Skip to content

Latest commit

 

History

History
258 lines (187 loc) · 10.4 KB

part33-eng.md

File metadata and controls

258 lines (187 loc) · 10.4 KB
Raw

Register a domain & set up A-record using Route 53

Original video

Hello guys, welcome back!

In the last lecture, we have successfully deployed our simple bank API to a Kubernetes cluster on AWS. However, to send requests to this API, we still have to use the external IP of the service. It is, in fact, a domain name automatically generated by the load balancer of AWS, which is very long, hard to remember, and not static.

So normally we wouldn't want to use it directly to connect with the front-end or other external services. Instead, we should assign a specific easy-to-remember domain name to the API.

Buy and register a domain

And in order to do so, we must buy a domain name first. And that's exactly what I'm gonna show you in this video. There are many websites on which you can buy domain names, but since we're using AWS for production, I'm gonna use one of its services called Route 53 for this purpose. Right in the main dashboard of Route 53, there's a section to register a domain.

Here, you can either find and register a new domain, or transfer an existing one that you bought on another website to Route 53.

In our case, we want to register a new domain name, so let's enter the name we want in this box, for example, simple-bank.

And click Check. OK, looks like the simple-bank.com domain is unavailable.

But there are many other available ones, such as simple-bank.net, or simple-bank.org. I like simple-bank.org, and it's just 12 dollars per year, not very expensive. So I'm gonna add this domain to the cart. Now we have an option to register this domain for 1 or more years. If you choose 5 years, then you will have to pay 60 dollars.

Let's just select 1 year for now. Note that besides the domain registration fees, we will also be charged with some monthly fees for DNS management, which you can see more details on this page. The fees are pretty small. For example, it's only 0.5 dollars per hosted zone per month for the first 25 hosted zones, or 0.1 dollars per hosted zone per month for additional ones. There are also fees for queries, such as, 0.4 dollars per million standard queries for the first 1 billion queries per month, or 0.2 dollars per million standard queries for over 1 billion queries per month. The fees will be a bit higher for Latency Based Routing Queries, or Geo DNS and Geoproximity Queries. You can read all about it on this page if you want.

Now let's go back to the AWS console to continue our purchase.

In the second step, we have to provide some contact information of the registrant. First, the contact type, which can be either a person, a company, an association, or a public body. In my case, it's a person. Therefore, in the next 2 fields, I'm gonna fill in my first and last name. Then my personal email address and my phone number. I also need to provide my address in this box Address 1. Then the country, the city, and finally, the postal code. At the bottom, there's an option for privacy protection. If it's enabled, some of your contact details will be hidden from the public. Alright, let's continue!

Here, Amazon just let us know that they have sent us an email with the verification link.

And we have to click the link in the email within 15 days. OK, so here I saw that email. Let's open it!

Basically, to register a domain, we need to verify that the email address of the registrant is valid. All we have to do is to click this link.

Then voilà, the email has been successfully verified.

Amazon has also sent another email to inform us about it.

OK, next let's take a look at the managing DNS for your new domain section. Normally, when you register a new domain, AWS will automatically create a hosted zone for you. That's where you store information about how route traffic to your domain. For example, you can use it to route traffic to a service in your EKS cluster. And AWS will charge you for the hosted zone as well as the DNS queries that we've just seen before.

Next, we have an option to enable or disable automatically renew our domain. By default, it is enabled. So, our domain will not get expired after 1 year.

Then there's a section where you can read about the terms and conditions, we have to tick this box to agree with the domain name registration agreement. The last step is email verification, but we've already done it, so let's click this button to complete the order.

OK, so this pop-ups is saying that AWS credits are not applicable to domain registrations, and that our registered payment method will be used for this operation. Let's check this box to agree, and complete the order.

And voilà, our order has been submitted successfully. It might take a little while to complete, so if we go to the domains page now, we can see its status as "Domain registration in process".

Once the domain is successfully registered, we will receive an email from Amazon.

Now let's refresh the pending requests page. The list has become empty because our domain registration request is completed.

So our domain will be listed on the registered domain page instead. Here we can see the domain name together with its expiration date. And the auto-renew feature is enabled, but the transfer lock is not.

I'm gonna click on this domain to see more details. Voilà, there's much more information about our domain on this page.

And we have an option to enable the transfer lock. By doing so, this domain will be locked to prevent an unauthorized transfer to another registrar. As I don't want this domain to be transferred out of the Amazon registrar, I'm gonna enable it now by clicking on this button.

And that's it! The process will take several minutes to complete. When it's done, we will receive another email from AWS. And in the registered domain page, we can see that the transfer lock is now enabled.

Alright, now let's learn how to set up the domain name to route traffics to our Kubernetes cluster. To do that, we have to open the "Hosted zones" page.

Then select the simple-bank.org domain name. Here we can see a list of DNS records.

The first one is an NS (or name server record), which contains a list of name servers where the internet can find the IP addresses of our domain. And the second one is an SOA (or start of authority) record, which stores some important information about the domain. However, we normally don't need to care about these types of DNS records because in order to route traffics to our service, we need to create another type of record, which is an A record (address record).

In this form, we first have to set the name of the A record. In this case, it is our domain name simple-bank.org, or for a backend API service, we can use a subdomain such as api.simple-bank.org. Next, the record type is A because we want to route traffic to an IPv4 address and some AWS resources. There's also an AAAA record to route traffic to IPv6 addresses, CNAME record to route traffic to another domanin name, or many other types of records in this list.

But in our case, we only need an A record. Now comes an important field, which is the value of the A record. Normally this should be an IP address, or multiple IP addresses on separate lines. However, if you still remember, in the previous lecture, we have set up our simple-bank API service to expose its external IP to the outside world, which is, in fact, a domain name of the AWS load balancer service. If we run nslookup this load balancer domain name, we can see that it is associated with 2 IP addresses.

Although it's possible to copy and paste these 2 IP addresses to the A record, I think we should not to do that, because the IPs in Kubernetes cluster are very ephemeral, and can change at any time if the pod is restarted, for example. So in the form, instead of using the real IP values, we've gonna use an Alias, and in our case, it is an alias to a Network Load Balancer. Next, we have to choose the region of the load balancer, which is eu-west-1, since our cluster is deployed in this region. Finally, we can paste in the URL of the load balancer of our API service. And click Create Records.

Voilà, the A record for the subdomain api.simple-bank.org has been successfully created.

And it will route traffic to the load balancer of our simple-bank API service. Let's verify it by running nslookup api.simple-bank.org in the terminal.

nslookup api.simple-bank.org
Server: 192.168.1.254
Address: 192.168.1.254#53

Non-authoritative answer:
Name: api.simple-bank.org
Address: 34.251.215.162
Name: api.simple-bank.org
Address: 52.18.148.203

As you can see here, there are 2 IPs associated with this subdomain, and they're exactly the same as the 2 IPs of the load balancer above. Alright, now let's make sure it's working well. I'm gonna try sending an API request to this sub-domain name via Postman. Here's the Login API request that we've tried in the previous lecture. This time, we will replace the long URL of the load balancer with our short domain name: api.simple-bank.org. Then send the request.

Yee, it's successful! We've got the access token and the user's information. So it works very well! We've successfully registered a domain name and set up an A record to route traffic from that domain name to our simple-bank API service. But we're not done yet!

In the next lectures, we will learn how to use Ingress to set up routing rules for multiple services and to enable TLS to secure our API services.

Until then, happy learning, and I'll see you guys very soon!