS provider and thus have NS records for two providers per domain.

    I put a tutorial at HT, but if any questions you're welcome to bring them here.

    As we say you my friend are a "scholar and a saint". Thanks that's exactly what I was looking for!

Sign In or Register to comment.