Our system has more than 1000 websites and it will have more in the future. Currently, we use Amazon ALB to navigate our sites to containers running on the ECS. We encounter some technical limitation of AWS. Specifically, each ALB has maximum of 25 SSL certificates, and each certificate has maximum of 10 domains. So we can only assign 250 sites each LB, and our system currently uses 10 ALB.
Moreover, we use 1 SSL certificate for 10 domains, so whenever we add new domain to our system, it takes few steps to complete:
- create new SSL cert which is based on the old cert having less than 10 domain
- update CNAME records in Google domain to validate new cert
- add new cert to the ALB
- delete the old one.
These steps become ridiculously complicated when they are turned into code.
So, we are considering to migrate our service to CloudFlare. The first idea is configuring our sites so CloudFlare takes over the management of them. Then, we will navigate all sites to only one ALB.
Our concern are
- Is there any limit on the number of domains can be added into 1 CloudFlare account
- limitation on the number of sub domain
- limitation on the certificate of domain
- limitation on the API (we will use CloudFlare API to add domains)
- the availability of CloudFlare service. I witnessed that CloudFlare experienced some down times in
particular websites such as https://community.cloudflare.com https://dash.cloudflare.com
Last but not least, do you have any recommendation for our system?