terraform-aws-cloudfront-cdn icon indicating copy to clipboard operation
terraform-aws-cloudfront-cdn copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

how to support multiple parent zones

Open rajcheval opened this issue 6 years ago • 3 comments

We are hosting 5 different sites in AWS. All of them are behind the same ALB. We want to put CDN in front of all these sites.

When I was creating CDN using your module I specified aliases for all the sites. aliases = ["int.site1.com","intblog.site2.com","intcksup.site3.com"]

parent_zone = "site1.com"

I noticed that it created DNS records for each of the aliases in one parent domain. I am trying to figure out a way to create DNS records for site2.com and site3.com parent zones. Only thing I can come up with is to use Terraform aws_route53_record to create DNS records for site2.com and site3.com. Even if I do this this module will create dns records all three aliases in parent zone for site1.

Is there a way to prevent this module from creating any DNS records for sites specified in aliases? I am ok if it only creates CDN and expects us to create all the DNS records on our own.

It does not make sense for it to create DNS records like: intblog.site2.com.site1.com intcksup.site3.com.site1.com

Thanks

rajcheval avatar Jul 20 '18 20:07 rajcheval

@rajcheval I see a couple ways we could solve this.

  1. Add an enabled flag to https://github.com/cloudposse/terraform-aws-route53-alias/, and then expose that flag (e.g. dns_aliases_enabled) in this module. Then you could setup the DNS aliases outside of this module how ever you want.
  2. Invoke this module once for every parent zone. Basically, create a distribution for each site. This requires no code changes in our modules.

osterman avatar Jul 21 '18 00:07 osterman

@osterman I like option 1 better. Since creating DNS records is tightly coupled with Cloud Front distribution creation it will cause an outage in an existing site. This is because cloudfront creation takes 15-20 minutes. I tested created CDN using just 1 alias. It was in our test environment. My site went down because a DNS record was created. Once CDN was fully enabled site came back up.

Let me know if you agree or if I am missing anything.

As long as there is no additional cost for creating many different distributions instead of 1 I would have been fine with separate distribution for each domain as long as there was no outage.

rajcheval avatar Jul 21 '18 00:07 rajcheval

@rajcheval You're right about how provisioning one will cause the outage with option (2).

If you want to submit a PR to add the enabled flags to the respective modules, we'll accept them!

Also, feel free to join our slack team to reach out to us directly: https://slack.cloudposse.com

osterman avatar Jul 27 '18 02:07 osterman