Search for Well Architected Advice
< All Topics
Print

How do you use highly available network connectivity for workload public endpoints?

Use highly available network connectivity for your workload public endpoints

Building highly available network connectivity to public endpoints of your workloads can help reduce downtime due to connectivity issues and improve the overall availability and SLA of your workloads. To achieve this, leverage highly available DNS, content delivery networks (CDNs), API gateways, load balancing, and reverse proxies. This approach ensures that public-facing services are resilient and can handle disruptions effectively.

Establish network availability champions in each team: Assign network availability champions within each workload team to oversee network connectivity for public endpoints. These champions are responsible for designing and implementing solutions that use highly available network components, such as DNS, CDNs, and load balancers, to ensure continuous connectivity for public services.

Provide training on building highly available network solutions: Train builder teams on the best practices for building highly available network connectivity for public endpoints. Training should include the use of DNS failover, content delivery networks, load balancing techniques, and reverse proxies. Proper training ensures that builder teams can effectively design and maintain network connectivity solutions that improve availability.

Develop network connectivity guidelines and standards: Create clear guidelines for using highly available network components to improve connectivity for workload public endpoints. These guidelines should cover the use of DNS with failover capabilities, API gateways for scalability, CDNs for distributing content, and load balancers to manage traffic. Documented best practices ensure consistency and reliability across public-facing workloads.

Integrate network availability testing into CI/CD pipelines: Integrate testing for network availability into CI/CD pipelines to validate the resilience of public endpoints. Automated tests can simulate network disruptions and verify the effectiveness of highly available solutions like DNS failover, load balancing, and CDN redundancy. This proactive approach helps ensure workloads remain accessible even during network failures.

Define automated guardrails for highly available network configurations: Use automated tools to create guardrails that enforce the use of highly available network components. Tools like AWS Route 53, Amazon CloudFront, and AWS Elastic Load Balancing can help enforce best practices for connectivity. Automated guardrails ensure that builder teams implement highly available network solutions consistently.

Foster a culture of network resilience: Encourage builder teams to prioritize network resilience when designing public-facing services. Recognize and reward proactive implementation of highly available network connectivity solutions. Open discussions about network failures and how they were mitigated can help create a culture of continuous improvement and resilience.

Conduct regular network connectivity reviews: Schedule regular reviews to assess the network connectivity of workload public endpoints. Evaluate the effectiveness of highly available components and identify areas for improvement. These reviews help maintain a focus on ensuring public-facing workloads are resilient to connectivity issues.

Leverage automation for consistent network configurations: Use Infrastructure as Code (IaC) tools like AWS CloudFormation or AWS CDK to automate the deployment of highly available network components. Automating these processes ensures consistency across environments and reduces the risk of manual errors that could lead to connectivity issues.

Provide dashboards for network connectivity visibility: Use dashboards to provide visibility into the availability of public endpoints and the health of network components. Tools like Amazon CloudWatch and AWS Route 53 health checks can help track availability metrics and provide alerts for connectivity issues. Dashboards help teams monitor the resilience of public endpoints and address issues proactively.

Supporting Questions

  • How do you ensure that builder teams use highly available network components for workload public endpoints?
  • What mechanisms are in place to validate that public endpoints are resilient to connectivity issues?
  • How do you align network availability practices with organizational standards for reliability and SLAs?

Roles and Responsibilities

Network Availability Champion (within Builder Team)

Responsibilities:

  • Design and implement network solutions that ensure high availability for public endpoints.
  • Monitor and maintain network connectivity components such as DNS, load balancers, and CDNs to ensure continuous service availability.

Application Developer

Responsibilities:

  • Implement application features while ensuring that public endpoints are designed with highly available network components.
  • Use automated tools to validate network connectivity and resilience during the development and testing phases.

Operations Team Member

Responsibilities:

  • Assist builder teams with configuring highly available network components and monitoring connectivity.
  • Provide guidance and training to ensure alignment with best practices for network resilience and high availability.

Artifacts

Network Connectivity Guidelines and Standards: A document outlining best practices for using highly available DNS, load balancing, CDNs, and other network components for public endpoints.

Training Resources for Highly Available Network Solutions: Hands-on labs, workshops, and documentation to help teams understand how to design and implement highly available network connectivity.

Automated Network Configuration Templates: Scripts and configurations that automate the deployment of highly available network components across environments.

Relevant AWS Services

Training and Awareness Tools:

  • AWS Skill Builder and AWS Well-Architected Labs: Resources for learning about building highly available network solutions and best practices for network resilience.
  • AWS Trusted Advisor: Provides insights into network configurations and recommendations for improving availability.

Highly Available Network Components and Guardrails:

  • AWS Route 53: Manages DNS with failover capabilities to ensure public endpoints are highly available.
  • Amazon CloudFront: Distributes content globally with redundancy, improving availability for users.
  • AWS Elastic Load Balancing: Distributes incoming traffic to multiple targets, ensuring availability and resilience.

Monitoring and Visibility Tools:

  • Amazon CloudWatch: Tracks availability metrics, monitors the health of network components, and generates alerts for connectivity issues.
  • AWS Route 53 Health Checks: Monitors the health of public endpoints and helps route traffic away from unhealthy resources.
  • AWS CloudFormation: Codifies network configurations to automate and standardize highly available network components across environments.
Table of Contents