DEV Community

Cover image for Failover Architecture on AWS(Part 1/4)

Posted on

Failover Architecture on AWS(Part 1/4)


Nowadays it is important to have highly accessible architecture on production servers to prevent unpleasant situations e.g. service unavailability. So, here in Appus Studio we have some good solutions for it and in this article, I will show the easiest way to configure the failover system in AWS.

Let’s take a look how our sсheme will look like:

Alt Text

In this example, we will use services such as EC2, Route53 and Certificate Manager.
Let’s clarify our next steps:
       1. Request SSL certificate on Certificate Manager
       2. Create Classic Load Balancer
       3. Create Launch Template
       4. Create Auto Scaling group
       5. Attach DNS name of Load Balancer in Route53

After we have outlined our action plan, we can start configuring all of this.
So let’s request for SSL certificate on the Certificate manager. In the search toolbar enter "Certificate Manager" and click on it. Next, you have to choose to import your own SSL certificate or you can request it right here on AWS. The important thing here is you have to own domain name and make sure that you can create a recordset.
Before requesting your certificate, you need to transfer the domain name under the management of AWS. In this article, I will skip that part and you can find a lot of information on how to do it, just "google" it :)
Now, I will request an SSL certificate on AWS. Choose “Request a public certificate” and then hit “Request a certificate”. Then you have to enter your domain e.g. or you can generate a wildcard SSL certificate by entering * it will allow you to have as much as you want subdomains for, but this certificate will not work for In my case, I will create a wildcard SSL certificate for the corporate domain and hit “Next”. For verification, I will choose “DNS validation”. Next, we will need to add a tag to our certificate, you can add anything that you want, in my case this will be Key=Name and Value=appus.thebest then left-click on “Review” and “Confirm and request”. Since the domain name is managed by AWS this is very convenient to confirm that we are truly the owner of the domain name. All I need is to click the arrow near to the domain, then the tab comes off and then click on create a CNAME record in Route53. Once it is confirmed you can see on the Status bar “Issued”. Congrats, we just requested an SSL certificate for our Load Balancer.

Alt Text

On this the first part of the article ends and in the next part I will show how to configure the load balancer. See you!

Top comments (0)