Running Same App in Two Different Galaxy Regions - Domains and SSL Setup

I have a production app successfully running in vanilla North American Galaxy using Let’s Encrypt, AWS Route 53, and CloudFront to serve the JS bundle and other assets over HTTPS using the configurations described in the Meteor docs.

I now want to expand this same app to Europe by deploying to eu-west-1.galaxy.com. I added a read-only node on Mongo Atlas for eu-west-1 and successfully deployed my app to the same domain in eu-west-1 Galaxy with the hopes to basically keep all my configuration the same and (hopefully) simply use Route 53’s geolocation routing. So I created two CNAME records for the same exact subdomain (e.g. app.myapp.com) and configured them so that default requests go to us-east-1.galaxy-ingress.meteor.com and Europe requests to eu-west-1.galaxy-ingress.meteor.com.

The problem is I’m trying to run Let’s Encrypts on eu-west-1.galaxy.com on app.myapp.com and it’s throwing back a Error. Try again later. type of message. I know the geolocation routing is working because if I turn it off the Let’s Encrypt in Galaxy throws an error that the domain isn’t registered for app.myapp.com because it looks for the CNAME set to eu-west-1.galaxy-ingress.meteor.com.

Is this the right approach? My thought process was that it seems I can keep all my CloudFront, S3, and Route 53 configurations the same because it’s all flowing through app.myapp.com. Shouldn’t it just see it as two different backend servers? There’s no SSL configuration beyond this except in Galaxy when you click the Let’s Encrypt button. Is Let’s Encrypt having an issue because it’s already generated a cert for this domain or something?

If I were trying to get my Europe requests to go app2.myapp.com I could having all kinds of 502 and 503 issues. But it seem with the CNAME correctly going to eu-west-1.galaxy-ingress.meteor.com everything should work.

2 Likes