0

I have two CloudFront distributions A and B.

Assigned CNAMEs to distribution A (blue.domain.com and domain.com) and created appropriate SSL certificates. In Route53 I can assign an alias for distribution (e.g. domain.com -> blue.domain.com)

Regarding to aws docs I can't assign the same CNAME to distribution B (green.domain.com and domain.com) because CNAME domain.com has already been assigned to distribution A.

I was intended to switch traffic between blue/green distributions using Route53. E.g. domain.com points blue.domain.com and then make domain.com points to green.domain.com

So this approach doesn't work. I've found another one:

  • Update Route53 to anticipated CloudFront distribution
  • Remove CNAME from Blue
  • Add CNAME to Green

But it leads to both distributions A & B downtime and requires several manual steps.

Is there any different way to achieve blue/green switching?

Mikhail Katrin
  • 2,304
  • 1
  • 9
  • 17
  • Can you switch the origin of the distribution instead? – jellycsc Apr 08 '21 at 23:16
  • @jellycsc No I can't do that. I have two independent deployed stacks – Mikhail Katrin Apr 09 '21 at 09:13
  • As cloudfront identifies distribution from host header or sni, blue/green isn’t going to be smooth because adding removing cname may take time, origin failover could help . – James Dean Apr 09 '21 at 13:55
  • @JamesDean It could help if CF behaviors would be the same in blue and green but they can be different. So switching to different origin doesn't work for this scenario – Mikhail Katrin Apr 09 '21 at 14:09
  • If you don’t plan to change origin, falling back to a different distribution doesn’t make sense because cloudfront is shared and of something is wrong at cloudfront , it will affect others as well, however if origin has a problem so I guess you can use lambda@edge to change origin on the fly aa changing cname and alsp origin failover will take time , example in 504s, origin failover would wait till the timeout set. – James Dean Apr 10 '21 at 05:30

0 Answers0