DNS Zones Delegation Requirements

The platform should be able to manage domain names in the zones that are assigned to it. This functionality is used to provide access to the applications and to manage platform infrastructure resources.

For example, if you designate the “user.hosterdomain.com” zone to your installation and then create an application called “web-01”, the platform will automatically make this application available at “web-01.user.hosterdomain.com”. To accomplish this, the platform deploys two DNS servers (at IP addresses that you provide in deployment Master plan as intended for resolvers) and expects that the chosen domain will be delegated to the mentioned DNS servers.

Configuring DNS Zones Delegation

PaaS requires two domain names to be delegated to the platform resolvers (SLBs):

  • <infra-domain>.hosterdomain.com, where all platform infrastructure resources, including JCA administration panel and user dashboard, will be located. For <infra-domain>, you can choose any suitable name upon your preference (for example, “infra”: “infra.hosterdomain.com”)
  • <user-domain>.hosterdomain.com, where all user environments will obtain their names from. You can choose any name, which suits your preferences (for example, “user.hosterdomain.com”).
Tip: Find out more at the Hardware Requirements documentation.

1. Domain names delegation can be configured the usual way in the top DNS zone (“hosterdomain.com”):

1
2
3
4
<infra-domain>.hosterdomain.com. IN NS ns1.<infra-domain>.hosterdomain.com.
<infra-domain>.hosterdomain.com. IN NS ns2.<infra-domain>.hosterdomain.com.
<user-domain>.hosterdomain.com. IN NS ns1.<user-domain>.hosterdomain.com.
<user-domain>.hosterdomain.com. IN NS ns2.<user-domain>.hosterdomain.com.

2. Glue records for NS-records above are usually also needed to be designated in the top zone:

1
2
3
4
ns1.<infra-domain>.hosterdomain.com. IN A 1.1.1.1  # First PaaS resolver's (SLB) IP address  
ns2.<infra-domain>.hosterdomain.com. IN A 2.2.2.2  # Second PaaS resolver's (SLB) IP address  
ns1.<user-domain>.hosterdomain.com. IN A 1.1.1.1  # First PaaS resolver's (SLB) IP address  
ns2.<user-domain>.hosterdomain.com. IN A 2.2.2.2  # Second PaaS resolver's (SLB) IP address

3. To verify zones delegation, use the “dig” command as follows:

1
2
domain='<infra-domain>.hosterdomain.com'; tmp=${domain#*.}; for tmp in $(dig +short -t ns $tmp); do dig +norecurse -t soa @$tmp $domain; done | grep -vE '^(;|$)'
domain='<user-domain>.hosterdomain.com'; tmp=${domain#*.}; for tmp in $(dig +short -t ns $tmp); do dig +norecurse -t soa @$tmp $domain; done | grep -vE '^(;|$)'

4. If a zone is delegated correctly, the output should contain only NS-type records with optional A-type glue records, for example:

1
2
3
4
user.example.com.   60   IN   NS   ns1.user.hosterdomain.com.  
user.example.com.   60   IN   NS   ns2.user.hosterdomain.com.  
ns1.user.hosterdomain.com.  60   IN   A    1.1.1.1  
ns2.user.hosterdomain.com.  60   IN   A    2.2.2.2

Notes:

  • Make sure that you don’t have SOA records for both domains (<infra-domain>.hosterdomain.com and <user-domain>.hosterdomain.com) in the top DNS zone, otherwise the delegation will not work properly. In case of SOA records presence, the output above may be empty or contain SOA-type records, for example:
    user.example.com. 3600 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082630 7200 3600 …
    user.example.com. 0 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082630 7200 3600 ..
  • For the general DNS domain zone delegation, see guidelines and troubleshooting tips.

DNS Zones Delegation Use Case

The following procedure describes the steps you need to take for performing domain zones delegation in the GoDaddy domain name registrar. It implies that you have “hosterdomain.com” top domain zone registered at GoDaddy, and need to delegate “infra.hosterdomain.com” and “user.hosterdomain.com” (infrastructure and user domains) to your platform SLBs (resolvers).

Note: Within the next steps, we perform delegation for infrastructure domain (“infra.hosterdomain.com”) as an example. Afterwards, you’ll need to take the same procedure steps (2-6) for your user domain (“user.hosterdomain.com”) by adjusting domain name in requests accordingly.

1. Log in to your GoDaddy account to launch your domain manager and select the domain that you need to manage (i.e. “hosterdomain.com”).

2. Switch to the DNS Zone File tab and click on Add Record.

3. In the opened Add Zone Record dialog, specify the following data:

  • Record type - create a new NS (Nameserver) entry
  • Host - type the infrastructure domain (e.g. “infra.hosterdomain.com”)
  • Points to - type the first NS server for the zone (e.g. “ns1.infra.hosterdomain.com”)

1

Click Finish to save the record.

4. In the same way, Add Another record by specifying the following data:

  • Record type - create another NS (Nameserver) entry
  • Host - type the infrastructure domain (e.g. “infra.hosterdomain.com”)
  • Points to - type the second NS server for the zone (e.g. “ns2.infra.hosterdomain.com”)

2

Click Finish to save the new record.

5. Next, you need to add glue records for the first (i.e. ns1.infra.hosterdomain.com) and the second (i.e. ns2.infra.hosterdomain.com) hosts:

  • the first host (ns1.infra.hosterdomain.com)
    • Record type - choose A (Host)
    • Host - type the first NS server for the zone (e.g. “ns1.infra.hosterdomain.com”)
    • Points to - specify the IP address of the first PaaS resolver (SLB) 3
  • the second host (ns2.infra.hosterdomain.com)
    • Record type - choose A (Host)
    • Host - type the second NS server for the zone (e.g. “ns2.infra.hosterdomain.com”)
    • Points to - specify the IP address of the second PaaS resolver (SLB) 4

Click Finish to save the records.

6. As it was mentioned above, you also need to execute the same operations (steps 2-6) for your user domain (“user.hosterdomain.com”).

When finished, your platform domain names should have been delegated to platform resolvers.

What’s next?