Migrating a second-level domain between Cloudfront distributions with zero downtime
Learn how to move a website on a naked domain seamlessly from one Cloudfront distribution to another without causing any disruption for your end-users
Cloudfront is a fast CDN service from Amazon Web Services.
Working with Cloudfront is fairly easy and straightforward. However, there are times when things get tough and one such use-case is when a website running from a second-level domain (or a naked domain eg. example.com) needs to be moved from one distribution to another without downtime. AWS Support’s recommendation for this particular use-case is to reach out to them and prove your ownership of the second-level domain so that they can do the change for you.
In this post, I describe a DIY process that can help you achieve the same goal:
Setup
example.com— second-level domain to be migrated that is pointing to a production website- Cloudfront A: Distribution that
example.comis currently serving content from - Cloudfront B: Distribution that we want
example.comto point to www.example.comredirects traffic toexample.com(HTTP 302).
Considerations
As we planned our migration, we had to be mindful of the following:
- Cloudfront allows us to map a distribution to a domain name using the Alternate Domain Names option. As you can expect, the same domain name cannot be associated with multiple distributions.
- We may not be able to instantly move a domain name from one distribution to another.
- Cloudfront supports wildcard domain names. For an incoming request, it picks the distribution with the more specific name match (i.e.
www.example.comover*.example.com) - We use Cloudflare in front of Cloudfront that is both our DNS provider and a web reverse proxy. It allows us to set up redirection rules easily. You may want to ensure that your own set-up permits something like this before trying out the recipe below.
- At any step in the migration, we should to be able to instantly rollback. Since we are fiddling with the settings of a managed service like Cloudfront and also making DNS configuration changes here, there is a possibility that the website may end up having a prolonged downtime unless we are careful.
Recipe Summary
--------------------------------------------------
| Cloudfront A | example.com |
| Cloudfront B | No alternate domain name yet. |
--------------------------------------------------- Add
www.example.comand*.example.comas alternate domain names to Cloudfront A. - Remove the redirect rule pointing traffic from
www.example.comtoexample.comand change its DNS configuration to point to Cloudfront A. - Remove
www.example.comfrom the list of alternate domain names of Cloudfront A and add as an alternate domain name of Cloudfront B. - Add a redirect rule to point traffic from
example.comtowww.example.com. - Remove
example.comfrom the list of alternate domains of Cloudfront A and addexample.comto the list alternate domain names for Cloudfront B. - Change the DNS configuration of
example.comto point to Cloudfront B. - Restore the redirect rule pointing traffic from
www.example.comtoexample.comas before. - Remove
*.example.comas an alternate domain name from Cloudfront A andwww.example.comas an alternate domain name from Cloudfront B.
Detailed Recipe
1. Add www.example.com as an alternate domain name for Cloudfront A
--------------------------------------------------
| Cloudfront A | example.com, www.example.com |
| Cloudfront B | No alternate domain name yet. |
--------------------------------------------------
2. Add *.example.com as an alternate domain name for Cloudfront A
--------------------------------------------------------------
| Cloudfront-A | example.com, www.example.com, *.example.com |
| Cloudfront-B | No alternate domain name yet. |
--------------------------------------------------------------
3. Remove redirect rule pointing traffic from www.example.com to example.com & update DNS configuration to point to Cloudfront A
Set the time-to-live value of the DNS record to 0 at your DNS provider so that you can quickly revert this step if you need to.
Now, www.example.com is a standalone site serving content from Cloudfront A. If there is an issue, revert this step i.e. restore the redirect rule and remove the DNS record.
4. Remove www.example.com from the alternate domain name list of Cloudfront A
-----------------------------------------------
| Cloudfront-A | example.com, *.example.com |
| Cloudfront-B | No alternate domain name. |
-----------------------------------------------
5. Add www.example.com to the alternate domain list of Cloudfront B
Test if the site is working. If there is an issue, revert this step by removing www.example.com from the list of alternate domain names of Cloudfront B. www.example.com should now start showing the website from Cloudfront A.
----------------------------------------------
| Cloudfront-A | example.com, *.example.com |
| Cloudfront-B | www.example.com |
----------------------------------------------
6. Add a redirect rule to point traffic from example.com to www.example.com
7. Remove example.com from the alternate domain list of Cloudfront A
---------------------------------------------
| Cloudfront-A | *.example.com |
| Cloudfront-B | www.example.com |
---------------------------------------------
8. Add example.com to the alternate domain name list of Cloudfront B Removing alternate domain names from one distribution doesn’t immediately allow us to add the same domain to the alternate domain name list of another distribution. We need to keep retrying until it works. However, we have the luxury of time since the website is not impacted.
------------------------------------------------
| Cloudfront-A | *.example.com |
| Cloudfront-B | example.com, www.example.com |
------------------------------------------------
9. Change the DNS configuration of example.com to point to the Cloudfront B distribution
Wait until the DNS propagation is complete before moving to the next step.
10. Restore the redirect rule pointing traffic from www.example.com to example.com as before
11. Remove *.example.com from Cloudfront A and remove www.example.com from Cloudfront B
I hope this article helps you to smoothly migrate your domain between two Cloudfront distributions. If you are aware of other ways by which this can be done, do let us know by leaving a response below.
