How would autofailover work while using Cosmos DB with multiple private end point?

Question

Cosmos DB allows creation of multiple private end point for multiple region. But the private DNS zone can only handle one private end point through automatic registration.

If we forgo automatic registration and manually register two distinct private end points in each region in DNS, so that the main record is the IP address of the primary region private end point and the region specific DNS records have the IP addresses from private endpoints in those regions respectively, then we have to use the region specific urls instead of the main URL in application connection string. That raises question on auto failover, because when one region is down the private DNS can not route traffic to the other private end point, since it only has one private end point of one region that is down.

Answer 1

Hi, @Anonymous Private links for a Cosmos DB account will contain N+1 private IPs. The first is for the Global endpoint for the account followed by another N IPs for each of the regional endpoints. Each VNet within which the private IPs are created will have its own set of N+1 IPs, which will serve as a private tunnel to send traffic to Cosmos DB.

After a failover operation, the global endpoint will point to a different region for the account (i.e. to a secondary region that has been promoted to the primary/write region).

Since the IPs themselves won't change and only the global endpoint is changed, which is now pointing to a different region, there are no changes needed to the private endpoints themselves post failover.

Please let us know if the information is helpful.

Regards
Geetha

Answer 2

Which region is the global private end point IP created in? Is there a private DNS associated with it? What happens when the region where the global private IP and private DNS is there, goes down?