This topic describes how to use Global Accelerator (GA) to accelerate applications that are deployed across regions and configure disaster recovery to ensure the high availability of the applications.

Background information

The headquarters of a financial enterprise is located in the US (Silicon Valley) region and the branch of the enterprise is located in the US (Virginia) region. The clients are located in China and Japan. To ensure that the application can run as normal and reduce potential risks, the application must meet the following requirements in terms of reliability:
  • If errors occur in the headquarters in the US (Silicon Valley) region, the enterprise can fail over to the branch in the US (Virginia) region.
  • Network issues that are caused by unstable cross-region Internet connections, such as network latency, network jitter, and packet loss, must be reduced.
GA disaster recovery

You can create a GA instance, specify Japan (Tokyo) and China (Hong Kong) as acceleration regions, and then add Endpoint Group 1 and Endpoint Group 2 in the US (Silicon Valley) and US (Virginia) regions where the application is deployed. GA forwards client requests to endpoint groups based on their priorities and traffic distribution ratios.

You can enable the health check feature for multiple endpoint groups. If the endpoint group deployed in the headquarters fails to pass the health check, GA distributes new requests to the healthy endpoint group that is deployed in the branch. After the unhealthy endpoint group recovers, GA distributes requests to the endpoint group again. This ensures the high availability of the application that is deployed across regions and reduces network latency.

In addition, you can configure DNS settings based on the CNAME that is allocated by GA. After you complete the configurations, Alibaba Cloud DNS checks the sources of client requests and returns accelerated IP addresses based on the geographical locations of end users. This reduces network latency and accelerates access to the application. If errors occur in the Japan (Tokyo) region, you can fail over to the China (Hong Kong) region and distribute client requests to the global transmission network of Alibaba Cloud. This ensures the high availability of acceleration regions.

Procedure

Procedure for configuring disaster recovery

Step 1: Purchase a GA service bundle

You can enter the information about the web service in the GA console. After you enter the information, the system generates a list of recommended services. The list includes a GA instance and a basic bandwidth plan.

  1. Log on to the Global Accelerator console.
  2. In the upper-right corner of the Instances page, click Purchase Guide.
    Note If this is the first time that you use the GA service, skip this step.
    Purchase Guide
  3. In the Enter the required information to generate a list of recommended services section, enter the required information and click Generate Service List.
    Parameter Description
    Acceleration Area Select the region that requires acceleration.

    In this example, China (Hong Kong) and Japan are selected.

    Service Region Select the region where the backend servers are deployed.

    In this example, US (Silicon Valley) and US (Virginia) are selected.

    ICP Filing Specify whether you have applied for an Internet Content Provider (ICP) number for the domain name of the application.

    In this example, No is selected.

    Server Area Specify whether the backend service is deployed on Alibaba Cloud.

    In this example, On Alibaba Cloud is selected.

    Peak Bandwidth Range Enter the bandwidth required during peak hours. Unit: Mbit/s.

    10 is entered in this example.

    Maximum Concurrent Connections The maximum number of concurrent connections that a GA instance supports. When the number of existing concurrent connections reaches the upper limit, new connection requests are dropped.

    In this example, 5 Thousand is selected.

  4. In the Recommended Service List section, click Generate Service List after you confirm the information.
    Service bundle for disaster recovery
    Note The instance configurations in Recommended Service List provide the most cost-effective plan to run your services. You can also change the instance configurations on the buy page.
  5. On the buy page, set the following parameters and click Buy Now to complete the payment.
    Parameter Description
    Term Select the subscription duration.
    Note The subscription duration applies to the services in the recommended service bundle. For example, if you set Term to 1 Year, the subscription duration of the specified GA instance and basic bandwidth plan is set to one year.
    Specification Select a specification for the GA instance.

    In this example, Small Ⅱ is selected.

    Bandwidth Type Select a bandwidth type for the basic bandwidth plan.

    In this example, Premium is selected.

    Peak Bandwidth Select the bandwidth limit of the basic bandwidth plan.

    In this example, 10 Mbit/s is selected.

Step 2: Add an acceleration area

After you purchase a GA instance, you can add an acceleration area, specify the region where users are located, and then allocate bandwidth to the region.

  1. On the Instances page, find the GA instance that you created in Step 1: Purchase a GA service bundle and click the instance ID.
  2. On the instance details page, click the Acceleration Areas tab. Then, click the Asia Pacific tab and click Add Region.
    For more information about acceleration areas and regions, see Overview.
  3. In the Add Acceleration Area dialog box, set the following parameters and click OK.
    Parameter Description
    Regions Select the region where the users that require the acceleration service are located.

    In this example, China (Hong Kong) is selected.

    Bandwidth Allocate bandwidth to the region.

    5 Mbit/s is entered in this example.

    Internet Protocol Select the Internet protocol that is used by the users to connect to GA.

    In this example, IPv4 is selected.

  4. Repeat the operations from Substep2 to Substep3 to add Japan as the acceleration region on the Asia Pacific tab and allocate 5 Mbit/s of bandwidth to the region.
You can view information about the acceleration area in the GA console. The following figure shows the configurations in this example.Acceleration area

Step 3: Add a listener and endpoint groups

A listener listens for connection requests and distributes the requests to endpoints based on the port and protocol that you specify. Each listener is associated with an endpoint group. You can associate an endpoint group with a listener by specifying the region to which you want to distribute network traffic. After you associate an endpoint group with a listener, network traffic is distributed to the optimal endpoints in the endpoint group.

  1. On the instance details page, click the Listeners tab and then click Add Listener.
  2. On the Configure Listener & Protocol wizard page, specify the following listener information and click Next.
    Listener
    Parameter Description
    Listener Name Enter a name for the listener.

    The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

    Protocol Select a protocol for the listener.

    In this example, TCP is selected.

    Port Number Specify a listener port. The port is used to receive and forward requests to endpoints. Valid values: 1 to 65499.

    In this example, 80 is entered.

    Client Affinity Specify whether to enable client affinity. If client affinity is enabled, requests from the same client are forwarded to the same endpoint when the client connects to a stateful application.

    In this example, Source IP Address is selected.

  3. On the Configure Endpoint Group wizard page, set the following parameters for Endpoint Group 1.
    Parameter Description
    Endpoint Group Name Enter a name for the endpoint group.

    The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

    Region Select the region where you want to create the endpoint group. The servers that the clients want to access must be deployed in the specified region.

    In this example, US (Silicon Valley) is selected.

    Note The regions of endpoint groups must be unique. This means that you can create only one endpoint group in each region.
    Traffic Distribution Ratio Set the traffic distribution ratio for the endpoint group.
    Unit: %. Valid values: 0 to 100. In this example, 50 is entered.
    Backend Service Specify whether the backend service is deployed on Alibaba Cloud.

    In this example, Alibaba Cloud is selected.

    Preserve Client IP Specify whether to preserve client IP addresses. After you enable this feature, backend servers can retrieve client IP addresses.

    In this example, client IP address preservation is disabled.

    Endpoint Endpoints are destinations of client requests. To add an endpoint, specify the following parameters:
    • Backend Service Type: Select Alibaba Cloud Public IP Address.
    • Backend Service: Enter the IP address of the backend service that you want to accelerate. In this example, the IP address of ECS01 that is deployed in the US (Silicon Valley) region is entered.
    • Weight: Enter the weight of the endpoint. Valid values: 0 to 255. GA distributes network traffic to endpoints based on their weights. In this example, the weight of the endpoint is set to 100.
    Notice
    • If the weight of an endpoint is set to 0, GA stops distributing network traffic to the endpoint. Proceed with caution.
    • You can configure health checks for the following endpoints: Elastic Compute Service (ECS) instances in virtual private clouds (VPCs), Alibaba Cloud public IP addresses, and custom IP addresses or custom domain names of origin servers. If you specify Classic Load Balancer (CLB) instances or Application Load Balancer (ALB) instances as endpoints, the health check parameters that you configure for the endpoint group do not take effect.
    Health Check Specify whether to enable or disable the health check feature. After you enable this feature, you can use health checks to check the status of endpoints.

    In this example, the health check feature is enabled.

    Health Check Protocol Select the protocol that you want to use for health checks. Valid values: TCP, HTTP, and HTTPS.

    In this example, HTTP is selected.

    Port Set the port of the endpoint to which probe packets are sent for health checks. Valid values: 1 to 65535.

    In this example, 80 is entered.

    Health Check Interval The interval between two consecutive health checks. Unit: seconds. Valid values: 1 to 50.

    In this example, 2 is entered.

    URI Specify the URI for health checks.

    The URI must be 1 to 80 characters in length and start with a forward slash (/). The URI can contain letters, digits, hyphens (-), forward slashes (/), periods (.), percent signs (%), question marks (?), number signs (#), and ampersands (&). The URI can also contain the following extended characters: _ ; ~ ! ( ) * [ ] @ $ ^ : ' , +.

    In this example, / is specified.

    Healthy Threshold The number of consecutive health check failures that must occur before a healthy endpoint is considered unhealthy, or the number of consecutive health check successes that must occur before an unhealthy endpoint is considered healthy. Valid values: 2 to 10.

    In this example, 3 is entered.

  4. Click + Add Endpoint Group to add Endpoint Group 2, configure the endpoint group based on the parameter description in Substep 3, and then click Next.

    Set Region to US (Virginia) and set Backend Service of Endpoint to the IP address of ECS02 that is deployed in the US (Virginia) region. For other parameters, use the same configurations when you created Endpoint Group 1.

    Note You can add multiple endpoint groups only for TCP and UDP listeners.
  5. On the Confirm wizard page, confirm the configurations of the listener and the endpoint groups, and then click Submit.

Step 4: Add a domain name

To use Alibaba Cloud DNS, you must add domain names to Alibaba Cloud DNS.
Note
  • If your domain names are registered with Alibaba Cloud, skip this step. Alibaba Cloud automatically adds your domain names to Alibaba Cloud DNS after you register the domain names.
  • If you use a third party DNS service provider, import DNS records to Alibaba Cloud DNS.
  1. Log on to the Alibaba Cloud DNS console.
  2. On the Manage DNS page, click Add Domain Name.
  3. In the Add Domain Name dialog box, enter the domain name of your web service, and then click OK.

Step 5: Upgrade Alibaba Cloud DNS

The Free Trial edition of Alibaba Cloud DNS is selected by default. Only the Enterprise Standard edition and Enterprise Ultimate edition can return IP addresses based on geographical locations. You must upgrade your Alibaba Cloud DNS.

  1. On the Manage DNS page, find the domain name that you added in Step 4: Add a domain name and click Upgrade in the Actions column.
  2. Specify the following parameters to upgrade Alibaba Cloud DNS:
    • Edition: Select the edition to which you want to upgrade Alibaba Cloud DNS. You can select Enterprise Standard Edition or Enterprise Ultimate Edition in this example.
    • DNS Protection: Select a protection plan for your domain name.
      • Not Required: does not provide DNS attack defense for domain names that are associated with the selected edition. If a domain name is under a DNS attack, you are notified by emails or text messages.
      • DNS Attack Defense Basic: provides basic DNS attack defense for domain names that are associated with the selected edition. The upper limit of basic DNS attack defense is no more than 10 million times of DNS attacks per second.
      • DNS Attack Defense Advanced: provides comprehensive DNS attack defense for domain names that are associated with the selected edition. This feature can protect your domain names against over 100 million DNS attacks per second.

      In this example, Not Required is selected.

    • Quantity: Specify the number of domain names that can be associated with an Alibaba Cloud DNS instance. In this example, 1 is specified.
    • Agreement of Service: Select the Alibaba Cloud DNS (Subscription) Agreement of Service check box.
  3. Click Buy Now and complete the payment.

Step 6: Configure DNS settings

You can configure DNS settings to enable Alibaba Cloud DNS servers to return IP addresses based on the geographical locations of end users.

  1. On the Manage DNS page, find the domain name that you added in Step 4: Add a domain name and click Configure in the Actions column.
  2. Click Switch Path Type to switch from ISP to Region, and then click OK.
  3. Click Add Record.
  4. In the Add Record dialog box, set the following parameters and click Confirm.
    • Type: Select CNAME from the drop-down list.
    • Host: Enter the prefix of the subdomain name. In this example, @ is entered.
    • ISP Line: Select Outside mainland China from the drop-down list and set Subline to Asia.
    • Value: Enter the CNAME that is allocated by GA.
    • TTL: Indicates how long a record is cached by a DNS server. A smaller TTL value indicates the less amount of time the resolver holds the information in its cache. In this example, 10 minute(s) is selected.
  5. Repeat the operations in Substep4 to add records for regions other than China (Hong Kong) and Japan (Tokyo).
    Type Host ISP line Value TTL
    CNAME @ Outside the Chinese mainland. Set Subline to Asia. ga-XX.aliyunga0018.com 10 minutes
    A @ Default Origin server IP address.

    In this example, the IP address of ECS01 that is deployed in the US (Silicon Valley) region is selected.

Step 7: Test the connectivity

To check how disaster recovery ensures the high availability of the application that is deployed across regions, perform the following steps.
Note The following operating systems are used in this example. The command that is used to run the test may vary based on the operating system. For more information, refer to the user guide of the operating system.
  • Client operating system: Windows Server 2019.
  • Server operating system: Alibaba Cloud Linux 2.
Test the high availability of the acceleration regions
  1. Block the China (Hong Kong) acceleration region in the backend and check the resolution results of client requests when errors occur in the China (Hong Kong) acceleration region.
    1. Open the command prompt on clients in China (Hong Kong), Japan (Tokyo), and other regions.
    2. Run the nslookup <Domain name of the web service> command to check the resolution results.
      The following resolution results are returned:
      • Client requests from China (Hong Kong) and Japan (Tokyo) are resolved to the accelerated IP address in the Japan (Tokyo) region.

        In most cases, when clients in China (Hong Kong) and Japan (Tokyo) access the application of the enterprise, the client requests are resolved to the CNAME allocated by GA. Then, GA maps the CNAME to the accelerated IP address that is closest to the clients and has the lowest latency. This way, client requests from China (Hong Kong) are resolved to the accelerated IP address in the China (Hong Kong) region. Client requests from Japan (Tokyo) are resolved to the accelerated IP address in the Japan (Tokyo) region. When errors occur in the China (Hong Kong) region, GA uses the CNAME to distribute client requests from China (Hong Kong) to Japan (Tokyo). The client requests are then forwarded to the global transmission network of Alibaba Cloud.

        The following figure shows the resolution result of client requests from the China (Hong Kong) region. The returned IP address is the accelerated IP address in the Japan (Tokyo) region.

        Resolution result of client requests from the China (Hong Kong) region
      • Client requests from other regions are forwarded to the IP address of the origin server in the US (Silicon Valley) region.
  2. After the China (Hong Kong) region recovers, use the preceding method to check the resolution result of client requests from the China (Hong Kong) region. The following figure shows that the returned IP address is the accelerated IP address in the China (Hong Kong) region. Resolution result of client requests after the China (Hong Kong) region recovers
Test the high availability of endpoint groups
  1. Disconnect from the origin server in the US (Silicon Valley) region to simulate the failure of an endpoint group and test the access result.
    1. Open a browser on clients in China (Hong Kong), Japan (Tokyo), and other regions.
    2. Enter the domain name of the application that is deployed in the US (Silicon Valley) region and the US (Virginia) region.
      The following figures show the test results.
      • The following figure shows the access result after clients in the China (Hong Kong) region access the application. The responsive server is ECS02 that is deployed in the US (Virginia) region. Access from the China (Hong Kong) region
      • The following figure shows the access result after clients in the Japan (Tokyo) region access the application. The responsive server is ECS02 that is deployed in the US (Virginia) region. Access from the Japan (Tokyo) region
  2. After the server in the US (Silicon Valley) region recovers, use the preceding method to check the access results of client requests from the China (Hong Kong) and Japan (Tokyo) regions.
    • The following figure shows the access result after clients in the China (Hong Kong) region access the application. The responsive server is ECS01 that is deployed in the US (Silicon Valley) region. Access from the China (Hong Kong) region after the server recovers
    • The following figure shows the access result after clients in the Japan (Tokyo) region access the application. The responsive server is ECS01 that is deployed in the US (Silicon Valley) region. Access from the Japan (Tokyo) region after the server recovers
    Note The endpoint group that responds to client requests varies based on your business. If you configure multiple acceleration regions and endpoint groups for a GA instance, the resolution result of client requests varies based on the priority and traffic distribution ratio of each endpoint group. For more information, see Distribute traffic across endpoint groups in different scenarios.