Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service.
Alongside, AWS also introduced the Route 53 health checks, which can be configured to route the traffic between your Primary and Secondary sites for High Availability.
These health checks used to be based on the Public IPv4 addresses. Recently, AWS enhanced this feature and introduced the domain name health checks. This new option will help the customers in a better way to manage the availability of their services.
Using Domain name based health checks with CloudWatch alarms, we can create a distributed monitoring system for Amazon AWS resources like EC2, Elastic Cache and RDS Public Subnet or EC2-Classic resources.
Right now, Route 53 health checks support only publicly reachable resources.
With traditional monitoring systems like Nagios or Opsview, resources or services availability of an application and URL monitoring will be from a single instance and from a fixed location. This is a single point of failure and will be difficult to achieve high availability in monitoring.
With Route 53 enhanced health checks, we can monitor all our EC2-Classic and VPC public subnet machines availability, services monitoring from the different geographical locations of Amazon AWS Network. And, we can also do URL monitoring for all our applications like Pingdom does it for us from different geographical locations of the world.
In addition, we can even monitor our in-house or co-location applications availability, where they hosted for external usage.
We can create the health checks for HTTP/HTTPS/TCP based protocol services and choose the Request Interval, failure threshold and then create a cloud watch alarm to alert us in case of failure. If we have a custom response for any URL other than standard 200 or 302, we can provide the “Search String” and if the results match to that string, it will be considered as a successful one.
AWS published the list of current IP ranges used by Amazon Route 53 health checkers here. You can open these range of IP Addresses in Security Groups for monitoring your services. It would be a good practice to create a new separate security group and add allow the IP Addresses and attach it to the instance while launching the instance.
What’s missing now in Route 53 Health Checks?
Private IP addresses or private DNS health checks monitoring is still missing in the Route 53 health checks. Since AWS is forcing everyone to use VPC, supporting private resources monitoring will add a great feature to the health checks.