Skip to content
/ dns Public

Managing DNS for PHAC data services

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PHACDataHub/dns

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

74 Commits
.github
.github
 
 
dnsrecords
dnsrecords
 
 
README.md
README.md
 
 
root-sync.yaml
root-sync.yaml
 
 

Repository files navigation

PHAC Alpha DNS

This repo contains config files for PHAC DNS services. It is built on top of CDS's dns repo but with an IaD (Infrastructure as Data) approach.

Currently, we have three sub-domains on top of the CDS's alpha.canada.ca domain:

  • *.phac-aspc.alpha.canada.ca
  • *.phac.alpha.canada.ca
  • *.aspc.alpha.canada.ca

Note: See https://github.com/cds-snc/dns/blob/main/terraform/phac-aspc.alpha.canada.ca.tf for reference.

Alpha DNS product page

https://github.com/PHACDataHub/Wiki/wiki/PHAC-Alpha-DNS-Offering

Request a DNS

To request a DNS, you'll need to create a Managed Zone resource in your GCP project.

The DNS name field for the zone should have one of the previously mentioned subdomains as a prefix, the general convention is <zone-name>.<sub-domain-name>.. For instance, if my Zone name is example, then the DNS name could be example.phac-aspc.alpha.canada.ca.

Note: The period (.) at the end is required to make it a FQDN (Fully Qualified Domain Name). If you're curious, why? - read this.

Once done, click Registrar Setup in the top right corner of the Zone details page for your newly created zone and note down list of NS (Name Servers).

Now, submit a PR into the repo with the following template in the dns-records directory.

apiVersion: dns.cnrm.cloud.google.com/v1beta1
kind: DNSRecordSet
metadata:
  name: <zone-name>
  namespace: alpha-dns
  annotations:
    projectName: "<project-name>"
    # projectId is the unique identifier for the project associated. i.e. phx-a345f39bv23
    projectId: "ph?-1234567890" 
    codeSourceRepository: "<codeSourceRepository>"
    # The following annotations are optional - please comment out or remove lines that are not applicable 
    serviceEndpointUrls: "<comma-separated-list-of-service url endpoints>"
    containerRegistries: "<comma-separated-list-of-container-registries>"
    apmId: <apm-id>

spec:
  name: "<DNS-name>"
  type: "NS"
  ttl: <your-desired-value>
  managedZoneRef:
    external: <zone-reference-name>
  rrdatas:
    - "<name-server-1>"
    .
    .
    - "<name-server-N>"

In the above template, fill out the values for placeholders(<>):

  • <zone-name>: Name of the resource, could be same as the Zone name that you've created.
  • <DNS-name>: The DNS name from the previously created resource in your project. Don't forget the . at the end.
  • <project-name>: Project name, spaces allowed.
  • <codeSourceRepository>: Full url for source code repository, e.g. "https://github.com/PHACDataHub/repo-name".
  • <comma-separated-list-of-service url endpoints>: Optional. i.e. Full url for API, UI, etc.
  • <comma-separated-list-of-container-registries>: Optional. e.g. Artifact registry, Docker Hub for each container.
  • <apm-id>: Optional. Application Project Managament ID.
  • <your-desired-value>: Value to set for ttl (Time to Live). A good default for this is 300 but feel free to modify it. Units are in seconds.
  • <zone-reference-name>: This should be one of the three sub-domains we have. That is, one of phac-aspc-alpha-canada-ca, phac-alpha-canada-ca or aspc-alpha-canada-ca.
  • <name-server1>...<name-server-N>: Paste the noted NS values from the previous step here.

After the PR is reviewed and merged, the config connector will provision / link the resources.

Once done, you can add other types of DNS record sets to your zone with the registered DNS name.

About

Managing DNS for PHAC data services

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 15