About Me

My photo
I am an MCSE in Data Management and Analytics, specializing in MS SQL Server, and an MCP in Azure. With over 19+ years of experience in the IT industry, I bring expertise in data management, Azure Cloud, Data Center Migration, Infrastructure Architecture planning, as well as Virtualization and automation. I have a deep passion for driving innovation through infrastructure automation, particularly using Terraform for efficient provisioning. If you're looking for guidance on automating your infrastructure or have questions about Azure, SQL Server, or cloud migration, feel free to reach out. I often write to capture my own experiences and insights for future reference, but I hope that sharing these experiences through my blog will help others on their journey as well. Thank you for reading!

Create an Azure private DNS zone using the Azure CLI

A DNS zone is used to host the DNS records for a particular domain. To start hosting your domain in Azure DNS, you need to create a DNS zone for that domain name.

 Each DNS record for your domain is then created inside this DNS zone. 

To publish a private DNS zone to your virtual network, you specify the list of virtual networks that are allowed to resolve records within the zone. 

These are called linked virtual networks. When autoregistration is enabled, Azure DNS also updates the zone records whenever a virtual machine is created, changes its' IP address, or is deleted.


 creates a virtual network named rakAzureVNet.

 =============================================


az network vnet create \

  --name rakAzureVNet \

  --resource-group RG1 \

  --location centralus \

  --address-prefix 10.2.0.0/16 \

  --subnet-name backendSubnet \

  --subnet-prefixes 10.2.0.0/24


Then it creates a DNS zone named fhplcloudops.com in the RG1 resource group

===========================================================================


az network private-dns zone create -g RG1 \

 -n fhplcloudops.com


links the DNS zone to the rakAzureVNet virtual network, and enables automatic registration.

============================================================================================


az network private-dns link vnet create -g RG1 -n MyDNSLink \

   -z fhplcloudops.com -v rakAzureVNet -e true

   

List DNS private zones

========================

az network private-dns zone list \

-g RG1

  

az network private-dns zone list


Create the test virtual machines

=================================

az vm create \

 -n myVM01 \

 --admin-username AzureAdmin \

 -g RG1 \

 -l centralus \

 --subnet backendSubnet \

 --vnet-name rakAzureVNet \

 --nsg NSG01 \

 --nsg-rule RDP \

 --image win2016datacenter


az vm create \

 -n myVM02 \

 --admin-username AzureAdmin \

 -g RG1 \

 -l centralus \

 --subnet backendSubnet \

 --vnet-name rakAzureVNet \

 --nsg NSG01 \

 --nsg-rule RDP \

 --image win2016datacenter

 

Create an additional DNS record

====================================

To create a DNS record, use the az network private-dns record-set [record type] add-record command. 

For help with adding A records for example, see az network private-dns record-set A add-record --help.


The following example creates a record with the relative name db in the DNS Zone fhplcloudops.com, in resource group RG1. 

The fully qualified name of the record set is db.fhplcloudops.com. The record type is "A", with IP address "10.2.0.4".

Here 10.2.0.4 is nothing but a IP adddress of VM - myVM01

 

 az network private-dns record-set a add-record \

  -g RG1 \

  -z fhplcloudops.com \

  -n db \

  -a 10.2.0.4

  

  View DNS records

  =====================

  az network private-dns record-set list \

  -g RG1 \

  -z fhplcloudops.com

  

  Test the private zone

  ======================

  You can use the ping command to test name resolution. So, configure the firewall on both virtual machines to allow inbound ICMP packets.


Connect to myVM01, and open a Windows PowerShell window with administrator privileges.


Run the following command:

New-NetFirewallRule –DisplayName "Allow ICMPv4-In" –Protocol ICMPv4


From the myVM02 Windows PowerShell command prompt, ping myVM01 using the automatically registered host name:

==========================================================================================================


ping myVM01.fhplcloudops.com

Now ping the db name you created previously:


PowerShell


Copy

ping db.fhplcloudops.com

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)