Support for Origin Group Failover

[justcoding121]

Problem When there is an outage in the home bucket region, S3 buckets won't be able to serve cache miss from cloud front.

Solution A solution to this problem is to use origin group failover. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html

Alternatives I've considered For now, I was able to use origin group for two static file behaviors in cloudfront (_next/static/ and static/ paths). But for lambda@edge behaviors (_next/data/ and Default () paths), I am not sure how this can be done from aws console. I think changes may be needed here to support that using serverless-next.js, for example if lambda@edge is not able to read from primary S3 region, it can look into secondary region. Alternatively, instead of letting lambda@edge work with an S3 origin, let it work with S3 origin group. Any guidance would be appreciated.

[dphang]

On a related note, we can extend this idea with multi-region S3 origins, which will help Lambda@Edge use S3 bucket in nearest region. These articles might be helpful: https://aws.amazon.com/blogs/apn/using-amazon-cloudfront-with-multi-region-amazon-s3-origins/, https://www.contentful.com/blog/2019/12/03/making-s3-more-resilient-lambda-edge/. I guess we can use this in addition to origin failover to ensure S3 being down in one region doesn't impact availability.

[dphang]

Also, if we use Lambda@Edge to do this logic instead of configuring S3 origin failover, so we can support more than just primary and secondary. In this way you can create pretty interesting configurations, such as active-active configuration. I think this is one way to do this:

• Create an s3 bucket in on region (say in us-east-1). This is set as the origin for all requests for your CloudFront distribution.
• Replicate this region to all regions you wish.
• Create a mapping of country-code to closest S3 region (or multiple per country, if we want to be more distributed).
• In CloudFront, forward CloudFront-Viewer-Country header to origin: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html
• In an origin request handler, you can then read CloudFront-Viewer-Country and then modify s3 region and domain name to use the closest S3 region to the viewer's country.

For static file paths, we should create a minimal origin request handler to minimize cold start perf impact for static file requests.

The benefit is we reduce network latency overall on cache misses for static S3 requests (by distributing it to all S3 regions) though adding some small amount of time (average of 10 ms for similar handler, according to https://aws.amazon.com/blogs/apn/using-amazon-cloudfront-with-multi-region-amazon-s3-origins/)

[tclindner]

Is this feature something that would be entertained? If so, I would be willing to assist and test.