awesome presentation on DNS and hybrid arch with Route53 resolver!
@AlexLi-zige
2 жыл бұрын
one of the best Route 53 deep dive out there! Great work Gavin!
@bevomcbevenstein
4 жыл бұрын
This was very, very good. Thank you.
@smellyvideo
4 жыл бұрын
The only thing missing in this "deep-dive", is how to manage Resolver in multiple Regions. However, kudos for covering what you did in that very short 1 hour session! :)
@RaulViitor1
4 жыл бұрын
I think that multiple regions iss solved via fourth model.
@gmccullagh
4 жыл бұрын
As a general rule, Route 53 Resolver and Resolver endpoints are regional services. We don't recommend using endpoints x-region. Private Hosted Zones can be associated to VPCs in multiple regions. But if you need to do forwarding to/from on-premises in multiple regions, we'd suggest putting endpoints and rules in each region individually so that the regions operate independently.
@komalthecoolk
3 жыл бұрын
We do it manually region wise
@sebastianalfarolopez6205
Жыл бұрын
Negative nelly over here.
@kirannagonde1532
3 жыл бұрын
One of the Best re:Invent i have ever seen 🙂
@FirehawkVFX
4 жыл бұрын
This was really useful. Great presentation!
@Ntwobike
4 жыл бұрын
Pretty clear explanation much thanks!
@zemanekm
2 жыл бұрын
Great job. Would love to see this expanded to talk about a Global deployment with VPCs in a dozen regions or so. With a thousand+ VPCs, options 3/4 seem to have a lot of AWS limits that would be reached.
@gmccullagh
Жыл бұрын
The most likely limit to reach in option 4 would be that of the outbound endpoint ENIs. Each ENI has a hard limit of ~10K QPS and you can have up to six per Endpoint. It's possible to scale beyond that if you need to. The ENIs provide Cloudwatch graphs which you can use to keep track. But the outbound endpoints are only used for queries which need to be forwarded to on-premises resolvers. If you're forwarding 10Ks of queries to on-premises, you also need resolvers on-premises capable of handling that load.
@jbabaria
3 жыл бұрын
Excellent content nicely delivered...
@127bits7
3 жыл бұрын
Excellent!
@fringefringe7282
2 жыл бұрын
Mindblowing.
@alienekoo
3 жыл бұрын
My favorite
@akshaysaxena9137
4 жыл бұрын
What is the best approach for Spoke to Spoke DNS resolution?
@komalthecoolk
3 жыл бұрын
You would point your DNS resolver or forwarder in the spoke to the DNS server in the spoke with selective rules, provided that your server supports it
@gmccullagh
3 жыл бұрын
If spoke-A's account is publishing a DNS zone and spoke-B's VPC needs to resolve it, the most scalable and reliable methods are typically either to share a private hosted zone cross-account and associate it to spoke-B's VPC (option 4 in the video). Another very simple and reliable approach (if you can do it) is to use public DNS, so there's no special config in any VPC. After that, the second approach outlined in the video can work (associate the zone to the hub and forward queries to the hub), but, as noted in the video, while easier to manage, it is something of a compromise, introduces new limits and complexity into DNS resolution.
@manishkashyap1594
2 жыл бұрын
Not an explanatory presentation in comparison to many other topics i have seen so far. Probably easy to catch for Networking guys
@francistony7110
4 жыл бұрын
completed this presentation more confused
@kawshiksark1
2 жыл бұрын
Less visual explanation more of you conversing it’s hard to visualize networking items just via conversation
Пікірлер: 30