25/03/2016 – Updated with Resource Manager CMDLETs
Moving to Azure DNS
In preparation for my next blog post, I decided to move the domain name server (DNS) records for alexandrebrisebois.com to the Microsoft Azure DNS.
Over the years, I’ve been very happy with the DNS services that I’ve used to host my DNS Records. Since, I rarely needed to log into these services, I’ve come accustomed to resetting my credentials. A recent need to make changes to these DNS Records, has pushed me to think about ways to streamline this process.
Along the way, I realized that there’s just something very appealing about centralizing everything to my Microsoft Azure environments. From compute to storage to networking, being capable of manipulating everything through PowerShell has turned out to be useful. The idea of being able to manipulate my DNS Records from this same environment felt like the right thing to do. Plus you get the added benefit of performance and availability.
The first step consists of registering the Network Azure provider. Then we need to either create or use an existing Resource Group.
Login-AzureRmAccount New-AzureRmResourceGroup -Name "BriseboisDNS" ` -Location "North Central US"
Creating a DNS Zone
The selected Resource Group will contain the DNS Zones that we will create in this post. A DNS Zone represents your domain and supports all common DNS record types: A, AAAA, CNAME, MX, NS, SOA, SRV and TXT.
# Create a Azure DNS Zone $zone = New-AzureRmDnsZone -Name "alexandrebrisebois.com" ` -ResourceGroupName "BriseboisDNS"
The new DNS Zone is automatically configured with a @ Record set and is populated with a Start of Authority (SOA) and the authoritative name server (NS) Records. To retrieve the list of Name Servers needed to configure the registrar, get the DNS Record set associated with the NS Record.
$recordSet = Get-AzureRmDnsRecordSet -Name '@' ` -Zone $zone ` -RecordType NS $recordSet.Records | Format-Table Nsdname ------- ns1-02.azure-dns.com ns2-02.azure-dns.net ns3-02.azure-dns.org ns4-02.azure-dns.info
note: Record sets at the root (or ‘apex’) of a DNS Zone use “@” as the record set name.
Creating a CNAME Record
Once the Registrar is updated to point to the Azure Name Servers, it’s time to set up the CNAME Record. In Azure DNS, records are specified using relative names. Therefore, our DNS Record Set will be named ‘www‘ instead of ‘www.alexandrebrisebois.com’.
$recordSet = New-AzureRmDnsRecordSet -Name 'www' ` -RecordType CNAME ` -ZoneName 'alexandrebrisebois.com' ` -ResourceGroupName 'BriseboisDNS' ` -Ttl 3600 Add-AzureRmDnsRecordConfig -RecordSet $recordSet ` -Cname "alexandrebrisebois.com" Set-AzureRmDnsRecordSet -RecordSet $recordSet
note : CNAME record sets cannot co-exist with other record sets with the same name. For example, you cannot create a CNAME with the relative name ‘www’ and an A record with the relative name ‘www’ at the same time. Since the zone apex (name = ‘@’) always contains the NS and SOA record sets created when the zone is created, this means you cannot create a CNAME record set at the zone apex. These constraints arise from the DNS standards, they are not limitations of Azure DNS. Furthermore, DNS standards do not permit multiple records with the same name for Record sets of type SOA and CNAME.
Pointing a Naked Domain to an Azure Web App
Azure Web Apps support custom domains. To map a naked domain to an App, we must navigate to the ‘Bring External Domains‘ blade. This will provide us with a public IP that we can use to create the A Record. This Record type maps a name to a set of IPv4 addresses.
A Record set can contain a maximum of 100 entries.
Before we add the domain to the Web App, we need to add an extra CNAME Record that Azure will use to confirm that we own the domain. If we forget to add this Record, Azure will throw an error that prevents us from completing the configuration. Review the official documentation for a complete walk through.
The following script, walks us through the steps required to reach the target state, that allows us to add the domain to the Azure Web App.
# We cannot use a CNAME on @ # Therefore, we must use A Records to map # a naked domain to an Azure Web App $recordSet = New-AzureRmDnsRecordSet -Name '@' ` -Zone $zone ` -Ttl 60 ` -RecordType A # Find the IP Address to use from the # Bring External Domains blade. Add-AzureRmDnsRecordConfig -RecordSet $recordSet ` -Ipv4Address '22.214.171.124' Set-AzureRmDnsRecordSet -RecordSet $recordSet # Create a CNAME that maps WWW # to the naked domain $recordSet = New-AzureRmDnsRecordSet -Name 'www' ` -Zone $zone ` -Ttl 60 ` -RecordType CNAME Add-AzureRmDnsRecordConfig -RecordSet $recordSet ` -Cname 'alexandrebrisebois.com' Set-AzureRmDnsRecordSet -RecordSet $recordSet # Microsoft Azure must verify that you # are authorized to configure the custom # domain name to point to your web app. # To verify authorization, create a CNAME # resource record with your DNS provider # that points from awverify.www.yourdomain.com # to awverify.brisebois.azurewebsites.net. $recordSet = New-AzureRmDnsRecordSet -Name 'awverify' ` -Zone $zone ` -Ttl 60 ` -RecordType CNAME Add-AzureRmDnsRecordConfig -RecordSet $recordSet ` -Cname 'awverify.brisebois.azurewebsites.net' Set-AzureRmDnsRecordSet -RecordSet $recordSet
It’s always nice to be able to verify that we’ve actually accomplished our goals. Using the Resolve-DnsName cmdlet allows us to do just that.
Resolve-DnsName -Name 'alexandrebrisebois.com' -Type ALL -DnsOnly Name Type TTL Section PrimaryServer NameAdministrator SerialNumber ---- ---- --- ------- ------------- ----------------- ------------ alexandrebrisebois.com SOA 3493 Answer edge1.azuredns-cloud.net msnhst.microsoft.com 9 Name : alexandrebrisebois.com QueryType : NS TTL : 3493 Section : Answer NameHost : ns2-05.azure-dns.net Name : alexandrebrisebois.com QueryType : NS TTL : 3493 Section : Answer NameHost : sn1clddns01 Name : alexandrebrisebois.com QueryType : NS TTL : 3493 Section : Answer NameHost : ns1-05.azure-dns.com Name : alexandrebrisebois.com QueryType : NS TTL : 3493 Section : Answer NameHost : ns4-05.azure-dns.info Name : alexandrebrisebois.com QueryType : NS TTL : 3493 Section : Answer NameHost : ns3-05.azure-dns.org
Azure DNS Resources
- Azure DNS Overview
- Get started with Azure DNS
- Create DNS records
- Delegate Domain to Azure DNS
- How to manage DNS Zones
- How to manage DNS records
- DNS Cmdlets
- Configure a custom domain name in Azure App Service