Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Rethink DNS for DevOps: Three Ways DNS With Intelligent Response Makes Your Applications Better

327 views

Published on

For more than 30 years, the DNS has been one of the fundamental protocols of the internet, yet, despite its accepted importance, it has never quite gotten the due it deserves. Businesses frequently bundle their DNS with other purchases or deploy it in a very vanilla fashion. Phil Stanhope explains why it’s time to rethink DNS and realize the role it can play in building and running high-performance, distributed web applications.

Phil outlines three ways DNS can be used to make your applications and application delivery better:

Digital resilience and high availability
Cloud testing and migration
Cloud and CDN price/performance optimization

Published in: Internet
  • Be the first to comment

Rethink DNS for DevOps: Three Ways DNS With Intelligent Response Makes Your Applications Better

  1. 1. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. Rethink DNS for DevOps: Three Ways DNS With Intelligent Response Makes Your Applications Better Phil Stanhope, VP, Technology Strategy, Oracle Dyn
  2. 2. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 2 Three Ways DNS Makes Your Applications And Application Delivery Better: Cloud and CDN Price/Performance Optimization Digital Resilience and High Availability Cloud Testing and Migration
  3. 3. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. But First, Let’s Discuss The Current IT Landscape
  4. 4. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Both Cloud & DevOps Adoption Up In 2017 4 95% of Respondents Are Using Cloud 5% Private Cloud Only Public = 89% Private = 72% Source: RightScale 2017 State of the Cloud Report 22% Public Cloud Only 67% Hybrid DevOps Adoption Up in 2017 Adopting DevOps Not adopting Don’t Know Source: RightScale 2017 State of the Cloud Report 2017 2016 78% 15% 7% 74% 16% 10% Confidential – Oracle Internal/Restricted/Highly Restricted
  5. 5. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | As Services Evolve, The Edge Becomes More Important 5Confidential – Oracle Internal/Restricted/Highly Restricted
  6. 6. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | The Key To The Architecture Is The Edge 6 The Enterprise edge is where the enterprise has control over user access or services The closer the enterprise can make the edge to the user the more control and choices An enterprise edge that spans multiple assets can implement choice and control User IaaS Cloud Providers Data Centers SaaS Providers CDN An enterprise edge that covers all assets has ultimate control over security, availability and performance choices Confidential – Oracle Internal/Restricted/Highly Restricted
  7. 7. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Why Modern DNS Is A Critical Part Of Your Edge Strategy User DNS IaaS Cloud Providers Data Centers SaaS Providers CDN Wants to reach www.hybrid.com www.hybrid.com is 192.168.9/24 or 192.168.8/32 or 175.230.4/24 or 175.230.3/32 cloud.hybrid.com 192.168.9/24 hybrid.com 192.168.8/32 saas.hybrid.com 175.230.4/24 cdn.hybrid.com 175.230.3/32 Make you Cloud Edge as close to the user as possible for maximum control Use DNS to drive policies that direct the user to the right resource Use Intelligent Response to see dynamic changes and adjust to meet policy requirements 7Confidential – Oracle Internal/Restricted/Highly Restricted
  8. 8. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. And Now A quick Primer On DNS
  9. 9. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | The How Of DNS - Basic DNS Model Users Recursive Name Server (aka DNS Resolver) Authoritative Name Servers ISP Website WWW • Sometimes Local cached DNS has the answer (Resolver) • Sometimes other servers (domain) can have the answer • But the Authoritative Name Server is the “source of truth” the original place of provisioning • Updates to the resolvers come from authoritative 9Confidential – Oracle Internal/Restricted/Highly Restricted
  10. 10. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | The How Of DNS - Basic DNS Model Users Recursive Name Server (aka DNS Resolver) Authoritative Name Servers Website WWW Provisioning ISP Root Server Top Domain Level Server 10 • Sometimes Local cached DNS has the answer (Resolver) • Sometimes other servers (domain) can have the answer • But the Authoritative Name Server is the “source of truth” the original place of provisioning • Updates to the resolvers come from authoritative Confidential – Oracle Internal/Restricted/Highly Restricted
  11. 11. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | The How Of DNS - Basic Anycast DNS Model Users Recursive Name Server (aka DNS Resolver) Authoritative Name Servers PRIMARY DNS Website WWW Provisioning ISP • Any DNS Authoritative copy can be accessed • Fastest location (POP) is used • Attacks tend to hit POPs not networks • Best Protection for uptime/performance is to have another DNS provider 11Confidential – Oracle Internal/Restricted/Highly Restricted
  12. 12. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 12 The How Of DNS - Primary-Secondary DNS Model Users Recursive Name Server (aka DNS Resolver) Authoritative Name Servers PRIMARY DNS Website WW W Authoritative Name Servers SECONDARY DNS Updates To Secondary Provisioning • Both DNS solutions respond, first response is used • Provisioning happens at primary and secondary is sync’d • Difficult to sync advanced features 12Confidential – Oracle Internal/Restricted/Highly Restricted
  13. 13. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | The How Of DNS - Primary-Primary DNS Model Users Recursive Name Server (aka DNS Resolver) Authoritative Name Servers PRIMARY DNS Website WW W Authoritative Name Servers SECONDARY DNS Provisioning Provisioning • Both DNS solutions respond, first response is used • Provisioning happens at both DNS solutions • Advanced features run independently • Difficult to keep in sync 13Confidential – Oracle Internal/Restricted/Highly Restricted
  14. 14. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 14 #1 Digital Resilience & High Availability
  15. 15. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 15 Monitor the internet (not just your apps)Architect for resilience Harden your edge Digital Resilience Strategies
  16. 16. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Digital Resilience Confidential – Oracle Internal/Restricted/Highly Restricted 16 Advanced Features Run Independently Secondary DNS Active Failover Difficult To Keep In Sync
  17. 17. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 17 Simple Configuration For A Secondary DNS Provider Confidential – Oracle Internal/Restricted/Highly Restricted
  18. 18. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 18Confidential – Oracle Internal/Restricted/Highly Restricted • Monitor endpoints to ensure they’re up – Tested from 3 different locations – Check as frequently as 1 minute – 5 supported protocols • Redirect traffic to alternate location when an endpoint is down – 2 of 3 locations determine it’s down • Notifications via email and information tracking in reporting logs Active Failover Capabilities
  19. 19. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 19Confidential – Oracle Internal/Restricted/Highly Restricted • Speed of the update to recursive is critical to resolve problems Updates to DNS paths and destinations must update recursive DNS before changes can take placeDNS Propagation User initiates queries DC2 DC1 ISP Authoritative DNS Updated by User Propagation update from authoritative to recursive DC2 When Data Center 1 becomes unavailable, Data Center 2 is chosen as endpoint. User makes the change to the authoritative DNS. Fast DNS Propagation Time
  20. 20. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 20Confidential – Oracle Internal/Restricted/Highly Restricted Adding A New Level Of Security To Your Online Infrastructure DNSSEC
  21. 21. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 21Confidential – Oracle Internal/Restricted/Highly Restricted Dyn DNS, featuring Active Failover Monitors the infrastructure 24/7 and reroutes traffic in the case of any data center outage Fast propagation vastly reduces the end user impact in the event of any outage Frequent Increased “Outages and problems happen monthly and Dyn takes the bullet before it hits us.” - Systems Operations Team Lead ALEXA 200 100% UPTIME AD REVENUE DATA CENTER OUTAGES Frequent DATA CENTER OUTAGES World News Media Dyn Reduces Risk
  22. 22. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | DNS as a Load Balancer Replacement Integration with Monitoring and Alerting Mitigating Performance Degradations ・Infrastructure-level performance issues ・Network-Level performance issues ・Geographic Performance Issues Use DNS To Maximize Availability Confidential – Oracle Internal/Restricted/Highly Restricted 22
  23. 23. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. #2 Cloud Testing & Migration
  24. 24. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Use DNS To Streamline Deployment Pipelines Confidential – Oracle Internal/Restricted/Highly Restricted 24 A/B Testing Blue/ Green Deployment Staged Rollout
  25. 25. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 25 Hybrid Cloud Migration Example • DevOps models always incorporate testing • In the cloud model, users connect to internet assets you don’t own or operate. • Use steering features, like ratio load balancing, to keep operations going while testing pieces of your infrastructure and service (1% of traffic to direct to a partner to test integration) “With DNS we can direct traffic across sites to balance performance, pilot new features, or stage infrastructure upgrades.” Jake Maizel Director, Systems and Traffic Engineering
  26. 26. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. #3 Cloud & CDN Price/Performance Optimization
  27. 27. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 27 Hybrid Cloud Optimization Example The Bad, The Good, And The Ugly • The Good - the internet has many choices... path choices, destination choices, etc.. • The Bad - the internet is outside your direct control and constantly changing. You need to maintain performance through constant monitoring and adjustments to the internet. • The Ugly - Monitor and see issues and impacts as it happens. • If you planned well and have good alternatives, you can use DNS to direct traffic to the best, available choices. Example of CDNs Varying by Market. Over time these results are constantly changing.
  28. 28. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 28Confidential – Oracle Internal/Restricted/Highly Restricted Performance based steering decisions Thresholds: “Identifying the top 3 performing endpoints” Ensure Endpoint Health Granularity at the level of the recursive server Preference: “Which endpoints should we steer to when everything else is equal?” Here’s How You Do It: Dynamic Steering Capabilities
  29. 29. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 29Confidential – Oracle Internal/Restricted/Highly Restricted CDN 1 CDN 2 WWW. WWW. = {CDN 1 CDN 2 Dynamic Steering compares the 2 CDN and picks the better performer Dynamic Steering Benefits • Improved End User Performance – Reduce page load times – Improve customer satisfaction – Increase conversion rates & revenue • Reduce Infrastructure Costs – Steer users to less expensive endpoints when performance is comparable • Highest Resiliency – Ensure infrastructure outages and internet-related issues don’t prevent end users from reaching you online
  30. 30. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 30Confidential – Oracle Internal/Restricted/Highly Restricted Dyn DNS, featuring Traffic Director Steered end users to locations best able to deliver high performance Reduced dependence on expensive CDN 30% 80% Ineffectively 80% SlowPAGE LOAD TIMES High CDN COSTS UTILIZED INFRASTRUCTURE FASTER LOWER LOAD REDUCTION ON CDN Top Business & Financial News Dyn Improves Performance
  31. 31. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Conclusion – Rethink DNS Confidential – Oracle Internal/Restricted/Highly Restricted 32 Cloud and CDN Price/Performance OptimizationDigital Resilience and High Availability Cloud Testing and Migration
  32. 32. Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. Thank You! Questions???

×