Jump to Content
Networking

Introducing Cloud DNS public IP health checks, for more resilient multicloud deployments

February 21, 2025
George Prokudin

Product Manager

Hemant Kunda

Software Engineer

Join us at Google Cloud Next

April 9-11 in Las Vegas

Register

Organizations use multiple clouds to gain agility, use resources more efficiently, and leverage the strengths of different cloud providers. However, managing application traffic across these environments is challenging. To support predictable services, organizations need a system that intelligently selects the optimal backend for each request. The selection takes into account both the real-time health of those backends and the user's location. This entire process of dynamic traffic routing depends on continuous monitoring of application endpoints across all clouds, which delivers the real-time insights needed for informed decisions.

Today, we’re announcing the general availability of Cloud DNS routing policies with public IP health checking, which provides the automated, health-aware traffic management that you need to build resilient applications, no matter where your workloads reside.

Running on multiple cloud providers often leads to fragmented traffic management strategies. Cloud DNS now lets you intelligently route traffic across multiple cloud providers based on application health from a single interface. Cloud DNS supports a variety of routing policies, including weighted round robin (WRR), geolocation, and failover, giving you the flexibility to tailor your traffic management strategy to your specific needs.

Cloud DNS uses routing policies and health checks to direct traffic to healthy backends. These health checks probe internet-based endpoints — any public IP address on other cloud providers, on-premises environments, or even other load balancers. To help improve outage detection in multicloud deployments, health checks are regionalized, originating from points of presence near Google Cloud regions. A backend is considered healthy when a majority of these regional probes report a successful connection. Based on these health checks, Cloud DNS routing policies automatically direct traffic away from failing backends. This automated process happens at the DNS level, providing a crucial layer of control and traffic steering across your infrastructure.

https://storage.googleapis.com/gweb-cloudblog-publish/images/1_-_Multi-Cloud_Failover.max-1900x1900.png

Here are the steps to building a resilient multicloud architecture with Cloud DNS routing policies and public IP health checking:

1. Set up health checks

Configure a HealthCheck resource in Compute Engine, specifying the application's port on the public IP address. You must select three geographically diverse Google Cloud regions as the origin points for the health-check probes. Good practice is to select regions that are most representative of the user base. For example, if an application services clients from North America and Europe, then a good choice is to include regions from those locations as origins for health checks.

2. Configure a failover routing policy and link it to the health check. 

Create a routing policy in Cloud DNS. Define the primary and backup endpoints, specifying the public IP addresses of your applications in different cloud environments.

3. Fail over automatically

If an application instance becomes unhealthy (two or three out of three regions are reporting a failure), Cloud DNS can switch traffic to the healthy instance in another cloud, depending on how the routing policy is configured and the health of the backup endpoint. The routing decision happens at the DNS level before traffic reaches the applications, helping support failover across your multi-cloud infrastructure.

Because health checks test internet-based endpoints, they can be located anywhere on the internet, letting you build cross-cloud and on-prem failover scenarios. Services can be located in other clouds, and traffic can be switched between providers or to on-prem locations during an outage. This lets you as a multicloud customer standardize on Cloud DNS for workloads, helping streamline traffic management and reduce the operational overhead of managing multiple DNS configurations. Furthermore, with health check logging, you can validate that your routing policies are performing as expected and identify any infrastructure issues with specific backends.

Multicloud deployments are increasingly common. This new Cloud DNS capability provides the automated, health-aware traffic management needed to navigate the complexities of multicloud deployments and strive for positive user experiences.

Posted in