Script I want to share with y'all: automatically add/remove frontends with Cloudflare

Discussion in 'Server & Community Management' started by vemacs, Jan 16, 2015.

  1. vemacs

    Artist

    This kinda-sorta works as a form of DDoS mitigation, assuming that not all of your frontends go down at the same time. DNS propogation takes a bit, but this should mitigate the effects of DDoS attacks that only impact like, half your frontends. This should be run on an offsite machine with stellar uptime (DigitalOcean, Ramnode, Linode VPS, for example).

    Link: https://github.com/vemacs/cloudflare-autorotate
    Instructions:
    • Clone the repo somewhere
    • Install python-pip and python-dev for your distro, then sudo pip install pyyaml pyflare
    • Copy config.yml.example to config.yml, fill that in (you can find API key in Cloudflare account details)
    • run python updaterecords.py in a tmux session (or similar)
    I'd like some feedback and testing before I release it as a resource. Bugs are the program will wait until the next scheduled task is done before exiting in the case of a SIGTERM.
     
    • Useful Useful x 4
    • Winner Winner x 1
    • Informative Informative x 1
  2. RSNET-Radic

    Supporter

    Awesome resource! You can do something similar if you host your own DNS servers. Set the TTL to a very low value (lower than Cloudflare) and update the DNS records appropriately.

    In addition, there are a few 3rd party services that have this exact feature built-in (fail-over DNS).
     
  3. vemacs

    Artist

    TTL isn't actually that reliable, as you need to work around OS-level caching and some ISPs not respecting that altogether. This could be easily modified for your own DNS server though.

    I don't see any thirdparty services that provide failover with Minecraft SLP support :p
     
  4. Can someone help me out?
    I get this error message ever:

    No pingable IPs, server or restarting Could be totally downed.
    Running periodic update task
    No pingable IPs, server or restarting Could be totally downed.
    Running periodic update task
    No pingable IPs, server or restarting Could be totally downed.
    Running periodic update task
    No pingable IPs, server or restarting Could be totally downed.
    Running periodic update task

    Please i really need this.
     
  5. Can you clarify how it works?
    ips: ['192.198.420.69', '127.0.0.1']

    If play.shittyserver.com

    has 192.198.420.69

    will it try and ping play.shittyserver.com and if it's offline remove the current A-Record and add the next one?

    Or will it simply add all the records in the config if the IP is down?

    can you clarify :)
     
  6. RSNET-Radic

    Supporter

    There's a lot of services that will detect if an IP is inaccessible and will change the IP in the DNS record automatically.
     
  7. I'm wondering how this works because currently we have multiple frontend proxies up and it would be awesome if it detects one to remove that out of dns and add a new record.


    Mind providing some of the services you know of that work in conjunction with cloud flare? Because sadly they don't offer fallback.
     
  8. RSNET-Radic

    Supporter

    http://dyn.com/managed-dns/active-failover/
     
  9. Hey, I noticed someone already opened an issue ticket but I was wondering if you could maybe update this?
     

Share This Page