The scheme is as follows:
1) In the office of the domain Registrar nastraivaet as DNS servers, cloudflare,
2) In the DNS section cloudflare nastraivaet 2(or more) IP of the load balancers (NGINX) which weights and types of responses (200,500) distribute the load on app servers in case of error don't send the requests to the appropriate upstream server.
What I want to know:
1) how safe is this scheme that you remove added?
2) How to achieve failover at the DNS level(cloudflare) without a paid subscription (a proxy for cloud (cloud) is off)?
UPD: if you nastroitj some DNS before/instead of the cloud it will also be a single point of failure. But if 2 DNS server, then how to determine at the client level which of them is responsible? Or the client that will determine: if not available, then go to another NS server, right? If Yes, how was it already at the DNS level to understand whether the APP server/load balancer, as well as on the NGINX level?
Maybe we should throw out the scheme cloudflare?
DNS> cloudflare -> nginx -> apps
Can cost to use AWS services? As far as they will cost more for the "iron balance". That is, there queries schitayutsya or traffic or both?