Achieve resilient cloud applications through managed DNS

Harnessing DNS for traffic steering, load balancing, and intelligent response.

By Mark Wilkins
April 30, 2018
Structural focus Structural focus (source:

When designing cloud architecture, it’s critical to consider that your applications could be affected by failures and that you must be prepared to respond to those failures quickly and effectively. Downtime and slow service have a high price in today’s highly connected world, and customers have little patience for slow or disrupted service. Managed DNS, as your gateway to the internet, can provide improved resilience to ensure your applications are always available. If your organization relies on a single point of failure in terms of DNS, you’re open to system failure due to disasters of both technical and natural origins from power outages to sophisticated attacks.

As the pace and complexity of application development and delivery have increased, the role of DNS has changed considerably. Originally, DNS was a simple on-premises location service for matching IP addresses to correct hostnames. As applications have moved from local data centers to the public cloud, the role of DNS has expanded to the current role of a sophisticated director, controlling global and site load balancing, traffic steering, and providing intelligent response to user requests.

Learn faster. Dig deeper. See farther.

Join the O'Reilly online learning platform. Get a free trial today and find answers on the fly, or master something new and useful.

Learn more

Modern hybrid applications typically utilize public cloud components, including content delivery networks and cloud storage. All of these components need to communicate seamlessly despite any connectivity issues—meaning resiliency is critical. Historically, applications were developed in a self-contained localized data center, making connectivity issues smaller in scale and therefore easier to solve. Today, however, essential system components and the cloud application itself depend on managed DNS services. Adding to the complexity is the fact that modern users are mobile, working from multiple locations. Therefore, access to applications as a mobile user depends on DNS more than ever.

Today, even the best-designed application cannot achieve a high level of resiliency without addressing DNS services. Considering the significant change in the role of DNS in recent years, it can be easy to underestimate how critical DNS services are to the success of hosted cloud applications. Resiliency provided by managed DNS allows applications to recover quickly and maintain service against any number of difficulties—and to be resilient, your DNS strategy needs to be flexible, scale to meet demands, and provide failover when necessary. Managed DNS services, when implemented properly, allow your application and its cloud components to operate successfully without fail. For example, when a site location is experiencing connectivity issues, managed DNS would redirect to an alternate site, automatically.

Monitoring is critical for resiliency

In the modern age of site reliability, service availability must be continuous. Few things are as crucial to maintaining resilient applications as monitoring. Services running in the cloud must be continuously monitored to ensure proper operation. Monitoring services provide customers and cloud providers real-time data on a variety of key metrics. More importantly, monitoring alerts customers and service providers when availability is threatened and action must be taken to maintain resiliency. Thus, monitoring assists in providing an operational and performance baseline and aids in overall reliability.

In the case of traffic management, service endpoints can be monitored through continual health checks that verify that the expected resources are available and functioning. This allows for traffic to be redirected, and thereby maintains availability. Failure of an endpoint to pass a health check results in prompt redirection to alternate resources and requests for additional resources that will be automatically provisioned on demand. Additionally, you need to monitor the internet and service points between your endpoints to ensure these pathways are fully functional and your services maintain availability. Customer-designed policies and rules can be crafted for optimal traffic flow within each global endpoint and site location.

Managed DNS services can simplify operations and improve resiliency

Monitoring provides significant benefits, but only if you’re able to act on monitoring alerts and have the resources available to sustain the required resiliency and performance of each application. Monitoring services can provide improved resiliency, offer fast routing options for global DNS queries, simplify DNS-related operations for your internal staff, and protect your applications against unforeseen risks by reacting automatically to any technical issues or a natural disaster.

Beyond the known risks facing system stability and availability, moving applications to the cloud can introduce new threats, including sophisticated distributed denial of service (DDoS) attacks that can quickly overwhelm DNS servers that don’t have the capacity to scale. DDoS attacks have grown in both frequency and severity in the last few years, and they’re only expected to continue growing in severity. Few (if any) individual organizations have the ability to mitigate these large-scale attacks using internal DNS resources. A managed DNS service supplies built-in resilience and high availability with multiple global points of presence, and the ability to scale based on demand. With in-depth monitoring of the managed DNS services by the cloud provider, the overall health and performance of the DNS service itself is continually monitored.

DNS also impacts performance. When a user makes an application request, DNS locates the data records, and determines the best and most efficient location from which to retrieve the data based on the location of the user. In the case that DNS monitoring finds the master server unavailable, DNS can be used to seamlessly redirect database requests to predetermined, available servers. Web applications often comprise hundreds of data requests, each requiring a DNS lookup. Each lookup incurs a small, incremental amount of latency. But hundreds of lookups can add several seconds of page loading, which can result in poor performance and even failed completions (timeouts). These delays and failed completions represent lost opportunities as users leave the site.

Without seamless DNS services, continued operation of key applications can quickly become an issue. When problems are detected, active failover should re-route traffic away from outages or hotspots as quickly as possible. As previously mentioned, managed DNS can perform resource health checks to ensure that resources are functioning properly and are able to honor user requests promptly, improving the resiliency of your application. With the support of managed DNS services, a well-architected, resilient application will continue to function and meet demand; even with unexpected failures of compute and storage components in one location, other resources will be present to maintain operations.

DNS also plays a major role in successful and resilient traffic flow. Policies and rules provide the intelligence required to steer traffic successfully across hybrid resources, ensuring resources are always available. Depending on the application requirements, resources may be deployed worldwide in multiple geographic regions. Larger scale application deployments require both global and local traffic policies that provide the desired resiliency and failover. Examples of traffic steering policies include failover scenarios, global load balancing, and health checks that continually monitor resources and route traffic as necessary to the required resources.

Overcome the unexpected with managed DNS

The need for scale, performance, and reliability of hosted cloud applications in today’s world requires a proactive DNS strategy. Yet, DNS is just one aspect of resiliency, and most organizations don’t have the resources or the desire to spend significant time on DNS services—they simply want and need DNS services to work quickly and unfailingly in the background. Hosted cloud applications and their associated services face extreme demands for flexibility, performance, and reliability by users. To be successful, customers must craft an acceptable application SLA based on reliability, performance, and resiliency. Managed DNS services rise to meet the resiliency challenges facing today’s enterprises, simplifying operations, and allowing your staff to focus on other demands.

This post is a collaboration between O’Reilly and Oracle Dyn. See our statement of editorial independence.

Post topics: Software Architecture