Sunday, November 8, 2015

Making the switch to Azure DNS

One service that has been on my radar for some time has been Azure DNS.  Released to preview in May of last year, Azure DNS is yet another offering to compete with already established services from Amazon and Google.

From an IT perspective, I like these services being added to Azure.  It allows for a the creation of a on-stop shop for hosting IT services, allows the creation of a single point for billing, and, utilizing resource manager deployment model, allows for you to create strong RBAC controls around who can manage and maintain the service.

Getting started with Azure DNS is pretty easy, and is detailed quite well in the following Microsoft blog posts:

Getting Started with Azure DNS using Powershell

Create DNS Records

A couple of things I noted during the process:

1)  Some of the operations are offline.  They are clearly marked in the documentation, but keep in mind that the "set" commands are required. 

2)  You need to create record sets for everything, even things with only 1 record.  This is an interesting design decision, and adds to the initial setup.

3)  It is deployed only via Powershell and Resource Manager.  So standard rules/considerations apply around the lifetime of the resource, RBAC considerations, etc.

Making the switch took about an hour or so one night.  Previously, I was using mydomain to host my DNS for shamirc.com.  This has now switched over to Azure DNS.

Follow this link for a pingdom report on the DNS configuration:  Pingdom

Some interesting things for future investigation

1) DNS Performance testing from around the world (and in comparison to Amazon / Google)
2) Actual cost for a production site
3) From a security perspective, eDOS.  All these services charge per million queries.  I wonder what protection mechanisms are in place against queries done on the service
4) DNSSEC Support