I'm working on a project as an IT infrastructure engineer, and I've been approached by a DevOps engineer with a unique request. The engineer wants to set up a single DNS name (some-app.domain.com) that can point to 10 different public IP addresses, but here's the catch: they only want one A-record to be visible at any time, despite having multiple IPs. Additionally, they need to ensure that if one of the apps behind any of the IP addresses goes down, the DNS won't resolve to that address anymore. I'm also in control of the BIND DNS servers that will handle this zone. How would you approach this? They've insisted that using a load balancer or virtual IP isn't an option, so I'm curious about potential solutions that fit these constraints.
5 Answers
This request seems to align with classic load balancing concepts. However, if the DevOps engineer isn’t open to using a load balancer, you might need to suggest a DNS service that supports advanced features, like health checks. While BIND isn't suitable for this type of dynamic DNS management, other services like Route53 might work more effectively.
While technically you can use DNS to point to one IP at a time, it's not the most effective method. DNS caching means that even if one address fails, users might still hit that IP for some time. Instead, maybe look into solutions like CDNs that can perform health checks and route traffic accordingly, although that's not DNS-based.
This is a common misconception! Managing A-records in the DNS for health checks isn’t feasible directly unless you have an advanced DNS management solution. I'd point your client toward options like using an API to dynamically adjust these records or investigating whether a basic load balancer can still be an option despite their initial hesitations.
I'd encourage them to consider at least talking to network specialists about the possibility of integrating a load balancer that fits within their application constraints.
It sounds like your client is trying to implement a one-size-fits-all approach without fully grasping how DNS actually does load balancing. I recommend asking them about their overarching goals. It might be better to explore alternatives like using a reverse proxy or a load balancer, which could simplify things and provide the health checks they need.
Your client might be envisioning a setup that sounds possible but isn’t ideal. DNS isn't designed to automatically handle failover based on health checks without more advanced solutions. If possible, I'd suggest explaining why a load balancer is still the best route to take for reliable uptime and traffic management.
Route53 and similar services can definitely handle such requirements without needing to manage multiple A-records manually.